From 3e62527ed71a7a362d7ec321e7f026edab35f8e2 Mon Sep 17 00:00:00 2001 From: Seonah Moon Date: Fri, 23 Sep 2016 13:49:53 +0900 Subject: Imported Upstream version 7.50.2 Change-Id: I91c6040940a21b2bebab9d6cab11d50767b7bac4 --- CHANGES | 7847 ++++++------- CMakeLists.txt | 193 +- Makefile.am | 40 +- Makefile.in | 72 +- RELEASE-NOTES | 231 +- acinclude.m4 | 189 +- config.guess | 111 +- config.sub | 20 +- configure | 951 +- configure.ac | 78 +- docs/CHECKSRC.md | 124 + docs/CODE_STYLE.md | 1 + docs/CONTRIBUTE | 261 - docs/CONTRIBUTE.md | 247 + docs/FAQ | 58 +- docs/FEATURES | 4 +- docs/HISTORY | 284 - docs/HISTORY.md | 284 + docs/HTTP-COOKIES | 123 - docs/HTTP-COOKIES.md | 104 + docs/HTTP2.md | 30 +- docs/INSTALL | 2 +- docs/INTERNALS | 1095 -- docs/INTERNALS.md | 1094 ++ docs/KNOWN_BUGS | 845 +- docs/LICENSE-MIXING | 130 - docs/LICENSE-MIXING.md | 124 + docs/MANUAL | 8 +- docs/Makefile.am | 16 +- docs/Makefile.in | 16 +- docs/RELEASE-PROCEDURE | 19 +- docs/ROADMAP.md | 41 +- docs/SECURITY | 107 - docs/SECURITY.md | 110 + docs/SSL-PROBLEMS | 87 - docs/SSL-PROBLEMS.md | 87 + docs/SSLCERTS | 163 - docs/SSLCERTS.md | 163 + docs/THANKS | 83 +- docs/TODO | 363 +- docs/curl-config.pdf | Bin 17775 -> 17775 bytes docs/curl.1 | 124 +- docs/curl.html | 77 +- docs/curl.pdf | Bin 137490 -> 139891 bytes docs/examples/Makefile.am | 2 +- docs/examples/Makefile.in | 2 +- docs/examples/cacertinmem.c | 2 +- docs/examples/curlx.c | 4 +- docs/examples/evhiperfifo.c | 2 +- docs/examples/externalsocket.c | 2 +- docs/examples/ghiper.c | 4 +- docs/examples/hiperfifo.c | 6 +- docs/examples/htmltidy.c | 20 +- docs/examples/http2-serverpush.c | 2 +- docs/examples/opensslthreadlock.c | 8 +- docs/examples/rtsp.c | 8 +- docs/examples/smooth-gtk-thread.c | 2 +- docs/examples/url2file.c | 2 +- docs/libcurl/Makefile.am | 11 +- docs/libcurl/Makefile.in | 11 +- docs/libcurl/curl_easy_cleanup.pdf | Bin 19386 -> 19386 bytes docs/libcurl/curl_easy_duphandle.pdf | Bin 17775 -> 17775 bytes docs/libcurl/curl_easy_escape.pdf | Bin 19512 -> 19512 bytes docs/libcurl/curl_easy_getinfo.3 | 54 +- docs/libcurl/curl_easy_getinfo.html | 51 +- docs/libcurl/curl_easy_getinfo.pdf | Bin 27786 -> 27286 bytes docs/libcurl/curl_easy_init.pdf | Bin 19179 -> 19179 bytes docs/libcurl/curl_easy_pause.3 | 4 +- docs/libcurl/curl_easy_pause.html | 2 +- docs/libcurl/curl_easy_pause.pdf | Bin 24981 -> 25043 bytes docs/libcurl/curl_easy_perform.3 | 4 +- docs/libcurl/curl_easy_perform.html | 2 +- docs/libcurl/curl_easy_perform.pdf | Bin 21115 -> 21965 bytes docs/libcurl/curl_easy_recv.3 | 6 +- docs/libcurl/curl_easy_recv.html | 4 +- docs/libcurl/curl_easy_recv.pdf | Bin 22435 -> 24005 bytes docs/libcurl/curl_easy_reset.pdf | Bin 17118 -> 17118 bytes docs/libcurl/curl_easy_send.3 | 6 +- docs/libcurl/curl_easy_send.html | 4 +- docs/libcurl/curl_easy_send.pdf | Bin 22167 -> 23742 bytes docs/libcurl/curl_easy_setopt.3 | 10 +- docs/libcurl/curl_easy_setopt.html | 8 +- docs/libcurl/curl_easy_setopt.pdf | Bin 47536 -> 47592 bytes docs/libcurl/curl_easy_strerror.pdf | Bin 17032 -> 17032 bytes docs/libcurl/curl_easy_unescape.pdf | Bin 18857 -> 18857 bytes docs/libcurl/curl_escape.pdf | Bin 18194 -> 18194 bytes docs/libcurl/curl_formadd.3 | 4 +- docs/libcurl/curl_formadd.html | 2 +- docs/libcurl/curl_formadd.pdf | Bin 32691 -> 32574 bytes docs/libcurl/curl_formfree.3 | 4 +- docs/libcurl/curl_formfree.html | 2 +- docs/libcurl/curl_formfree.pdf | Bin 17414 -> 18145 bytes docs/libcurl/curl_formget.pdf | Bin 20276 -> 20276 bytes docs/libcurl/curl_free.pdf | Bin 14470 -> 14470 bytes docs/libcurl/curl_getdate.pdf | Bin 22706 -> 22706 bytes docs/libcurl/curl_getenv.pdf | Bin 17145 -> 17145 bytes docs/libcurl/curl_global_cleanup.3 | 8 +- docs/libcurl/curl_global_cleanup.html | 6 +- docs/libcurl/curl_global_cleanup.pdf | Bin 17031 -> 16899 bytes docs/libcurl/curl_global_init.3 | 39 +- docs/libcurl/curl_global_init.html | 25 +- docs/libcurl/curl_global_init.pdf | Bin 20818 -> 21818 bytes docs/libcurl/curl_global_init_mem.pdf | Bin 17304 -> 17304 bytes docs/libcurl/curl_mprintf.3 | 12 +- docs/libcurl/curl_mprintf.html | 5 +- docs/libcurl/curl_mprintf.pdf | Bin 20429 -> 19586 bytes docs/libcurl/curl_multi_add_handle.pdf | Bin 21012 -> 21012 bytes docs/libcurl/curl_multi_assign.pdf | Bin 18580 -> 18580 bytes docs/libcurl/curl_multi_cleanup.pdf | Bin 17392 -> 17392 bytes docs/libcurl/curl_multi_fdset.pdf | Bin 20399 -> 20399 bytes docs/libcurl/curl_multi_info_read.pdf | Bin 22957 -> 22957 bytes docs/libcurl/curl_multi_init.pdf | Bin 16317 -> 16317 bytes docs/libcurl/curl_multi_perform.pdf | Bin 25241 -> 25241 bytes docs/libcurl/curl_multi_remove_handle.pdf | Bin 17178 -> 17178 bytes docs/libcurl/curl_multi_setopt.pdf | Bin 23370 -> 23370 bytes docs/libcurl/curl_multi_socket.3 | 8 +- docs/libcurl/curl_multi_socket.html | 6 +- docs/libcurl/curl_multi_socket.pdf | Bin 28497 -> 28183 bytes docs/libcurl/curl_multi_socket_action.3 | 19 +- docs/libcurl/curl_multi_socket_action.html | 8 +- docs/libcurl/curl_multi_socket_action.pdf | Bin 28623 -> 28351 bytes docs/libcurl/curl_multi_socket_all.3 | 1 + docs/libcurl/curl_multi_socket_all.html | 56 + docs/libcurl/curl_multi_socket_all.pdf | Bin 0 -> 2217 bytes docs/libcurl/curl_multi_strerror.pdf | Bin 14734 -> 14734 bytes docs/libcurl/curl_multi_timeout.3 | 14 +- docs/libcurl/curl_multi_timeout.html | 6 +- docs/libcurl/curl_multi_timeout.pdf | Bin 21467 -> 21906 bytes docs/libcurl/curl_multi_wait.pdf | Bin 22327 -> 22327 bytes docs/libcurl/curl_share_cleanup.pdf | Bin 16877 -> 16877 bytes docs/libcurl/curl_share_init.pdf | Bin 18397 -> 18397 bytes docs/libcurl/curl_share_setopt.3 | 3 +- docs/libcurl/curl_share_setopt.html | 2 +- docs/libcurl/curl_share_setopt.pdf | Bin 21040 -> 21113 bytes docs/libcurl/curl_share_strerror.pdf | Bin 15076 -> 15076 bytes docs/libcurl/curl_slist_append.3 | 4 +- docs/libcurl/curl_slist_append.html | 2 +- docs/libcurl/curl_slist_append.pdf | Bin 16944 -> 17791 bytes docs/libcurl/curl_slist_free_all.pdf | Bin 13664 -> 13664 bytes docs/libcurl/curl_strequal.pdf | Bin 16583 -> 16583 bytes docs/libcurl/curl_unescape.pdf | Bin 17960 -> 17960 bytes docs/libcurl/curl_version.pdf | Bin 15840 -> 15840 bytes docs/libcurl/curl_version_info.pdf | Bin 26144 -> 26144 bytes docs/libcurl/libcurl-easy.pdf | Bin 19068 -> 19068 bytes docs/libcurl/libcurl-errors.3 | 2 + docs/libcurl/libcurl-errors.html | 2 + docs/libcurl/libcurl-errors.pdf | Bin 36942 -> 36983 bytes docs/libcurl/libcurl-multi.3 | 2 +- docs/libcurl/libcurl-multi.html | 2 +- docs/libcurl/libcurl-multi.pdf | Bin 27315 -> 27275 bytes docs/libcurl/libcurl-share.pdf | Bin 19958 -> 19958 bytes docs/libcurl/libcurl-symbols.3 | 23 +- docs/libcurl/libcurl-symbols.html | 22 +- docs/libcurl/libcurl-symbols.pdf | Bin 49257 -> 50443 bytes docs/libcurl/libcurl-thread.3 | 12 +- docs/libcurl/libcurl-thread.html | 8 +- docs/libcurl/libcurl-thread.pdf | Bin 24054 -> 24412 bytes docs/libcurl/libcurl-tutorial.pdf | Bin 94723 -> 94723 bytes docs/libcurl/libcurl.m4 | 2 +- docs/libcurl/libcurl.pdf | Bin 30424 -> 30424 bytes docs/libcurl/opts/CURLINFO_ACTIVESOCKET.pdf | Bin 19969 -> 19969 bytes docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.pdf | Bin 20029 -> 20029 bytes docs/libcurl/opts/CURLINFO_CERTINFO.3 | 6 +- docs/libcurl/opts/CURLINFO_CERTINFO.html | 2 +- docs/libcurl/opts/CURLINFO_CERTINFO.pdf | Bin 18108 -> 18142 bytes docs/libcurl/opts/CURLINFO_CONDITION_UNMET.pdf | Bin 17901 -> 17901 bytes docs/libcurl/opts/CURLINFO_CONNECT_TIME.pdf | Bin 17844 -> 17844 bytes .../opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf | Bin 15588 -> 15588 bytes .../opts/CURLINFO_CONTENT_LENGTH_UPLOAD.pdf | Bin 15068 -> 15068 bytes docs/libcurl/opts/CURLINFO_CONTENT_TYPE.pdf | Bin 17953 -> 17953 bytes docs/libcurl/opts/CURLINFO_COOKIELIST.pdf | Bin 17764 -> 17764 bytes docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.pdf | Bin 18563 -> 18563 bytes docs/libcurl/opts/CURLINFO_FILETIME.3 | 2 +- docs/libcurl/opts/CURLINFO_FILETIME.html | 2 +- docs/libcurl/opts/CURLINFO_FILETIME.pdf | Bin 19520 -> 19522 bytes docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.pdf | Bin 17768 -> 17768 bytes docs/libcurl/opts/CURLINFO_HEADER_SIZE.pdf | Bin 14935 -> 14935 bytes docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.pdf | Bin 18549 -> 18549 bytes docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.pdf | Bin 14684 -> 14684 bytes docs/libcurl/opts/CURLINFO_HTTP_VERSION.3 | 56 + docs/libcurl/opts/CURLINFO_LASTSOCKET.pdf | Bin 18488 -> 18488 bytes docs/libcurl/opts/CURLINFO_LOCAL_IP.pdf | Bin 18028 -> 18028 bytes docs/libcurl/opts/CURLINFO_LOCAL_PORT.pdf | Bin 14497 -> 14497 bytes docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.pdf | Bin 17859 -> 17859 bytes docs/libcurl/opts/CURLINFO_NUM_CONNECTS.pdf | Bin 18828 -> 18828 bytes docs/libcurl/opts/CURLINFO_OS_ERRNO.pdf | Bin 14402 -> 14402 bytes docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.pdf | Bin 18404 -> 18404 bytes docs/libcurl/opts/CURLINFO_PRIMARY_IP.pdf | Bin 18283 -> 18283 bytes docs/libcurl/opts/CURLINFO_PRIMARY_PORT.pdf | Bin 14568 -> 14568 bytes docs/libcurl/opts/CURLINFO_PRIVATE.pdf | Bin 16977 -> 16977 bytes docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.pdf | Bin 19100 -> 19100 bytes docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.pdf | Bin 14643 -> 14643 bytes docs/libcurl/opts/CURLINFO_REDIRECT_TIME.pdf | Bin 18330 -> 18330 bytes docs/libcurl/opts/CURLINFO_REDIRECT_URL.pdf | Bin 18476 -> 18468 bytes docs/libcurl/opts/CURLINFO_REQUEST_SIZE.pdf | Bin 17674 -> 17674 bytes docs/libcurl/opts/CURLINFO_RESPONSE_CODE.pdf | Bin 18845 -> 18845 bytes docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.pdf | Bin 14566 -> 14566 bytes docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.pdf | Bin 17427 -> 17427 bytes docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.pdf | Bin 15115 -> 15115 bytes docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.pdf | Bin 17424 -> 17424 bytes docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.pdf | Bin 14991 -> 14991 bytes docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.pdf | Bin 14507 -> 14507 bytes docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.pdf | Bin 14713 -> 14713 bytes docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.pdf | Bin 14653 -> 14653 bytes docs/libcurl/opts/CURLINFO_SSL_ENGINES.pdf | Bin 17685 -> 17685 bytes docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.pdf | Bin 17340 -> 17340 bytes docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.pdf | Bin 19801 -> 19801 bytes docs/libcurl/opts/CURLINFO_TLS_SESSION.3 | 3 +- docs/libcurl/opts/CURLINFO_TLS_SESSION.html | 2 +- docs/libcurl/opts/CURLINFO_TLS_SESSION.pdf | Bin 19914 -> 20226 bytes docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3 | 7 +- docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.html | 6 +- docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.pdf | Bin 26071 -> 26151 bytes docs/libcurl/opts/CURLINFO_TOTAL_TIME.pdf | Bin 17808 -> 17808 bytes .../opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf | Bin 18177 -> 18177 bytes .../opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf | Bin 17909 -> 17909 bytes docs/libcurl/opts/CURLMOPT_MAXCONNECTS.pdf | Bin 17717 -> 17717 bytes .../libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.pdf | Bin 17724 -> 17724 bytes docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.pdf | Bin 17813 -> 17813 bytes docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 | 4 +- .../opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.html | 2 +- .../opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf | Bin 17385 -> 17404 bytes docs/libcurl/opts/CURLMOPT_PIPELINING.3 | 40 +- docs/libcurl/opts/CURLMOPT_PIPELINING.html | 16 +- docs/libcurl/opts/CURLMOPT_PIPELINING.pdf | Bin 15711 -> 16572 bytes .../libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.pdf | Bin 15559 -> 15559 bytes docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.pdf | Bin 14598 -> 14598 bytes docs/libcurl/opts/CURLMOPT_PUSHDATA.pdf | Bin 17036 -> 17036 bytes docs/libcurl/opts/CURLMOPT_PUSHFUNCTION.pdf | Bin 22838 -> 22838 bytes docs/libcurl/opts/CURLMOPT_SOCKETDATA.pdf | Bin 18367 -> 18367 bytes docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3 | 18 +- docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.html | 13 +- docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.pdf | Bin 20202 -> 20888 bytes docs/libcurl/opts/CURLMOPT_TIMERDATA.pdf | Bin 16692 -> 16692 bytes docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.pdf | Bin 22490 -> 22490 bytes docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.pdf | Bin 14110 -> 14110 bytes docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3 | 17 +- docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.html | 7 +- docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.pdf | Bin 19918 -> 20933 bytes docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.pdf | Bin 13014 -> 13014 bytes docs/libcurl/opts/CURLOPT_APPEND.pdf | Bin 13655 -> 13655 bytes docs/libcurl/opts/CURLOPT_AUTOREFERER.pdf | Bin 13058 -> 13058 bytes docs/libcurl/opts/CURLOPT_BUFFERSIZE.3 | 4 +- docs/libcurl/opts/CURLOPT_BUFFERSIZE.html | 2 +- docs/libcurl/opts/CURLOPT_BUFFERSIZE.pdf | Bin 17102 -> 17194 bytes docs/libcurl/opts/CURLOPT_CAINFO.3 | 6 + docs/libcurl/opts/CURLOPT_CAINFO.html | 3 +- docs/libcurl/opts/CURLOPT_CAINFO.pdf | Bin 17566 -> 17850 bytes docs/libcurl/opts/CURLOPT_CAPATH.pdf | Bin 17182 -> 17182 bytes docs/libcurl/opts/CURLOPT_CERTINFO.pdf | Bin 18093 -> 18093 bytes docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.pdf | Bin 19912 -> 19912 bytes docs/libcurl/opts/CURLOPT_CHUNK_DATA.3 | 6 +- docs/libcurl/opts/CURLOPT_CHUNK_DATA.html | 2 +- docs/libcurl/opts/CURLOPT_CHUNK_DATA.pdf | Bin 17289 -> 17459 bytes docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.pdf | Bin 15904 -> 15904 bytes docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.pdf | Bin 17120 -> 17120 bytes docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.pdf | Bin 18336 -> 18336 bytes docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT.pdf | Bin 16576 -> 16576 bytes docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.pdf | Bin 16549 -> 16549 bytes docs/libcurl/opts/CURLOPT_CONNECT_ONLY.pdf | Bin 18725 -> 18725 bytes docs/libcurl/opts/CURLOPT_CONNECT_TO.3 | 111 + docs/libcurl/opts/CURLOPT_CONNECT_TO.html | 101 + docs/libcurl/opts/CURLOPT_CONNECT_TO.pdf | Bin 0 -> 22668 bytes .../opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf | Bin 20938 -> 20938 bytes .../opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf | Bin 20947 -> 20947 bytes .../opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3 | 4 +- .../opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.html | 2 +- .../opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf | Bin 20918 -> 20920 bytes docs/libcurl/opts/CURLOPT_COOKIE.pdf | Bin 18329 -> 18329 bytes docs/libcurl/opts/CURLOPT_COOKIEFILE.pdf | Bin 18296 -> 18296 bytes docs/libcurl/opts/CURLOPT_COOKIEJAR.pdf | Bin 19915 -> 19915 bytes docs/libcurl/opts/CURLOPT_COOKIELIST.3 | 2 +- docs/libcurl/opts/CURLOPT_COOKIELIST.html | 2 +- docs/libcurl/opts/CURLOPT_COOKIELIST.pdf | Bin 20636 -> 20645 bytes docs/libcurl/opts/CURLOPT_COOKIESESSION.pdf | Bin 13698 -> 13698 bytes docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.pdf | Bin 19069 -> 19069 bytes docs/libcurl/opts/CURLOPT_CRLF.pdf | Bin 13297 -> 13297 bytes docs/libcurl/opts/CURLOPT_CRLFILE.pdf | Bin 18909 -> 18909 bytes docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3 | 4 +- docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.html | 2 +- docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.pdf | Bin 21125 -> 20871 bytes docs/libcurl/opts/CURLOPT_DEBUGDATA.pdf | Bin 16921 -> 16921 bytes docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.pdf | Bin 24842 -> 24842 bytes docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.pdf | Bin 19352 -> 19352 bytes docs/libcurl/opts/CURLOPT_DIRLISTONLY.pdf | Bin 17381 -> 17381 bytes docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.pdf | Bin 16490 -> 16490 bytes docs/libcurl/opts/CURLOPT_DNS_INTERFACE.pdf | Bin 13989 -> 13989 bytes docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.pdf | Bin 15707 -> 15707 bytes docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.pdf | Bin 15830 -> 15830 bytes docs/libcurl/opts/CURLOPT_DNS_SERVERS.pdf | Bin 15223 -> 15223 bytes docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.pdf | Bin 18071 -> 18071 bytes docs/libcurl/opts/CURLOPT_EGDSOCKET.pdf | Bin 13637 -> 13637 bytes docs/libcurl/opts/CURLOPT_ERRORBUFFER.pdf | Bin 23143 -> 23143 bytes .../libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.pdf | Bin 15916 -> 15916 bytes docs/libcurl/opts/CURLOPT_FAILONERROR.pdf | Bin 14183 -> 14183 bytes docs/libcurl/opts/CURLOPT_FILETIME.3 | 4 +- docs/libcurl/opts/CURLOPT_FILETIME.html | 2 +- docs/libcurl/opts/CURLOPT_FILETIME.pdf | Bin 19071 -> 19200 bytes docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3 | 4 +- docs/libcurl/opts/CURLOPT_FNMATCH_DATA.html | 2 +- docs/libcurl/opts/CURLOPT_FNMATCH_DATA.pdf | Bin 15863 -> 16022 bytes docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.pdf | Bin 15754 -> 15754 bytes docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.pdf | Bin 21130 -> 21130 bytes docs/libcurl/opts/CURLOPT_FORBID_REUSE.pdf | Bin 14985 -> 14985 bytes docs/libcurl/opts/CURLOPT_FRESH_CONNECT.pdf | Bin 16911 -> 16911 bytes docs/libcurl/opts/CURLOPT_FTPPORT.pdf | Bin 15280 -> 15280 bytes docs/libcurl/opts/CURLOPT_FTPSSLAUTH.pdf | Bin 16427 -> 16427 bytes docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.pdf | Bin 13653 -> 13653 bytes .../opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf | Bin 14274 -> 14274 bytes .../opts/CURLOPT_FTP_CREATE_MISSING_DIRS.pdf | Bin 18206 -> 18206 bytes docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.pdf | Bin 16661 -> 16661 bytes docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.pdf | Bin 17523 -> 17523 bytes docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.pdf | Bin 15324 -> 15324 bytes docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.pdf | Bin 13769 -> 13769 bytes docs/libcurl/opts/CURLOPT_FTP_USE_EPRT.pdf | Bin 15471 -> 15471 bytes docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.pdf | Bin 14852 -> 14852 bytes docs/libcurl/opts/CURLOPT_FTP_USE_PRET.pdf | Bin 13367 -> 13369 bytes docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.pdf | Bin 15327 -> 15327 bytes docs/libcurl/opts/CURLOPT_HEADER.pdf | Bin 17872 -> 17872 bytes docs/libcurl/opts/CURLOPT_HEADERDATA.pdf | Bin 16709 -> 16709 bytes docs/libcurl/opts/CURLOPT_HEADERFUNCTION.pdf | Bin 22417 -> 22417 bytes docs/libcurl/opts/CURLOPT_HEADEROPT.pdf | Bin 17171 -> 17171 bytes docs/libcurl/opts/CURLOPT_HTTP200ALIASES.pdf | Bin 17184 -> 17184 bytes docs/libcurl/opts/CURLOPT_HTTPAUTH.pdf | Bin 22212 -> 22212 bytes docs/libcurl/opts/CURLOPT_HTTPGET.pdf | Bin 18443 -> 18443 bytes docs/libcurl/opts/CURLOPT_HTTPHEADER.pdf | Bin 24392 -> 24392 bytes docs/libcurl/opts/CURLOPT_HTTPPOST.3 | 7 +- docs/libcurl/opts/CURLOPT_HTTPPOST.html | 4 +- docs/libcurl/opts/CURLOPT_HTTPPOST.pdf | Bin 19603 -> 20307 bytes docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.pdf | Bin 16752 -> 16752 bytes .../libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.pdf | Bin 15873 -> 15873 bytes .../opts/CURLOPT_HTTP_TRANSFER_DECODING.pdf | Bin 13449 -> 13449 bytes docs/libcurl/opts/CURLOPT_HTTP_VERSION.3 | 9 +- docs/libcurl/opts/CURLOPT_HTTP_VERSION.html | 6 +- docs/libcurl/opts/CURLOPT_HTTP_VERSION.pdf | Bin 20773 -> 19018 bytes .../libcurl/opts/CURLOPT_IGNORE_CONTENT_LENGTH.pdf | Bin 16264 -> 16264 bytes docs/libcurl/opts/CURLOPT_INFILESIZE.pdf | Bin 18647 -> 18647 bytes docs/libcurl/opts/CURLOPT_INFILESIZE_LARGE.pdf | Bin 18761 -> 18761 bytes docs/libcurl/opts/CURLOPT_INTERFACE.pdf | Bin 15957 -> 15957 bytes docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.pdf | Bin 16669 -> 16669 bytes docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.pdf | Bin 18907 -> 18907 bytes docs/libcurl/opts/CURLOPT_IOCTLDATA.pdf | Bin 16450 -> 16450 bytes docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.pdf | Bin 19390 -> 19390 bytes docs/libcurl/opts/CURLOPT_IPRESOLVE.pdf | Bin 13518 -> 13518 bytes docs/libcurl/opts/CURLOPT_ISSUERCERT.pdf | Bin 17510 -> 17510 bytes docs/libcurl/opts/CURLOPT_KEYPASSWD.pdf | Bin 17509 -> 17509 bytes docs/libcurl/opts/CURLOPT_KRBLEVEL.pdf | Bin 14150 -> 14150 bytes docs/libcurl/opts/CURLOPT_LOCALPORT.pdf | Bin 16000 -> 16000 bytes docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.pdf | Bin 16822 -> 16822 bytes docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3 | 4 +- docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.html | 2 +- docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.pdf | Bin 18462 -> 18290 bytes docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.pdf | Bin 15754 -> 15754 bytes docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.pdf | Bin 15606 -> 15606 bytes docs/libcurl/opts/CURLOPT_MAIL_AUTH.pdf | Bin 16884 -> 16884 bytes docs/libcurl/opts/CURLOPT_MAIL_FROM.pdf | Bin 14001 -> 14001 bytes docs/libcurl/opts/CURLOPT_MAIL_RCPT.pdf | Bin 18312 -> 18312 bytes docs/libcurl/opts/CURLOPT_MAXCONNECTS.3 | 4 +- docs/libcurl/opts/CURLOPT_MAXCONNECTS.html | 2 +- docs/libcurl/opts/CURLOPT_MAXCONNECTS.pdf | Bin 18556 -> 18559 bytes docs/libcurl/opts/CURLOPT_MAXFILESIZE.pdf | Bin 18237 -> 18237 bytes docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.pdf | Bin 17301 -> 17301 bytes docs/libcurl/opts/CURLOPT_MAXREDIRS.pdf | Bin 18584 -> 18584 bytes docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3 | 5 +- .../libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.html | 2 +- docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.pdf | Bin 16019 -> 15677 bytes docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3 | 6 +- .../libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.html | 2 +- docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.pdf | Bin 16499 -> 16199 bytes docs/libcurl/opts/CURLOPT_NETRC.pdf | Bin 19028 -> 19028 bytes docs/libcurl/opts/CURLOPT_NETRC_FILE.pdf | Bin 16226 -> 16226 bytes docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.pdf | Bin 16353 -> 16353 bytes docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.pdf | Bin 16205 -> 16205 bytes docs/libcurl/opts/CURLOPT_NOBODY.pdf | Bin 14356 -> 14356 bytes docs/libcurl/opts/CURLOPT_NOPROGRESS.pdf | Bin 17786 -> 17786 bytes docs/libcurl/opts/CURLOPT_NOPROXY.pdf | Bin 14418 -> 14418 bytes docs/libcurl/opts/CURLOPT_NOSIGNAL.pdf | Bin 17528 -> 17528 bytes docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.pdf | Bin 16950 -> 16950 bytes docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.pdf | Bin 21609 -> 21609 bytes docs/libcurl/opts/CURLOPT_PASSWORD.pdf | Bin 16835 -> 16835 bytes docs/libcurl/opts/CURLOPT_PATH_AS_IS.pdf | Bin 16343 -> 16343 bytes docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3 | 14 +- docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.html | 2 +- docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.pdf | Bin 21340 -> 21339 bytes docs/libcurl/opts/CURLOPT_PIPEWAIT.3 | 10 +- docs/libcurl/opts/CURLOPT_PIPEWAIT.html | 2 +- docs/libcurl/opts/CURLOPT_PIPEWAIT.pdf | Bin 17278 -> 17779 bytes docs/libcurl/opts/CURLOPT_PORT.pdf | Bin 15340 -> 15340 bytes docs/libcurl/opts/CURLOPT_POST.pdf | Bin 18716 -> 18716 bytes docs/libcurl/opts/CURLOPT_POSTFIELDS.3 | 13 +- docs/libcurl/opts/CURLOPT_POSTFIELDS.html | 4 +- docs/libcurl/opts/CURLOPT_POSTFIELDS.pdf | Bin 21393 -> 21085 bytes docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.pdf | Bin 17195 -> 17195 bytes docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.pdf | Bin 14174 -> 14174 bytes docs/libcurl/opts/CURLOPT_POSTQUOTE.pdf | Bin 15882 -> 15882 bytes docs/libcurl/opts/CURLOPT_POSTREDIR.pdf | Bin 18145 -> 18145 bytes docs/libcurl/opts/CURLOPT_PREQUOTE.pdf | Bin 15860 -> 15860 bytes docs/libcurl/opts/CURLOPT_PRIVATE.pdf | Bin 16942 -> 16942 bytes docs/libcurl/opts/CURLOPT_PROGRESSDATA.pdf | Bin 16921 -> 16921 bytes docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.pdf | Bin 21119 -> 21117 bytes docs/libcurl/opts/CURLOPT_PROTOCOLS.pdf | Bin 18467 -> 18467 bytes docs/libcurl/opts/CURLOPT_PROXY.3 | 8 +- docs/libcurl/opts/CURLOPT_PROXY.html | 5 +- docs/libcurl/opts/CURLOPT_PROXY.pdf | Bin 22596 -> 22666 bytes docs/libcurl/opts/CURLOPT_PROXYAUTH.pdf | Bin 17721 -> 17721 bytes docs/libcurl/opts/CURLOPT_PROXYHEADER.pdf | Bin 16922 -> 16922 bytes docs/libcurl/opts/CURLOPT_PROXYPASSWORD.pdf | Bin 17502 -> 17502 bytes docs/libcurl/opts/CURLOPT_PROXYPORT.pdf | Bin 15748 -> 15748 bytes docs/libcurl/opts/CURLOPT_PROXYTYPE.3 | 4 +- docs/libcurl/opts/CURLOPT_PROXYTYPE.html | 2 +- docs/libcurl/opts/CURLOPT_PROXYTYPE.pdf | Bin 17765 -> 17486 bytes docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3 | 4 +- docs/libcurl/opts/CURLOPT_PROXYUSERNAME.html | 2 +- docs/libcurl/opts/CURLOPT_PROXYUSERNAME.pdf | Bin 17318 -> 17367 bytes docs/libcurl/opts/CURLOPT_PROXYUSERPWD.pdf | Bin 17169 -> 17169 bytes docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 | 11 +- docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.html | 8 +- docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.pdf | Bin 15343 -> 15660 bytes docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.pdf | Bin 17092 -> 17092 bytes docs/libcurl/opts/CURLOPT_PUT.pdf | Bin 16970 -> 16970 bytes docs/libcurl/opts/CURLOPT_QUOTE.3 | 5 +- docs/libcurl/opts/CURLOPT_QUOTE.html | 2 + docs/libcurl/opts/CURLOPT_QUOTE.pdf | Bin 18835 -> 18989 bytes docs/libcurl/opts/CURLOPT_RANDOM_FILE.pdf | Bin 13165 -> 13165 bytes docs/libcurl/opts/CURLOPT_RANGE.3 | 6 +- docs/libcurl/opts/CURLOPT_RANGE.html | 2 +- docs/libcurl/opts/CURLOPT_RANGE.pdf | Bin 18358 -> 18655 bytes docs/libcurl/opts/CURLOPT_READDATA.3 | 6 +- docs/libcurl/opts/CURLOPT_READDATA.html | 2 +- docs/libcurl/opts/CURLOPT_READDATA.pdf | Bin 18391 -> 18359 bytes docs/libcurl/opts/CURLOPT_READFUNCTION.pdf | Bin 21242 -> 21242 bytes docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.pdf | Bin 18567 -> 18567 bytes docs/libcurl/opts/CURLOPT_REFERER.pdf | Bin 16611 -> 16611 bytes docs/libcurl/opts/CURLOPT_RESOLVE.3 | 14 +- docs/libcurl/opts/CURLOPT_RESOLVE.html | 10 +- docs/libcurl/opts/CURLOPT_RESOLVE.pdf | Bin 20076 -> 21183 bytes docs/libcurl/opts/CURLOPT_RESUME_FROM.pdf | Bin 17885 -> 17885 bytes docs/libcurl/opts/CURLOPT_RESUME_FROM_LARGE.pdf | Bin 15126 -> 15126 bytes docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.pdf | Bin 13595 -> 13595 bytes docs/libcurl/opts/CURLOPT_RTSP_REQUEST.pdf | Bin 25671 -> 25671 bytes docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.pdf | Bin 13499 -> 13499 bytes docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.pdf | Bin 15854 -> 15854 bytes docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3 | 10 +- docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.html | 2 +- docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.pdf | Bin 18863 -> 18869 bytes docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.pdf | Bin 13800 -> 13800 bytes docs/libcurl/opts/CURLOPT_SASL_IR.pdf | Bin 14295 -> 14295 bytes docs/libcurl/opts/CURLOPT_SEEKDATA.pdf | Bin 16781 -> 16781 bytes docs/libcurl/opts/CURLOPT_SEEKFUNCTION.pdf | Bin 19738 -> 19738 bytes docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 | 15 +- docs/libcurl/opts/CURLOPT_SERVICE_NAME.html | 8 +- docs/libcurl/opts/CURLOPT_SERVICE_NAME.pdf | Bin 15171 -> 15498 bytes docs/libcurl/opts/CURLOPT_SHARE.pdf | Bin 16529 -> 16529 bytes docs/libcurl/opts/CURLOPT_SOCKOPTDATA.pdf | Bin 16846 -> 16846 bytes docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.pdf | Bin 21841 -> 21841 bytes docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.pdf | Bin 14143 -> 14143 bytes docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 | 16 +- .../opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.html | 9 +- .../libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf | Bin 15580 -> 17845 bytes docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.pdf | Bin 16391 -> 16391 bytes .../opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf | Bin 14610 -> 14610 bytes docs/libcurl/opts/CURLOPT_SSH_KEYDATA.pdf | Bin 17663 -> 17663 bytes docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.pdf | Bin 22147 -> 22147 bytes docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.pdf | Bin 17302 -> 17302 bytes docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.pdf | Bin 19521 -> 19521 bytes docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.pdf | Bin 17690 -> 17690 bytes docs/libcurl/opts/CURLOPT_SSLCERT.pdf | Bin 17042 -> 17042 bytes docs/libcurl/opts/CURLOPT_SSLCERTTYPE.pdf | Bin 14376 -> 14376 bytes docs/libcurl/opts/CURLOPT_SSLENGINE.pdf | Bin 14272 -> 14272 bytes docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 | 4 +- docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.html | 2 +- docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.pdf | Bin 16451 -> 16804 bytes docs/libcurl/opts/CURLOPT_SSLKEY.pdf | Bin 16985 -> 16985 bytes docs/libcurl/opts/CURLOPT_SSLKEYTYPE.pdf | Bin 17153 -> 17153 bytes docs/libcurl/opts/CURLOPT_SSLVERSION.pdf | Bin 15424 -> 15424 bytes docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.pdf | Bin 15130 -> 15130 bytes docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.pdf | Bin 17229 -> 17229 bytes docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.pdf | Bin 23473 -> 23471 bytes docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.pdf | Bin 13349 -> 13349 bytes docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.pdf | Bin 13348 -> 13348 bytes docs/libcurl/opts/CURLOPT_SSL_FALSESTART.pdf | Bin 13864 -> 13864 bytes docs/libcurl/opts/CURLOPT_SSL_OPTIONS.pdf | Bin 20269 -> 20269 bytes docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.pdf | Bin 13924 -> 13924 bytes docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.pdf | Bin 21755 -> 21755 bytes docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.pdf | Bin 19439 -> 19439 bytes docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.pdf | Bin 14414 -> 14414 bytes docs/libcurl/opts/CURLOPT_STDERR.pdf | Bin 16652 -> 16652 bytes docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.pdf | Bin 17979 -> 17979 bytes docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.pdf | Bin 16314 -> 16308 bytes docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.pdf | Bin 19108 -> 19108 bytes docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3 | 47 + docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.html | 65 + docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.pdf | Bin 0 -> 13667 bytes docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.pdf | Bin 17113 -> 17113 bytes docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.pdf | Bin 15902 -> 15902 bytes docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.pdf | Bin 14193 -> 14191 bytes docs/libcurl/opts/CURLOPT_TCP_NODELAY.3 | 12 +- docs/libcurl/opts/CURLOPT_TCP_NODELAY.html | 6 +- docs/libcurl/opts/CURLOPT_TCP_NODELAY.pdf | Bin 14337 -> 14424 bytes docs/libcurl/opts/CURLOPT_TELNETOPTIONS.pdf | Bin 13482 -> 13482 bytes docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.pdf | Bin 15997 -> 15997 bytes docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.3 | 4 +- docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.pdf | Bin 17804 -> 17804 bytes docs/libcurl/opts/CURLOPT_TIMECONDITION.3 | 2 +- docs/libcurl/opts/CURLOPT_TIMECONDITION.pdf | Bin 19688 -> 19688 bytes docs/libcurl/opts/CURLOPT_TIMEOUT.pdf | Bin 18825 -> 18825 bytes docs/libcurl/opts/CURLOPT_TIMEOUT_MS.pdf | Bin 18943 -> 18943 bytes docs/libcurl/opts/CURLOPT_TIMEVALUE.3 | 2 +- docs/libcurl/opts/CURLOPT_TIMEVALUE.pdf | Bin 17237 -> 17237 bytes docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.pdf | Bin 16462 -> 16462 bytes docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.pdf | Bin 17402 -> 17402 bytes docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.pdf | Bin 16580 -> 16580 bytes docs/libcurl/opts/CURLOPT_TRANSFERTEXT.pdf | Bin 13995 -> 13995 bytes docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3 | 4 +- docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.html | 2 +- docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.pdf | Bin 16008 -> 17594 bytes docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.pdf | Bin 18048 -> 18048 bytes docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.pdf | Bin 15653 -> 15653 bytes docs/libcurl/opts/CURLOPT_UPLOAD.pdf | Bin 19528 -> 19528 bytes docs/libcurl/opts/CURLOPT_URL.pdf | Bin 34969 -> 34969 bytes docs/libcurl/opts/CURLOPT_USERAGENT.pdf | Bin 17247 -> 17247 bytes docs/libcurl/opts/CURLOPT_USERNAME.3 | 4 +- docs/libcurl/opts/CURLOPT_USERNAME.html | 2 +- docs/libcurl/opts/CURLOPT_USERNAME.pdf | Bin 19025 -> 18851 bytes docs/libcurl/opts/CURLOPT_USERPWD.pdf | Bin 19426 -> 19426 bytes docs/libcurl/opts/CURLOPT_USE_SSL.pdf | Bin 17222 -> 17222 bytes docs/libcurl/opts/CURLOPT_VERBOSE.pdf | Bin 18237 -> 18237 bytes docs/libcurl/opts/CURLOPT_WILDCARDMATCH.pdf | Bin 24154 -> 24154 bytes docs/libcurl/opts/CURLOPT_WRITEDATA.pdf | Bin 18525 -> 18525 bytes docs/libcurl/opts/CURLOPT_WRITEFUNCTION.pdf | Bin 20755 -> 20749 bytes docs/libcurl/opts/CURLOPT_XFERINFODATA.pdf | Bin 17147 -> 17147 bytes docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.pdf | Bin 20188 -> 20188 bytes docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.pdf | Bin 16959 -> 16959 bytes docs/libcurl/opts/Makefile.am | 1242 ++- docs/libcurl/opts/Makefile.in | 1242 ++- docs/libcurl/symbols-in-versions | 12 +- docs/mk-ca-bundle.html | 2 + docs/mk-ca-bundle.pdf | Bin 21465 -> 21710 bytes include/curl/curl.h | 42 +- include/curl/curlbuild.h | 6 +- include/curl/curlver.h | 10 +- include/curl/mprintf.h | 28 +- include/curl/multi.h | 6 +- lib/Makefile.Watcom | 9 +- lib/Makefile.am | 7 +- lib/Makefile.b32 | 9 +- lib/Makefile.in | 462 +- lib/Makefile.inc | 33 +- lib/Makefile.m32 | 4 + lib/Makefile.netware | 2 +- lib/Makefile.vc10 | 30 +- lib/Makefile.vc11 | 30 +- lib/Makefile.vc12 | 30 +- lib/Makefile.vc14 | 30 +- lib/Makefile.vc6 | 30 +- lib/Makefile.vc7 | 30 +- lib/Makefile.vc8 | 30 +- lib/Makefile.vc9 | 30 +- lib/amigaos.c | 4 +- lib/asyn-ares.c | 22 +- lib/asyn-thread.c | 29 +- lib/asyn.h | 2 +- lib/base64.c | 14 +- lib/checksrc.pl | 284 +- lib/checksrc.whitelist | 12 - lib/conncache.c | 22 +- lib/connect.c | 138 +- lib/connect.h | 46 +- lib/content_encoding.c | 4 +- lib/cookie.c | 20 +- lib/cookie.h | 12 +- lib/curl_addrinfo.c | 34 +- lib/curl_addrinfo.h | 10 +- lib/curl_base64.h | 4 +- lib/curl_config.h.cmake | 9 +- lib/curl_config.h.in | 12 +- lib/curl_fnmatch.c | 4 +- lib/curl_gssapi.c | 63 +- lib/curl_gssapi.h | 6 +- lib/curl_memory.h | 17 +- lib/curl_memrchr.c | 5 +- lib/curl_multibyte.c | 2 + lib/curl_ntlm.c | 239 - lib/curl_ntlm.h | 40 - lib/curl_ntlm_core.c | 46 +- lib/curl_ntlm_core.h | 4 +- lib/curl_ntlm_msgs.c | 821 -- lib/curl_ntlm_msgs.h | 143 - lib/curl_ntlm_wb.c | 9 +- lib/curl_sasl.c | 1273 +-- lib/curl_sasl.h | 114 +- lib/curl_sasl_gssapi.c | 392 - lib/curl_sasl_sspi.c | 1295 --- lib/curl_setup.h | 43 +- lib/curl_sspi.c | 70 +- lib/curl_threads.c | 4 +- lib/dict.c | 4 +- lib/dotdot.c | 4 +- lib/easy.c | 76 +- lib/easyif.h | 4 +- lib/escape.c | 20 +- lib/escape.h | 2 +- lib/file.c | 65 +- lib/formdata.c | 27 +- lib/formdata.h | 8 +- lib/ftp.c | 108 +- lib/ftp.h | 4 +- lib/getenv.c | 3 +- lib/getinfo.c | 34 +- lib/getinfo.h | 4 +- lib/gopher.c | 2 +- lib/hash.c | 5 +- lib/hmac.c | 5 +- lib/hostasyn.c | 2 +- lib/hostip.c | 27 +- lib/hostip.h | 22 +- lib/hostip4.c | 4 +- lib/hostip6.c | 17 +- lib/hostsyn.c | 8 +- lib/http.c | 440 +- lib/http.h | 10 +- lib/http2.c | 564 +- lib/http2.h | 10 +- lib/http_chunks.c | 6 +- lib/http_digest.c | 21 +- lib/http_digest.h | 2 +- lib/http_negotiate.c | 191 +- lib/http_negotiate.h | 6 +- lib/http_negotiate_sspi.c | 302 - lib/http_ntlm.c | 238 + lib/http_ntlm.h | 40 + lib/http_proxy.c | 45 +- lib/if2ip.c | 5 +- lib/imap.c | 86 +- lib/imap.h | 4 +- lib/inet_ntop.c | 11 +- lib/krb5.c | 13 +- lib/ldap.c | 11 +- lib/libcurl.plist | 6 +- lib/llist.c | 4 +- lib/md5.c | 6 +- lib/memdebug.c | 6 +- lib/memdebug.h | 14 +- lib/mk-ca-bundle.pl | 26 +- lib/mprintf.c | 180 +- lib/multi.c | 779 +- lib/multihandle.h | 8 +- lib/multiif.h | 13 +- lib/netrc.c | 6 +- lib/non-ascii.c | 22 +- lib/non-ascii.h | 16 +- lib/nwlib.c | 48 +- lib/nwos.c | 10 +- lib/openldap.c | 15 +- lib/pingpong.c | 16 +- lib/pipeline.c | 41 +- lib/pipeline.h | 18 +- lib/pop3.c | 40 +- lib/pop3.h | 4 +- lib/progress.c | 93 +- lib/progress.h | 20 +- lib/rtsp.c | 39 +- lib/security.c | 2 +- lib/sendf.c | 139 +- lib/sendf.h | 6 +- lib/share.c | 21 +- lib/share.h | 4 +- lib/sigpipe.h | 4 +- lib/slist.c | 4 +- lib/smb.c | 3 +- lib/smtp.c | 69 +- lib/smtp.h | 4 +- lib/socks.c | 131 +- lib/socks_gssapi.c | 12 +- lib/socks_sspi.c | 15 +- lib/speedcheck.c | 4 +- lib/speedcheck.h | 4 +- lib/splay.h | 4 +- lib/ssh.c | 148 +- lib/ssh.h | 5 +- lib/strdup.c | 6 +- lib/strerror.c | 14 +- lib/system_win32.c | 297 + lib/system_win32.h | 61 + lib/telnet.c | 33 +- lib/tftp.c | 60 +- lib/transfer.c | 224 +- lib/transfer.h | 21 +- lib/url.c | 1023 +- lib/url.h | 38 +- lib/urldata.h | 116 +- lib/vauth/cleartext.c | 157 + lib/vauth/cram.c | 138 + lib/vauth/digest.c | 897 ++ lib/vauth/digest.h | 43 + lib/vauth/digest_sspi.c | 554 + lib/vauth/krb5_gssapi.c | 401 + lib/vauth/krb5_sspi.c | 518 + lib/vauth/ntlm.c | 856 ++ lib/vauth/ntlm.h | 143 + lib/vauth/ntlm_sspi.c | 335 + lib/vauth/oauth2.c | 86 + lib/vauth/spnego_gssapi.c | 274 + lib/vauth/spnego_sspi.c | 321 + lib/vauth/vauth.c | 147 + lib/vauth/vauth.h | 204 + lib/vtls/axtls.c | 56 +- lib/vtls/axtls.h | 2 +- lib/vtls/cyassl.c | 191 +- lib/vtls/cyassl.h | 21 +- lib/vtls/darwinssl.c | 111 +- lib/vtls/gskit.c | 32 +- lib/vtls/gtls.c | 48 +- lib/vtls/gtls.h | 7 +- lib/vtls/mbedtls.c | 220 +- lib/vtls/mbedtls.h | 19 +- lib/vtls/nss.c | 100 +- lib/vtls/nssg.h | 11 +- lib/vtls/openssl.c | 391 +- lib/vtls/openssl.h | 17 +- lib/vtls/polarssl.c | 169 +- lib/vtls/polarssl.h | 8 +- lib/vtls/schannel.c | 311 +- lib/vtls/schannel.h | 3 + lib/vtls/vtls.c | 129 +- lib/vtls/vtls.h | 67 +- lib/warnless.c | 59 +- lib/warnless.h | 8 +- lib/wildcard.c | 4 +- lib/wildcard.h | 2 +- lib/x509asn1.c | 17 +- lib/x509asn1.h | 4 +- ltmain.sh | 6 +- m4/curl-compilers.m4 | 4 +- m4/curl-confopts.m4 | 14 +- m4/curl-functions.m4 | 270 +- m4/libtool.m4 | 1 - packages/OS400/ccsidcurl.c | 8 +- packages/OS400/curl.inc.in | 19 +- packages/OS400/initscript.sh | 6 +- packages/OS400/make-lib.sh | 2 +- packages/Symbian/group/libcurl.mmp | 15 +- projects/README | 27 +- projects/Windows/VC10/lib/libcurl.vcxproj | 154 +- projects/Windows/VC10/src/curl.vcxproj | 128 +- projects/Windows/VC11/lib/libcurl.vcxproj | 154 +- projects/Windows/VC11/src/curl.vcxproj | 128 +- projects/Windows/VC12/lib/libcurl.vcxproj | 154 +- projects/Windows/VC12/src/curl.vcxproj | 128 +- projects/Windows/VC14/lib/libcurl.vcxproj | 154 +- projects/Windows/VC14/src/curl.vcxproj | 128 +- projects/Windows/VC6/lib/libcurl.dsp | 210 +- projects/Windows/VC6/src/curl.dsp | 112 +- projects/Windows/VC7.1/lib/libcurl.vcproj | 142 +- projects/Windows/VC7.1/src/curl.vcproj | 56 +- projects/Windows/VC7/lib/libcurl.vcproj | 142 +- projects/Windows/VC7/src/curl.vcproj | 56 +- projects/Windows/VC8/lib/libcurl.vcproj | 222 +- projects/Windows/VC8/src/curl.vcproj | 112 +- projects/Windows/VC9/lib/libcurl.vcproj | 222 +- projects/Windows/VC9/src/curl.vcproj | 112 +- projects/checksrc.bat | 55 +- scripts/Makefile.am | 4 +- scripts/Makefile.in | 4 +- src/Makefile.am | 8 +- src/Makefile.in | 8 +- src/Makefile.m32 | 4 + src/Makefile.vc10 | 6 +- src/Makefile.vc11 | 6 +- src/Makefile.vc12 | 6 +- src/Makefile.vc14 | 6 +- src/Makefile.vc6 | 6 +- src/Makefile.vc7 | 6 +- src/Makefile.vc8 | 6 +- src/Makefile.vc9 | 6 +- src/checksrc.whitelist | 3 - src/tool_cb_hdr.c | 5 +- src/tool_cfgable.c | 5 +- src/tool_cfgable.h | 18 +- src/tool_formparse.c | 4 +- src/tool_getparam.c | 67 +- src/tool_help.c | 9 +- src/tool_helpers.c | 2 +- src/tool_hugehelp.c | 10881 ++++++++++--------- src/tool_operate.c | 51 +- src/tool_setopt.c | 3 +- src/tool_urlglob.c | 2 +- src/tool_version.h | 2 +- src/tool_vms.c | 14 +- src/tool_writeout.c | 24 +- tests/CMakeLists.txt | 1 + tests/FILEFORMAT | 6 +- tests/Makefile.am | 15 +- tests/Makefile.in | 15 +- tests/README | 1 + tests/data/Makefile.in | 17 +- tests/data/Makefile.inc | 17 +- tests/data/test1001 | 2 + tests/data/test1002 | 3 + tests/data/test1008 | 2 + tests/data/test1021 | 3 + tests/data/test1034 | 1 + tests/data/test1035 | 1 + tests/data/test1059 | 1 + tests/data/test1060 | 2 + tests/data/test1061 | 2 + tests/data/test1077 | 3 + tests/data/test1078 | 1 + tests/data/test1087 | 3 + tests/data/test1088 | 3 + tests/data/test1092 | 1 + tests/data/test1097 | 1 + tests/data/test1098 | 2 + tests/data/test1104 | 2 + tests/data/test1106 | 1 + tests/data/test1139 | 26 + tests/data/test1140 | 26 + tests/data/test1141 | 70 + tests/data/test1142 | 64 + tests/data/test1143 | 45 + tests/data/test1144 | 62 + tests/data/test1213 | 1 + tests/data/test1214 | 1 + tests/data/test1215 | 2 + tests/data/test1216 | 2 + tests/data/test1218 | 3 + tests/data/test1228 | 2 + tests/data/test1230 | 1 + tests/data/test1232 | 2 + tests/data/test1241 | 2 + tests/data/test1244 | 61 + tests/data/test1312 | 2 +- tests/data/test1314 | 2 + tests/data/test1319 | 1 + tests/data/test1320 | 1 + tests/data/test1321 | 1 + tests/data/test1322 | 57 + tests/data/test1331 | 2 + tests/data/test1415 | 1 + tests/data/test1421 | 2 + tests/data/test1428 | 1 + tests/data/test148 | 1 + tests/data/test1509 | 1 + tests/data/test1517 | 69 + tests/data/test1525 | 1 + tests/data/test1526 | 1 + tests/data/test1527 | 1 + tests/data/test1528 | 1 + tests/data/test16 | 1 + tests/data/test161 | 6 +- tests/data/test162 | 1 + tests/data/test165 | 1 + tests/data/test167 | 2 + tests/data/test168 | 3 + tests/data/test169 | 3 + tests/data/test170 | 1 + tests/data/test1700 | 101 + tests/data/test1701 | 83 + tests/data/test1702 | 78 + tests/data/test171 | 1 + tests/data/test179 | 1 + tests/data/test1800 | 4 +- tests/data/test1801 | 4 +- tests/data/test183 | 2 + tests/data/test184 | 2 + tests/data/test185 | 2 + tests/data/test2047 | 2 + tests/data/test2049 | 64 + tests/data/test2050 | 78 + tests/data/test2051 | 74 + tests/data/test2052 | 68 + tests/data/test206 | 2 + tests/data/test208 | 1 + tests/data/test209 | 2 + tests/data/test213 | 2 + tests/data/test217 | 1 + tests/data/test219 | 37 + tests/data/test233 | 2 + tests/data/test234 | 2 + tests/data/test239 | 2 + tests/data/test243 | 3 + tests/data/test256 | 1 + tests/data/test257 | 3 + tests/data/test258 | 4 + tests/data/test259 | 2 + tests/data/test263 | 1 + tests/data/test264 | 1 + tests/data/test265 | 2 + tests/data/test275 | 1 + tests/data/test278 | 1 + tests/data/test279 | 1 + tests/data/test287 | 1 + tests/data/test299 | 1 + tests/data/test43 | 2 + tests/data/test5 | 1 + tests/data/test503 | 1 + tests/data/test523 | 1 + tests/data/test540 | 3 + tests/data/test547 | 3 + tests/data/test548 | 3 + tests/data/test549 | 1 + tests/data/test550 | 1 + tests/data/test551 | 2 + tests/data/test552 | Bin 142925 -> 142985 bytes tests/data/test555 | 3 + tests/data/test557 | 1 + tests/data/test558 | 5 +- tests/data/test561 | 1 + tests/data/test563 | 1 + tests/data/test590 | 3 + tests/data/test63 | 1 + tests/data/test79 | 1 + tests/data/test80 | 1 + tests/data/test81 | 2 + tests/data/test82 | 1 + tests/data/test83 | 1 + tests/data/test84 | 1 + tests/data/test85 | 1 + tests/data/test93 | 1 + tests/data/test94 | 1 + tests/data/test95 | 1 + tests/http2-server.pl | 75 + tests/libtest/Makefile.am | 5 +- tests/libtest/Makefile.in | 746 +- tests/libtest/Makefile.inc | 5 +- tests/libtest/chkhostname.c | 6 +- tests/libtest/first.c | 6 +- tests/libtest/lib1500.c | 4 +- tests/libtest/lib1501.c | 4 +- tests/libtest/lib1502.c | 5 +- tests/libtest/lib1506.c | 8 +- tests/libtest/lib1507.c | 4 +- tests/libtest/lib1510.c | 8 +- tests/libtest/lib1512.c | 10 +- tests/libtest/lib1515.c | 11 +- tests/libtest/lib1517.c | 116 + tests/libtest/lib1525.c | 6 +- tests/libtest/lib1526.c | 8 +- tests/libtest/lib1527.c | 8 +- tests/libtest/lib1528.c | 4 +- tests/libtest/lib1531.c | 12 +- tests/libtest/lib1900.c | 10 +- tests/libtest/lib500.c | 74 +- tests/libtest/lib501.c | 6 +- tests/libtest/lib504.c | 4 +- tests/libtest/lib505.c | 23 +- tests/libtest/lib506.c | 213 +- tests/libtest/lib508.c | 6 +- tests/libtest/lib509.c | 6 +- tests/libtest/lib510.c | 8 +- tests/libtest/lib511.c | 6 +- tests/libtest/lib513.c | 6 +- tests/libtest/lib514.c | 6 +- tests/libtest/lib515.c | 6 +- tests/libtest/lib516.c | 6 +- tests/libtest/lib518.c | 180 +- tests/libtest/lib519.c | 6 +- tests/libtest/lib520.c | 6 +- tests/libtest/lib521.c | 6 +- tests/libtest/lib523.c | 6 +- tests/libtest/lib524.c | 6 +- tests/libtest/lib525.c | 8 +- tests/libtest/lib530.c | 4 +- tests/libtest/lib537.c | 177 +- tests/libtest/lib539.c | 13 +- tests/libtest/lib540.c | 8 +- tests/libtest/lib541.c | 14 +- tests/libtest/lib542.c | 8 +- tests/libtest/lib543.c | 4 +- tests/libtest/lib544.c | 6 +- tests/libtest/lib547.c | 9 +- tests/libtest/lib549.c | 6 +- tests/libtest/lib552.c | 22 +- tests/libtest/lib553.c | 12 +- tests/libtest/lib554.c | 6 +- tests/libtest/lib555.c | 7 +- tests/libtest/lib556.c | 6 +- tests/libtest/lib557.c | 60 +- tests/libtest/lib558.c | 4 +- tests/libtest/lib562.c | 8 +- tests/libtest/lib566.c | 6 +- tests/libtest/lib567.c | 6 +- tests/libtest/lib568.c | 9 +- tests/libtest/lib569.c | 9 +- tests/libtest/lib570.c | 6 +- tests/libtest/lib571.c | 11 +- tests/libtest/lib572.c | 6 +- tests/libtest/lib573.c | 8 +- tests/libtest/lib574.c | 6 +- tests/libtest/lib576.c | 7 +- tests/libtest/lib578.c | 14 +- tests/libtest/lib579.c | 8 +- tests/libtest/lib582.c | 53 +- tests/libtest/lib586.c | 101 +- tests/libtest/lib590.c | 10 +- tests/libtest/lib597.c | 11 +- tests/libtest/lib598.c | 6 +- tests/libtest/lib599.c | 10 +- tests/libtest/libauthretry.c | 45 +- tests/libtest/libntlmconnect.c | 48 +- tests/libtest/test.h | 274 +- tests/libtest/testutil.c | 4 +- tests/manpage-scan.pl | 287 + tests/nroff-scan.pl | 104 + tests/pathhelp.pm | 761 ++ tests/runtests.pdf | Bin 21980 -> 21980 bytes tests/runtests.pl | 129 +- tests/secureserver.pl | 8 +- tests/server/Makefile.am | 4 +- tests/server/Makefile.in | 5 +- tests/server/fake_ntlm.c | 17 +- tests/server/getpart.c | 6 +- tests/server/resolve.c | 6 +- tests/server/rtspd.c | 107 +- tests/server/sockfilt.c | 59 +- tests/server/sws.c | 104 +- tests/server/testpart.c | 4 +- tests/server/tftpd.c | 126 +- tests/server/util.c | 23 +- tests/serverhelp.pm | 5 +- tests/sshserver.pl | 19 +- tests/testcurl.pdf | Bin 22145 -> 22145 bytes tests/unit/Makefile.am | 5 +- tests/unit/Makefile.in | 7 +- tests/unit/curlcheck.h | 21 +- tests/unit/unit1300.c | 6 +- tests/unit/unit1301.c | 20 +- tests/unit/unit1302.c | 36 +- tests/unit/unit1303.c | 10 +- tests/unit/unit1304.c | 22 +- tests/unit/unit1305.c | 20 +- tests/unit/unit1307.c | 8 +- tests/unit/unit1394.c | 14 +- tests/unit/unit1396.c | 4 +- tests/unit/unit1397.c | 72 +- tests/unit/unit1398.c | 26 +- tests/unit/unit1600.c | 6 +- tests/unit/unit1601.c | 3 +- tests/unit/unit1602.c | 7 +- tests/unit/unit1603.c | 6 +- tests/unit/unit1604.c | 4 +- winbuild/BUILD.WINDOWS.txt | 1 + winbuild/Makefile.vc | 432 +- winbuild/MakefileBuild.vc | 54 +- 1044 files changed, 34945 insertions(+), 25219 deletions(-) create mode 100644 docs/CHECKSRC.md delete mode 100644 docs/CONTRIBUTE create mode 100644 docs/CONTRIBUTE.md delete mode 100644 docs/HISTORY create mode 100644 docs/HISTORY.md delete mode 100644 docs/HTTP-COOKIES create mode 100644 docs/HTTP-COOKIES.md delete mode 100644 docs/INTERNALS create mode 100644 docs/INTERNALS.md delete mode 100644 docs/LICENSE-MIXING create mode 100644 docs/LICENSE-MIXING.md delete mode 100644 docs/SECURITY create mode 100644 docs/SECURITY.md delete mode 100644 docs/SSL-PROBLEMS create mode 100644 docs/SSL-PROBLEMS.md delete mode 100644 docs/SSLCERTS create mode 100644 docs/SSLCERTS.md create mode 100644 docs/libcurl/curl_multi_socket_all.3 create mode 100644 docs/libcurl/curl_multi_socket_all.html create mode 100644 docs/libcurl/curl_multi_socket_all.pdf create mode 100644 docs/libcurl/opts/CURLINFO_HTTP_VERSION.3 create mode 100644 docs/libcurl/opts/CURLOPT_CONNECT_TO.3 create mode 100644 docs/libcurl/opts/CURLOPT_CONNECT_TO.html create mode 100644 docs/libcurl/opts/CURLOPT_CONNECT_TO.pdf create mode 100644 docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3 create mode 100644 docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.html create mode 100644 docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.pdf delete mode 100644 lib/checksrc.whitelist delete mode 100644 lib/curl_ntlm.c delete mode 100644 lib/curl_ntlm.h delete mode 100644 lib/curl_ntlm_msgs.c delete mode 100644 lib/curl_ntlm_msgs.h delete mode 100644 lib/curl_sasl_gssapi.c delete mode 100644 lib/curl_sasl_sspi.c delete mode 100644 lib/http_negotiate_sspi.c create mode 100644 lib/http_ntlm.c create mode 100644 lib/http_ntlm.h create mode 100644 lib/system_win32.c create mode 100644 lib/system_win32.h create mode 100644 lib/vauth/cleartext.c create mode 100644 lib/vauth/cram.c create mode 100644 lib/vauth/digest.c create mode 100644 lib/vauth/digest.h create mode 100644 lib/vauth/digest_sspi.c create mode 100644 lib/vauth/krb5_gssapi.c create mode 100644 lib/vauth/krb5_sspi.c create mode 100644 lib/vauth/ntlm.c create mode 100644 lib/vauth/ntlm.h create mode 100644 lib/vauth/ntlm_sspi.c create mode 100644 lib/vauth/oauth2.c create mode 100644 lib/vauth/spnego_gssapi.c create mode 100644 lib/vauth/spnego_sspi.c create mode 100644 lib/vauth/vauth.c create mode 100644 lib/vauth/vauth.h delete mode 100644 src/checksrc.whitelist create mode 100644 tests/data/test1139 create mode 100644 tests/data/test1140 create mode 100644 tests/data/test1141 create mode 100644 tests/data/test1142 create mode 100644 tests/data/test1143 create mode 100644 tests/data/test1144 create mode 100644 tests/data/test1244 create mode 100644 tests/data/test1322 create mode 100644 tests/data/test1517 create mode 100644 tests/data/test1700 create mode 100644 tests/data/test1701 create mode 100644 tests/data/test1702 create mode 100644 tests/data/test2049 create mode 100644 tests/data/test2050 create mode 100644 tests/data/test2051 create mode 100644 tests/data/test2052 create mode 100644 tests/data/test219 create mode 100755 tests/http2-server.pl create mode 100644 tests/libtest/lib1517.c create mode 100644 tests/manpage-scan.pl create mode 100644 tests/nroff-scan.pl create mode 100644 tests/pathhelp.pm diff --git a/CHANGES b/CHANGES index da5ded9d4..b08f71df4 100644 --- a/CHANGES +++ b/CHANGES @@ -6,5470 +6,5683 @@ Changelog -Version 7.48.0 (23 Mar 2016) +Version 7.50.2 (7 Sep 2016) -Daniel Stenberg (23 Mar 2016) -- RELEASE-NOTES: curl 7.48.0 +Daniel Stenberg (7 Sep 2016) +- RELEASE-NOTES: curl 7.50.2 release -- THANKS: 15 new contributors from 7.48.0 release +- THANKS: updated for 7.50.2 -Jay Satiro (23 Mar 2016) -- CURLINFO_TLS_SSL_PTR.3: Warn about limitations - - Bug: https://github.com/curl/curl/issues/685 +Jay Satiro (6 Sep 2016) +- [Gaurav Malhotra brought this change] -Daniel Stenberg (22 Mar 2016) -- Revert "sshserver: remove use of AuthorizedKeysFile2" + openssl: fix CURLINFO_SSL_VERIFYRESULT - It seems we may have some autobuild problems after this commit went - in. Trying to see if a revert helps to get them back. + CURLINFO_SSL_VERIFYRESULT does not get the certificate verification + result when SSL_connect fails because of a certificate verification + error. - This reverts commit 2716350d1f3edc8e929f6ceeee05051090f6d642. + This fix saves the result of SSL_get_verify_result so that it is + returned by CURLINFO_SSL_VERIFYRESULT. + + Closes https://github.com/curl/curl/pull/995 -- maketgz: add -j to make dist +Daniel Stenberg (6 Sep 2016) +- [Daniel Gustafsson brought this change] + + darwinssl: test for errSecSuccess in PKCS12 import rather than noErr (#993) - ... makes it a lot faster + While noErr and errSecSuccess are defined as the same value, the API + documentation states that SecPKCS12Import() returns errSecSuccess if + there were no errors in importing. Ensure that a future change of the + defined value doesn't break (however unlikely) and be consistent with + the API docs. -- libcurl-thread.3: minor nroff format fix +- [Daniel Gustafsson brought this change] -- CURLINFO_TLS_SSL_PTR.3: minor nroff format fix + docs: Fix link to CONTRIBUTE in Github contribution guidelines (#994) -- CODE_STYLE: indend example code - - ... to make it look nicer in markdown outputa +- [Marcel Raad brought this change] -Jay Satiro (22 Mar 2016) -- build-wolfssl: Update VS properties for wolfSSL v3.9.0 + openssl: Fix compilation with OPENSSL_API_COMPAT=0x10100000L - - Do not use wolfSSL's sample user-setting files. + With OPENSSL_API_COMPAT=0x10100000L (OpenSSL 1.1 API), the cleanup + functions are unavailable (they're no-ops anyway in OpenSSL 1.1). The + replacements for SSL_load_error_strings, SSLeay_add_ssl_algorithms, and + OpenSSL_add_all_algorithms are called automatically [1][2]. SSLeay() is + now called OpenSSL_version_num(). - wolfSSL starting in v3.9.0 has added their own sample user settings that - are applied by default, but we don't use them because we have our own - settings. + [1]: https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html + [2]: https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html - - Do not use wolfSSL's Visual Studio Unicode character setting. + Closes #992 + +- RELEASE-NOTES: synced with 3d4c0c8b9bc1d + +- http2: return EOF when done uploading without known size - wolfSSL Visual Studio projects use the Unicode character set however our - settings and options imitate mingw build which does not use the Unicode - character set. This does not appear to have any effect at the moment but - better safe than sorry. + Fixes #982 + +- http2: skip the content-length parsing, detect unknown size + +- http2: minor white space edit + +- http2: use named define instead of magic constant in read callback + +- [Craig Davison brought this change] + + configure: make the cpp -P detection not clobber CPPFLAGS + CPPPFLAGS is now CPPPFLAG. Fixes CURL_CHECK_DEF. - These changes are backwards compatible with earlier versions. + Fixes #958 -Steve Holme (22 Mar 2016) -- hostip6: Fixed compilation warnings when verbose strings disabled +- [Olivier Brunel brought this change] + + speed caps: not based on average speeds anymore - warning C4189: 'data': local variable is initialized but not referenced + Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE & + CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits + with the cumulative average speed of the entire transfer; While this + might work at times with good/constant connections, in other cases it + can result to the limits simply being "ignored" for more than "short + bursts" (as told in man page). - ...and some minor formatting/spacing changes. - -Daniel Stenberg (21 Mar 2016) -- sshserver: remove use of AuthorizedKeysFile2 + Consider a download that goes on much slower than the limit for some + time (because bandwidth is used elsewhere, server is slow, whatever the + reason), then once things get better, curl would simply ignore the limit + up until the average speed (since the beginning of the transfer) reached + the limit. This could prove the limit useless to effectively avoid + using the entire bandwidth (at least for quite some time). - Support for the (undocumented) AuthorizedKeysFile2 was removed in - OpenSSH 5.9, released in September 2011 + So instead, we now use a "moving starting point" as reference, and every + time at least as much as the limit as been transferred, we can reset + this starting point to the current position. This gets a good limiting + effect that applies to the "current speed" with instant reactivity (in + case of sudden speed burst). - Closes #715 + Closes #971 -Steve Holme (20 Mar 2016) -- connect/ntlm/http: Fixed compilation warnings when verbose strings disabled - - warning C4189: 'data': local variable is initialized but not referenced +- HISTORY.md: the multi socket was put in the wrong year! -- openssl: Fixed compilation warning when /Wall enabled - - warning C4706: assignment within conditional expression +- [Mark Hamilton brought this change] -- CODE_STYLE: Use boolean conditions + tool_helpers.c: fix comment typo (#989) + +- [Mark Hamilton brought this change] + + libtest/test.h: fix typo (#988) + +- CURLMOPT_PIPELINING.3: language + +- CURLMOPT_PIPELINING.3: extended and clarified - Rather than use TRUE, FALSE, NULL, 0 or != 0 in if/while conditions. + Especially in regards to the multiplexing part. + +Steve Holme (31 Aug 2016) +- curl_sspi.c: Updated function description comments - Additionally, corrected some example code to adhere to the recommended - coding style. + * Added description to Curl_sspi_free_identity() + * Added parameter and return explanations to Curl_sspi_global_init() + * Added parameter explaination to Curl_sspi_global_cleanup() -- inet_pton.c: Fixed compilation warnings +- README: Corrected the supported Visual Studio versions - warning: conversion to 'unsigned char' from 'int' may alter its value + Missed from commit 8356022d17. -Daniel Stenberg (19 Mar 2016) -- RELEASE-NOTES: synced with 80851028efc2fa9 +- KNOWN_BUGS: Move the Visual Studio project shortcomings from local README -- mbedtls: fix compiler warning +- KNOWN_BUGS: Expand 6.4 to include Kerberos V5 - vtls/mbedtls.h:67:36: warning: implicit declaration of function - ‘mbedtls_sha256’ [-Wimplicit-function-declaration] + ...and discuss a possible solution. -Steve Holme (19 Mar 2016) -- easy: Minor coding standard and style updates +Daniel Stenberg (30 Aug 2016) +- connect: fix #ifdefs for debug versions of conn/streamclose() macros - Following commit c5744340db. Additionally removes the need for a second - 'result code' variable as well. - -Jay Satiro (19 Mar 2016) -- easy: Remove poll failure check in easy_transfer + CURLDEBUG is for the memory debugging - .. because curl_multi_wait can no longer signal poll failure. + DEBUGBUILD is for the extra debug stuff - follow-up to 77e1726 + Pointed-out-by: Steve Holme + +- KNOWN_BUGS: mention some cmake "support gaps" + +Nick Zitzmann (28 Aug 2016) +- darwinssl: add documentation stating that the --cainfo option is intended for backward compatibility only - Bug: https://github.com/curl/curl/issues/707 + In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead. -Steve Holme (19 Mar 2016) -- build: Added missing Visual Studio filter files for VC10 onwards +Daniel Stenberg (28 Aug 2016) +- http2: return CURLE_HTTP2_STREAM for unexpected stream close - As these files don't need to contain references to the source files, - although typically do, added basic files which only include three - filters and don't require the project file generator to be modified. + Follow-up to c3e906e9cd0f, seems like a more appropriate error code - These files allow the source code to be viewed in the Solution Explorer - in versions of Visual Studio from 2010 onwards in the same manner as - previous versions did rather than one large view of files. + Suggested-by: Jay Satiro -- ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabled - - warning C4706: assignment within conditional expression +- [Tatsuhiro Tsujikawa brought this change] -- config-w32.h: Fixed compilation warning when /Wall enabled + http2: handle closed streams when uploading - warning C4668: 'USE_IPV6' is not defined as a preprocessor macro, - replacing with '0' for '#if/#elif' + Fixes #986 -- imap.c: Fixed compilation warning with /Wall enabled - - warning C4701: potentially uninitialized local variable 'size' used +- http2: make sure stream errors don't needlessly close the connection - Technically this can't happen, as the usage of 'size' is protected by - 'if(parsed)' and 'parsed' is only set after 'size' has been parsed. + With HTTP/2 each transfer is made in an indivial logical stream over the + connection, making most previous errors that caused the connection to get + forced-closed now instead just kill the stream and not the connection. - Anyway, lets keep the compiler happy. + Fixes #941 -- KNOWN_BUGS: #93 Issue with CURLFORM_CONTENTLEN in arrays on 32-bit platforms +- Curl_verify_windows_version: minor edit to avoid compiler warnings + + ... instead of if() before the switch(), add a default to the switch so + that the compilers don't warn on "warning: enumeration value + 'PLATFORM_DONT_CARE' not handled in switch" anymore. -Daniel Stenberg (18 Mar 2016) -- bump: the coming release is 7.48.0 +Steve Holme (27 Aug 2016) +- RELEASE-NOTES: Added missing fix from commit 15592143f -- configure: use cpp -P when needed +Jay Satiro (26 Aug 2016) +- schannel: Disable ALPN for Wine since it is causing problems - Since gcc 5, the processor output can get split up on multiple lines - that made the configure script fail to figure out values from - definitions. The fix is to use cpp -P, and this fix now first checks if - cpp -P is necessary and then if cpp -P works before it uses that to - extract defined values. + - Disable ALPN on Wine. - Fixes #719 + - Don't pass input secbuffer when ALPN is disabled. + + When ALPN support was added a change was made to pass an input secbuffer + to initialize the context. When ALPN is enabled the buffer contains the + ALPN information, and when it's disabled the buffer is empty. In either + case this input buffer caused problems with Wine and connections would + not complete. + + Bug: https://github.com/curl/curl/issues/983 + Reported-by: Christian Fillion -Steve Holme (18 Mar 2016) -- formdata.c: Fixed compilation warning +Kamil Dudka (26 Aug 2016) +- [Peter Wang brought this change] + + nss: work around race condition in PK11_FindSlotByName() - formdata.c:390: warning: cast from pointer to integer of different size + Serialise the call to PK11_FindSlotByName() to avoid spurious errors in + a multi-threaded environment. The underlying cause is a race condition + in nssSlot_IsTokenPresent(). - Introduced in commit ca5f9341ef this happens because a char*, which is - 32-bits wide in 32-bit land, is being cast to a curl_off_t which is - 64-bits wide where 64-bit integers are supported by the compiler. + Bug: https://bugzilla.mozilla.org/1297397 - This doesn't happen in 64-bit land as a pointer is the same size as a - curl_off_t. + Closes #985 + +- nss: refuse previously loaded certificate from file - This fix doesn't address the fact that a 64-bit value cannot be used - for CURLFORM_CONTENTLEN when set in a form array and compiled on a - 32-bit platforms, it does at least suppress the compilation warning. + ... when we are not asked to use a certificate from file -Daniel Stenberg (18 Mar 2016) -- FAQ: 2.5 Install libcurl for both 32bit and 64bit? +Daniel Stenberg (26 Aug 2016) +- ftp_done: remove dead code -- [Gisle Vanem brought this change] +- TLS: random file/egd doesn't have to match for conn reuse - openssl: adapt to API breakage in ERR_remove_thread_state() +- test161: add comment for the exit code + +Dan Fandrich (26 Aug 2016) +- test219: Add http as a required feature + +Daniel Stenberg (25 Aug 2016) +- [Michael Kaufmann brought this change] + + HTTP: stop parsing headers when switching to unknown protocols - The OpenSSL API change that broke this is "Convert ERR_STATE to new - multi-threading API": openssl commit 8509dcc. + - unknown protocols probably won't send more headers (e.g. WebSocket) + - improved comments and moved them to the correct case statements - Closes #713 + Closes #899 -- version: init moved to private name space, added protos +- openssl: make build with 1.1.0 again - follow-up to 80015cdd52145 + synced with OpenSSL git master commit cc06906707 -- openssl: verbose: show matching SAN pattern +- INTERNALS: fix title + +- configure: detect zlib with our pkg-config macros - ... to allow users to see which specfic wildcard that matched when such - is used. + ... instead of relying on the pkg-config autoconf macros to be present. - Also minor logic cleanup to simplify the code, and I removed all tabs - from verbose strings. - -Jay Satiro (16 Mar 2016) -- version: thread safety + Fixes #972 (again...) -Steve Holme (16 Mar 2016) -- transfer: Removed redundant HTTP authentication include files +Jay Satiro (25 Aug 2016) +- http2: Remove incorrect comments - It would also seem that share.h is not required here either as there - are no references to the Curl_share structure or functions. + .. also remove same from scp -- easy: Removed redundant HTTP authentication include files +Daniel Stenberg (23 Aug 2016) +- [Ales Novak brought this change] -Jay Satiro (15 Mar 2016) -- CURLOPT_SSLENGINE.3: Only for OpenSSL built with engine support + ftp: fix wrong poll on the secondary socket - Bug: https://curl.haxx.se/mail/lib-2016-03/0150.html - Reported-by: Oliver Graute + When we're uploading using FTP and the server issues a tiny pause + between opening the connection to the client's secondary socket, the + client's initial poll() times out, which leads to second poll() which + does not wait for POLLIN on the secondary socket. So that poll() also + has to time out, creating a long (200ms) pause. + + This patch adds the correct flag to the secondary socket, making the + second poll() correctly wait for the connection there too. + + Signed-off-by: Ales Novak + + Closes #978 -Steve Holme (15 Mar 2016) -- curl_sasl: Minor code indent fixes +- RELEASE-NOTES: synced with 95ded2c56 -Daniel Stenberg (14 Mar 2016) -- runtests: mention when run event-based +- configure: make it work without PKG_CHECK_MODULES + + With commit c2f9b78 we added a new dependency on pkg-config for + developers which may be unwanted. This change make the configure script + still work as before if pkg-config isn't installed, it'll just use the + old zlib detection logic without pkg-config. + + Reported-by: Marc Hörsken + + Fixes #972 -- easy: add check to malloc() when running event-based +Marc Hoersken (21 Aug 2016) +- Revert "KNOWN_BUGS: SOCKS proxy not working via IPv6" - ... to allow torture tests then too. + This reverts commit 9cb1059f92286a6eb5d28c477fdd3f26aed1d554. + + As discussed in #835 SOCKS5 supports IPv6 proxies and destinations. -- memdebug: skip logging the limit countdown, fflush when reached +Daniel Stenberg (21 Aug 2016) +- [Marco Deckel brought this change] -- CODE_STYLE: Space around operators + win: Basic support for Universal Windows Platform apps - As just discussed on the mailing list, also document how we prefer - spacing in expressions. + Closes #820 -- curl: glob_range: no need to check unsigned variable for negative +Steve Holme (21 Aug 2016) +- sasl: Don't use GSSAPI authentication when domain name not specified - cppcheck warned: + Only choose the GSSAPI authentication mechanism when the user name + contains a Windows domain name or the user is a valid UPN. - [src/tool_urlglob.c:283]: (style) Checking if unsigned variable 'step_n' - is less than zero. + Fixes #718 -- CODE_STYLE: add example for indent style as well +- vauth: Added check for supported SSPI based authentication mechanisms + + Completing commit 00417fd66c and 2708d4259b. -- CODE_STYLE: mention braces for functions too +- http.c: Remove duplicate (authp->avail & CURLAUTH_DIGEST) check + + From commit 2708d4259b. -- docs/Makefile.am: include CODE_STYLE in tarball too +Marc Hoersken (20 Aug 2016) +- socks.c: display the hostname returned by the SOCKS5 proxy server + + Instead of displaying the requested hostname the one returned + by the SOCKS5 proxy server is used in case of connection error. + The requested hostname is displayed earlier in the connection sequence. + + The upper-value of the port is moved to a temporary variable and + replaced with a 0-byte to make sure the hostname is 0-terminated. -- CONTRIBUTE: moved out code style to a separate document +Steve Holme (20 Aug 2016) +- urldata.h: Corrected comment for httpcode which is also populated by SMTP + + As of 7.25.0 and commit 5430007222. -- CODE_STYLE: initial version +Marc Hoersken (20 Aug 2016) +- socks.c: use Curl_printable_address in SOCKS5 connection sequence - Ripped out from CONTRIBUTE into its own document, but also extended from - there. + Replace custom string formatting with Curl_printable_address. + Add additional debug and error output in case of failures. -- curl_sasl.c: minor code indent fixes +- socks.c: align SOCKS4 connection sequence with SOCKS5 + + Calling sscanf is not required since the raw IPv4 address is + available and the protocol can be detected using ai_family. -- multi: simplified singlesocket +Steve Holme (20 Aug 2016) +- http.c: Corrected indentation change from commit 2708d4259b - Since sh_getentry() now checks for invalid sockets itself and by - narrowing the scope of the remove_sock_from_hash variable. + Made by Visual Studio's auto-correct feature and missed by me in my own + code reviews! -- multi: introduce sh_getentry() for looking up sockets in the sockhash +- http: Added calls to Curl_auth_is__supported() - Simplify the code by using a single entry that looks for a socket in the - socket hash. As indicated in #712, the code looked for CURL_SOCKET_BAD - at some point and that is ineffective/wrong and this makes it easier to - avoid that. + Hooked up the HTTP authentication layer to query the new 'is mechanism + supported' functions when deciding what mechanism to use. + + As per commit 00417fd66c existing functionality is maintained for now. -- [Jaime Fullaondo brought this change] +Marc Hoersken (20 Aug 2016) +- socks.c: improve verbose output of SOCKS5 connection sequence - multi hash: ensure modulo performed on curl_socket_t - - Closes #712 +- configure.ac: add missing quotes to PKG_CHECK_MODULES -Steve Holme (13 Mar 2016) -- base64: Minor coding standard and style updates +Steve Holme (20 Aug 2016) +- sasl: Added calls to Curl_auth_is__supported() + + Hooked up the SASL authentication layer to query the new 'is mechanism + supported' functions when deciding what mechanism to use. + + For now existing functionality is maintained. -- base64: Use 'CURLcode result' for curl result codes +Daniel Stenberg (19 Aug 2016) +- [Miroslav Franc brought this change] -- negotiate: Use 'CURLcode result' for curl result codes + spnego_sspi: fix memory leak in case *outlen is zero (#970) -Daniel Stenberg (13 Mar 2016) -- [Maksim Kuzevanov brought this change] +- CURLMOPT_MAX_TOTAL_CONNECTIONS.3: mention it can also multiplex - multi_runsingle: avoid loop in CURLM_STATE_WAITPROXYCONNECT +Steve Holme (18 Aug 2016) +- vauth: Introduced Curl_auth_is__supported() functions - Closes #703 - -- TODO: Use the RFC6265 test suite + As Windows SSPI authentication calls fail when a particular mechanism + isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5 + and Negotiate to allow both HTTP and SASL authentication the opportunity + to query support for a supported mechanism before selecting it. + + For now each function returns TRUE to maintain compatability with the + existing code when called. -Steve Holme (13 Mar 2016) -- checksrc.bat: Added the ability to scan src and lib source independently +Daniel Stenberg (18 Aug 2016) +- test1144: verify HEAD with body-only response -- digest: Use boolean based success code for Curl_sasl_digest_get_pair() +Steve Holme (17 Aug 2016) +- RELEASE-PROCEDURE: Added some more future release dates - Rather than use a 0 and 1 integer base result code use a TRUE / FALSE - based success code. + ...and removed some old ones -- digest: Corrected some typos in comments +Daniel Stenberg (17 Aug 2016) +- [David Woodhouse brought this change] -- krb5: Corrected some typos in function descriptions + curl: allow "pkcs11:" prefix for client certificates + + RFC7512 provides a standard method to reference certificates in PKCS#11 + tokens, by means of a URI starting 'pkcs11:'. + + We're working on fixing various applications so that whenever they would + have been able to use certificates from a file, users can simply insert + a PKCS#11 URI instead and expect it to work. This expectation is now a + part of the Fedora packaging guidelines, for example. + + This doesn't work with cURL because of the way that the colon is used + to separate the certificate argument from the passphrase. So instead of + + curl -E 'pkcs11:manufacturer=piv_II;id=%01' … + + I instead need to invoke cURL with the colon escaped, like this: + + curl -E 'pkcs11\:manufacturer=piv_II;id=%01' … + + This is suboptimal because we want *consistency* — the URI should be + usable in place of a filename anywhere, without having strange + differences for different applications. + + This patch therefore disables the processing in parse_cert_parameter() + when the string starts with 'pkcs11:'. It means you can't pass a + passphrase with an unescaped PKCS#11 URI, but there's no need to do so + because RFC7512 allows a PIN to be given as a 'pin-value' attribute in + the URI itself. + + Also, if users are already using RFC7512 URIs with the colon escaped as + in the above example — even providing a passphrase for cURL to handling + instead of using a pin-value attribute, that will continue to work + because their string will start 'pkcs11\:' and won't match the check. + + What *does* break with this patch is the extremely unlikely case that a + user has a file which is in the local directory and literally named + just "pkcs11", and they have a passphrase on it. If that ever happened, + the user would need to refer to it as './pkcs11:' instead. -- ntlm: Corrected some typos in function descriptions +- nss: make the global variables static -- url: Corrected indentation when calling idna_to_ascii_lz() +- openssl: use regular malloc instead of OPENSSL_malloc + + This allows for better memmory debugging and torture tests. -- idn_win32: Use boolean based success codes +- proxy: fix tests as follow-up to 93b0d907d5 - Rather than use 0 and 1 integer base result codes use a FALSE / TRUE - based success code. + This fixes tests that were added after 113f04e664b as the tests would + fail otherwise. + + We bring back "Proxy-Connection: Keep-Alive" now unconditionally to fix + regressions with old and stupid proxies, but we could possibly switch to + using it only for CONNECT or only for NTLM in a future if we want to + gradually reduce it. + + Fixes #954 + + Reported-by: János Fekete -Daniel Stenberg (10 Mar 2016) -- idn_win32.c: warning: Trailing whitespace +- Revert "Proxy-Connection: stop sending this header by default" + + This reverts commit 113f04e664b16b944e64498a73a4dab990fe9a68. -Steve Holme (10 Mar 2016) -- idn_win32.c: Fixed compilation warning from commit 9e7fcd4291 +- CURLOPT_PROXY.3: unsupported schemes cause errors now - warning C4267: 'function': conversion from 'size_t' to 'int', - possible loss of data + Follow-up to a96319ebb9 (document the new behavior) -Daniel Stenberg (10 Mar 2016) -- THANKS-filter: unify Michael König +- tests/README: mention nghttpx for HTTP/2 tests -- RELEASE-NOTES: synced with 863c5766dd +- README.md: add our CII Best Practices badge -- ftp: remove a check for NULL(!) +- proxy: polished the error message for unsupported schemes - ... as it implies we need to check for that on all the other variable - references as well (as Coverity otherwise warns us for missing NULL - checks), and we're alredy making sure that the pointer is never NULL. + Follow up to a96319ebb93 -- cookies: first n/v pair in Set-Cookie: is the cookie, then parameters - - RFC 6265 section 4.1.1 spells out that the first name/value pair in the - header is the actual cookie name and content, while the following are - the parameters. - - libcurl previously had a more liberal approach which causes significant - problems when introducing new cookie parameters, like the suggested new - cookie priority draft. +- test219: verify unsupported scheme for proxies get rejected + +- proxy: reject attempts to use unsupported proxy schemes - The previous logic read all n/v pairs from left-to-right and the first - name used that wassn't a known parameter name would be used as the - cookie name, thus accepting "Set-Cookie: Max-Age=2; person=daniel" to be - a cookie named 'person' while an RFC 6265 compliant parser should - consider that to be a cookie named 'Max-Age' with an (unknown) parameter - 'person'. + I discovered some people have been using "https://example.com" style + strings as proxy and it "works" (curl doesn't complain) because curl + ignores unknown schemes and then assumes plain HTTP instead. - Fixes #709 + I think this misleads users into believing curl uses HTTPS to proxies + when it doesn't. Now curl rejects proxy strings using unsupported + schemes instead of just ignoring and defaulting to HTTP. -- krb5: improved type handling to avoid clang compiler warnings +- RELEASE-NOTES: synced with b7ee5316c2fd5b -- url.c: fix clang warning: no newline at end of file +Marc Hoersken (14 Aug 2016) +- socks.c: Correctly calculate position of port in response packet + + Third commit to fix issue #944 regarding SOCKS5 error handling. + + Reported-by: David Kalnischkies -- curl_multi_wait: never return -1 in 'numfds' +- socks.c: Do not modify and invalidate calculated response length - Such a return value isn't documented but could still happen, and the - curl tool code checks for it. It would happen when the underlying - Curl_poll() function returns an error. Starting now we mask that error - as a user of curl_multi_wait() would have no way to handle it anyway. + Second commit to fix issue #944 regarding SOCKS5 error handling. - Reported-by: Jay Satiro - Closes #707 + Reported-by: David Kalnischkies -- HTTP2.md: add CURL_HTTP_VERSION_2TLS and updated alt-svc link +- socks.c: Move error output after reading the whole response packet + + First commit to fix issue #944 regarding SOCKS5 error handling. + + Reported-by: David Kalnischkies -- curl_multi_wait.3: add example +Daniel Stenberg (13 Aug 2016) +- [Ronnie Mose brought this change] -Steve Holme (8 Mar 2016) -- imap/pop3/smtp: Fixed connections upgraded with TLS are not reused - - Regression since commit 710f14edba. + MANUAL: Remove invalid link to LDAP documentation (#962) - Bug: https://github.com/curl/curl/issues/422 - Reported-by: Justin Ehlert + The server developer.netscape.com does not resolve into any + ip address and can be removed. -Jay Satiro (8 Mar 2016) -- opt-docs: fix heading macros +Jay Satiro (13 Aug 2016) +- openssl: accept subjectAltName iPAddress if no dNSName match - ..SH should be .SH + Undo change introduced in d4643d6 which caused iPAddress match to be + ignored if dNSName was present but did not match. - Bug: https://github.com/curl/curl/issues/705 - Reported-by: Eric S. Raymond + Also, if iPAddress is present but does not match, and dNSName is not + present, fail as no-match. Prior to this change in such a case the CN + would be checked for a match. + + Bug: https://github.com/curl/curl/issues/959 + Reported-by: wmsch@users.noreply.github.com -Kamil Dudka (8 Mar 2016) -- [Tim Rühsen brought this change] +Daniel Stenberg (12 Aug 2016) +- [Dambaev Alexander brought this change] - cookie: do not refuse cookies for localhost + configure.ac: add zlib search with pkg-config - Closes #658 + Closes #956 -Daniel Stenberg (8 Mar 2016) -- ftp_done: clear tunnel_state when secondary socket closes +- rtsp: ignore whitespace in session id - Introducing a function for closing the secondary connection to make this - bug less likely to happen again. + Follow-up to e577c43bb to fix test case 569 brekage: stop the parser at + whitespace as well. - Reported-by: daboul - Closes #701 + Help-by: Erik Janssen -- [Gisle Vanem brought this change] +- HTTP: retry failed HEAD requests too + + Mark's new document about HTTP Retries + (https://mnot.github.io/I-D/httpbis-retry/) made me check our code and I + spotted that we don't retry failed HEAD requests which seems totally + inconsistent and I can't see any reason for that separate treatment. + + So, no separate treatment for HEAD starting now. A HTTP request sent + over a reused connection that gets cut off before a single byte is + received will be retried on a fresh connection. + + Made-aware-by: Mark Nottingham - openssl: use the correct OpenSSL/BoringSSL/LibreSSL in messages +- mk-ca-bundle.1: document -m, added in 1.26 -- HTTP2.md: HTTP/2 by default for curl's HTTPS connections +- RELEASE-NOTES: synced with e577c43bb5 -- [Anders Bakken brought this change] +- [Erik Janssen brought this change] - pipeline: Sanity check pipeline pointer before accessing it. + rtsp: accept any RTSP session id - I got a crash with this stack: + Makes libcurl work in communication with gstreamer-based RTSP + servers. The original code validates the session id to be in accordance + with the RFC. I think it is better not to do that: - curl/lib/url.c:2873 (Curl_removeHandleFromPipeline) - curl/lib/url.c:2919 (Curl_getoff_all_pipelines) - curl/lib/multi.c:561 (curl_multi_remove_handle) - curl/lib/url.c:415 (Curl_close) - curl/lib/easy.c:859 (curl_easy_cleanup) + - For curl the actual content is a don't care. - Closes #704 - -- HTTP2.md: mention the disable ALPN and NPN options - -- TODO: 17.12 keep running, read instructions from pipe/socket + - The clarity of the RFC is debatable, is $ allowed or only as \$, that + is imho not clear - And delete trailing whitespace - And rename section 17 to "command line tool" from "client" + - Gstreamer seems to url-encode the session id but % is not allowed by + the RFC - Closes #702 - -- README.md: linkified + - less code - It also makes it less readable as plain text, so let's keep this - primarily for github use. + With this patch curl will correctly handle real-life lines like: + Session: biTN4Kc.8%2B1w-AF.; timeout=60 - Removed the top ascii art logo, as it looks weird when markdownified. + Bug: https://curl.haxx.se/mail/lib-2016-08/0076.html -- README.md: markdown version of README +- symbols-in-versions: add CURL_STRICTER - Attempt to make it look more appealing on github + Added in 5fce88aa8c12564 -Jay Satiro (6 Mar 2016) -- mprintf: update trio project link +- [Simon Warta brought this change] -Daniel Stenberg (6 Mar 2016) -- CURLOPT_ACCEPTTIMEOUT_MS.3: added example + winbuild: Allow changing C compiler via environment variable CC (#952) + + This makes it possible to use specific compilers or a cache. + + Sample use for clcache: + set CC=clcache.bat + nmake /f Makefile.vc DEBUG=no MODE=static VC=14 GEN_PDB=no -- CURLOPT_ACCEPT_ENCODING.3: added example +- LICENSE-MIXING.md: switched to markdown -- CURLOPT_APPEND.3: added example +- docs-make: have markdown files use .md -- CURLOPT_NOPROGRESS.3: added example, conform to stardard style +- curl.h: make CURL_NO_OLDIES define CURL_STRICTER -Steve Holme (6 Mar 2016) -- build-openssl/checksrc.bat: Fixed prepend vs append of Perl path - - Fixed inconsistency from commit 1eae114065 and 0ad6c72227 of the order - in which Perl was added to the PATH. +- HISTORY.md: use markdown extension -Daniel Stenberg (6 Mar 2016) -- opts: added two examples +- SSLCERTS.md: renamed to markdown extension -- CURLOPT_SSL_CTX_FUNCTION.3: use .NF for example +- INTERNALS.md: use markdown extension for markdown content -- CURLOPT_SSL_CTX_FUNCTION.3: added example - - and removed erroneous reference to test case lib509 +- CONTRIBUTE.md: markdown extension -- curlx.c: use more curl style code +- CONTRIBUTE: changed to markdown -- test46: change cookie expiry date +- CONTRIBUTE: refreshed + +- TODO: added an SSH section and two SFTP things to do + +- TODO: remove the 1.22 duplicated item + +- TODO: move "CURLOPT_MAIL_CLIENT" to SMTP section + +- TODO: API for URL parsing/splitting + +- TODO: move QUIC to the HTTP section + +- [Simon Warta brought this change] + + winbuild: Free name $(CC) in Makefile (#950) - Since two of the cookies would now otherwise expire and cause the test - to fail after commit 20de9b4f09 + In the old line number 290, CC and CURL_CC had the same value. After + that, /DCURL_STATICLIB was added to CC but not CURL_CC (intended?). - Discussed in #697 + This gets rid of the CC variable entirely. It is a first step to make it + possible to manualyl set a CC variable in order to be able to change the + compiler. -Jay Satiro (5 Mar 2016) -- [Viktor Szakats brought this change] +- TODO: Use huge HTTP/2 windows - makefile.m32: add missing libs for static -winssl-ssh2 builds +- [Simon Warta brought this change] + + winbuild: Avoid setting redundant CFLAGS to compile commands (#949) - Bug: https://github.com/curl/curl/pull/693 + $(CURL_CC) is always used with $(CURL_CFLAGS) appended, so before this, + all arguments in CURL_CFLAGS have been added twice. -- mbedtls: fix user-specified SSL protocol version +Jay Satiro (8 Aug 2016) +- cmake: Enable win32 threaded resolver by default - Prior to this change when a single protocol CURL_SSLVERSION_ was - specified by the user that version was set only as the minimum version - but not as the maximum version as well. + - Turn on USE_THREADS_WIN32 in Windows if ares isn't on + + This change is similar to what we already do in the autotools build. -Steve Holme (5 Mar 2016) -- .gitignore: Added *.VC.opendb and *.vcxproj.user files for VC14 +- cmake: Enable win32 large file support by default + + All compilers used by cmake in Windows should support large files. + + - Add test SIZEOF_OFF_T + - Remove outdated test SIZEOF_CURL_OFF_T + - Turn on USE_WIN32_LARGE_FILES in Windows + - Check for 'Largefile' during the features output -- build-openssl.bat: Fixed cannot find perl if installed but not in path +Daniel Stenberg (7 Aug 2016) +- TODO: added several ideas, removed SPDY -- checksrc.bat: Fixed cannot find perl if installed but not in path +- http2: always wait for readable socket + + Since the server can at any time send a HTTP/2 frame to us, we need to + wait for the socket to be readable during all transfers so that we can + act on incoming frames even when uploading etc. + + Reminded-by: Tatsuhiro Tsujikawa -Jay Satiro (5 Mar 2016) -- [Viktor Szakats brought this change] +- RELEASE-NOTES: synced with 7b4bf37a44791 - makefile.m32: fix to allow -ssh2-winssl combination +- [Thomas Glanzmann brought this change] + + mbedtls: set debug threshold to 4 (verbose) when MBEDTLS_DEBUG is defined - In makefile.m32, option -ssh2 (libssh2) automatically implied -ssl - (OpenSSL) option, with no way to override it with -winssl. Since both - libssh2 and curl support using Windows's built-in SSL backend, modify - the logic to allow that combination. + In order to make MBEDTLS_DEBUG work, the debug threshold must be unequal + to 0. This patch also adds a comment how mbedtls must be compiled in + order to make debugging work, and explains the possible debug levels. -- cookie: Don't expire session cookies in remove_expired +- CURLOPT_TCP_NODELAY: now enabled by default - Prior to this change cookies with an expiry date that failed parsing - and were converted to session cookies could be purged in remove_expired. + After a few wasted hours hunting down the reason for slowness during a + TLS handshake that turned out to be because of TCP_NODELAY not being + set, I think we have enough motivation to toggle the default for this + option. We now enable TCP_NODELAY by default and allow applications to + switch it off. - Bug: https://github.com/curl/curl/issues/697 - Reported-by: Seth Mos + This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be + used to disable it. + + Thanks-to: Tim Rühsen + Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html -Daniel Stenberg (3 Mar 2016) -- cookie: remove redundant check +- [Serj Kalichev brought this change] + + TFTP: Fix upload problem with piped input - ... as it was already checked previously within the function. + When input stream for curl is stdin and input stream is not a file but + generated by a script then curl can truncate data transfer to arbitrary + size since a partial packet is treated as end of transfer by TFTP. - Reported-by: Dmitry-Me - Closes #695 + Fixes #857 -Jay Satiro (1 Mar 2016) -- [Anders Bakken brought this change] - - url: if Curl_done is premature then pipeline not in use +- mk-ca-bundle.pl: -m keeps ca cert meta data in output - Prevent a crash if 2 (or more) requests are made to the same host and - pipelining is enabled and the connection does not complete. + Makes the script pass on comments holding meta data to the output + file. Like fingerprinters, issuer, date ranges etc. - Bug: https://github.com/curl/curl/pull/690 + Closes #937 -- [Viktor Szakats brought this change] +- multi: make Curl_expire() work with 0 ms timeouts + + Previously, passing a timeout of zero to Curl_expire() was a magic code + for clearing all timeouts for the handle. That is now instead made with + the new Curl_expire_clear() function and thus a 0 timeout is fine to set + and will trigger a timeout ASAP. + + This will help removing short delays, in particular notable when doing + HTTP/2. - makefile.m32: allow to pass .dll/.exe-specific LDFLAGS +- transfer: return without select when the read loop reached maxcount - using envvars `CURL_LDFLAG_EXTRAS_DLL` and - `CURL_LDFLAG_EXTRAS_EXE` respectively. This - is useful f.e. to pass ASLR-related extra - options, that are required to make this - feature work when using the mingw toolchain. + Regression added in 790d6de48515. The was then added to avoid one + particular transfer to starve out others. But when aborting due to + reading the maxcount, the connection must be marked to be read from + again without first doing a select as for some protocols (like SFTP/SCP) + the data may already have been read off the socket. - Ref: https://github.com/curl/curl/pull/670#issuecomment-190863985 + Reported-by: Dan Donahue + Bug: https://curl.haxx.se/mail/lib-2016-07/0057.html + +Steve Holme (3 Aug 2016) +- [Bill Nagel brought this change] + + mbedtls: Added support for NTLM + +Daniel Stenberg (3 Aug 2016) +- [Sergei Nikulov brought this change] + + travis: removed option to rebuild autotool from source - Closes https://github.com/curl/curl/pull/689 + Fixes #943 -Daniel Stenberg (29 Feb 2016) -- formpost: fix memory leaks in AddFormData error branches +- bump: start working toward 7.50.2 + +Version 7.50.1 (3 Aug 2016) + +Daniel Stenberg (3 Aug 2016) +- THANKS: 7 new contributors from the 7.50.1 release + +- RELEASE-NOTES: 7.50.1 + +- TLS: only reuse connections with the same client cert - Reported-by: Dmitry-Me - Fixes #688 + CVE-2016-5420 + Bug: https://curl.haxx.se/docs/adv_20160803B.html -Jay Satiro (28 Feb 2016) -- getinfo: Fix syntax error when mbedTLS +- TLS: switch off SSL session id when client cert is used - The assignment of the mbedTLS TLS session info in the parent commit was - incorrect. Change the assignment to a pointer to the session structure. + CVE-2016-5419 + Bug: https://curl.haxx.se/docs/adv_20160803A.html + Reported-by: Bru Rom + Contributions-by: Eric Rescorla and Ray Satiro -- getinfo: Add support for mbedTLS TLS session info +- curl_multi_cleanup: clear connection pointer for easy handles - .. and preprocessor check TLS session info is defined for all backends. + CVE-2016-5421 + Bug: https://curl.haxx.se/docs/adv_20160803C.html + Reported-by: Marcelo Echeverria and Fernando Muñoz -Daniel Stenberg (26 Feb 2016) -- ROADMAP: clarify on the TLS proxy, mention HTTP cookies to work on +- KNOWN_BUGS: SOCKS proxy not working via IPv6 + + Closes #835 -- file: try reading from files with no size +- KNOWN_BUGS: CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM - Some systems have special files that report as 0 bytes big, but still - contain data that can be read (for example /proc/cpuinfo on - Linux). Starting now, a zero byte size is considered "unknown" size and - will be read as far as possible anyway. + Closes #768 + +- KNOWN_BUGS: transfer-encoding: chunked in HTTP/2 - Reported-by: Jesse Tan + Closes #662 + +- TODO: Provide cmake config-file - Closes #681 + Closes #885 -Jay Satiro (25 Feb 2016) -- configure: warn on invalid ca bundle or path +Patrick Monnerat (2 Aug 2016) +- os400: define BUILDING_LIBCURL in make script. + +Daniel Stenberg (1 Aug 2016) +- RELEASE-NOTES: synced with aa9f536a18b + +Jay Satiro (1 Aug 2016) +- [Thomas Glanzmann brought this change] + + mbedtls: Fix debug function name - - Warn if --with-ca-bundle file does not exist. + This patch is necessary so that curl compiles if MBEDTLS_DEBUG is + defined. - - Warn if --with-ca-path directory does not contain certificates. + Bug: https://curl.haxx.se/mail/lib-2016-08/0001.html + +Daniel Stenberg (1 Aug 2016) +- [Sergei Nikulov brought this change] + + travis: fix OSX build by re-installing libtool - - Improve help messages for both. + Apparently due to a broken homebrew install - Example configure output: + fixes #934 + Closes #939 + +- [Martin Vejnár brought this change] + + win32: fix a potential memory leak in Curl_load_library - ca cert bundle: /some/file (warning: certs not found) - ca cert path: /some/dir (warning: certs not found) + If a call to GetSystemDirectory fails, the `path` pointer that was + previously allocated would be leaked. This makes sure that `path` is + always freed. - Bug: https://github.com/curl/curl/issues/404 - Reported-by: Jeffrey Walton + Closes #938 -Daniel Stenberg (24 Feb 2016) -- Curl_read: check for activated HTTP/1 pipelining, not only requested +- include: revert 9adf3c4 and make public types void * again - ... as when pipelining is used, we read things into a unified buffer and - we don't do that with HTTP/2. This could then easily make programs that - set CURLMOPT_PIPELINING = CURLPIPE_HTTP1|CURLPIPE_MULTIPLEX to get data - intermixed or plain broken between HTTP/2 streams. + Many applications assume the actual contents of the public types and use + that do for example forward declarations (saving them from including our + public header) which then breaks when we switch from void * to a struct + *. - Reported-by: Anders Bakken + I'm not convinced we were wrong, but since this practise seems + widespread enough I'm willing to (partly) step down. + + Now libcurl uses the struct itself when it is built and it allows + applications to use the struct type if CURL_STRICTER is defined at the + time of the #include. + + Reported-by: Peter Frühberger + Fixes #926 -Patrick Monnerat (24 Feb 2016) -- os400: Fix ILE/RPG definition of CURLOPT_TFTP_NO_OPTIONS +Jay Satiro (28 Jul 2016) +- [Yonggang Luo brought this change] -Jay Satiro (23 Feb 2016) -- getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION + cmake: Fix for schannel support - The two options are almost the same, except in the case of OpenSSL: + The check_library_exists_concat do not check crypt32 library properly. + So include it directly. - CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *. + Bug: https://github.com/curl/curl/pull/917 + Reported-by: Yonggang Luo - CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *. + Bug: https://github.com/curl/curl/issues/935 + Reported-by: Alain Danteny + +- Revert "travis: Install libtool for OS X builds" - For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to - return an SSL pointer for OpenSSL. + Didn't work. - Also, add support for the 'internals' member to point to SSL object for - the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and - wolfSSL. - - Bug: https://github.com/curl/curl/issues/234 - Reported-by: dkjjr89@users.noreply.github.com - - Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html - Reported-by: Michael König + This reverts commit 50723585ed380744358de054e2a55dccee65dfd7. -Daniel Stenberg (23 Feb 2016) -- multi_remove_handle: keep the timeout list until after disconnect - - The internal Curl_done() function uses Curl_expire() at times and that - uses the timeout list. Better clean up the list once we're done using - it. This caused a segfault. +- travis: Install libtool for OS X builds - Reported-by: 蔡文凱 - Bug: https://curl.haxx.se/mail/lib-2016-02/0097.html + CI is failing due to missing libtoolize, so I'm trying this. -Kamil Dudka (23 Feb 2016) -- tests/sshserver.pl: use RSA instead of DSA for host auth - - DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP - test cases to be skipped. Using RSA for host authentication works with - both old and new versions of OpenSSH. - - Reported-by: Karlson2k +Daniel Stenberg (26 Jul 2016) +- [Viktor Szakats brought this change] + + TODO: minor typo in last commit - Closes #676 + merged #931 -Jay Satiro (23 Feb 2016) -- TFTP: add option to suppress TFTP option requests (Part 2) +- TODO: Timeout idle connections from the pool + +Patrick Monnerat (25 Jul 2016) +- os400: minimum supported OS version: V6R1M0. + Do not log compilation informational messages. + +Jay Satiro (24 Jul 2016) +- tests: Fix for http/2 feature - - Add tests. + Bug: https://curl.haxx.se/mail/lib-2016-07/0070.html + Reported-by: Paul Howarth + +Steve Holme (23 Jul 2016) +- README: Mention wolfSSL in the 'Dependencies' section + +- vauth.h: No need to query HAVE_GSSAPI || USE_WINDOWS_SSPI for SPNEGO - - Add an example to CURLOPT_TFTP_NO_OPTIONS.3. + As SPNEGO is only defined when these pre-processor variables are defined + there is no need to query them explicitly. + +- spnego: Corrected miss-placed * in Curl_auth_spnego_cleanup() declaration - - Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS. + Typo introduced in commit ad5e9bfd5d. + +Daniel Stenberg (22 Jul 2016) +- SECURITY: mention how to get windows-specific CVEs - Bug: https://github.com/curl/curl/issues/481 + ... and make the distros link a proper link -- [Michael Koenig brought this change] +Dan Fandrich (21 Jul 2016) +- test558: fix test by stripping file paths from FD lines - TFTP: add option to suppress TFTP option requests (Part 1) - - Some TFTP server implementations ignore the "TFTP Option extension" - (RFC 1782-1784, 2347-2349), or implement it in a flawed way, causing - problems with libcurl. Another switch for curl_easy_setopt - "CURLOPT_TFTP_NO_OPTIONS" is introduced which prevents libcurl from - sending TFTP option requests to a server, avoiding many problems caused - by faulty implementations. - - Bug: https://github.com/curl/curl/issues/481 +Kamil Dudka (21 Jul 2016) +- tests: distribute the http2-server.pl script, too -Daniel Stenberg (22 Feb 2016) -- [Karlson2k brought this change] +- docs: distribute the CURLINFO_HTTP_VERSION(3) man page, too - runtests: Fixed usage of %PWD on MinGW64 - - Closes #672 +Daniel Stenberg (21 Jul 2016) +- bump: start working on 7.50.1 -Jay Satiro (20 Feb 2016) -- CURLOPT_DEBUGFUNCTION.3: Fix example +Version 7.50.0 (21 Jul 2016) -- [Viktor Szakats brought this change] +Daniel Stenberg (21 Jul 2016) +- RELEASE-NOTES: version 7.50.0 ready - src/Makefile.m32: add CURL_{LD,C}FLAGS_EXTRAS support +- THANKS: 13 new contributors from the 7.50.0 release + +Jay Satiro (21 Jul 2016) +- winbuild: fix embedded manifest option - Sync with lib/Makefile.m32 which already uses those variables. + Embedded manifest option didn't work due to typo. - Bug: https://github.com/curl/curl/pull/670 + Reported-by: Stefan Kanthak -Dan Fandrich (20 Feb 2016) -- Enabled test 1437 after the bug fix in commit 3fa220a6 +- vauth: Fix memleak by freeing credentials if out of memory + + This is a follow up to the parent commit dcdd4be which fixes one leak + but creates another by failing to free the credentials handle if out of + memory. Also there's a second location a few lines down where we fail to + do same. This commit fixes both of those issues. -Jay Satiro (19 Feb 2016) -- [Emil Lerner brought this change] +Daniel Stenberg (20 Jul 2016) +- [Saurav Babu brought this change] - curl_sasl: Fix memory leak in digest parser + vauth: Fixed memory leak due to function returning without free - If any parameter in a HTTP DIGEST challenge message is present multiple - times, memory allocated for all but the last entry should be freed. + This patch allocates memory to "output_token" only when it is required + so that memory is not leaked if function returns. + +- test558: updated after ipv6-check move - Bug: https://github.com/curl/curl/pull/667 + Follow-up commit to c50980807c5 to make this test pass. -Dan Fandrich (19 Feb 2016) -- Added test 1437 to verify a memory leak +Jay Satiro (20 Jul 2016) +- connect: disable TFO on Linux when using SSL - Reported-by: neex@users.noreply.github.com + - Linux TFO + TLS is not implemented yet. + + Bug: https://github.com/curl/curl/issues/907 -Jay Satiro (18 Feb 2016) -- CURLOPT_COOKIEFILE.3: HTTP headers must be Set-Cookie style +Daniel Stenberg (19 Jul 2016) +- ROADMAP: QUIC and TLS 1.3 + +- RELEASE-NOTES: synced with c50980807c5 + +Jay Satiro (18 Jul 2016) +- [Brian Prodoehl brought this change] + + curl_global_init: Check if IPv6 works - Bug: https://github.com/curl/curl/issues/666 - Reported-by: baumanj@users.noreply.github.com + - Curl_ipv6works() is not thread-safe until after the first call, so + call it once during global init to avoid a possible race condition. + + Bug: https://github.com/curl/curl/issues/915 + PR: https://github.com/curl/curl/pull/918 -- curl.1: HTTP headers for --cookie must be Set-Cookie style +- [Timothy Polich brought this change] + + CURLMOPT_SOCKETFUNCTION.3: fix typo - Bug: https://github.com/curl/curl/issues/666 - Reported-by: baumanj@users.noreply.github.com + Closes https://github.com/curl/curl/pull/914 -Daniel Stenberg (18 Feb 2016) -- curl.1: add a missing dash +- [Miroslav Franc brought this change] -- CONTRIBUTING.md: fix links + library: Fix memory leaks found during static analysis + + Closes https://github.com/curl/curl/pull/913 -- ISSUE_TEMPLATE: github issue template +- [Viktor Szakats brought this change] + + cookie.c: Fix misleading indentation - First version, try this out! + Closes https://github.com/curl/curl/pull/911 -- CONTRIBUTING.md: move into .github +- FAQ: Update FTP directory listing section for MLSD command - To hide github specific files somewhat from the rest. + Explain how some FTP servers support the machine readable listing + format MLSD from RFC 3659 and compare it to LIST. + + Ref: https://github.com/curl/curl/issues/906 -- opts: add references +Daniel Stenberg (1 Jul 2016) +- [Sergei Nikulov brought this change] -- examples/make: add 'checksrc' target + Appveyor: Updates for options - CURL_STATICLIB/BUILD_TESTING + + Closes #892 -- 10-at-a-time: typecast the argument passed to sleep() +- TODO: 17.4 also brings more HTTP/2 support -- externalsocket.c: fix compiler warning for fwrite return type +- TODO: try next proxy if one doesn't work + + Closes #896 -- anyauthput.c: fix compiler warnings +- conn: don't free easy handle data in handler->disconnect + + Reported-by: Gou Lingfeng + Bug: https://curl.haxx.se/mail/lib-2016-06/0139.html -- simplessl.c: warning: while with space +- test1244: test different proxy ports same URL -- curlx.c: i2s_ASN1_IA5STRING() clashes with an openssl function +- curl_global_init.3: improved formatting of the flags + +- curl_global_init.3: expand on the SSL and WIN32 bits purpose - Reported-By: Gisle Vanem + Reported-by: Richard Gray + Bug: https://curl.haxx.se/mail/lib-2016-06/0136.html -- http2: don't decompress gzip decoding automatically +- [Michael Kaufmann brought this change] + + cleanup: minor code cleanup in Curl_http_readwrite_headers() - At one point during the development of HTTP/2, the commit 133cdd29ea0 - introduced automatic decompression of Content-Encoding as that was what - the spec said then. Now however, HTTP/2 should work the same way as - HTTP/1 in this regard. + - the expression of an 'if' was always true + - a 'while' contained a condition that was always true + - use 'if(k->exp100 > EXP100_SEND_DATA)' instead of 'if(k->exp100)' + - fixed a typo - Reported-by: Kazuho Oku + Closes #889 + +- SFTP: set a generic error when no SFTP one exists... - Closes #661 + ... as otherwise we could get a 0 which would count as no error and we'd + wrongly continue and could end up segfaulting. + + Bug: https://curl.haxx.se/mail/lib-2016-06/0052.html + Reported-by: 暖和的和暖 -Jay Satiro (16 Feb 2016) -- [Tatsuhiro Tsujikawa brought this change] +- ROADMAP: http2 tests are merged, mention http2 perf - http: Don't break the header into chunks if HTTP/2 +- docs/README.md: to render nicer pages on github - nghttp2 callback deals with TLS layer and therefore the header does not - need to be broken into chunks. + ... as previously the README.cmake would be picked and put at the bottom + of the docs page there and it wasn't very representative! + +- README.md: change host name for the svg logo - Bug: https://github.com/curl/curl/issues/659 - Reported-by: Kazuho Oku + rawgit.com asks to use the domain cdn.rawgit.com for production + + See #900 -Daniel Stenberg (16 Feb 2016) - [Viktor Szakats brought this change] - openssl: use macro to guard the opaque EVP_PKEY branch + README.md: use the SVG logo -- [Viktor Szakats brought this change] +- README.md: logo on top! - openssl: avoid direct PKEY access with OpenSSL 1.1.0 - - by using API instead of accessing an internal structure. - This is required starting OpenSSL 1.1.0-pre3. +- KNOWN_BUGS: 3.4 POP3 expects "CRLF.CRLF" eob for some - Closes #650 + Closes #740 -- RELEASE-NOTES: synced with ede0bfc079da +- RELEASE-NOTES: synced with d61c80515aa8 -- [Clint Clayton brought this change] +- [Michael Osipov brought this change] - CURLOPT_CONNECTTIMEOUT_MS.3: Fix example to use milliseconds option + acinclude.m4: improve autodetection of CA bundle on FreeBSD - Change the example in the docs for CURLOPT_CONNECTTIMEOUT_MS to use - CURLOPT_CONNECTTIMEOUT_MS instead of CURLOPT_CONNECTTIMEOUT. + The FreeBSD Port security/ca_root_nss installs the Mozilla NSS CA bundle + to /usr/local/share/certs/ca-root-nss.crt. Use this bundle in the + discovery process. - Closes #653 + This change also removes the former FreeBSD path that has been obsolete + for 8 years since this FreeBSD ports commit: + https://svnweb.freebsd.org/ports/head/security/?view=revision&revision=215953 + + Closes #894 -- opt-docs: add more references +- configure: don't specify .lib for libs on windows + + Another follow up for crypt32.lib linking with winssl -- [David Byron brought this change] +- configure: fix winssl LIBS change typo + + follow-up from 120bf29e - SCP: use libssh2_scp_recv2 to support > 2GB files on windows +- TODO: "TCP Fast Open" is done, add monitor pool connections + +- configure: add crypt32.lib for winssl builds - libssh2_scp_recv2 is introduced in libssh2 1.7.0 - to be released "any - day now. + Necessary since 6cabd78531f + +- Makefile.vc: link with crypt32.lib for winssl builds - Closes #451 + Necessary since 6cabd78531f + + Fixes #853 -Jay Satiro (13 Feb 2016) -- [Shine Fan brought this change] +- [Joel Depooter brought this change] - gtls: fix for builds lacking encrypted key file support + VC: Add crypt32.lib to Visual Sudio project template files - Bug: https://github.com/curl/curl/pull/651 + Closes #854 -Dan Fandrich (13 Feb 2016) -- test1604: Add to Makefile.inc so it gets run +- vc: fix the build for schannel certinfo support + + Broken since 6cabd785, which adds use of the Curl_extract_certinfo + function from the x509asn1.c file. -Jay Satiro (12 Feb 2016) -- generate.bat: Fix comment bug by removing old comments +- typedefs: use the full structs in internal code... - Remove NOTES section, it's no longer needed since we aren't setting the - errorlevel and more importantly the recently updated URL in the comments - is causing some unusual behavior that breaks the script. + ... and save the typedef'ed names for headers and external APIs. + +- internals: rename the SessionHandle struct to Curl_easy + +- headers: forward declare CURL, CURLM and CURLSH as structs - Closes https://github.com/curl/curl/issues/649 + Instead of typedef'ing to void, typedef to their corresponding actual + struct names to allow compilers to type-check. + + Assisted-by: Reinhard Max -Kamil Dudka (12 Feb 2016) -- curl.1: --disable-{eprt,epsv} are ignored for IPv6 hosts +Jay Satiro (22 Jun 2016) +- vtls: Only call add/getsession if session id is enabled - The behavior has been clarified in CURLOPT_FTP_USE_{EPRT,EPSV}.3 man - pages since curl-7_12_3~131. This patch makes it clear in the curl.1 - man page, too. + Prior to this change we called Curl_ssl_getsessionid and + Curl_ssl_addsessionid regardless of whether session ID reusing was + enabled. According to comments that is in case session ID reuse was + disabled but then later enabled. - Bug: https://bugzilla.redhat.com/1305970 + The old way was not intuitive and probably not something users expected. + When a user disables session ID caching I'd guess they don't expect the + session ID to be cached anyway in case the caching is later enabled. -Daniel Stenberg (12 Feb 2016) -- dist: ship buildconf.bat too +Daniel Stenberg (22 Jun 2016) +- curl.1: the used progress meter suffix is k in lower case - As the winbuild/* stuff uses it! + Closes #883 -- curlx_tvdiff: handle 32bit time_t overflows +- [Sergei Nikulov brought this change] + + cmake: now using BUILD_TESTING=ON/OFF - On 32bit systems, make sure we don't overflow and return funky values - for very large time differences. + CMake build now using BUILD_TESTING=ON/OFF (default is OFF) to build + tests and enabling CTest integration. Options BUILD_CURL_TESTS and + BUILD_DASHBOARD_REPORTS was removed. - Reported-by: Anders Bakken + Closes #882 - Closes #646 + Reviewed-by: Brad King -- examples: fix some compiler warnings +- [Michael Kaufmann brought this change] -- simplessl.c: fix my breakage + cleanup: fix method names in code comments + + Closes #887 -- examples: adhere to curl code style +Kamil Dudka (21 Jun 2016) +- curl-compilers.m4: improve detection of GCC's -fvisibility= flag - All plain C examples now (mostly) adhere to the curl code style. While - they are only examples, they had diverted so much and contained all - sorts of different mixed code styles by now. Having them use a unified - style helps users and readability. Also, as they get copy-and-pasted - widely by users, making sure they're clean and nice is a good idea. + Some builds of GCC produce output on both stdout and stderr when --help + --verbose is used. The 2>&1 redirection caused them to be arbitrarily + interleaved with each other because of stream buffering. Consequently, + grep failed to match the fvisibility= string in the mixed output, even + though the string was present in GCC's standard output. - 573 checksrc warnings were addressed. + This led to silently disabling symbol hiding in some builds of curl. -- examples/cookie_interface.c: add cleanup call +Daniel Stenberg (19 Jun 2016) +- tests: fix the HTTP/2 tests - cleaning up handles is a good idea as we leak memory otherwise + The HTTP/2 tests brought with commit bf05606ef1f were using the internal + name 'http2' for the HTTP/2 server, while in fact that name was already + used for the second instance of the HTTP server. This made tests using + the second instance (like test 2050) fail after a HTTP/2 test had run. - Also, line wrapped before 80 columns. + The server is now known as HTTP/2 internally and within the + section in test cases. 1700, 1701 and 1702 were updated accordingly. -Kamil Dudka (10 Feb 2016) -- nss: search slash in forward direction in dup_nickname() - - It is wasteful to search it backwards if we look for _any_ slash. +- openssl: use more 'const' to fix build warnings with 1.1.0 branch -- nss: do not count enabled cipher-suites +- curl.1: missed 'T' in the progress unit suffixes + +- curl.1: mention the unix for the progress meter + +Patrick Monnerat (16 Jun 2016) +- os400: add new definitions to ILE/RPG binding. + +Daniel Stenberg (16 Jun 2016) +- openssl: fix cert check with non-DNS name fields present - We only care if at least one cipher-suite is enabled, so it does - not make any sense to iterate till the end and count all enabled - cipher-suites. + Regression introduced in 5f5b62635 (released in 7.48.0) + + Reported-by: Fabian Ruff + Fixes #875 -Daniel Stenberg (10 Feb 2016) -- contributors.sh: make 79 the max column width (from 80) +Dan Fandrich (16 Jun 2016) +- axtls: Use Curl_wait_ms instead of the less-portable usleep -- RELEASE-NOTES: synced with c276aefee3995 +- axtls: Fixed compile after compile 31c521b0 -- mbedtls.c: re-indent to better match curl standards +- tests: Added HTTP proxy keywords to tests 1141 & 1142 -- [Rafael Antonio brought this change] +Jay Satiro (15 Jun 2016) +- [Sergei Nikulov brought this change] - mbedtls: fix memory leak when destroying SSL connection data + cmake: Fix build with winldap - Closes #626 + Bug: https://github.com/curl/curl/pull/874 + Reported-by: Sergei Nikulov -- mbedtls: fix ALPN usage segfault +- CURLOPT_POSTFIELDS.3: Clarify what happens when set empty - Since we didn't keep the input argument around after having called - mbedtls, it could end up accessing the wrong memory when figuring out - the ALPN protocols. + When CURLOPT_POSTFIELDS is set to an empty string libcurl will send a + zero-byte POST. Prior to this change it was documented as sending data + from the read callback. - Closes #642 + This also changes the wording of what happens when empty or NULL so that + it's hopefully easier to understand for people whose primary language + isn't English. + + Bug: https://github.com/curl/curl/issues/862 + Reported-by: Askar Safin -Jay Satiro (9 Feb 2016) -- [Timotej Lazar brought this change] +- [Michael Wallner brought this change] - opts: update references to renamed options + curl_multi_socket_action.3: Fix rewording + + - Remove some erroneous text. + + Closes https://github.com/curl/curl/pull/865 -- KNOWN_BUGS: Update #92 - Windows device prefix +- [Luo Jinghua brought this change] -- tool_doswin: Support for literal path prefix \\?\ + resolve: enable protocol family logic for synthesized IPv6 - For example something like --output \\?\C:\foo + - Enable protocol family logic for IPv6 resolves even when support + for synthesized addresses is enabled. + + This is a follow up to the parent commit that added support for + synthesized IPv6 addresses from IPv4 on iOS/OS X. The protocol family + logic needed for IPv6 was inadvertently excluded if support for + synthesized addresses was enabled. + + Bug: https://github.com/curl/curl/issues/863 + Ref: https://github.com/curl/curl/pull/866 + Ref: https://github.com/curl/curl/pull/867 -Daniel Stenberg (9 Feb 2016) -- configure: state "BoringSSL" in summary when that was detected +Daniel Stenberg (7 Jun 2016) +- [Luo Jinghua brought this change] -- [David Benjamin brought this change] + resolve: add support for IPv6 DNS64/NAT64 Networks on OS X + iOS + + Use getaddrinfo() to resolve the IPv4 address literal on iOS/Mac OS X. + If the current network interface doesn’t support IPv4, but supports + IPv6, NAT64, and DNS64. + + Closes #866 + Fixes #863 - openssl: remove most BoringSSL #ifdefs. +- tests: two more HTTP/2 tests - As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of - BoringSSL #ifdefs in cURL should be unnecessary: + 1701 and 1702 + +- runtests: don't display logs when http2 server fails to start + +- runtests: make stripfile work on stdout as well - - BoringSSL provides no-op stubs for compatibility which replaces most - #ifdefs. + ... and have test 1700 use that to strip out the nghttpx server: headers + +- http2-tests: test1700 is the first real HTTP/2 test - - DES_set_odd_parity has been in BoringSSL for nearly a year now. Remove - the compatibility codepath. - - - With a small tweak to an extend_key_56_to_64 call, the NTLM code - builds fine. - - - Switch OCSP-related #ifdefs to the more generally useful - OPENSSL_NO_OCSP. + It requires that 'nghttpx' is in the PATH, and it will run the tests + using nghttpx as a front-end proxy in front of the standard HTTP/1 test + server. This uses HTTP/2 over plain TCP. - The only #ifdefs which remain are Curl_ossl_version and the #undefs to - work around OpenSSL and wincrypt.h name conflicts. (BoringSSL leaves - that to the consumer. The in-header workaround makes things sensitive to - include order.) - - This change errs on the side of removing conditionals despite many of - the restored codepaths being no-ops. (BoringSSL generally adds no-op - compatibility stubs when possible. OPENSSL_VERSION_NUMBER #ifdefs are - bad enough!) + If you like me have nghttpx installed in a custom path, you can run test 1700 + like this: - Closes #640 + $ PATH=$PATH:$HOME/build-nghttp2/bin/ ./runtests.pl 1700 -Jay Satiro (8 Feb 2016) -- KNOWN_BUGS: Windows device prefix is required for devices +- RELEASE-NOTES: synced with 34855feeb4c299 -- tool_urlglob: Allow reserved dos device names (Windows) +Steve Holme (6 Jun 2016) +- schannel: Disable ALPN on Windows < 8.1 - Allow --output to reserved dos device names without the device prefix - for backwards compatibility. + Calling QueryContextAttributes with SECPKG_ATTR_APPLICATION_PROTOCOL + fails on Windows < 8.1 so we need to disable ALPN on these OS versions. - Example: --output NUL can be used instead of --output \\.\NUL + Inspiration provide by: Daniel Seither - Bug: https://github.com/curl/curl/commit/4520534#commitcomment-15954863 - Reported-by: Gisle Vanem + Closes #848 + Fixes #840 -Daniel Stenberg (8 Feb 2016) -- cookies: allow spaces in cookie names, cut of trailing spaces +Jay Satiro (5 Jun 2016) +- checksrc: Add LoadLibrary to the banned functions list - It turns out Firefox and Chrome both allow spaces in cookie names and - there are sites out there using that. + LoadLibrary was supplanted by Curl_load_library for security + reasons in 6df916d. + +- http: Fix HTTP/2 connection reuse - Turned out the code meant to strip off trailing space from cookie names - didn't work. Fixed now. + - Change the parser to not require a minor version for HTTP/2. - Test case 8 modified to verify both these changes. + HTTP/2 connection reuse broke when we changed from HTTP/2.0 to HTTP/2 + in 8243a95 because the parser still expected a minor version. - Closes #639 - -Patrick Monnerat (8 Feb 2016) -- Merge branch 'master' of github.com:curl/curl + Bug: https://github.com/curl/curl/issues/855 + Reported-by: Andrew Robbins, Frank Gevaerts -- os400: sync ILE/RPG definitions with latest public header files. +Steve Holme (4 Jun 2016) +- connect.c: Fixed compilation warning from commit 332e8d6164 + + connect.c:952:5: warning: suggest explicit braces to avoid ambiguous 'else' -Daniel Stenberg (8 Feb 2016) -- [Ludwig Nussel brought this change] +- win32: Used centralised verify windows version function + + Closes #845 - SSLCERTS: update wrt SSL CA certificate store +- win32: Added verify windows version functionality -- [Ludwig Nussel brought this change] +- win32: Introduced centralised verify windows version function - configure: --with-ca-fallback: use built-in TLS CA fallback +Kamil Dudka (3 Jun 2016) +- tool_urlglob: fix off-by-one error in glob_parse() - When trying to verify a peer without having any root CA certificates - set, this makes libcurl use the TLS library's built in default as - fallback. + ... causing SIGSEGV while parsing URL with too many globs. + Minimal example: - Closes #569 + $ curl $(for i in $(seq 101); do printf '{a}'; done) + + Reported-by: Romain Coltel + Bug: https://bugzilla.redhat.com/1340757 -- Proxy-Connection: stop sending this header by default +Daniel Stenberg (1 Jun 2016) +- [Benjamin Kircher brought this change] + + libcurl-multi.3: fix small typo - RFC 7230 says we should stop. Firefox already stopped. + Closes #850 + +- [Viktor Szakats brought this change] + + makefile.m32: add crypt32 for winssl builds - Bug: https://github.com/curl/curl/issues/633 - Reported-By: Brad Fitzpatrick + Dependency added by 6cabd78 - Closes #633 + Closes #849 -- bump: work toward the next release +- [Ivan Avdeev brought this change] -- THANKS: 2 contributors from the 7.47.1 release + vtls: fix ssl session cache race condition + + Sessionid cache management is inseparable from managing individual + session lifetimes. E.g. for reference-counted sessions (like those in + SChannel and OpenSSL engines) every session addition and removal + should be accompanied with refcount increment and decrement + respectively. Failing to do so synchronously leads to a race condition + that causes symptoms like use-after-free and memory corruption. + This commit: + - makes existing session cache locking explicit, thus allowing + individual engines to manage lock's scope. + - fixes OpenSSL and SChannel engines by putting refcount management + inside this lock's scope in relevant places. + - adds these explicit locking calls to other engines that use + sessionid cache to accommodate for this change. Note, however, + that it is unknown whether any of these engines could also have + this race. + + Bug: https://github.com/curl/curl/issues/815 + Fixes #815 + Closes #847 -- RELEASE-PROCEDURE: remove the github upload part +- [Andrew Kurushin brought this change] + + schannel: add CURLOPT_CERTINFO support - ... as we're HTTPS on the main site now, there's no point in that - extra step + Closes #822 -Version 7.47.1 (8 Feb 2016) +- RELEASE-NOTES: synced with 142ee9fa15002315 -Daniel Stenberg (8 Feb 2016) -- RELEASE-NOTES: curl 7.47.1 time! +- openssl: rename the private SSL_strerror + + ... to make it not look like an OpenSSL function -Jay Satiro (8 Feb 2016) -- tool_operhlp: Check for backslashes in get_url_file_name +- [Michael Kaufmann brought this change] + + openssl: Use correct buffer sizes for error messages - Extract the filename from the last slash or backslash. Prior to this - change backslashes could be part of the filename. + Closes #844 + +- curl: fix -q [regression] - This change needed for the curl tool built for Cygwin. Refer to the - CYGWIN addendum in advisory 20160127B. + This broke in 7.49.0 with commit e200034425a7625 - Bug: https://curl.haxx.se/docs/adv_20160127B.html - -Daniel Stenberg (7 Feb 2016) -- RELEASE-NOTES: synced with d6a8869ea34 + Fixes #842 -Jay Satiro (6 Feb 2016) -- openssl: Fix signed/unsigned mismatch warning in X509V3_ext +- URL parser: allow URLs to use one, two or three slashes - sk_X509_EXTENSION_num may return an unsigned integer, however the value - will fit in an int. + Mostly in order to support broken web sites that redirect to broken URLs + that are accepted by browsers. - Bug: https://github.com/curl/curl/commit/dd1b44c#commitcomment-15913896 - Reported-by: Gisle Vanem + Browsers are typically even more leniant than this as the WHATWG URL + spec they should allow an _infinite_ amount. I tested 8000 slashes with + Firefox and it just worked. + + Added test case 1141, 1142 and 1143 to verify the new parser. + + Closes #791 -Daniel Stenberg (7 Feb 2016) -- TODO: 17.11 -w output to stderr +- [Renaud Lehoux brought this change] -Jay Satiro (6 Feb 2016) -- [Michael Kaufmann brought this change] + cmake: Added missing mbedTLS support + + Closes #837 - idn_win32: Better error checking +- [Renaud Lehoux brought this change] + + mbedtls: removed unused variables - .. also fix a conversion bug in the unused function - curl_win32_ascii_to_idn(). + Closes #838 + +- [Frank Gevaerts brought this change] + + http: add CURLINFO_HTTP_VERSION and %{http_version} - And remove wprintfs on error (Jay). + Adds access to the effectively used http version to both libcurl and + curl. - Bug: https://github.com/curl/curl/pull/637 + Closes #799 -- [Gisle Vanem brought this change] +- bump: start the journey toward 7.50.0 - examples/asiohiper: Avoid function name collision on Windows +- [Marcel Raad brought this change] + + openssl: fix build with OPENSSL_NO_COMP - closesocket => close_socket - Winsock already has the former. + With OPENSSL_NO_COMP defined, there is no function + SSL_COMP_free_compression_methods - Bug: https://curl.haxx.se/mail/lib-2016-02/0016.html + Closes #836 - [Gisle Vanem brought this change] - examples/htmltitle: Use _stricmp on Windows + memdebug: fix MSVC crash with -DMEMDEBUG_LOG_SYNC - Bug: https://curl.haxx.se/mail/lib-2016-02/0017.html + Fixes #828 -Daniel Stenberg (6 Feb 2016) -- COPYING: clarify that Daniel is not the sole author +- [Jonathan brought this change] + + README.md: polish - ... done on request and as it is a fair point. + Closes #834 -Jay Satiro (5 Feb 2016) -- unit1604: Fix unit setup return code +- RELEASE-NOTES: fix vuln link -- tool_doswin: Use type SANITIZEcode in sanitize_file_name +Version 7.49.1 (30 May 2016) -- tool_doswin: Improve sanitization processing +Daniel Stenberg (30 May 2016) +- RELEASE-NOTES: 7.49.1 + +- [Steve Holme brought this change] + + loadlibrary: Only load system DLLs from the system directory - - Add unit test 1604 to test the sanitize_file_name function. + Inspiration provided by: Daniel Stenberg and Ray Satiro - - Use -DCURL_STATICLIB when building libcurltool for unit testing. + Bug: https://curl.haxx.se/docs/adv_20160530.html - - Better detection of reserved DOS device names. + Ref: Windows DLL hijacking with curl, CVE-2016-4802 + +- ssh: fix version number check typo + +Jay Satiro (29 May 2016) +- curl_share_setopt.3: Add min ver needed for ssl session lock - - New flags to modify sanitize behavior: + Bug: https://github.com/curl/curl/issues/826 + Reported-by: Michael Wallner + +Daniel Stenberg (29 May 2016) +- ssh: fix build for libssh2 before 1.2.6 - SANITIZE_ALLOW_COLONS: Allow colons - SANITIZE_ALLOW_PATH: Allow path separators and colons - SANITIZE_ALLOW_RESERVED: Allow reserved device names - SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename + The statvfs functionality was added to libssh2 in that version, so we + switch off that functionality when built with older libraries. - - Restore sanitization of banned characters from user-specified outfile. + Fixes #831 + +- mbedtls: fix includes so snprintf() works - Prior to this commit sanitization of a user-specified outfile was - temporarily disabled in 2b6dadc because there was no way to allow path - separators and colons through while replacing other banned characters. - Now in such a case we call the sanitize function with - SANITIZE_ALLOW_PATH which allows path separators and colons to pass - through. + Regression from the previous *printf() rearrangements, this file missed to + include the correct header to make sure snprintf() works universally. + Reported-by: Moti Avrahami + Bug: https://curl.haxx.se/mail/lib-2016-05/0196.html + +Steve Holme (23 May 2016) +- checksrc.pl: Added variants of strcat() & strncat() to banned function list - Closes https://github.com/curl/curl/issues/624 - Reported-by: Octavio Schroeder + Added support for checking the tchar, unicode and mbcs variants of + strcat() and strncat() in the banned function list. -- [Viktor Szakats brought this change] +Daniel Stenberg (23 May 2016) +- smtp: minor ident (white space) fixes - URLs: change more http to https +- THANKS: updated after script fixes + + Now giving credit properly to github user names, fixed some UTF-8 issues + and added names discovered when contrithanks was improved. -- sasl_sspi: Fix memory leak in domain populate +- THANKS-filter: more name cleanups + +- contrithanks.sh: exclude existing names case insensitively + +- contrithanks.sh: use same grep pattern and -a flag as contributors.sh + +- contributors.sh: better grep pattern, use grep -a + +- THANKS-filter: fix more names + +- contrithanks.sh: do the same github fix as contributors.sh - Free an existing domain before replacing it. + from 1577bfa35ba + +Jay Satiro (23 May 2016) +- contributors: Show GitHub username if real name unknown - Bug: https://github.com/curl/curl/issues/635 - Reported-by: silveja1@users.noreply.github.com + Prior to this change if a GitHub contributor's real name was unknown + they would be omitted from the list. + + Bug: https://github.com/curl/curl/issues/824 -Daniel Stenberg (4 Feb 2016) -- [Viktor Szakats brought this change] +Daniel Stenberg (21 May 2016) +- RELEASE-NOTES: synced with 3caaeffbe8ded4 - URLs: follow GitHub project rename (also Travis CI) +Jay Satiro (20 May 2016) +- openssl: cleanup must free compression methods - Closes #632 - -- CHANGES.o: fix references to curl.haxx.nu + - Free compression methods if OpenSSL 1.0.2 to avoid a memory leak. - I removed the scheme prefix from the URLs references this host name, as - we don't own/run that anymore but the name is kept for historic reasons. + Bug: https://github.com/curl/curl/issues/817 + Reported-by: jveazey@users.noreply.github.com -- HISTORY: add some info about when we used which host names +Daniel Stenberg (20 May 2016) +- [Gisle Vanem brought this change] -Jay Satiro (2 Feb 2016) -- [Viktor Szakats brought this change] + curl_multibyte: fix compiler error + + While compiling lib/curl_multibyte.c with '-DUSE_WIN32_IDN' etc. I was + getting: + + f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2054: expected '(' + to follow 'CURL_EXTERN' + + f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2085: + 'curl_domalloc': not in formal parameter list - URLs: change more http to https +- THANKS-filter: make Jan-E get proper credit -Dan Fandrich (3 Feb 2016) -- URLs: Change more haxx.se URLs from http: to https: +- [Jan-E brought this change] -Daniel Stenberg (3 Feb 2016) -- RELEASE-NOTES: synced with 4af40b364 + winbuild/Makefile.vc: Fix check on SSL, MBEDTLS, WINSSL exclusivity + + Closes #818 -- URLs: change all http:// URLs to https:// +- [Alexander Traud brought this change] -- configure: update the copyright year range in output + libcurl.m4: Avoid obsolete warning + + Closes #821 -- dotdot: allow an empty input string too +Jay Satiro (20 May 2016) +- [Michael Kaufmann brought this change] + + CURLOPT_CONNECT_TO.3: user must not free the list prematurely - It isn't used by the code in current conditions but for safety it seems - sensible to at least not crash on such input. + The connect-to list isn't copied so as long as the handle may be used + for a transfer the list must be valid. - Extended unit test 1395 to verify this too as well as a plain "/" input. + Bug: https://github.com/curl/curl/pull/819 + Reported-by: Michael Kaufmann -- HTTPS: update a bunch of URLs from HTTP to HTTPS +Daniel Stenberg (19 May 2016) +- RELEASE-NOTES: synced with 48114a8634242c -- [Sergei Nikulov brought this change] +- openssl: ERR_remove_thread_state() is deprecated in latest 1.1.0 + + See OpenSSL commit 21e001747d4a - AppVeyor: updated to handle OpenSSL/WinSSL builds +- http2: use HTTP/2 in the HTTP/1.1-alike header - Closes #621 + ... when generating them, not "2.0" as the protocol is called just + HTTP/2 and nothing else. -Jay Satiro (1 Feb 2016) -- tool_operate: Don't sanitize --output path (Windows) +Jay Satiro (19 May 2016) +- dist: include curl_multi_socket_all.3 - Due to path separators being incorrectly sanitized in --output - pathnames, eg -o c:\foo => c__foo + Closes https://github.com/curl/curl/pull/816 + +Steve Holme (18 May 2016) +- bump: Start work on 7.49.1 + +Daniel Stenberg (18 May 2016) +- curlbuild.h.dist: check __LP64__ as well to fix MIPS build - This is a partial revert of 3017d8a until I write a proper fix. The - remote-name will continue to be sanitized, but if the user specified an - --output with string replacement (#1, #2, etc) that data is unsanitized - until I finish a fix. + The preprocessor check that sets up the 32bit defines for non-configure + builds didn't work properly for MIPS systems as __mips__ is defined for + both 32bit and 64bit. Now __LP64__ is also checked and indicates 64bit. - Bug: https://github.com/bagder/curl/issues/624 - Reported-by: Octavio Schroeder + Reported-by: Tomas Jakobsson + Fixes #813 -- curl.1: Explain remote-name behavior if file already exists +- [Marcel Raad brought this change] + + schannel: fix compile break with MSVC XP toolset - .. also warn about letting the server pick the filename. + For the Windows XP toolset of Visual C++ 2013/2015, the old Windows SDK + 7.1 is used. In this case, _USING_V110_SDK71_ is defined. + + Closes #812 -- [Gisle Vanem brought this change] +- dist: include CHECKSRC.md + + Reported-by: Paul Howarth + Bug: https://curl.haxx.se/mail/lib-2016-05/0116.html - urldata: Error on missing SSL backend-specific connect info +- test/Makefile.am: include manpage-scan.pl and nroff-scan.pl in dist + + Reported-by: Ray Satiro + Bug: https://curl.haxx.se/mail/lib-2016-05/0113.html -Daniel Stenberg (28 Jan 2016) -- bump: towards the next (7.47.1 ?) +Version 7.49.0 (17 May 2016) -- [Sergei Nikulov brought this change] +Daniel Stenberg (17 May 2016) +- THANKS: 24 new names from 7.49.0 release notes - cmake: fixed when OpenSSL enabled on Windows and schannel detected +- RELEASE-NOTES: 7.49.0 + +- mbedtls/polarssl: set "hostname" unconditionally - Closes #617 + ...as otherwise the TLS libs will skip the CN/SAN check and just allow + connection to any server. curl previously skipped this function when SNI + wasn't used or when connecting to an IP address specified host. + + CVE-2016-3739 + + Bug: https://curl.haxx.se/docs/adv_20160518A.html + Reported-by: Moti Avrahami -Jay Satiro (28 Jan 2016) -- [Sergei Nikulov brought this change] +- [Frank Gevaerts brought this change] - urldata: moved common variable out of ifdef + CURLOPT_RESOLVE.3: fix typo - Closes https://github.com/bagder/curl/pull/618 + Closes #811 -- [Viktor Szakats brought this change] +- docs: CURLOPT_RESOLVE overrides CURLOPT_IPRESOLVE - tool_doswin: silence unused function warning +- KNOWN_BUGS: GnuTLS backend skips really long certificate fields - tool_doswin.c:185:14: warning: 'msdosify' defined but not used - [-Wunused-function] + Closes #762 + +- CURLOPT_HTTPPOST.3: the data needs to be around while in use + +- openssl: get_cert_chain: fix NULL dereference - Closes https://github.com/bagder/curl/pull/616 + CID 1361815: Explicit null dereferenced (FORWARD_NULL) -Daniel Stenberg (27 Jan 2016) -- getredirect.c: fix variable name +- openssl: get_cert_chain: avoid NULL dereference - Reported-by: Bernard Spil + CID 1361811: Explicit null dereferenced (FORWARD_NULL) -Version 7.47.0 (27 Jan 2016) +- dprintf_formatf: fix (false?) Coverity warning + + CID 1024412: Memory - illegal accesses (OVERRUN). Claimed to happen when + we run over 'workend' but the condition says <= workend and for all I + can see it should be safe. Compensating for the warning by adding a byte + margin in the buffer. + + Also, removed the extra brace level indentation in the code and made it + so that 'workend' is only assigned once within the function. -Daniel Stenberg (27 Jan 2016) -- examples/Makefile.inc: specify programs without .c! +- RELEASE-NOTES: synced with 2dcb5adc72d6 -- THANKS: 6 new contributors from 7.47.0 release notes +- THANKS-filter: fixed Jonathan Cardoso -- [Isaac Boukris brought this change] +Jay Satiro (15 May 2016) +- ftp: fix incorrect out-of-memory code in Curl_pretransfer + + - Return value type must match function type. + + s/CURLM_OUT_OF_MEMORY/CURLE_OUT_OF_MEMORY/ + + Caught by Travis CI - NTLM: Fix ConnectionExists to compare Proxy credentials +Daniel Stenberg (15 May 2016) +- ftp wildcard: segfault due to init only in multi_perform - Proxy NTLM authentication should compare credentials when - re-using a connection similar to host authentication, as it - authenticate the connection. + The proper FTP wildcard init is now more properly done in Curl_pretransfer() + and the corresponding cleanup in Curl_close(). - Example: - curl -v -x http://proxy:port http://host/ -U good_user:good_pwd - --proxy-ntlm --next -x http://proxy:port http://host/ - [-U fake_user:fake_pwd --proxy-ntlm] - - CVE-2016-0755 + The previous place of init/cleanup code made the internal pointer to be NULL + when this feature was used with the multi_socket() API, as it was made within + the curl_multi_perform() function. - Bug: http://curl.haxx.se/docs/adv_20160127A.html - -- [Ray Satiro brought this change] + Reported-by: Jonathan Cardoso Machado + Fixes #800 - curl: avoid local drive traversal when saving file (Windows) - - curl does not sanitize colons in a remote file name that is used as the - local file name. This may lead to a vulnerability on systems where the - colon is a special path character. Currently Windows/DOS is the only OS - where this vulnerability applies. - - CVE-2016-0754 +Jay Satiro (13 May 2016) +- libcurl-tlibcurl-thread: Update OpenSSL links - Bug: http://curl.haxx.se/docs/adv_20160127B.html + Because the old OpenSSL link now redirects to their master documentation + (currently 1.1.0), which does not document the required actions for + OpenSSL <= 1.0.2. -- RELEASE-NOTES: 7.47.0 +Daniel Stenberg (13 May 2016) +- [Viktor Szakats brought this change] -- FAQ: language fix in 4.19 + darwinssl.c: fix OS X codename typo in comment -- [paulehoffman brought this change] +- RELEASE-NOTES: synced with 68701e51c1f7 + + Added 8 bug fixes and 5 more contrbutors - FAQ: Update to point to GitHub +- [Jay Satiro brought this change] + + mprintf: Fix processing of width and prec args - Current FAQ didn't make it clear where the main repo is. + Prior to this change a width arg could be erroneously output, and also + width and precision args could not be used together without crashing. - Closes #612 - -- maketgz: generate date stamp with LC_TIME=C + "%0*d%s", 2, 9, "foo" - bug: http://curl.haxx.se/mail/lib-2016-01/0123.html + Before: "092" + After: "09foo" + + "%*.*s", 5, 2, "foo" + + Before: crash + After: " fo" + + Test 557 is updated to verify this and more -- curl_multi_socket_action.3: line wrap +- [Michael Kaufmann brought this change] -- RELEASE-NOTES: synced with d58ba66eeceb + ConnectionExists: follow-up fix for proxy re-use + + Follow-up commit to 5823179 + + Closes #648 -Steve Holme (21 Jan 2016) -- TODO: "Create remote directories" for SMB +- [Per Malmberg brought this change] -Jay Satiro (18 Jan 2016) -- mbedtls: Fix pinned key return value on fail + darwinssl: fix certificate verification disable on OS X 10.8 - - Switch from verifying a pinned public key in a callback during the - certificate verification to inline after the certificate verification. + The new way of disabling certificate verification doesn't work on + Mountain Lion (OS X 10.8) so we need to use the old way in that version + too. I've tested this solution on versions 10.7.5, 10.8, 10.9, 10.10.2 + and 10.11. - The callback method had three problems: + Closes #802 + +- [Cory Benfield brought this change] + + http2: Add space between colon and header value - 1. If a pinned public key didn't match, CURLE_SSL_PINNEDPUBKEYNOTMATCH - was not returned. + curl's representation of HTTP/2 responses involves transforming the + response to a format that is similar to HTTP/1.1. Prior to this change, + curl would do this by separating header names and values with only a + colon, without introducing a space after the colon. - 2. If peer certificate verification was disabled the pinned key - verification did not take place as it should. + While this is technically a valid way to represent a HTTP/1.1 header + block, it is much more common to see a space following the colon. This + change introduces that space, to ensure that incautious tools are safely + able to parse the header block. - 3. (related to #2) If there was no certificate of depth 0 the callback - would not have checked the pinned public key. + This also ensures that the difference between the HTTP/1.1 and HTTP/2 + response layout is as minimal as possible. - Though all those problems could have been fixed it would have made the - code more complex. Instead we now verify inline after the certificate - verification in mbedtls_connect_step2. + Bug: https://github.com/curl/curl/issues/797 - Ref: http://curl.haxx.se/mail/lib-2016-01/0047.html - Ref: https://github.com/bagder/curl/pull/601 + Closes #798 + Fixes #797 -- tests: Add a test for pinnedpubkey fail even when insecure +Kamil Dudka (12 May 2016) +- openssl: fix compile-time warning in Curl_ossl_check_cxn() - Because disabling the peer verification (--insecure) must not disable - the public key pinning check (--pinnedpubkey). - -- [Daniel Schauenberg brought this change] - - CURLINFO_RESPONSE_CODE.3: add example + ... introduced in curl-7_48_0-293-g2968c83: + + Error: COMPILER_WARNING: + lib/vtls/openssl.c: scope_hint: In function ‘Curl_ossl_check_cxn’ + lib/vtls/openssl.c:767:15: warning: conversion to ‘int’ from ‘ssize_t’ + may alter its value [-Wconversion] -Kamil Dudka (15 Jan 2016) -- ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL +Jay Satiro (11 May 2016) +- openssl: stricter connection check function - The CURLOPT_SSH_PUBLIC_KEYFILE option has been documented to handle - empty strings specially since curl-7_25_0-31-g05a443a but the behavior - was unintentionally removed in curl-7_38_0-47-gfa7d04f. + - In the case of recv error, limit returning 'connection still in place' + to EINPROGRESS, EAGAIN and EWOULDBLOCK. - This commit restores the original behavior and clarifies it in the - documentation that NULL and "" have both the same meaning when passed - to CURLOPT_SSH_PUBLIC_KEYFILE. + This is an improvement on the parent commit which changed the openssl + connection check to use recv MSG_PEEK instead of SSL_peek. - Bug: http://curl.haxx.se/mail/lib-2016-01/0072.html + Ref: https://github.com/curl/curl/commit/856baf5#comments -Daniel Stenberg (14 Jan 2016) -- RELEASE-NOTES: synced with 35083ca60ed035a +Daniel Stenberg (11 May 2016) +- [Anders Bakken brought this change] -- openssl: improved error detection/reporting + TLS: SSL_peek is not a const operation - ... by extracting the LIB + REASON from the OpenSSL error code. OpenSSL - 1.1.0+ returned a new func number of another cerfificate fail so this - required a fix and this is the better way to catch this error anyway. - -- openssl: for 1.1.0+ they now provide a SSLeay() macro of their own - -- CURLOPT_RESOLVE.3: minor language polish - -- configure: assume IPv6 works when cross-compiled + Calling SSL_peek can cause bytes to be read from the raw socket which in + turn can upset the select machinery that determines whether there's data + available on the socket. - The configure test uses AC_TRY_RUN to figure out if an ipv6 socket - works, and testing like that doesn't work for cross-compiles. These days - IPv6 support is widespread so a blind guess is probably more likely to - be 'yes' than 'no' now. + Since Curl_ossl_check_cxn only tries to determine whether the socket is + alive and doesn't actually need to see the bytes SSL_peek seems like + the wrong function to call. - Further: anyone who cross-compiles can use configure's --disable-ipv6 to - explicitly disable IPv6 and that also works for cross-compiles. + We're able to occasionally reproduce a connect timeout due to this + bug. What happens is that Curl doesn't know to call SSL_connect again + after the peek happens since data is buffered in the SSL buffer and thus + select won't fire for this socket. - Made happen after discussions in issue #594 + Closes #795 -- TODO: "Try to URL encode given URL" - - Closes #514 +Jay Satiro (9 May 2016) +- [Daniel Stenberg brought this change] -- ConnectionExists: only do pipelining/multiplexing when asked + TLS: move the ALPN/NPN enable bits to the connection - When an HTTP/2 upgrade request fails (no protocol switch), it would - previously detect that as still possible to pipeline on (which is - acorrect) and do that when PIPEWAIT was enabled even if pipelining was - not explictily enabled. + Only protocols that actually have a protocol registered for ALPN and NPN + should try to get that negotiated in the TLS handshake. That is only + HTTPS (well, http/1.1 and http/2) right now. Previously ALPN and NPN + would wrongly be used in all handshakes if libcurl was built with it + enabled. - It should only pipelined if explicitly asked to. + Reported-by: Jay Satiro - Closes #584 + Fixes #789 -- [Mohammad AlSaleh brought this change] +Daniel Stenberg (8 May 2016) +- libcurl-thread.3: openssl 1.1.0 is safe, and so is boringssl - lib: Prefix URLs with lower-case protocol names/schemes - - Before this patch, if a URL does not start with the protocol - name/scheme, effective URLs would be prefixed with upper-case protocol - names/schemes. This behavior might not be expected by library users or - end users. +- [Antonio Larrosa brought this change] + + connect: fix invalid "Network is unreachable" errors - For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the - URL is "hostname/path". The effective URL would be - "HTTPS://hostname/path" instead of "https://hostname/path". + Sometimes, in systems with both ipv4 and ipv6 addresses but where the + network doesn't support ipv6, Curl_is_connected returns an error + (intermittently) even if the ipv4 socket connects successfully. - After this patch, effective URLs would be prefixed with a lower-case - protocol name/scheme. + This happens because there's a for-loop that iterates on the sockets but + the error variable is not resetted when the ipv4 is checked and is ok. - Closes #597 + This patch fixes this problem by setting error to 0 when checking the + second socket and not having a result yet. - Signed-off-by: Mohammad AlSaleh - -- [Alessandro Ghedini brought this change] + Fixes #794 - scripts: don't generate and install zsh completion when cross-compiling +Jay Satiro (5 May 2016) +- FAQ: refer to thread safety guidelines -- [Alessandro Ghedini brought this change] +Daniel Stenberg (3 May 2016) +- connections: non-HTTP proxies on different ports aren't reused either + + Reported-by: Oleg Pudeyev and fuchaoqun + + Fixes #648 - scripts: fix zsh completion generation +- http: make sure a blank header overrides accept_decoding - The script should use the just-built curl, not the system one. This fixes - zsh completion generation when no system curl is installed. + Reported-by: rcanavan + Assisted-by: Isaac Boukris + Closes #785 -- [Alessandro Ghedini brought this change] +- CHECKSRC.md: clarified, explained the whitelist file - zsh.pl: fail if no curl is found - - Instead of generation a broken completion file. +- nroff-scan.pl: verify that references are made with \fI -- [Michael Kaufmann brought this change] +- docs: unified man page references to use \fI - IDN host names: Remove the port number before converting to ACE +- TODO: 17.14 --fail without --location should treat 3xx as a failure - Closes #596 + Closes #727 -Jay Satiro (10 Jan 2016) -- runtests: Add mbedTLS to the SSL backends +- RELEASE-NOTES: synced with 7987f5cb14d + +- [Isaac Boukris brought this change] + + CURLOPT_ACCEPT_ENCODING.3: Follow-up clarification - .. and enable SSLpinning tests for mbedTLS, BoringSSL and LibreSSL. + Mention possible content-length mismatch with sum of bytes reported + by write callbacks when auto decoding is enabled. + + See #785 -Daniel Stenberg (10 Jan 2016) -- [Thomas Glanzmann brought this change] +- test1140: run nroff-scan to verify man pages - mbedtls: implement CURLOPT_PINNEDPUBLICKEY +- nroff-scan.pl: verify the .BR references as well -Jay Satiro (9 Jan 2016) -- [Tatsuhiro Tsujikawa brought this change] +- CURLOPT_CONV_TO_NETWORK_FUNCTION.3: fix bad man page reference - url: Fix compile error with --enable-werror +- CURLOPT_BUFFERSIZE.3: fix reference to CURLOPT_MAX_RECV_SPEED_LARGE -- [Tatsuhiro Tsujikawa brought this change] +- curl_easy_pause.3: fix man page reference - http2: Ensure that http2_handle_stream_close is called +Jay Satiro (1 May 2016) +- tool_cb_hdr: Fix --remote-header-name with schemeless URL - Previously, when HTTP/2 is enabled and used, and stream has content - length known, Curl_read was not called when there was no bytes left to - read. Because of this, we could not make sure that - http2_handle_stream_close was called for every stream. Since we use - http2_handle_stream_close to emit trailer fields, they were - effectively ignored. This commit changes the code so that Curl_read is - called even if no bytes left to read, to ensure that - http2_handle_stream_close is called for every stream. + - Move the existing scheme check from tool_operate. - Discussed in https://github.com/bagder/curl/pull/564 + In the case of --remote-header-name we want to parse Content-disposition + for a filename, but only if the scheme is http or https. A recent + adjustment 0dc4d8e was made to account for schemeless URLs however it's + not 100% accurate. To remedy that I've moved the scheme check to the + header callback, since at that point the library has already determined + the scheme. + + Bug: https://github.com/curl/curl/issues/760 + Reported-by: Kai Noda -Daniel Stenberg (8 Jan 2016) -- http2: handle the received SETTINGS frame +Daniel Stenberg (1 May 2016) +- tls: make setting pinnedkey option fail if not supported - This regression landed in 5778e6f5 and made libcurl not act on received - settings and instead stayed with its internal defaults. + to make it obvious to users trying to use the feature with TLS backends + not supporting it. - Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html - Reported-by: Bankde + Discussed in #781 + Reported-by: Travis Burtrum -- Revert "multiplex: allow only once HTTP/2 is actually used" - - This reverts commit 46cb70e9fa81c9a56de484cdd7c5d9d0d9fbec36. +- nroff-scan.pl: verifies nroff pages - Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html + ... not used by any test yet but can be used stand-alone. -Jay Satiro (8 Jan 2016) -- [Tatsuhiro Tsujikawa brought this change] +- opts: fix broken/bad references - http2: Fix PUSH_PROMISE headers being treated as trailers +- [Michael Kaufmann brought this change] + + docs: fix bugs in CURLOPT_HTTP_VERSION.3 and CURLOPT_PIPEWAIT.3 - Discussed in https://github.com/bagder/curl/pull/564 + Closes #786 -Daniel Stenberg (8 Jan 2016) -- [Michael Kaufmann brought this change] +- CURLOPT_ACCEPT_ENCODING.3: clarified + + As discussed in #785 - connection reuse: IDN host names fixed +- curl.1: --mail-rcpt can be used multiple times - Use the ACE form of IDN hostnames as key in the connection cache. Add - new tests. + Reported-by: mgendre + Closes #784 + +- [Karlson2k brought this change] + + tests: Use 'pathhelp' for paths conversions in secureserver.pl - Closes #592 + Closes #675 -- tests: mark IPv6 FTP and FTPS tests with the FTP keyword +- [Karlson2k brought this change] -Jay Satiro (7 Jan 2016) -- mbedtls: Fix ALPN support + tests: Use 'pathhelp' for paths conversions in sshserver.pl + +- [Karlson2k brought this change] + + tests: Use 'pathhelp' for current path in runtests.pl + +- [Karlson2k brought this change] + + tests: pathhelp.pm to process paths on Msys/Cygwin + +- lib: include curl_printf.h as one of the last headers - - Fix ALPN reply detection. + curl_printf.h defines printf to curl_mprintf, etc. This can cause + problems with external headers which may use + __attribute__((format(printf, ...))) markers etc. - - Wrap nghttp2 code in ifdef USE_NGHTTP2. + To avoid that they cause problems with system includes, we include + curl_printf.h after any system headers. That makes the three last + headers to always be, and we keep them in this order: + curl_printf.h + curl_memory.h + memdebug.h - Prior to this change ALPN and HTTP/2 did not work properly in mbedTLS. + None of them include system headers, they all do funny #defines. + + Reported-by: David Benjamin + + Fixes #743 -- http2: Fix client write for trailers on stream close +- memdebug.h: remove inclusion of other headers - Check that the trailer buffer exists before attempting a client write - for trailers on stream close. + Mostly because they're not needed, because memdebug.h is always included + last of all headers so the others already included the correct ones. - Refer to comments in https://github.com/bagder/curl/pull/564 + But also, starting now we don't want this to accidentally include any + system headers, as the header included _before_ this header may add + defines and other fun stuff that we won't want used in system includes. -Daniel Stenberg (7 Jan 2016) -- COPYING: update general copyright year range +- [Jay Satiro brought this change] -- ConnectionExists: add missing newline in infof() call + curl -J: make it work even without http:// scheme on URL - Mistake from commit a464f33843ee1 - -- multiplex: allow only once HTTP/2 is actually used + It does open up a miniscule risk that one of the other protocols that + libcurl could use would send back a Content-Disposition header and then + curl would act on it even if not HTTP. - To make sure curl doesn't allow multiplexing before a connection is - upgraded to HTTP/2 (like when Upgrade: h2c fails), we must make sure the - connection uses HTTP/2 as well and not only check what's wanted. + A future mitigation for this risk would be to allow the callback to ask + libcurl which protocol is being used. - Closes #584 + Verified with test 1312 - Patch-by: c0ff + Closes #760 -Jay Satiro (4 Jan 2016) -- curl_global_init.3: Add Windows-specific info for init via DLL +- manpage-scan.pl: also verify the command line option docs - - Add to both curl_global_init.3 and libcurl.3 the caveat for Windows - that initializing libcurl via a DLL's DllMain or static initializer - could cause a deadlock. - - Bug: https://github.com/bagder/curl/issues/586 - Reported-by: marc-groundctl@users.noreply.github.com + This script now also scans src/tool_getparam.c, docs/curl.1 and + src/tool_help.c and will warn if any of them lists a command line option + not mentioned in one of the other places. -Daniel Stenberg (4 Jan 2016) -- FAQ: clarify who to mail about ECCN clarifications +- curl: show the long option version of -q in the -h list -- progressfunc.c: spellfix description +- curl: remove "--socks" as "--socks5" turned 8 + + In commit 2e42b0a2524 (Jan 2008) we made the option "--socks" deprecated + and it has not been documented since. The more explicit socks options + (like --socks4 or --socks5) should be used. -- docs/examples/multi-app.c: fix bad desc formatting +- curl.1: document the deprecated --ftp-ssl option -- examples: added descriptions +- curl: remove --http-request + + It was mentioned as deprecated already in commit ae1912cb0d4 from + 1999. It has not been documented in this millennium. -- example/simple.c: add description +- curl: mention --ntlm-wb in -h list -- getredirect.c: a new example +- curl: -h output lacked --proxy-header -Marc Hoersken (27 Dec 2015) -- RELEASE-NOTES: add 5e0e81a9c4e35f04ca +- curl.1: document --ntlm-wb -Daniel Stenberg (26 Dec 2015) -- RELEASE-NOTES: synced with 2aec4359db1088b10d +- curl.1: document the long format of -q: --disable -Marc Hoersken (26 Dec 2015) -- test 1515: add data check +- curl.1: mention the deprecated --krb4 option -- test 1515: add MSYS support by passing a relative path +- curl.1: document --ftp-ssl-reqd - MSYS would otherwise turn a /-style path into a C:\-style path. + Even if deprecated, document it so that people will find it as old + scripts may still use it. -- test 539: use datacheck mode text for ASCII-mode LISTings +- curl: use --telnet-option as documented - While still using datacheck mode binary for the inline reply data. + The code said "telnet-options" but no documentation ever said so. It + worked fine since the code is fine with a unique match of the first + part. -- runtests.pl: check up to 5 data parts with different text modes +- getparam: remove support for --ftpport - Move the text-mode conversion for reply/replycheck from the verify - section into the load section and add support for 4 more check parts. + It has been deprecated and undocumented since commit ad5ead8bed7 (Dec + 2003). --ftp-port is the proper long option name. -Daniel Stenberg (24 Dec 2015) -- CURLOPT_RANGE: for HTTP servers, range support is optional +- curl: make --disable work as long form of -q + + To make the aliases list reflect reality. -Marc Hoersken (24 Dec 2015) -- tests 1048 and 1050: use datacheck mode text for ASCII-mode LISTings - -- tests 706 and 707: use datacheck mode text for ASCII-mode LISTings - -- tests 400,403,406: use datacheck mode text for ASCII-mode LISTings +- aliases: remove trailing space from capath string -- sockfilt.c: fix calculation of sleep timeout on Windows +- cmdline parse: only single letter options have single-letter strings - Not converting to double caused small timeouts to be skipped. + ... moved around options so that parsing the code to find all + single-letter options easier. -- tests first.c: fix calculation of sleep timeout on Windows +Jay Satiro (28 Apr 2016) +- CURLINFO_TLS_SSL_PTR.3: Clarify SSL pointer availability - Not converting to double caused small timeouts to be skipped. + Bug: https://curl.haxx.se/mail/lib-2016-04/0126.html + Reported-by: Bru Rom -- test 573: add more debug output +Daniel Stenberg (28 Apr 2016) +- curl_easy_getinfo.3: remove superfluous blank lines -- ftplistparser.c: fix handling of file LISTings using Windows EOL +- test1139: verifies libcurl option man page presence - Previously file.txt[CR][LF] would have been returned as file.tx - (without the last t) if filetype is symlink. Now the t is - included and the internal item_length includes the zero byte. + - checks that each option has its own man page present - Spotted using test 576 on Windows. + - checks that each option is mentioned in its corresponding index man + page -- test 16: fix on Linux (and Windows) by using plain ASCII characters +- curl_easy_getinfo.3: added missing mention of CURLINFO_TLS_SESSION - Follow up on b064ff0c351bb287557228575ef4c1d079b866fb, thanks Daniel. + ... although it is deprecated. -- tftpd server: add Windows support by writing files in binary mode +Jay Satiro (28 Apr 2016) +- mbedtls: Fix session resume + + This also fixes PolarSSL session resume. + + Prior to this change the TLS session information wasn't properly + saved and restored for PolarSSL and mbedTLS. + + Bug: https://curl.haxx.se/mail/lib-2016-01/0070.html + Reported-by: Thomas Glanzmann + + Bug: https://curl.haxx.se/mail/lib-2016-04/0095.html + Reported-by: Moti Avrahami -- tests 252-255: use datacheck mode text for ASCII-mode LISTings +Daniel Stenberg (27 Apr 2016) +- RELEASE-NOTES: synced with f4298fcc6d2 -- test 16: fix on Windows by converting data file from ANSI to UTF-8 +- [Michael Kaufmann brought this change] -Daniel Stenberg (23 Dec 2015) -- Makefile.inc: s/curl_SOURCES/CURL_FILES + opts: Fix some syntax errors in example code fragments - This allows the root Makefile.am to include the Makefile.inc without - causing automake to warn on it (variables named *_SOURCES are - magic). curl_SOURCES is then instead assigned properly in - src/Makefile.am only. + Fixes #779 + +- openssl: avoid BN_print a NULL bignum - Closes #577 + OpenSSL 1.1.0-pre seems to return NULL(?) for a whole lot of those + numbers so make sure the function handles this. + + Reported-by: Linus Nordberg -- [Anders Bakken brought this change] +- [Marcel Raad brought this change] - ConnectionExists: with *PIPEWAIT, wait for connections + CONNECT_ONLY: don't close connection on GSS 401/407 reponses - Try harder to prevent libcurl from opening up an additional socket when - CURLOPT_PIPEWAIT is set. Accomplished by letting ongoing TCP and TLS - handshakes complete first before the decision is made. + Previously, connections were closed immediately before the user had a + chance to extract the socket when the proxy required Negotiate + authentication. - Closes #575 + This regression was brought in with the security fix in commit + 79b9d5f1a42578f + + Closes #655 -- [Anders Bakken brought this change] +- CURLINFO_TLS_SESSION.3: clarify TLS library support before 7.48.0 - Add .dir-locals and set c-basic-offset to 2. +- mbedtls.c: silly spellfix of a comment + +- KNOWN_BUGS: 1.10 Strips trailing dot from host name - This makes it easier for emacs users to automatically get the right - 2-space indentation when they edit curl source files. + Closes #716 + +- test1322: verify stripping of trailing dot from host name - c++-mode is in there as well because Emacs can't easily know if - something is a C or C++ header. + While being debated (in #716) and a violation of RFC 7230 section 5.4, + this test verifies that the existing functionality works as intended. It + strips the dot from the host name and uses the host without dot + throughout the internals. + +- multi: accidentally used resolved host name instead of proxy - Closes #574 + Regression introduced in 09b5a998 + + Bug: https://curl.haxx.se/mail/lib-2016-04/0084.html + Reported-by: BoBo -- [Johannes Schindelin brought this change] +- symbols-in-versions: added new CURLSSLBACKEND_ symbols - configure: detect IPv6 support on Windows +- test148: fixed after the --ftp-create-dirs retry change - This patch was "nicked" from the MINGW-packages project by Daniel. - - https://github.com/Alexpux/MINGW-packages/commit/9253d0bf58a1486e91f7efb5316e7fdb48fa4007 - Signed-off-by: Johannes Schindelin + follow-up commit to 3c1e84f569 as it made curl try a little harder -- configure: allow static builds on mingw +- curl.h: clarify curl_sslbackend for openssl clones and renames + +- [Karlson2k brought this change] + + url.c: fixed DEBUGASSERT() for WinSock workaround - This patch is adopted from the MINGW-packages project. It makes it - possible to build curl both shared and static again. + If buffer is allocated, but nothing is received during prereceive + stage, than number of processed bytes must be zero. - URL: https://github.com/Alexpux/MINGW-packages/tree/master/mingw-w64-curl + Closes #778 -Marc Hoersken (17 Dec 2015) -- test 1326: fix file check since curl is outputting binary data +- KNOWN_BUGS: --interface for ipv6 binds to unusable IP address + + Closes #686 for now. -- test 1326: fix getting stuck on Windows due to incomplete request +- TODO: 1.17 Add support for IRIs - The request needs to be read and send in binary mode in order to use - CRLF instead of LF. Adding --upload-file - causes curl to read stdin - in binary mode. + Adding support for IRIs is a mouthful, but is probably interesting at + least for areas and countries where the use of such "URLs" are growing + popularity. + + Closes #776 -Daniel Stenberg (17 Dec 2015) -- RELEASE-NOTES: command line option recount +- THANKS-filter: Travis Burtrum -Dan Fandrich (16 Dec 2015) -- scripts/Makefile: build zsh script even in an out-of-tree build +- lib1517: checksrc compliance -Marc Hoersken (16 Dec 2015) -- sockfilt.c: added some debug output to select_ws +- [moparisthebest brought this change] -- sockfilt.c: keep lines shorter than 80 chars + PolarSSL: Implement public key pinning -- sockfilt.c: do not wait on unreliable file or pipe handle +Patrick Monnerat (22 Apr 2016) +- os400: upgrade ILE/RPG binding + +- curl.h: CURLOPT_CONNECT_TO sets a struct slist *, not a string + +Daniel Stenberg (22 Apr 2016) +- contributors.sh: make --releasenotes implied - The previous implementation caused issues on modern MSYS2 runtimes. + It got too annoying to type =) -Daniel Stenberg (16 Dec 2015) -- cyassl: deal with lack of *get_peer_certificate +- RELEASE-NOTES: synced with 3c1e84f5693d8093 + +- curl: make --ftp-create-dirs retry on failure - The function is only present in wolfssl/cyassl if it was built with - --enable-opensslextra. With these checks added, pinning support is disabled - unless the TLS lib has that function available. + The underlying libcurl option used for this feature is + CURLOPT_FTP_CREATE_MISSING_DIRS which has the ability to retry the dir + creation, but it was never set to do that by the command line tool. - Also fix the mistake in configure that checks for the wrong lib name. + Now it does. - Closes #566 + Bug: https://curl.haxx.se/mail/archive-2016-04/0021.html + Reported-by: John Wanghui + Help-by: Leif W -- wolfssl: handle builds without SSLv3 support +- [Henrik Gaßmann brought this change] -- [Tatsuhiro Tsujikawa brought this change] + winbuild: add mbedtls support + + Add WITH_MBEDTLS option. Make WITH_SSL, WITH_MBEDTLS and ENABLE_WINSSL + options mutual exclusive. + + Closes #606 - http2: Support trailer fields +- KNOWN_BUGS: fixed "5.6 Improper use of Autoconf cache variables" - This commit adds trailer support in HTTP/2. In HTTP/1.1, chunked - encoding must be used to send trialer fields. HTTP/2 deprecated any - trandfer-encoding, including chunked. But trailer fields are now - always available. + As of commit d9f3b365a3 + +- [Irfan Adilovic brought this change] + + configure: ac_cv_ -> curl_cv_ for write-only vars - Since trailer fields are relatively rare these days (gRPC uses them - extensively though), allocating buffer for trailer fields is done when - we detect that HEADERS frame containing trailer fields is started. We - use Curl_add_buffer_* functions to buffer all trailers, just like we - do for regular header fields. And then deliver them when stream is - closed. We have to be careful here so that all data are delivered to - upper layer before sending trailers to the application. + These configure vars are modified in a curl-specific way but never + evaluated or loaded from cache, even though they are designated as + _cv_. We could either implement proper AC_CACHE_CHECKs for them, or + remove them completely. - We can deliver trailer field one by one using NGHTTP2_ERR_PAUSE - mechanism, but current method is far more simple. + Fixes #603 as ac_cv_func_gethostbyname is no longer clobbered, and + AC_CHECK_FUNC(gethostbyname...) will no longer spuriously succeed after + the first configure run with caching. - Another possibility is use chunked encoding internally for HTTP/2 - traffic. I have not tested it, but it could add another overhead. + `ac_cv_func_strcasecmp` is curious, see #770. - Closes #564 + `eval "ac_cv_func_$func=yes"` can still cause problems as it works in + tandem with AC_CHECK_FUNCS and then potentially modifies its result. It + would be best to rewrite this test to use a new CURL_CHECK_FUNCS macro, + which works the same as AC_CHECK_FUNCS but relies on caching the values + of curl_cv_func_* variables, without modifiying ac_cv_func_*. -- RELEASE-NOTES: synced with 6c2c019654e658a +- [Irfan Adilovic brought this change] -Jay Satiro (15 Dec 2015) -- x509asn1: Fix host altname verification - - - In Curl_verifyhost check all altnames in the certificate. - - Prior to this change only the first altname was checked. Only the GSKit - SSL backend was affected by this bug. + configure: ac_cv_ -> curl_cv_ for r/w vars - Bug: http://curl.haxx.se/mail/lib-2015-12/0062.html - Reported-by: John Kohl + These configure vars are modified in a curl-specific way and modified by + the configure process, but are never loaded from cache, even though they + are designated as _cv_. We should implement proper AC_CACHE_CHECKs for + them eventually. -Daniel Stenberg (15 Dec 2015) -- curl --expect100-timeout: added +- [Irfan Adilovic brought this change] + + configure: ac_cv_func_clock_gettime -> curl_... - This is the new command line option to set the value for the existing - libcurl option CURLOPT_EXPECT_100_TIMEOUT_MS + This variable must not be cached in its current form, as any cached + information will prevent the next configure run from determining the + correct LIBS needed for the function. Thus, rename prefix `ac_cv_` to + just `curl_`. -- cyassl: fix compiler warning on type conversion +- [Irfan Adilovic brought this change] -- curlver: the pending release will become 7.47.0 + configure: ac_cv_ -> curl_cv_ for all cached vars + + This was automated by: + + sed -b -i -f <(ack -A1 AC_CACHE_CHECK | \ + ack -o 'ac_cv_.*?\b' | \ + sort -u | xargs -n1 bash -c \ + 'echo "s/$0/curl_cv_${0#ac_cv_}/g"') \ + $(git ls-files) + + This only changed the prefix for 16 variables actually checked with + AC_CACHE_CHECK. -- [Anders Bakken brought this change] +- openssl: builds with OpenSSL 1.1.0-pre5 + + The RSA, DSA and DH structs are now opaque and require use of new APIs + + Fixes #763 - setstropt: const-correctness +Steve Holme (20 Apr 2016) +- url.c: Prefer we don't use explicit NULLs in conditions - Closes #565 + Fixed commit fa5fa65a30 to not use NULLs in if condition. -- ROADMAP: implemented HTTP2 for HTTPS-only +Daniel Stenberg (20 Apr 2016) +- [Isaac Boukris brought this change] -- HTTP2.md: spell fix and remove TODO now implemented + NTLM: check for NULL pointer before deferencing + + At ConnectionExists, both check->proxyuser and check->proxypasswd + could be NULL, so make sure to check first. + + Fixes #765 -- libressl: the latest openssl x509 funcs are not in libressl +- [Karlson2k brought this change] -- curl: use 2TLS by default + tests: added test1517 - Make this the default for the curl tool (if built with HTTP/2 powers - enabled) unless a specific HTTP version is requested on the command - line. + ... for checking ability to receive full HTTP response when POST request + is used with slow read callback function. - This should allow more users to get HTTP/2 powers without having to - change anything. + This test checks for bug #657 and verifies the work-around from + 72d5e144fbc6. + + Closes #720 -- http: add libcurl option to allow HTTP/2 for HTTPS only +- [Karlson2k brought this change] + + sendf.c: added ability to call recv() before send() as workaround - ... and stick to 1.1 for HTTP. This is in line with what browsers do and - should have very little risk. + WinSock destroys recv() buffer if send() is failed. As result - server + response may be lost if server sent it while curl is still sending + request. This behavior noticeable on HTTP server short replies if + libcurl use several send() for request (usually for POST request). + To workaround this problem, libcurl use recv() before every send() and + keeps received data in intermediate buffer for further processing. + + Fixes: #657 + Closes: #668 -- openssl: adapt to openssl >= 1.1.0 X509 opaque structs +Kamil Dudka (19 Apr 2016) +- connect: make sure that rc is initialized in singleipconnect() - Closes #491 + This commit fixes a Clang warning introduced in curl-7_48_0-190-g8f72b13: + + Error: CLANG_WARNING: + lib/connect.c:1120:11: warning: The right operand of '==' is a garbage value + 1118| } + 1119| + 1120|-> if(-1 == rc) + 1121| error = SOCKERRNO; + 1122| } -- openssl: avoid BIO_reset() warnings since it returns a value +Daniel Stenberg (19 Apr 2016) +- make/checksrc: use $srcdir, not $top_srcdir -- openssl: adapt to 1.1.0+ name changes +- src/checksrc.whitelist: removed -- scripts/makefile: add standard header +- tool_operate: switch to inline checksrc ignore -- scripts/Makefile: fix GNUism and survive no perl +- lib/checksrc.whitelist: not needed anymore - Closes #555 + ... as checksrc now skips comments + +- vtls.h: remove a space before semicolon - Reported-by: Thomas Klausner + ... that the new checksrc detected -- fix b6d5cb40d7038fe +- darwinssl: removed commented out code -- [Tatsuhiro Tsujikawa brought this change] +- http_chunks: removed checksrc disable + + ... since checksrc now skips comments - http2: Fix hanging paused stream +- imap: inlined checksrc disable instead of whitelist edit + +- checksrc: taught to skip comments - When NGHTTP2_ERR_PAUSE is returned from data_source_read_callback, we - might not process DATA frame fully. Calling nghttp2_session_mem_recv() - again will continue to process DATA frame, but if there is no incoming - frames, then we have to call it again with 0-length data. Without this, - on_stream_close callback will not be called, and stream could be hanged. + ... but output non-stripped version of the line, even if that then can + make the script identify the wrong position in the line at + times. Showing the line stripped (ie without comments) is just too + surprising. + +- opts/Makefile.am: list all docs file one by one - Bug: http://curl.haxx.se/mail/lib-2015-11/0103.html - Reported-by: Francisco Moraes + ... to make it easier to add lines in patches that won't just break all + other patches trying to add lines too. -- [Christian Stewart brought this change] +- curl_easy_setopt.3: mention CURLOPT_TCP_FASTOPEN - build: fix compilation error with CURL_DISABLE_VERBOSE_STRINGS +- RELEASE-NOTES: synced with 03de4e4b219 - With curl disable verbose strings in http.c the compilation fails due to - the data variable being undefined later on in the function. + (since we just merged two major features) + +- [Alessandro Ghedini brought this change] + + connect: implement TCP Fast Open for Linux - Closes #558 + Closes #660 -Jay Satiro (7 Dec 2015) -- [Gisle Vanem brought this change] +- [Alessandro Ghedini brought this change] - config-win32: Fix warning HAVE_WINSOCK2_H undefined + tool: add --tcp-fastopen option -- [Gisle Vanem brought this change] +- [Alessandro Ghedini brought this change] - openssl: BoringSSL doesn't have CONF_modules_free + connect: implement TCP Fast Open for OS X -- [Gisle Vanem brought this change] +- [Alessandro Ghedini brought this change] - lwip: Fix compatibility issues with later versions - - The name of the header guard in lwIP's has changed from - '__LWIP_OPT_H__' to 'LWIP_HDR_OPT_H' (bug #35874 in May 2015). + url: add CURLOPT_TCP_FASTOPEN option + +- checksrc: pass on -D so the whitelists are found correctly + +- configure: remove check for libresolve - Other fixes: + 'strncasecmp' was once provided by libresolv (no trailing e) for SunOS, + but this check is broken and most likely adds nothing useful. Removing + now. - - In curl_setup.h, the problem with an old PSDK doesn't apply if lwIP is - used. + Reported-by: Irfan Adilovic - - In memdebug.h, the 'socket' should be undefined first due to lwIP's - lwip_socket() macro. + Discussed in #770 + +- scripts/make: use $(EXEEXT) for executables - - In curl_addrinfo.c lwIP's getaddrinfo() + freeaddrinfo() macros need - special handling because they were undef'ed in memdebug.h. + Reported-by: bodop - - In select.c we can't use preprocessor conditionals inside select if - MSVC and select is a macro, as it is with lwIP. + Fixes #771 + +- includes: avoid duplicate memory callback typdefs even harder + +- checksrc/makefile.am: use $top_srcdir to find source files - http://curl.haxx.se/mail/lib-2015-12/0023.html - http://curl.haxx.se/mail/lib-2015-12/0024.html + ... to properly support out of source tree builds. -Patrick Monnerat (7 Dec 2015) -- os400: define CURL_VERSION_PSL in ILE/RPG binding +- RELEASE-NOTES: synced with 26ec93dd6aeba8dfb5 -Jay Satiro (7 Dec 2015) -- [Gisle Vanem brought this change] +- opts: fix option references missing (section) - version: Add flag CURL_VERSION_PSL for libpsl +- [Michael Kaufmann brought this change] -- formdata: Check if length is too large for memory - - - If the size of the length type (curl_off_t) is greater than the size - of the size_t type then check before allocating memory to make sure the - value of length will fit in a size_t without overflow. If it doesn't - then return CURLE_BAD_FUNCTION_ARGUMENT. + news: CURLOPT_CONNECT_TO and --connect-to - Bug: https://github.com/bagder/curl/issues/425#issuecomment-154518679 - Reported-by: Steve Holme - -Steve Holme (3 Dec 2015) -- tests: Corrected copy and pasted comments from commit e643c5c908 + Makes curl connect to the given host+port instead of the host+port found + in the URL. -Daniel Stenberg (3 Dec 2015) -- curl: remove keepalive #ifdef checks done on libcurl's behalf +- makefile.vc6: use d suffix on debug object - They didn't match the ifdef logic used within libcurl anyway so they - could indeed warn for the wrong case - plus the tool cannot know how the - lib actually performs at that level. + To allow both release and debug builds in parallel. + + Reported-by: Rod Widdowson + + Fixes #769 -Steve Holme (2 Dec 2015) -- test947: Corrected typo in test name +Jay Satiro (12 Apr 2016) +- http2: Use size_t type for data drain count + + Ref: https://github.com/curl/curl/issues/659 + Ref: https://github.com/curl/curl/pull/663 -- tests: Disable the OAUTHBEARER tests when using a non-default port number +- http2: Improve header parsing - Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail - if a custom port number is specified via the -b option of runtests.pl. + - Error if a header line is larger than supported. - Suggested by: Kamil Dudka - Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html - -Daniel Stenberg (2 Dec 2015) -- bump: towards next release + - Warn if cumulative header line length may be larger than supported. - for all we know now, it might be called 7.46.1 + - Allow spaces when parsing the path component. + + - Make sure each header line ends in \r\n. This fixes an out of bounds. + + - Disallow header continuation lines until we decide what to do. + + Ref: https://github.com/curl/curl/issues/659 + Ref: https://github.com/curl/curl/pull/663 -Version 7.46.0 (1 Dec 2015) +- http2: Add Curl_http2_strerror for HTTP/2 error codes + + Ref: https://github.com/curl/curl/issues/659 + Ref: https://github.com/curl/curl/pull/663 -Daniel Stenberg (1 Dec 2015) -- RELEASE-NOTES: updated contributor count for 7.46.0 +- [Tatsuhiro Tsujikawa brought this change] -- THANKS: new contributors from the 7.46.0 release + http2: Don't increment drain when one header field is received + + Sicne we write header field in temporary location, not in the memory + that upper layer provides, incrementing drain should not happen. + + Ref: https://github.com/curl/curl/issues/659 + Ref: https://github.com/curl/curl/pull/663 -- THANKS-filter: single Tim Rühsen spelling +- [Tatsuhiro Tsujikawa brought this change] -- docs/examples: gitignore some more built examples + http2: Ensure that http2_handle_stream_close is called + + This commit ensures that streams which was closed in on_stream_close + callback gets passed to http2_handle_stream_close. Previously, this + might not happen. To achieve this, we increment drain property to + forcibly call recv function for that stream. + + To more accurately check that we have no pending event before shutting + down HTTP/2 session, we sum up drain property into + http_conn.drain_total. We only shutdown session if that value is 0. + + With this commit, when stream was closed before reading response + header fields, error code CURLE_HTTP2_STREAM is returned even if + HTTP/2 level error is NO_ERROR. This signals the upper layer that + stream was closed by error just like TCP connection close in HTTP/1. + + Ref: https://github.com/curl/curl/issues/659 + Ref: https://github.com/curl/curl/pull/663 -- RELEASE-NOTES; this bug was never released +- [Tatsuhiro Tsujikawa brought this change] -- RELEASE-NOTES: synced with e55f15454efacb0 + http2: Process paused data first before tear down http2 session + + This commit ensures that data from network are processed before HTTP/2 + session is terminated. This is achieved by pausing nghttp2 whenever + different stream than current easy handle receives data. + + This commit also fixes the bug that sometimes processing hangs when + multiple HTTP/2 streams are multiplexed. + + Ref: https://github.com/curl/curl/issues/659 + Ref: https://github.com/curl/curl/pull/663 -- [Flavio Medeiros brought this change] +- [Tatsuhiro Tsujikawa brought this change] - Curl_read_plain: clean up ifdefs that break statements + http2: Check session closure early in http2_recv - Closes #546 + Ref: https://github.com/curl/curl/issues/659 + Ref: https://github.com/curl/curl/pull/663 -- http2: convert some verbose output into debug-only output +- [Tatsuhiro Tsujikawa brought this change] -- http2 push: add missing inits of new stream + http2: Add handling stream level error - - set the correct stream_id for pushed streams - - init maxdownload and size properly - -- http2 push: set weight for new stream + Previously, when a stream was closed with other than NGHTTP2_NO_ERROR + by RST_STREAM, underlying TCP connection was dropped. This is + undesirable since there may be other streams multiplexed and they are + very much fine. This change introduce new error code + CURLE_HTTP2_STREAM, which indicates stream error that only affects the + relevant stream, and connection should be kept open. The existing + CURLE_HTTP2 means connection error in general. - give the new stream the old one's stream_weight internally to avoid - sending a PRIORITY frame unless asked for it + Ref: https://github.com/curl/curl/issues/659 + Ref: https://github.com/curl/curl/pull/663 -- curl_setup.h: undef freeaddrinfo in c-ares block to fix build +Daniel Stenberg (11 Apr 2016) +- http2: drain the socket better... - Fixes warnings 78c25c854a added. - -- nonblock: fix setting non-blocking mode for Amiga + ... but ignore EAGAIN if the stream has ended so that we don't end up in + a loop. This is a follow-up to c8ab613 in order to avoid the problem + d261652 was made to fix. - IoctlSocket() apparently wants a pointer to a long, passed as a char * - in its third parameter. This bug was introduced already back in commit - c5fdeef41d from October 1 2001! + Reported-by: Jay Satiro + Clues-provided-by: Tatsuhiro Tsujikawa - Bug: http://curl.haxx.se/mail/lib-2015-11/0088.html - Reported-by: Norbert Kett + Discussed in #750 -- zsh install: fix DESTDIR support +- KNOWN_BUGS: added info for "Hangs with PolarSSL" + +- KNOWN_BUGS: 1.9 HTTP/2 frames while in the connection pool kill reuse - Reported-by: Mohammad AlSaleh + Closes #750 -Dan Fandrich (27 Nov 2015) -- lib: Only define curl_dofreeaddrinfo if struct addrinfo is available +- build: include scripts/ in the dist -Steve Holme (27 Nov 2015) -- tool_paramhlp: Fixed display of URL index in password prompt for --next +Steve Holme (9 Apr 2016) +- CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME - Commit f3bae6ed73 added the URL index to the password prompt when using - --next. Unfortunately, because the size_t specifier (%zu) is not - supported by all sprintf() implementations we use the curl_off_t format - specifier instead. The display of an incorrect value arises on platforms - where size_t and curl_off_t are of a different size. + As these two options provide identical functionality, the former for + SOCK5 proxies and the latter for HTTP proxies, merged the two options + together. + + As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of + 7.49.0. -Daniel Stenberg (25 Nov 2015) -- timecond: do not add if-modified-since without timecondition +- urldata: Use bool for socks5_gssapi_nec as it is a flag - The RTSP code path didn't skip adding the if-modified-since for certain - RTSP code paths, even if CURLOPT_TIMECONDITION was set to - CURL_TIMECOND_NONE. + This value is set to TRUE or FALSE so should be a bool and not a long. + +- url: Ternary operator code style changes + +- CODE_STYLE: Added ternary operator example to 'Space around operators' - Also, an unknown non-zero CURLOPT_TIMECONDITION value no longer equals - CURL_TIMECOND_IFMODSINCE. + Following conversation on the libcurl mailing list. + +- sasl: Fixed compilation errors from commit 9d89a0387 - Bug: http://stackoverflow.com/questions/33903982/curl-timecond-none-doesnt-work-how-to-remove-if-modified-since-header + ...when GSS-API or Windows SSPI are not used. -- RELEASE-NOTES: synced with 99d17a5e2ba77e58 +- url: Corrected comments following 9d89a0387 -- examples/README: cut out the incomplete list - - ... and add a generic explanation for them instead. Each example file - should contain its own description these days. +- docs: Added clarification following commit 9d89a0387 -- test1513: make sure the callback is only called once +- Makefile: Fixed echo of checksrc check -- [Daniel Shahaf brought this change] +- checksrc: Fix issue with the autobuilds not picking up the whitelist - build: Install zsh completion - - Fixes #534 - Closes #537 +- checksrc: Added missing vauth and vtls directories -- done: make sure the final progress update is made - - It would previously be skipped if an existing error was returned, but - would lead to a previous value being left there and later used. - CURLINFO_TOTAL_TIME for example. - - Still it avoids that final progress update if we reached DONE as the - result of a callback abort to avoid another callback to be called after - an abort-by-callback. +- ftp/imap/pop3/smtp: Allow the service name to be overridden - Reported-by: Lukas Ruzicka - - Closes #538 + Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5 + authentication in FTP, IMAP, POP3 and SMTP. -- curl: expanded the -XHEAD warning text +- http_negotiate: Calculate service name and proxy service name locally - ... to also mention the specific options used. + Calculate the service name and proxy service names locally, rather than + in url.c which will allow for us to support overriding the service name + for other protocols such as FTP, IMAP, POP3 and SMTP. -- Revert "cleanup: general removal of TODO (and similar) comments" +- ROADMAP: Updated following the move of the authentication code + +Patrick Monnerat (8 Apr 2016) +- KNOWN_BUGS: openldap hangs. TODO: binary SASL. + +Daniel Stenberg (8 Apr 2016) +- KNOWN_BUGS: 5.6 Improper use of Autoconf cache variables - This reverts commit 64e959ffe37c436503f9fed1ce2d6ee6ae50bd9a. + Closes #603 + +- KNOWN_BUGS: 11.2 error buffer not set... - Feedback-by: Dan Fandrich - URL: http://curl.haxx.se/mail/lib-2015-11/0062.html + Closes #544 -- CURLOPT_HEADERFUNCTION.3: fix typo +- KNOWN_BUGS: 11.1 Curl leaks .onion hostnames in DNS - Refer to _HEADERDATA not _WRITEDATA. + Closes #543 + +- KNOWN_BUGS: 1.8 DNS timing is wrong for HTTP redirects - Reported-by: MichaÅ‚ Piechowski + Closes #522 -- TODO: TCP Fast Open +- TODO: HTTP/2 "prior knowledge" is implemented! -Steve Holme (22 Nov 2015) -- examples: Added website parse-able descriptions to the e-mail examples +- [Damien Vielpeau brought this change] -- TODO: Added another 'multi-interface' idea + mbedtls: fix MBEDTLS_DEBUG builds -- smb.c: Fixed compilation warnings +- mbedtls: implement and provide *_data_pending() - smb.c:134:3: warning: conversion to 'short unsigned int' from 'int' may - alter its value - smb.c:146:42: warning: conversion to 'unsigned int' from 'long long - unsigned int' may alter its value - smb.c:146:65: warning: conversion to 'unsigned int' from 'long long - unsigned int' may alter its value + ... as otherwise we might get stuck thinking there's no more data to + handle. + + Reported-by: Damien Vielpeau + + Fixes #737 -- schannel: Corrected copy/paste error in commit 8d17117683 +- mbedtls: follow-up for the previous commit -- schannel: Use GetVersionEx() when VerifyVersionInfo() isn't available +- mbedtls.c: name space pollution fix, Use 'Curl_' + +- mbedtls.c: changed private prefix to mbed_ - Regression from commit 7a8e861a5 as highlighted in the msys autobuilds. + mbedtls_ is the prefix used by the mbedTLS library itself so we should + avoid using that for our private functions. -- examples: Fixed compilation warnings +- mbedtls.h: fix compiler warnings + +- Revert "winbuild: trying to set some files eol=crlf for git" - pop3-multi.c:96:5: warning: implicit declaration of function 'memset' - imap-multi.c:96:5: warning: implicit declaration of function 'memset' - http2-download.c:226:5: warning: implicit declaration of function 'memset' - http2-upload.c:290:5: warning: implicit declaration of function 'memset' - http2-upload.c:290:5: warning: implicit declaration of function 'memset' + This reverts commit 9c08b4f1e7eced5a4d3782a3e0daa484c9d77d21. + + Didn't help. Caused problems. + + Fixes #756 -- Makefile.inc: Fixed test run error +- curl.1: use example.com more - test845 not present in tests/data/Makefile.inc + Make (most) example snippets use the example.com domain instead of the + random ones picked and used before. Some of those were probably + legitimate sites and some not. example.com is designed for this purpose. -Daniel Stenberg (20 Nov 2015) -- TODO: remove duplicated title +- [Michael Kaufmann brought this change] -- TODO: added two more libcurl ideas + HTTP2: Add a space character after the status code - Moved some ideas from "next major" to just ordinary ideas since we can - always add new things while keeping the old without doing a "next - major". + The space character after the status code is mandatory, even if the + reason phrase is empty (see RFC 7230 section 3.1.2) + + Closes #755 -Steve Holme (20 Nov 2015) -- tests: Re-enabled tests 889 and 890 following POP3 fix +- [Viktor Szakats brought this change] -- pop3: Differentiate between success and continuation responses + URLs: change http to https in many places + + Closes #754 -- pop3: Added clarity on some server response codes +- winbuild: trying to set some files eol=crlf for git + + Thinking it might help to apply patches etc with git. -Daniel Stenberg (20 Nov 2015) -- [Daniel Shahaf brought this change] +- [Theodore Dubois brought this change] - build: Fix theoretical infinite loops + curl.1: change example for -F - Add error-checking to 'cd' in a few cases where omitting the checks - might result in an infinite loop. + It's a bad idea to send your passwords anywhere, especially over HTTP. + Modified example to send a picture instead. - Closes #535 + Fixes #752 -Patrick Monnerat (19 Nov 2015) -- curl.h: s/#defien/#define/ +- KNOWN_BUGS: reorganized and cleaned up + + Now sorted into categories and organized in the same style we do the + TODO document. It will make each issue linked properly on the + https://curl.haxx.se/docs/knownbugs.html web page. + + The sections should make it easier to find issues and issues related to + areas of the reader's specific interest. -- os400: synchronize ILE/RPG header file +Jay Satiro (6 Apr 2016) +- KNOWN_BUGS: #95 curl in Windows can't handle Unicode arguments -- os400: Provide options for libssh2 use in compile scripts. Adjust README. +Steve Holme (6 Apr 2016) +- KNOWN_BUGS: Use https://curl.haxx.se URL for github based issues -Daniel Stenberg (19 Nov 2015) -- [danielsh@apache.org brought this change] +- CHECKSRC.md: Corrected some typos - zsh completion: Preserve single quotes in output - - When an option's help string contains literal single quotes, those - single quotes would be stripped from the option's description in the - completion output (unless the zsh RC_QUOTES option were set while the - completion function was being sourced, which is not the default). This - patch makes the completion output contain single quotes where the --help - output does. +- RELEASE-NOTES: Corrected last updated - Closes #532 + Included a summary of the checksrc.bat updates and combined two krb5 + changes as they should have been implemented at the same time. -Jay Satiro (18 Nov 2015) -- [MaxGiting brought this change] +- vauth: Corrected a number of typos in comments + + Reported-by: Michael Osipov - FAQ: Grammar changes +Jay Satiro (5 Apr 2016) +- KNOWN_BUGS: #94 IMAP custom requests use the LIST handler - Closes https://github.com/bagder/curl/pull/533 + Bug: https://github.com/curl/curl/issues/536 + Reported-by: eXeC64@users.noreply.github.com -Daniel Stenberg (17 Nov 2015) -- http2: http_done: don't free already-freed push headers +Daniel Stenberg (5 Apr 2016) +- KNOWN_BUGS: remove 68, 70 and 72. - The push headers are freed after the push callback has been invoked, - meaning this code should only free the headers if the callback was never - invoked and thus the headers weren't freed at that time. + Due to their age (we don't fully know if they actually remain) and lack + of detail - very few people will bother to find out what they're about + or work on them. If people truly still suffer from any of these, I + assume they will be reported again and then we'll deal with them. - Reported-by: Davey Shafik + 72. "Pausing pipeline problems." + https://curl.haxx.se/mail/lib-2009-07/0214.html + + 70. Problem re-using easy handle after call to curl_multi_remove_handle + https://curl.haxx.se/mail/lib-2009-07/0249.html + + 68. "More questions about ares behavior". + https://curl.haxx.se/mail/lib-2009-08/0012.html -- [Anders Bakken brought this change] +- KNOWN_BUGS: remove 92 and 88, fixed - getconnectinfo: Don't call recv(2) if socket == -1 +- http2: fix connection reuse when PING comes after last DATA - Closes #528 - -- CURLMOPT_PUSHFUNCTION.3: *_byname() returns only the first header + It turns out the google GFE HTTP/2 servers send a PING frame immediately + after a stream ends and its last DATA has been received by curl. So if + we don't drain that from the socket, it makes the socket readable in + subsequent checks and libcurl then (wrongly) assumes the connection is + dead when trying to reuse the connection. - ... if there are more than one using the same name + Reported-by: Joonas Kuorilehto + + Discussed in #750 -- http2: minor comment typo +- multi: remove trailing space in debug output -- sasl; fix checksrc warnings +- RELEASE-NOTES: synced with 86e97b642fb -Steve Holme (15 Nov 2015) -- RELEASE-NOTES: Adjusted for the recent OAuth 2.0 activity +- CHECKSRC.md: mention cmdline options, fix the bullet list -- tests: Disabled 889 and 890 until we support POP3 continuation responses +- docs/CHECKSRC.md: initial version + +Steve Holme (3 Apr 2016) +- checksrc.bat: Added support for the examples + +Daniel Stenberg (3 Apr 2016) +- lib/src: fix the checksrc invoke - As POP3 final and continuation responses both begin with a + character, - and both the finalcode and contcode variables in SASLprotoc are set as - such, we cannot tell the difference between them when we are expecting - an optional continuation from the server such as the following: + ... now works correctly when invoke from the root makefile + +- nw: please the stricter checksrc + +Steve Holme (3 Apr 2016) +- checksrc.bat: Re-enabled the tests directory by default - + something else from the server - +OK final response + Following the recent changes to the source in the tests directory, + re-enabled tests for the default scan. + +- checksrc.bat: Added tests/server directory support - Disabled these tests until such a time we can tell the responses apart. + In addition to commit 83b174b3f0 and following the recent changes. -- tests: Corrected typos from commit ba4d8f7eba +- tests: Fixed header files to comply with our code style -- tests: Added OAUTHBEARER failure response tests +Daniel Stenberg (3 Apr 2016) +- make checksrc: run it in docs/examples too by default -- oauth2: Support OAUTHBEARER failures sent as continuation responses - - According to RFC7628 a failure message may be sent by the server in a - base64 encoded JSON string as a continuation response. +- docs/examples: remove spurious white spaces all over - Currently only implemented for OAUTHBEARER and not XAUTH2. + ... to please the new, slightly picker, checksrc.pl -Daniel Stenberg (15 Nov 2015) -- RELEASE-NOTES: synced with 808a17ee675 +- tests: fix make checksrc in servers/ -Steve Holme (14 Nov 2015) -- tests: Renamed existing OAuth 2.0 (XOAUTH) tests +- tests: 'make checksrc' now checks server/ too -- tests: Added OAuth 2.0 (OAUTHBEARER) tests +- root/make: have checksrc run in include/curl too -- oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMP - - OAUTHBEARER is now the official "registered" SASL mechanism name for - OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some - servers won't support the new mechanism yet. +- tests/server: comply with our code style -Daniel Stenberg (13 Nov 2015) -- RELEASE-NOTES: recounted curl_easy_setopt() options +- code: style updates -- typecheck-gcc.h: add missing slist-using options +- checksrc: check for more malplaced spaces + +- unit: make unit test source code checksrc compliant + +- checksrc: run checksrc in tests when 'make checksrc' in root + +- checksrc: remove debug crap + +- lib557: allow too long lines + +- checksrc: allow ignore of specific warnings within a file (section) + +- checksrc: add warning names, explain on help output + +Steve Holme (3 Apr 2016) +- checksrc.bat: Disable tests by default until warnings are fixed + +- checksrc.bat: Added support for the tests directory + +- vauth: Removed the need for a separate GSS-API based SPN function + +- curl_sasl: Fixed potential null pointer utilisation - CURLOPT_RESOLVE and CURLOPT_PROXYHEADER were missing + Although this should never happen due to the relationship between the + 'mech' and 'resp' variables, and the way they are allocated together, + it does cause problems for code analysis tools: - Also sorted the list. + V595 The 'mech' pointer was utilized before it was verified against + nullptr. Check lines: 376, 381. curl_sasl.c 376 + + Bug: https://github.com/curl/curl/issues/745 + Reported-by: Alexis La Goutte -- typecheck-gcc.h: added CURLOPT_CLOSESOCKETDATA +- spnego: Small code tidy up - ... and sorted curl_is_cb_data_option alphabetically + * Prefer dereference of string pointer rather than strlen() + * Free challenge pointer in one place + * Additional comments -Jay Satiro (13 Nov 2015) -- [Sebastian Pohlschmidt brought this change] +- krb5: Small code tidy up + + * Prefer dereference of string pointer rather than strlen() + * Free challenge pointer in one place + * Additional comments - openssl: Free modules on cleanup +- krb5_gssapi: Only process challenge when present - Curl_ossl_init calls OPENSSL_load_builtin_modules() but - Curl_ossl_cleanup doesn't make a call to free these modules. + This wouldn't cause a problem because of the way the function is called, + but prior to this change, we were processing the challenge message when + the credentials were NULL rather than when the challenge message was + populated. - Bug: https://github.com/bagder/curl/issues/526 + This also brings this part of the Kerberos 5 code in line with the + Negotiate code. -Steve Holme (13 Nov 2015) -- symbols-in-versions: Added new CURLOPTTYPE_STRINGPOINT alias +- krb5: Fixed missing client response when mutual authentication enabled - ...following commit aba281e762 to fix test 1119. - -Daniel Stenberg (13 Nov 2015) -- curl: mark two more options strings for --libcurl output + Although mutual authentication is currently turned off and can only be + enabled by changing libcurl source code, authentication using Kerberos + 5 has been broken since commit 79543caf90 in this use case. -- typecheck-gcc.h: add some missing string types +- krb5_sspi: Only process challenge when present - Also sorted that list alphabetically - -- curl.h: introducing the STRINGPOINT alias + This wouldn't cause a problem because of the way the function is called, + but prior to this change, we were processing the challenge message when + the credentials were NULL rather than when the challenge message was + populated. - As an alias for OBJECTPOINT. Provided to allow us to grep for all string - options easier. + This also brings this part of the Kerberos 5 code in line with the + Negotiate code. -- cleanup: general removal of TODO (and similar) comments +- krb5_sspi: Only generate the output token when its not allocated - They tend to never get updated anyway so they're frequently inaccurate - and we never go back to revisit them anyway. We document issues to work - on properly in KNOWN_BUGS and TODO instead. - -- ftplistparser: remove empty function - -- openssl: remove #if check for 0.9.7 for ENGINE_load_private_key - -- openssl: all supported versions have X509_STORE_set_flags + Prior to this change, we were generating the output token when the + credentials were NULL rather than when the output token was NULL. - Simplify by removing #ifdefs and macros - -- openssl: remove 0.9.3 check + This also brings this part of the Kerberos 5 code in line with the + Negotiate code. -- openssl: remove #ifdefs for < 0.9.5 support +- krb5: Only generate a SPN when its not known - We only support >= 0.9.7 - -- lib/vtls/openssl: remove unused traces of yassl ifdefs - -Dan Fandrich (12 Nov 2015) -- [dfandrich brought this change] - - unit1603: Demote hash mismatch failure to a warning + Prior to this change, we were generating the SPN in the SSPI code when + the credentials were NULL and in the GSS-API code when the context was + empty. It is better to decouple the SPN generation from these checks + and only generate it when the SPN itself is NULL. - The hashes can vary between architectures (e.g. Sparc differs from x86_64). - This is not a fatal problem but just reduces the coverage of these white-box - tests, as the assumptions about into which hash bucket each key falls are no - longer valid. - -- [dfandrich brought this change] - - unit1603: Added unit tests for hash functions - -- [dfandrich brought this change] - - unit1602: Fixed failure in torture test + This also brings this part of the Kerberos 5 code in line with the + Negotiate code. -Steve Holme (12 Nov 2015) -- sasl: Re-introduced XOAUTH2 in the default enabled authentication mechanism - - Following the fix in commit d6d58dd558 it is necessary to re-introduce - XOAUTH2 in the default enabled authentication mechanism, which was - removed in commit 7b2012f262, otherwise users will have to specify - AUTH=XOAUTH2 in the URL. +Daniel Stenberg (3 Apr 2016) +- tests/libtest: follow our code style guidelines better - Note: OAuth 2.0 will only be used when the bearer is specified. + ... checksrc of all test code is pending. -- [Stefan Bühler brought this change] - - sasl_sspi: fix identity memory leak in digest authentication +- checksrc.whitelist: remove fopen() uses -- [Stefan Bühler brought this change] +- formdata: use appropriate fopen() macros - sasl_sspi: fixed unicode build for digest authentication +- checksrc: improve the fopen() parser somewhat - Closes #525 - -- oauth2: Re-factored OAuth 2.0 state variable + The quote scanner was too fragile, now look for a comma instead to find + the mode argument. -- sasl: Don't choose OAuth 2.0 if mechanism not advertised +- unit1604: fix snprintf - Regression from commit 9e8ced9890 which meant if --oauth2-bearer was - specified but the SASL mechanism wasn't supported by the server then - the mechanism would be chosen. - -Daniel Stenberg (12 Nov 2015) -- runtests: more compact "System characteristics" output + follow-up to 0326b06 - - no point in repeating curl features that is already listed as features - from the curl -V output + sizeof(pointer) is no good for the buffer size! - - remove the port numbers/unix domain path from the output unless - verbose is used, as that is rarely interesting to users. - -- runtests: rename conditional curl-features to $has_[name] + Reported-by: Viktor Szakats -Steve Holme (11 Nov 2015) -- oauth2: Introduced support for host and port details +Steve Holme (3 Apr 2016) +- unittests: Fixed compilation warnings - Added support to the OAuth 2.0 message function for host and port, in - order to accommodate the official OAUTHBEARER SASL mechanism which is - to be added shortly. - -- curl_setup.h: Removed duplicate CURL_DISABLE_RTSP when HTTP_ONLY defined - -- cmake: Add missing feature macros in config header (Part 2) + warning: implicit declaration of function 'sprintf_was_used' + [-Wimplicit-function-declaration] - In addition to commit a215381c94 added the RTSP, RTMP and SMB protocols. + Follow up to the modications made to tests/libtest in commit 55452ebdff + as we prefer not to use sprintf() now. -Daniel Stenberg (10 Nov 2015) -- [Douglas Creager brought this change] - - cmake: Add missing feature macros in config header - - The curl_config.h file can be generated either from curl_config.h.cmake - or curl_config.h.in, depending on whether you're building using CMake or - the autotools. The CMake template header doesn't include entries for - all of the protocols that you can disable, which (I think) means that - you can't actually disable those protocols when building via CMake. +Daniel Stenberg (2 Apr 2016) +- curl.1: -w filename_effective was introduced in 7.26.0 - Closes #523 + We never made a 7.25.1 release -- [Douglas Creager brought this change] +- 7.49.0: next release version - BoringSSL: Work with stricter BIO_get_mem_data() +- http2: make use of the nghttp2 error callback - BoringSSL implements `BIO_get_mem_data` as a function, instead of a - macro, and expects the output pointer to be a `char **`. We have to add - an explicit cast to grab the pointer as a `const char **`. + It offers extra info from nghttp2 in certain error cases. Like for + example when trying prior-knowledge http2 on a server that doesn't speak + http2 at all. The error message is passed on as a verbose message to + libcurl. - Closes #524 - -- http2: rectify the http2 version #if check + Discussed in #722 - We need 1.0.0 or later. Also verified by configure. - -Steve Holme (9 Nov 2015) -- oauth2: Don't use XAUTH2 in OAuth 2.0 function name - -- oauth2: Don't use XOAUTH2 in OAuth 2.0 variables + The error callback was added in nghttp2 1.9.0 -- oauth2: Use OAuth 2.0 rather than XOAUTH2 in comments +Steve Holme (2 Apr 2016) +- spnego: Renamed the context's SPN variable - When referring to OAuth 2.0 we should use the official name rather the - SASL mechanism name. + To be consistent with the Kerberos 5 context and other authentication + code. -Daniel Stenberg (9 Nov 2015) -- imap: avoid freeing constant string +- krb5_gssapi: Renamed the status variables - The fix in 1a614c6c3 was wrong and would leed to free() of a fixed - string. - - Pointed-out-by: Kamil Dudka - -- ROADMAP: remove two items already done + For consistency with the spnego code. -- RELEASE-NOTES: synced with 2200bf62054 - -Jay Satiro (9 Nov 2015) -- acinclude: Remove check for 16-bit curl_off_t +- krb5: Moved host from Curl_auth_create_gssapi_user_message() to be argument - Because it's illogical to check for a 16-bit curl_off_t. + For consistency with the spnego and oauth2 code moved the setting of + the host name outside of the Curl_auth_create_gssapi_user_messag() + function. - Ref: https://github.com/bagder/curl/issues/425#issuecomment-154964205 - -Dan Fandrich (8 Nov 2015) -- tool: Fixed a memory leak on OOM introduced in 19cb0c4a + This will allow us to more easily override it in the future. -Steve Holme (8 Nov 2015) -- [Justin Ehlert brought this change] +- test1119: Fixed missing CURL_DID_MEMORY_FUNC_TYPEDEFS symbol - imap: Don't check for continuation when executing a CUSTOMREQUEST +- RELEASE-NOTES: Removed "http_negotiate: Corrected host and proxy host name" - Bug: https://github.com/bagder/curl/issues/486 - Closes https://github.com/bagder/curl/pull/487 + As this was introduced in the recent vauth changes and not a prior + release. -Daniel Stenberg (7 Nov 2015) -- imap: checksrc: remove space after while before paren +Daniel Stenberg (1 Apr 2016) +- RELEASE-NOTES: synced with 0aa8da10bbdafa -- checksrc.whitelist: "missing space after close paren" +Steve Holme (1 Apr 2016) +- http_negotiate: Corrected host and proxy host name being wrong way round - ... when it was within a string! - -Steve Holme (7 Nov 2015) -- opts: Corrected TLS protocols list to include POP3S rather than POP3 + I had accidentally used the proxy server name for the host and the host + server name for the proxy in commit ad5e9bfd5d and 6d6f9ca1d9. Whilst + Windows SSPI was quite happy with this, GSS-API wasn't. + + Thanks-to: Michael Osipov -- imap: Quote other 'atom-specials' and not just the space character +- build: Changed the Visual Studio projects warning level from 3 to 4 - Closes #517 + After squashing most of our compiler warnings, up'ed the default + warning level from 3 to 4 in order to increase the likelyhood of + catching future warnings. -- imap: Fixed double quote in LIST command when mailbox contains spaces +Daniel Stenberg (1 Apr 2016) +- [ehlertjd@gmail.com brought this change] -Daniel Stenberg (6 Nov 2015) -- imap: fix compiler warning + IMAP: check pointer before dereferencing it - imap.c:657:13: error: assignment discards 'const' qualifier from pointer - target type [-Werror=discarded-qualifiers] + may be null in the CURLOPT_CONNECT_ONLY case + + Fixes #747 -Steve Holme (6 Nov 2015) -- imap: Don't call imap_atom() when no mailbox specified in LIST command +Steve Holme (1 Apr 2016) +- .gitignore: Added new VC14 SQLite based program database files -Daniel Stenberg (6 Nov 2015) -- curl.1: remove the overlap --range example +- curl_memory.h: Fixed typo in comment - ... it is just weird to include by default even if it still works. + From commit 7218b52c49. -- tftp tests: verify sent options too +- spnego: Corrected some typos in comments - The tftpd test server now logs all received options and thus all TFTP - test cases need to match them exactly. + Corrected typos from commit ad5e9bfd5d and 6d6f9ca1d9. + +- memdebug: Ensure curl/curl.h is included before curl_memory.h - Extended test 283 to use and verify --tftp-blksize. + Follow up to commit 7db9782dd6. -Jay Satiro (6 Nov 2015) -- getinfo: CURLINFO_ACTIVESOCKET: fix bad socket value +Daniel Stenberg (1 Apr 2016) +- upload: missing rewind call could make libcurl hang - - Set user info param to the socket returned by Curl_getconnectinfo, - regardless of if the socket is bad. Effectively this means the user info - param now will receive CURL_SOCKET_BAD instead of -1 on bad socket. + When an upload is done, there are two places where that can be detected + and only one of them would rewind the input stream - which sometimes is + necessary for example when doing NTLM HTTP POSTs and more. - - Remove incorrect comments. + This could then end up libcurl hanging. - CURLINFO_ACTIVESOCKET is documented to write CURL_SOCKET_BAD to user - info param but prior to this change it wrote -1. + Figured-out-by: Isaac Boukris + Reported-by: Anatol Belski - Bug: https://github.com/bagder/curl/pull/518 - Reported-by: Marcel Raad + Fixes #741 -Patrick Monnerat (5 Nov 2015) -- curl_ntlm_core: fix 2 curl_off_t constant overflows. - -- os400: adjust specific code to support new options. - -Daniel Stenberg (2 Nov 2015) -- [Lauri Kasanen brought this change] - - rawstr: Speed up Curl_raw_toupper by 40% +- curl.h: define CURL_DID_MEMORY_FUNC_TYPEDEFS - Rationale: when starting up a curl-using app, all cookies from the jar - are checked against each other. This was causing a startup delay in the - Fifth browser. + So that we only do the extra typedefs in curl_memory.h when we really + need to and avoid double typedefs. - All tests pass. + follow-up commit to 7218b52c49aeb1 - Signed-off-by: Lauri Kasanen + Thanks-to: Steve Holme -- http redirects: %-encode bytes outside of ascii range +- curl/mprintf.h: remove support for _MPRINTF_REPLACE - Apparently there are sites out there that do redirects to URLs they - provide in plain UTF-8 or similar. Browsers and wget %-encode such - headers when doing a subsequent request. Now libcurl does too. + The define is not in our name space and is therefore not protected by + our API promises. - Added test 1138 to verify. + It was only really used by libcurl internals but was mostly erased from + there already in 8aabbf5 (March 2015). This is supposedly the final + death blow to that define from everywhere. - Closes #473 - -- RELEASE-NOTES: synced with cba5bc585410 - -- symbols-in-version: add all CURL_HTTPPOST_* symbols - -- formadd: support >2GB files on windows + As a side-effect, making sure _MPRINTF_REPLACE is gone and not used, I + made the lib tests in tests/libtest/ use curl_printf.h for its redefine + magic and then subsequently the use of sprintf() got banned in the tests + as well (as it is in libcurl internals) and I then replaced them all + with snprintf(). - Closes #425 + In the unlikely event that any users is actually using this define and + gets sad by this change, it is very easily copied to the user's own + code. -- curl.h: s/HTTPPOST_/CURL_HTTPOST_ +- curl_memory.h: avoid the curl/curl.h include - Fixes a name space pollution at the cost of programs using one of these - defines will no longer compile. However, the vast majority of libcurl - programs that do multipart formposts use curl_formadd() to build this - list. - - Closes #506 + Discussed in #743 -- mbedtls: fix "Structurally dead code" +Steve Holme (1 Apr 2016) +- url: Corrected get protocol family for FTP and LDAP - CID 1332129 + Fixed copy/paste error from commit a5aec58726. -- mbedtls: fix "Logically dead code" +Jay Satiro (31 Mar 2016) +- strerror: don't bit shift a signed integer - CID 1332128 + Bug: https://github.com/curl/curl/issues/744 + Reported-by: Alexis La Goutte -- Revert "openssl: engine: remove double-free" - - This reverts commit 370ee919b37cc9a46c36428b2bb1527eae5db2bd. - - Issue #509 has all the details but it was confirmed that the crash was - not due to this, so the previous commit was wrong. +Daniel Stenberg (31 Mar 2016) +- http2: more documentation for prior knowledge -- curl.1: -E: s/private certificate/client certificate - - ... as the certificate is strictly speaking not private. - - Reported-by: John Levon +- [Diego Bes brought this change] -- openssl: engine: remove double-free + http2: support "prior knowledge", no upgrade from HTTP/1.1 - After a successful call to SSL_CTX_use_PrivateKey(), we must not call - EVP_PKEY_free() on the key. + Supports HTTP/2 over clear TCP - Reported-by: nased0 - Closes #509 - -Jay Satiro (27 Oct 2015) -- socks: Fix incorrect port numbers in failed connect messages - -Daniel Stenberg (26 Oct 2015) -- DISTRO-DILEMMA: removed + - Optimize switching to HTTP/2 by removing calls to init and setup + before switching. Switching will eventually call setup and setup calls + init. - Out of date and not kept accurate. It was sort of a problem of the past - anyway. - -- [xiangbin li brought this change] - - MacOSX-Framework: sdk regex fix for sdk 10.10 and later + - Supports new version to “force†the use of HTTP/2 over clean TCP - closes #507 + - Add common line parameter “--http2-prior-knowledge†to the Curl + command line tool. -Jay Satiro (24 Oct 2015) -- build: Fix support for PKG_CONFIG - - - Allow the user to use PKG_CONFIG but not PKGCONFIG. +- imap: remove duplicated function - Background: + The list and search response functions were identical! Merged into one + now. Detected by PVS Studio. - Last week in 14d5a86 a change was made to allow the user to set the - PKGCONFIG variable. Today in 72d99f2 I supplemented that to allow the - more common PKG_CONFIG as an alternative if PKGCONFIG is not set. - - Neither of those changes worked as expected because PKGCONFIG is - occasionally reset in configure and by the CURL_CHECK_PKGCONFIG macro. - Instead in this commit I take the approach that the user may set - PKG_CONFIG only. + Reported-by: Alexis La Goutte -- build: Fix mingw ssl gdi32 order - - - If mingw ssl make sure -lgdi32 comes after ssl libs +- SOCKS5_gssapi_negotiate: don't assume little-endian ints - - Allow PKG_CONFIG to set pkg-config location and options + The code copied one byte from a 32bit integer, which works fine as long + as the byte order is the same. Not a fine assumption. Reported by PVS + Studio. - Bug: https://github.com/bagder/curl/pull/501 - Reported-by: Kang Lin + Reported-by: Alexis La Goutte -Daniel Stenberg (23 Oct 2015) -- RELEASE-NOTES: synced with 03b6e078163f +- http: remove ((expression)) double parentheses -- polarssl/mbedtls: fix name space pollution +- Curl_add_buffer_send: avoid possible NULL dereference - Global private symbols MUST start with Curl_! - -- [Dmitry S. Baikov brought this change] - - mbedTLS: THREADING_SUPPORT compilation fix + ... as we check for a NULL pointer below, we move the derefence to after + the check. Detected by PVS Studio. - Closes #505 + Reported-by: Alexis La Goutte -- test1137: verify --ignore-content-length for FTP - -- curl.1: --ignore-content-length now works for FTP too +- file: remove duplicate checks of the same variable + + ... as it doesn't change in between. Deteced by PVS Studio. + + Reported-by: Alexis La Goutte -- [Kurt Fankhauser brought this change] +Steve Holme (30 Mar 2016) +- [Marcel Raad brought this change] - ftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size + openssl: Fix compilation warnings - This allows FTP transfers with growing (or shrinking) files without - causing a transfer error. + When compiling with OpenSSL 1.1.0 (so that the HAVE_X509_GET0_SIGNATURE + && HAVE_X509_GET0_EXTENSIONS pre-processor block is active), Visual C++ + 14 complains: - Closes #480 + warning C4701: potentially uninitialized local variable 'palg' used + warning C4701: potentially uninitialized local variable 'psig' used -- CURLOPT_STREAM_WEIGHT.3: call argument 'weight' too +Daniel Stenberg (30 Mar 2016) +- multi: turn Curl_done into file local multi_done - ... and add a little example of what the weight actually means. "Relative - proportion of bandwidth". + ... as it now is used by multi.c only. -- http2: add stream options to dist and curl_easy_setopt.3 - -- http2: s/priority/weight +- multi: multi_reconnect_request is the former Curl_reconnect_request + + now a file local function in multi.c -- http2: on_frame_recv: trust the conn/data input +- multi: move Curl_do and Curl_do_done to multi.c and make static - Removed wrong assert()s + ... called multi_do and multi_do_done as they're file local now. + +Jay Satiro (29 Mar 2016) +- wolfssl: Use ECC supported curves extension - The 'conn' passed in as userdata can be used and there can be other - sessionhandles ('data') than the single one this checked for. + https://github.com/wolfSSL/wolfssl/issues/366 -- http2: added three stream prio/deps options +- build-wolfssl: Allow a broader range of ciphers (Visual Studio) - CURLOPT_STREAM_DEPENDS + This is an update to the build-time options used to build wolfSSL in + Visual Studio for greater compatibility, and make it behave similar to + the way OpenSSL 1.0.2 behaves. Starting in wolfSSL v3.6.6 static ciphers + and SSLv3 are disabled by default at build time, but we can use both. - CURLOPT_STREAM_DEPENDS_E + - Enable static cipher suites TLS_ECDH_ and TLS_RSA_. - CURLOPT_STREAM_PRIORITY - -- RELEASE-NOTES: synced with ace68fdc0cfed83d + - Enable SSLv3 hello. Though in libcurl we disable it by default at + runtime, we make it available so the user can manually select it if + necessary. -- [m-gardet brought this change] +Daniel Stenberg (29 Mar 2016) +- [Isaac Boukris brought this change] - mbedtls:new profile with RSA min key len = 1024. + GSS: make Curl_gss_log_error more verbose - Closes #502 - -- checksrc: add crude // detection - -Jay Satiro (21 Oct 2015) -- [Gisle Vanem brought this change] - - build: fix for MSDOS/djgpp + Also display the GSS_C_GSS_CODE (major code) when specified instead of + only GSS_C_MECH_CODE (minor code). - - Add a VPATH-statement for the vtls/*.c files. + In addition, the old code was printing a colon twice after the prefix + and also miscalculated the length of the buffer in between calls to + gss_display_status (the length of ": " was missing). - - Due to 'vtls/*.c', remove that subdir part from $(OBJECTS). - -Daniel Stenberg (20 Oct 2015) -- copyrights: update Gisle Vanem's email - -- vtls: fix compiler warning for TLS backends without sha256 + Also, gss_buffer is not guaranteed to be NULL terminated and thus need + to restrict reading by its length. - ... noticed with mbedTLS. - -- [Jonas Minnberg brought this change] + Closes #738 - vtls: added support for mbedTLS +- build: use roffit 0.11 feature - closes #496 + ... load file specified as argument. -Jay Satiro (19 Oct 2015) -- [Javier G. Sogo brought this change] - - cmake: Fix for add_subdirectory(curl) use-case - - - Use CURL_BINARY_DIR instead of CMAKE_BINARY_DIR. +- http2: set correct scheme in handler structs [regression] - When including CURL using add_subdirectory the variables - CMAKE_BINARY_DIR and CURL_BINARY_DIR hold different paths. + Since commit a5aec58 the handler schemes need to match for the + connections to be reused and for HTTP/2 multiplexing to work, reusing + connections is very important! - Closes https://github.com/bagder/curl/pull/488 - Closes https://github.com/bagder/curl/pull/498 + Closes #736 -Daniel Stenberg (18 Oct 2015) -- RELEASE-NOTES: synced with 4c773bcb474e +- hostip.c: minor white space edit for style + +- [Viktor Szakats brought this change] -- tests/FILEFORMAT: mention PSL as a valid feture to check for + TODO: use secure protocol in recently added URL - For example in test 1136 + Closes #733 -- teste1136: only run when PSL is enabled +- HTTP2.md: mention libressl and boringssl too -- curl: slist_wc: remove curl_memory.h inclusion - - ... that's for the library only. +- docs/HTTP-COOKIES: converted to markdown -- configure: add PSL to the list of features - - ... to make test 1014 work again after e77b5b7453. +- HTTP2: s/polarssl/mbedtls -- [Daniel Hwang brought this change] +Jay Satiro (28 Mar 2016) +- wolfssl: Add ALPN support - tool: Generate easysrc with last cache linked-list +- tool_operate: remove mixed declaration - Using a last cache linked-list improves the performance of easysrc - generation. - - Bug: https://github.com/bagder/curl/issues/444 - Ref: https://github.com/bagder/curl/issues/429 + This is a follow up to the previous commit. + +Daniel Stenberg (28 Mar 2016) +- curl: warn for --capath use if not supported by libcurl - Closes #452 + Closes #492 -- [Tim Rühsen brought this change] +- TODO: 2.5 Edge-triggered sockets should work - cookies: Add support for Mozilla's Publix Suffix List +- Makefile.am: skip the scripts dir - Use libpsl to check the domain value of Set-Cookie headers (and cookie - jar entries) for not being a Publix Suffix. + Skipping the scripts dir is primarily done for 'make install' so that it + does not attempt to install the zsh completion script as we've not yet + found a proper way to do/run that at install time. - The configure script checks for "libpsl" by default. Disable the check - with --without-libpsl. + By leaving the script dir's Makefile in place, a user can still opt to + run make install manually in there. - Ref: https://publicsuffix.org/ - Ref: https://github.com/publicsuffix/list - Ref: https://github.com/rockdaboot/libpsl - -- [Richard Hosking brought this change] + Closes #620 - curlbuild.h: Fix non-configure compiling to mips and sh4 targets - -- [Anders Bakken brought this change] +- CURLMOPT_SOCKETFUNCTION.3: describe the 'what' argument - http2: Don't pass unitialized name+len pairs to nghttp2_submit_request +- curl_multi_socket_action.3: mark the options properly - bug introduced by 18691642931e5c7ac8af83ac3a84fbcb36000f96. - - Closes #493 + ... to make them appear as links on the html version. -Dan Fandrich (16 Oct 2015) -- test1601: fix compilation with --enable-debug and --disable-crypto-auth +Steve Holme (27 Mar 2016) +- RELEASE-NOTES: Synced with f0bdd72c10 -Daniel Stenberg (16 Oct 2015) -- multi: fix off-by-one finit[] array size +- http_ntlm: Renamed from curl_ntlm.[c|h] - introduced in c6aedf680f6. It needs to be CURLM_STATE_LAST big since it - must hande the range 0 .. CURLM_STATE_MSGSENT (18) and CURLM_STATE_LAST - is 19 right now. + Renamed the header and source files for this module as they are HTTP + specific and as such, they should use the naming convention as other + HTTP authentication source files do - this revert commit 260ee6b7bf. - Reported-by: Dan Fandrich - Bug: http://curl.haxx.se/mail/lib-2015-10/0069.html + Note: We could also rename curl_ntlm_wb.[c|h], however, the Winbind + code needs separating from the HTTP protocol and migrating into the + vauth directory, thus adding support for Winbind to the SASL based + protocols such as IMAP, POP3 and SMTP. -- fread_func: move callback pointer from set to state struct - - ... and assign it from the set.fread_func_set pointer in the - Curl_init_CONNECT function. This A) avoids that we have code that - assigns fields in the 'set' struct (which we always knew was bad) and - more importantly B) it makes it impossibly to accidentally leave the - wrong value for when the handle is re-used etc. - - Introducing a state-init functionality in multi.c, so that we can set a - specific function to get called when we enter a state. The - Curl_init_CONNECT is thus called when switching to the CONNECT state. - - Bug: https://github.com/bagder/curl/issues/346 +Daniel Stenberg (27 Mar 2016) +- [marquis-de-muesli brought this change] + + docs: curlinfo_filetime sftp support, new curlopt_quote "statvfs" - Closes #346 + Closes #677 -Dan Fandrich (14 Oct 2015) -- test1531: case the size to fix the test on non-largefile builds +- [marquis-de-muesli brought this change] -Daniel Stenberg (13 Oct 2015) -- acinclude: remove PKGCONFIG override - - ... and allow it to get set by a caller easier. + SSH: new CURLOPT_QUOTE command "statvfs" - Reported-by: Rainer Jung - Bug: http://curl.haxx.se/mail/lib-2015-10/0035.html + usage: "statvfs path" + returns remote file system statistics -Dan Fandrich (12 Oct 2015) -- docs/INSTALL: Updated example minimal binary sizes +- [marquis-de-muesli brought this change] -Daniel Stenberg (11 Oct 2015) -- [Erik Johansson brought this change] + SSH: support CURLINFO_FILETIME - openssl: Fix set up of pkcs12 certificate verification chain - - sk_X509_pop will decrease the size of the stack which means that the loop would - end after having added only half of the certificates. - - Also make sure that the X509 certificate is freed in case - SSL_CTX_add_extra_chain_cert fails. +- [Karlson2k brought this change] -- ntlm: error out without 64bit support as the code needs it + sshserver.pl: use quotes for given options - It makes it a clearer message for developers reaching that point without - the necessary support. + Fixed failed redirection of stderr with some options. At least on Msys2, + perl fails to redirect stderr if $value contains newline or other weird + characters. + +Jay Satiro (26 Mar 2016) +- url: don't use bad offset in tld_check_name to show error - Thanks-by: Jay Satiro + libidn's tld_check_lz returns an error offset of the first character + that it failed to process, however that offset is not a byte offset and + may not even be in the locale encoding therefore we can't use it to show + the user the character that failed to process. - Closes #78 + Bug: https://github.com/curl/curl/issues/731 + Reported-by: Karlson2k -- curl_global_init: set the memory function pointers correct +Steve Holme (26 Mar 2016) +- http_negotiate: Combine GSS-API and SSPI source files - follow-up from 6f8ecea0 + As the GSS-API and SSPI based source files are no longer library/API + specific, following the extraction of that authentication code to the + vauth directory, combine these files rather than maintain two separate + versions. -- curl_global_init_mem: set function pointers before doing init +- vauth: Moved the Negotiate authentication code to the new vauth directory - ... as in the polarssl TLS backend for example it uses memory functions. + Part 2 of 2 - Moved the GSS-API based Negotiate authentication code. -Jay Satiro (9 Oct 2015) -- http2: Fix http2_recv to return -1 if recv returned -1 +- vauth: Moved the Negotiate authentication code to the new vauth directory - If the underlying recv called by http2_recv returns -1 then that is the - value http2_recv returns to the caller. - -Daniel Stenberg (8 Oct 2015) -- [Svyatoslav Mishyn brought this change] + Part 1 of 2 - Moved the SSPI based Negotiate authentication code. - curl_easy_recv.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET +- warnless.h: Removed spurious character from commit 696bc6b9c9 - Closes #479 + Not picked up by checksrc or Visual Studio but my own code review, this + would haven broken Intel based Unix builds - Perhaps I should learn to + type on my laptop's keyboard before committing! -- [Svyatoslav Mishyn brought this change] - - curl_easy_send.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET - -- [Svyatoslav Mishyn brought this change] +- schannel: Fixed compilation warning from commit f8d88a4913 + + warning C4244: '=': conversion from 'int' to 'unsigned short', possible + loss of data - CURLOPT_CONNECT_ONLY.3: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET +- warnless?: Added some integer based conversion functions -- CURLOPT_CERTINFO.3: fix reference to CURLINFO_CERTINFO +Daniel Stenberg (25 Mar 2016) +- [Dusty Mabe brought this change] -- ntlm: get rid of unconditional use of long long - - ... since some compilers don't have it and instead use other types, such - as __int64. + docs/TODO: Add feature request for metalink in HTTP headers - Reported by: gkinseyhpw - Closes #478 + Closes #729 + Closes #728 -Jay Satiro (8 Oct 2015) -- [Anders Bakken brought this change] +Steve Holme (25 Mar 2016) +- build: Corrected typos from commit 70e56939aa - des: Fix header conditional for Curl_des_set_odd_parity +- vauth: Refactored function names after move to new vauth directory - Follow up to 613e502. + Renamed all the SASL functions that moved to the new vauth directory to + include the correct module name. -Daniel Stenberg (7 Oct 2015) -- configure: build silently by default +- vauth: Updated the copyright year after recent changes - 'make V=1' will make the build verbose like before + As most of this work was performed in 2015 but not pushed until 2016 + updated the copyright year to reflect the public facing changes. -- bump: start climbing toward 7.46.0 +- vauth: Moved the OAuth 2.0 authentication code to the new vauth directory -- RELEASE-PROCEDURE: add the github HTTPS download step +- vauth: Moved the NTLM authentication code to the new vauth directory -Version 7.45.0 (7 Oct 2015) +- vauth: Moved the Kerberos V5 authentication code to the new vauth directory -Daniel Stenberg (7 Oct 2015) -- THANKS: 19 new contributors from the 7.45.0 announcement +- digest.c: Fixed checksrc warnings -- RELEASE-NOTES: synced with 69ea57970080 +- vauth: Moved the DIGEST authentication code to the new vauth directory -Jay Satiro (4 Oct 2015) -- getinfo: Fix return code for unknown CURLINFO options - - - If a CURLINFO option is unknown return CURLE_UNKNOWN_OPTION. - - Prior to this change CURLE_BAD_FUNCTION_ARGUMENT was returned on - unknown. That return value is contradicted by the CURLINFO option - documentation which specifies a return of CURLE_UNKNOWN_OPTION on - unknown. +- vauth: Moved the CRAM-MD5 authentication code to the new vauth directory -- [rouzier brought this change] +- vauth: Moved the ClearText authentication code to the new vauth directory - hiperfifo: fix the pointer passed to WRITEDATA - - Closes https://github.com/bagder/curl/pull/471 +- vauth: Moved Curl_sasl_build_spn() to create the initial vauth source files -- [Maksim Stsepanenka brought this change] +- checksrc.bat: Added support for checking the new vauth directory - tool_setopt: fix c_escape truncated octal +- build: Updated all makefiles and project files for the new vauth directory - Closes https://github.com/bagder/curl/pull/469 + Updated the makefiles and Visual Studio project files to support moving + the authentication code to the new lib/vauth directory that was started + in commit 0d04e859e1. -Daniel Stenberg (1 Oct 2015) -- [Orange Tsai brought this change] +Daniel Stenberg (24 Mar 2016) +- [JDepooter brought this change] - gopher: don't send NUL byte + schannel: Add ALPN support - Closes #466 - -Jay Satiro (29 Sep 2015) -- runtests: Fix pid check in checkdied + Add ALPN support for schannel. This allows cURL to negotiate + HTTP/2.0 connections when built with schannel. - Because the 'not' operator has a very low precedence and as a result the - entire statement was erroneously negated and could never be true. - -Daniel Stenberg (30 Sep 2015) -- [Thorsten Schöning brought this change] - - win32: make recent Borland compilers use long long - -- RELEASE-NOTES: synced with 69b89050d4 + Closes #724 -Jay Satiro (28 Sep 2015) -- [Michael Kalinin brought this change] +Steve Holme (24 Mar 2016) +- http: Minor update based on CODE_STYLE guidelines - openssl: Fix algorithm init - - - Change algorithm init to happen after OpenSSL config load. +Daniel Stenberg (23 Mar 2016) +- multi: fix "Operation timed out after" timer - Additional algorithms may be available due to the user's config so we - initialize the algorithms after the user's config is loaded. + Use the local, reasonably updated, 'now' value when creating the message + string to output for the timeout condition. - Bug: https://github.com/bagder/curl/issues/447 - Reported-by: Denis Feklushkin + Fixes #619 -- [Svyatoslav Mishyn brought this change] - - docs: fix unescaped '\n' in man pages +- openssl: boringssl provides the same numbering as openssl - Closes https://github.com/bagder/curl/pull/459 - -Daniel Stenberg (27 Sep 2015) -- http2: set TCP_NODELAY unconditionally + ... so we don't need extra boringssl precautions for for + HAVE_ERR_REMOVE_THREAD_STATE_NOARG. - For a single-stream download from localhost, we managed to increase - transfer speed from 1.6MB/sec to around 400MB/sec, mostly because of - this single fix. + Pointed-out-by: David Benjamin -- http2: avoid superfluous Curl_expire() calls +- openssl: fix ERR_remove_thread_state() for boringssl/libressl - ... only call it when there is data arriving for another handle than the - one that is currently driving it. + The removed arg is only done in OpenSSL - Improves single-stream download performance quite a lot. - - Thanks-to: Tatsuhiro Tsujikawa - Bug: http://curl.haxx.se/mail/lib-2015-09/0097.html - -- readwrite_data: set a max number of loops - - ... as otherwise a really fast pipe can "lock" one transfer for some - protocols, like with HTTP/2. + Bug: https://twitter.com/xtraemeat/status/712564874098917376 -- [Sergei Nikulov brought this change] +- bump: work on 7.48.1 - CI: Added AppVeyor-CI for curl +- RELEASE-PROCEDURE: mention the github release tag edit - Closes #439 + ... and update the coming release dates a bit -- FTP: fix uploading ASCII with unknown size +Steve Holme (23 Mar 2016) +- checksrc.bat: Updated the help to be consistent with generate.bat - ... don't try to increase the supposed file size on newlines if we don't - know what file size it is! - - Patch-by: lzsiga + Follow up to commit a8c7f0fcbf prior to release. -- [Tatsuhiro Tsujikawa brought this change] +Version 7.48.0 (23 Mar 2016) - build: fix failures with -Wcast-align and -Werror - - Closes #457 +Daniel Stenberg (23 Mar 2016) +- RELEASE-NOTES: curl 7.48.0 -- [Tatsuhiro Tsujikawa brought this change] +- THANKS: 15 new contributors from 7.48.0 release - curl-confopts.m4: Add missing ')' - - ... for CURL_CHECK_OPTION_RT +Jay Satiro (23 Mar 2016) +- CURLINFO_TLS_SSL_PTR.3: Warn about limitations - Closes #456 - -Jay Satiro (25 Sep 2015) -- curl_easy_getinfo.3: Add brief description for each CURLINFO - -Daniel Stenberg (23 Sep 2015) -- [Jakub Zakrzewski brought this change] + Bug: https://github.com/curl/curl/issues/685 - CMake: Ensure discovered include dirs are considered +Daniel Stenberg (22 Mar 2016) +- Revert "sshserver: remove use of AuthorizedKeysFile2" - ...during header checks. Otherwise some following header tests - (incorrectly) fail. + It seems we may have some autobuild problems after this commit went + in. Trying to see if a revert helps to get them back. - Closes #436 - -- [Jakub Zakrzewski brought this change] + This reverts commit 2716350d1f3edc8e929f6ceeee05051090f6d642. - CMake: Put "winsock2.h" before "windows.h" during configure checks +- maketgz: add -j to make dist - "windows.h" includes "winsock.h" what causes many redefinition errors - if "winsock2.h" is included afterwards and can cause build to fail. + ... makes it a lot faster -- tests: disable 1510 due to CI-problems on github +- libcurl-thread.3: minor nroff format fix -- [Mike Crowe brought this change] +- CURLINFO_TLS_SSL_PTR.3: minor nroff format fix - gnutls: Report actual GnuTLS error message for certificate errors - - If GnuTLS fails to read the certificate then include whatever reason it - provides in the failure message reported to the client. +- CODE_STYLE: indend example code - Signed-off-by: Mike Crowe - -- RELEASE-NOTES: synced with 6b56901b56e - -- [Mike Crowe brought this change] + ... to make it look nicer in markdown outputa - gnutls: Support CURLOPT_KEYPASSWD - - The gnutls vtls back-end was previously ignoring any password set via - CURLOPT_KEYPASSWD. Presumably this was because - gnutls_certificate_set_x509_key_file did not support encrypted keys. +Jay Satiro (22 Mar 2016) +- build-wolfssl: Update VS properties for wolfSSL v3.9.0 - gnutls now has a gnutls_certificate_set_x509_key_file2 function that - does support encrypted keys. Let's determine at compile time whether the - available gnutls supports this new function. If it does then use it to - pass the password. If it does not then emit a helpful diagnostic if a - password is set. This is preferable to the previous behaviour of just - failing to read the certificate without giving a reason in that case. + - Do not use wolfSSL's sample user-setting files. - Signed-off-by: Mike Crowe - -- CURLINFO_TLS_SESSION: always return backend info + wolfSSL starting in v3.9.0 has added their own sample user settings that + are applied by default, but we don't use them because we have our own + settings. - ... even for those that don't support providing anything in the - 'internals' struct member since it offers a convenient way for - applications to figure this out. - -- [Daniel Hwang brought this change] - - tool: remove redundant libcurl check + - Do not use wolfSSL's Visual Studio Unicode character setting. - The easysrc generation is run only when --libcurl is initialized. + wolfSSL Visual Studio projects use the Unicode character set however our + settings and options imitate mingw build which does not use the Unicode + character set. This does not appear to have any effect at the moment but + better safe than sorry. - Ref: https://github.com/bagder/curl/issues/429 - Closes #448 - -- [Richard van den Berg brought this change] + These changes are backwards compatible with earlier versions. - CURLOPT_PROXY.3: A proxy given as env variable gets no special treatment +Steve Holme (22 Mar 2016) +- hostip6: Fixed compilation warnings when verbose strings disabled - Closes #449 - -- TODO: 5.7 More compressions + warning C4189: 'data': local variable is initialized but not referenced - Like for example brotli, as being implemented in Firefox now. + ...and some minor formatting/spacing changes. -Jay Satiro (21 Sep 2015) -- tool_operate: Don't call easysrc cleanup unless --libcurl - - - Review of 4d95491. - - The author changed it so easysrc only initializes when --libcurl but did - not do the same for the call to easysrc cleanup. +Daniel Stenberg (21 Mar 2016) +- sshserver: remove use of AuthorizedKeysFile2 - Ref: https://github.com/bagder/curl/issues/429 - -Daniel Stenberg (20 Sep 2015) -- [Viktor Szakats brought this change] - - CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com + Support for the (undocumented) AuthorizedKeysFile2 was removed in + OpenSSH 5.9, released in September 2011 - closes #443 + Closes #715 -- KNOWN_BUGS: 91 "curl_easy_perform hangs with imap and PolarSSL" +Steve Holme (20 Mar 2016) +- connect/ntlm/http: Fixed compilation warnings when verbose strings disabled - Closes #334 - -- KNOWN_BUGS: add link to #85 + warning C4189: 'data': local variable is initialized but not referenced -- tests: disable 1801 until fixed - - It is unreliable and causes CI problems on github +- openssl: Fixed compilation warning when /Wall enabled - Closes #380 - -- RELEASE-NOTES: synced with 4d95491636ee - -- [Daniel Lee Hwang brought this change] + warning C4706: assignment within conditional expression - tool: generate easysrc only on --libcurl - - Code should only be generated when --libcurl is used. +- CODE_STYLE: Use boolean conditions - Bug: https://github.com/bagder/curl/issues/429 - Reported-by: @greafhe, Jay Satiro + Rather than use TRUE, FALSE, NULL, 0 or != 0 in if/while conditions. - Closes #429 - Closes #442 + Additionally, corrected some example code to adhere to the recommended + coding style. -Jay Satiro (19 Sep 2015) -- vtls: Change designator name for server's pubkey hash - - - Change the designator name we use to show the base64 encoded sha256 - hash of the server's public key from 'pinnedpubkey' to - 'public key hash'. +- inet_pton.c: Fixed compilation warnings - Though the server's public key hash is only shown when comparing pinned - public key hashes, the server's hash may not match one of the pinned. + warning: conversion to 'unsigned char' from 'int' may alter its value -Daniel Stenberg (19 Sep 2015) -- [Isaac Boukris brought this change] +Daniel Stenberg (19 Mar 2016) +- RELEASE-NOTES: synced with 80851028efc2fa9 - NTLM: Reset auth-done when using a fresh connection +- mbedtls: fix compiler warning - With NTLM a new connection will always require authentication. - Fixes #435 + vtls/mbedtls.h:67:36: warning: implicit declaration of function + ‘mbedtls_sha256’ [-Wimplicit-function-declaration] -- [Daniel Hwang brought this change] +Steve Holme (19 Mar 2016) +- easy: Minor coding standard and style updates + + Following commit c5744340db. Additionally removes the need for a second + 'result code' variable as well. - ssl: add server cert's "sha256//" hash to verbose +Jay Satiro (19 Mar 2016) +- easy: Remove poll failure check in easy_transfer - Add a "pinnedpubkey" section to the "Server Certificate" verbose + .. because curl_multi_wait can no longer signal poll failure. - Bug: https://github.com/bagder/curl/issues/410 - Reported-by: W. Mark Kubacki + follow-up to 77e1726 - Closes #430 - Closes #410 - -- [Jakub Zakrzewski brought this change] + Bug: https://github.com/curl/curl/issues/707 - openldap: only part of LDAP query results received +Steve Holme (19 Mar 2016) +- build: Added missing Visual Studio filter files for VC10 onwards - Introduced with commit 65d141e6da5c6003a1592bbc87ee550b0ad75c2f + As these files don't need to contain references to the source files, + although typically do, added basic files which only include three + filters and don't require the project file generator to be modified. - Closes #440 - -- [Alessandro Ghedini brought this change] - - openssl: don't output certinfo data + These files allow the source code to be viewed in the Solution Explorer + in versions of Visual Studio from 2010 onwards in the same manner as + previous versions did rather than one large view of files. -- [Alessandro Ghedini brought this change] +- ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabled + + warning C4706: assignment within conditional expression - openssl: refactor certificate parsing to use OpenSSL memory BIO +- config-w32.h: Fixed compilation warning when /Wall enabled - Fixes #427 + warning C4668: 'USE_IPV6' is not defined as a preprocessor macro, + replacing with '0' for '#if/#elif' -Kamil Dudka (18 Sep 2015) -- nss: prevent NSS from incorrectly re-using a session +- imap.c: Fixed compilation warning with /Wall enabled + + warning C4701: potentially uninitialized local variable 'size' used - Without this workaround, NSS re-uses a session cache entry despite the - server name does not match. This causes SNI host name to differ from - the actual host name. Consequently, certain servers (e.g. github.com) - respond by 400 to such requests. + Technically this can't happen, as the usage of 'size' is protected by + 'if(parsed)' and 'parsed' is only set after 'size' has been parsed. - Bug: https://bugzilla.mozilla.org/1202264 + Anyway, lets keep the compiler happy. -- nss: check return values of NSS functions +- KNOWN_BUGS: #93 Issue with CURLFORM_CONTENTLEN in arrays on 32-bit platforms -Daniel Stenberg (17 Sep 2015) -- CURLOPT_PINNEDPUBLICKEY.3: mention error code +Daniel Stenberg (18 Mar 2016) +- bump: the coming release is 7.48.0 -- openssl: build with < 0.9.8 +- configure: use cpp -P when needed - ... without sha256 support and no define saying so. + Since gcc 5, the processor output can get split up on multiple lines + that made the configure script fail to figure out values from + definitions. The fix is to use cpp -P, and this fix now first checks if + cpp -P is necessary and then if cpp -P works before it uses that to + extract defined values. - Reported-by: Rajkumar Mandal + Fixes #719 -- libcurl-errors.3: add two missing error codes +Steve Holme (18 Mar 2016) +- formdata.c: Fixed compilation warning - CURLE_SSL_PINNEDPUBKEYNOTMATCH and CURLE_SSL_INVALIDCERTSTATUS - -Jay Satiro (14 Sep 2015) -- CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example + formdata.c:390: warning: cast from pointer to integer of different size - - Show how a certificate can be obtained using OpenSSL. + Introduced in commit ca5f9341ef this happens because a char*, which is + 32-bits wide in 32-bit land, is being cast to a curl_off_t which is + 64-bits wide where 64-bit integers are supported by the compiler. - Bug: https://github.com/bagder/curl/pull/430 - Reported-by: Daniel Hwang - -Daniel Stenberg (13 Sep 2015) -- http2: removed unused function - -- CURLINFO_ACTIVESOCKET.3: mention it replaces *LASTSOCKET - -- opts: add CURLINFO_* man pages to dist - -- opts: 19 more CURLINFO_* options made into stand-alone man pages - -- RELEASE-NOTES: synced with fad9604613 + This doesn't happen in 64-bit land as a pointer is the same size as a + curl_off_t. + + This fix doesn't address the fact that a 64-bit value cannot be used + for CURLFORM_CONTENTLEN when set in a form array and compiled on a + 32-bit platforms, it does at least suppress the compilation warning. -- curl: customrequest_helper: deal with NULL custom method +Daniel Stenberg (18 Mar 2016) +- FAQ: 2.5 Install libcurl for both 32bit and 64bit? -- [Svyatoslav Mishyn brought this change] +- [Gisle Vanem brought this change] - CURLOPT_FNMATCH_FUNCTION.3: fix typo + openssl: adapt to API breakage in ERR_remove_thread_state() - s => is + The OpenSSL API change that broke this is "Convert ERR_STATE to new + multi-threading API": openssl commit 8509dcc. - Closes #428 + Closes #713 -- curl: point out unnecessary uses of -X in verbose mode - - It uses 'Note:' as a prefix as opposed to the common 'Warning:' to take - down the tone a bit. +- version: init moved to private name space, added protos - It adds a warning for using -XHEAD on other methods becasue that may - lead to a hanging connection. + follow-up to 80015cdd52145 -Jay Satiro (10 Sep 2015) -- curl_sspi: fix possibly undefined CRYPT_E_REVOKED +- openssl: verbose: show matching SAN pattern - Bug: https://github.com/bagder/curl/pull/411 - Reported-by: Viktor Szakats - -- buildconf.bat: fix syntax error - -- [Benjamin Kircher brought this change] - - winbuild: run buildconf.bat if necessary + ... to allow users to see which specfic wildcard that matched when such + is used. + + Also minor logic cleanup to simplify the code, and I removed all tabs + from verbose strings. -- [Svyatoslav Mishyn brought this change] +Jay Satiro (16 Mar 2016) +- version: thread safety - docs: fix argument type for CURLINFO_SPEED_*, CURLINFO_SIZE_* +Steve Holme (16 Mar 2016) +- transfer: Removed redundant HTTP authentication include files - long => double + It would also seem that share.h is not required here either as there + are no references to the Curl_share structure or functions. -Daniel Stenberg (8 Sep 2015) -- [Sergei Nikulov brought this change] +- easy: Removed redundant HTTP authentication include files - cmake: IPv6 : disable Unix header check on Windows platform +Jay Satiro (15 Mar 2016) +- CURLOPT_SSLENGINE.3: Only for OpenSSL built with engine support - Closes #409 + Bug: https://curl.haxx.se/mail/lib-2016-03/0150.html + Reported-by: Oliver Graute -- parse_proxy: reject illegal port numbers - - If the port number in the proxy string ended weirdly or the number is - too large, skip it. Mostly as a means to bail out early if a "bare" IPv6 - numerical address is used without enclosing brackets. - - Also mention the bracket requirement for IPv6 numerical addresses to the - man page for CURLOPT_PROXY. - - Closes #415 - - Reported-by: Marcel Raad +Steve Holme (15 Mar 2016) +- curl_sasl: Minor code indent fixes -- FTP: do_more: add check for wait_data_conn in upload case - - In some timing-dependnt cases when a 4xx response immediately followed - after a 150 when a STOR was issued, this function would wrongly return - 'complete == true' while 'wait_data_conn' was still set. - - Closes #405 +Daniel Stenberg (14 Mar 2016) +- runtests: mention when run event-based + +- easy: add check to malloc() when running event-based - Reported-by: Patricia Muscalu + ... to allow torture tests then too. -- [Svyatoslav Mishyn brought this change] +- memdebug: skip logging the limit countdown, fflush when reached - CURLOPT_TLSAUTH_TYPE.3: update description +- CODE_STYLE: Space around operators - Closes #414 - Closes #413 - -- [Svyatoslav Mishyn brought this change] + As just discussed on the mailing list, also document how we prefer + spacing in expressions. - CURLOPT_PATH_AS_IS.3: fix typo +- curl: glob_range: no need to check unsigned variable for negative - leavit => leaveit + cppcheck warned: - closes #412 - -- [Svyatoslav Mishyn brought this change] - - CURLINFO_SSL_VERIFYRESULT.3: add short description + [src/tool_urlglob.c:283]: (style) Checking if unsigned variable 'step_n' + is less than zero. -- [Svyatoslav Mishyn brought this change] +- CODE_STYLE: add example for indent style as well - CURLINFO_SSL_ENGINES.3: add short description +- CODE_STYLE: mention braces for functions too -- [Svyatoslav Mishyn brought this change] +- docs/Makefile.am: include CODE_STYLE in tarball too - CURLINFO_CONTENT_LENGTH_UPLOAD.3: replace "receive" with "get" for consistency +- CONTRIBUTE: moved out code style to a separate document -- [Svyatoslav Mishyn brought this change] +- CODE_STYLE: initial version + + Ripped out from CONTRIBUTE into its own document, but also extended from + there. - CURLINFO_REDIRECT_TIME.3: remove redundant '!' +- curl_sasl.c: minor code indent fixes -Kamil Dudka (4 Sep 2015) -- Revert "has: generate the curl/has.h header" +- multi: simplified singlesocket - This reverts commit a60bde79f9adeb135d5c642a07f0d783fbfbbc25 I have - pushed by mistake. Apologies for my incompetent use of the git repo! + Since sh_getentry() now checks for invalid sockets itself and by + narrowing the scope of the remove_sock_from_hash variable. -- nss: do not directly access SSL_ImplementedCiphers[] - - It causes dynamic linking issues at run-time after an update of NSS. +- multi: introduce sh_getentry() for looking up sockets in the sockhash - Bug: https://lists.fedoraproject.org/pipermail/devel/2015-September/214117.html + Simplify the code by using a single entry that looks for a socket in the + socket hash. As indicated in #712, the code looked for CURL_SOCKET_BAD + at some point and that is ineffective/wrong and this makes it easier to + avoid that. -- [Daniel Stenberg brought this change] +- [Jaime Fullaondo brought this change] - has: generate the curl/has.h header + multi hash: ensure modulo performed on curl_socket_t - changed macro name, moved and renamed script to become docs/libcurl/has.pl, - generate code that is checksrc compliant - -Daniel Stenberg (3 Sep 2015) -- gitignore: ignore more generated VC Makefiles + Closes #712 -- projects/Windows/.gitignore: ignore generated files for release +Steve Holme (13 Mar 2016) +- base64: Minor coding standard and style updates -- http2: don't pass on Connection: headers - - RFC 7540 section 8.1.2.2 states: "An endpoint MUST NOT generate an - HTTP/2 message containing connection-specific header fields; any message - containing connection-specific header fields MUST be treated as - malformed" - - Closes #401 +- base64: Use 'CURLcode result' for curl result codes -- curl.1: update RFC references +- negotiate: Use 'CURLcode result' for curl result codes -- CURLOPT_POSTREDIR.3: update RFC number and section +Daniel Stenberg (13 Mar 2016) +- [Maksim Kuzevanov brought this change] -- CURLOPT_FOLLOWLOCATION.3: mention methods for redirects + multi_runsingle: avoid loop in CURLM_STATE_WAITPROXYCONNECT - and some general cleaning up - -- [Marcel Raad brought this change] + Closes #703 - inet_pton.c: Fix MSVC run-time check failure (2) - - This fixes another run-time check failure because of a narrowing cast on - Visual C++. - - Closes #408 +- TODO: Use the RFC6265 test suite -Jay Satiro (3 Sep 2015) -- docs: Warn about any-domain cookies and multiple transfers - - - Warn that cookies without a domain are sent to any domain: - CURLOPT_COOKIELIST, CURLOPT_COOKIEFILE, --cookie - - - Note that imported Set-Cookie cookies without a domain are no longer - exported: - CURLINFO_COOKIELIST, CURLOPT_COOKIEJAR, --cookie-jar +Steve Holme (13 Mar 2016) +- checksrc.bat: Added the ability to scan src and lib source independently -Steve Holme (2 Sep 2015) -- tool_sdecls.h: Fixed compilation warning from commit 4a889441d3 +- digest: Use boolean based success code for Curl_sasl_digest_get_pair() - tool_sdecls.h:139 warning: comma at end of enumerator list - -Daniel Stenberg (2 Sep 2015) -- opts: 8 more CURLINFO* options as stand-alone man pages + Rather than use a 0 and 1 integer base result code use a TRUE / FALSE + based success code. -- RELEASE-NOTES: synced with c764cb4add1a8 +- digest: Corrected some typos in comments -- man-pages: more SEE ALSO links +- krb5: Corrected some typos in function descriptions -- opts: more CURLINFO_* options as stand-alone man pages +- ntlm: Corrected some typos in function descriptions -Steve Holme (31 Aug 2015) -- sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH enabled - - Introduced in commit 59f3f92ba6 this function is only implemented when - CURL_DISABLE_CRYPTO_AUTH is not defined. As such we shouldn't define - the function in the header file either. +- url: Corrected indentation when calling idna_to_ascii_lz() -- sasl: Updated SPN variables and comments for consistency +- idn_win32: Use boolean based success codes - In places the "host name" and "realm" variable was referred to as - "instance" whilst in others it was referred to as "host". + Rather than use 0 and 1 integer base result codes use a FALSE / TRUE + based success code. -Daniel Stenberg (30 Aug 2015) -- configure: check for HMAC_Update in openssl - - Turns out HMAC_Init is now deprecated in openssl master (and I spelled - HMAC_Init_ex wrong in previous commit) +Daniel Stenberg (10 Mar 2016) +- idn_win32.c: warning: Trailing whitespace -Steve Holme (30 Aug 2015) -- win32: Use DES_set_odd_parity() from OpenSSL/BoringSSL by default +Steve Holme (10 Mar 2016) +- idn_win32.c: Fixed compilation warning from commit 9e7fcd4291 - Set HAVE_DES_SET_ODD_PARITY when using OpenSSL/BoringSSL as native - Windows builds don't use the autoconf tools. + warning C4267: 'function': conversion from 'size_t' to 'int', + possible loss of data -- des: Fixed compilation warning from commit 613e5022fe - - curl_ntlm_core.c:150: warning 'Curl_des_set_odd_parity' undefined; - assuming extern returning int +Daniel Stenberg (10 Mar 2016) +- THANKS-filter: unify Michael König -- buildconf.bat: Fixed double blank line in 'curl manual' warning output +- RELEASE-NOTES: synced with 863c5766dd -- makefiles: Added our standard copyright header +- ftp: remove a check for NULL(!) - But kept the original author, when they were specified in a comment, as - the initial copyright holder. - -Jay Satiro (29 Aug 2015) -- CURLOPT_FILETIME.3: CURLINFO_FILETIME has its own manpage now - -Daniel Stenberg (29 Aug 2015) -- CURLINFO_RESPONSE_CODE.3: added short description - -- opts: 7 initial CURLINFO_* options as stand-alone man pages - -- [Nikolai Kondrashov brought this change] + ... as it implies we need to check for that on all the other variable + references as well (as Coverity otherwise warns us for missing NULL + checks), and we're alredy making sure that the pointer is never NULL. - libcurl.m4: Put braces around empty if body +- cookies: first n/v pair in Set-Cookie: is the cookie, then parameters - Put braces around empty "if" body in libcurl.m4 check to avoid warning: + RFC 6265 section 4.1.1 spells out that the first name/value pair in the + header is the actual cookie name and content, while the following are + the parameters. - suggest braces around empty body in an 'if' statement + libcurl previously had a more liberal approach which causes significant + problems when introducing new cookie parameters, like the suggested new + cookie priority draft. - and make it work with -Werror builds. + The previous logic read all n/v pairs from left-to-right and the first + name used that wassn't a known parameter name would be used as the + cookie name, thus accepting "Set-Cookie: Max-Age=2; person=daniel" to be + a cookie named 'person' while an RFC 6265 compliant parser should + consider that to be a cookie named 'Max-Age' with an (unknown) parameter + 'person'. - Closes #402 - -- [Svyatoslav Mishyn brought this change] + Fixes #709 - curl_easy_escape.3: escape '\n' - - Closes #398 +- krb5: improved type handling to avoid clang compiler warnings -- [Svyatoslav Mishyn brought this change] +- url.c: fix clang warning: no newline at end of file - curl_easy_{escape,setopt}.3: fix example +- curl_multi_wait: never return -1 in 'numfds' - remove redundant '}' - -- [Sergei Nikulov brought this change] - - cmake: added Windows SSL support + Such a return value isn't documented but could still happen, and the + curl tool code checks for it. It would happen when the underlying + Curl_poll() function returns an error. Starting now we mask that error + as a user of curl_multi_wait() would have no way to handle it anyway. - Closes #399 + Reported-by: Jay Satiro + Closes #707 -- curl: point out the conflicting HTTP methods if used - - It isn't always clear to the user which options that cause the HTTP - methods to conflict so by spelling them out it should hopefully be - easier to understand why curl complains. +- HTTP2.md: add CURL_HTTP_VERSION_2TLS and updated alt-svc link -- curl: clarify that users can only specify one _METHOD_ +- curl_multi_wait.3: add example -- [Svyatoslav Mishyn brought this change] - - curl_easy_{escape,unescape}.3: "char *" vs. "const char *" +Steve Holme (8 Mar 2016) +- imap/pop3/smtp: Fixed connections upgraded with TLS are not reused - Closes #395 - -Patrick Monnerat (24 Aug 2015) -- os400: include new options in wrappers and update ILE/RPG binding. - -Daniel Stenberg (24 Aug 2015) -- KNOWN_BUGS: #2, not reading a HEAD response-body is not a bug + Regression since commit 710f14edba. - ... since HTTP is forbidden to return any such. - -- KNOWN_BUGS: #78 zero-length files is already fixed! - -- [Razvan Cojocaru brought this change] + Bug: https://github.com/curl/curl/issues/422 + Reported-by: Justin Ehlert - getinfo: added CURLINFO_ACTIVESOCKET +Jay Satiro (8 Mar 2016) +- opt-docs: fix heading macros - This patch addresses known bug #76, where on 64-bit Windows SOCKET is 64 - bits wide, but long is only 32, making CURLINFO_LASTSOCKET unreliable. + ..SH should be .SH - Signed-off-by: Razvan Cojocaru + Bug: https://github.com/curl/curl/issues/705 + Reported-by: Eric S. Raymond -- http2: remove dead code - - Leftovers from when we removed the private socket hash. - - Coverity CID 1317365, "Logically dead code" +Kamil Dudka (8 Mar 2016) +- [Tim Rühsen brought this change] -- ntlm: mark deliberate switch case fall-through + cookie: do not refuse cookies for localhost - Coverity CID 1317367, "Missing break in switch" + Closes #658 -- http2: on_frame_recv: get a proper 'conn' for the debug logging +Daniel Stenberg (8 Mar 2016) +- ftp_done: clear tunnel_state when secondary socket closes - "Explicit null dereferenced (FORWARD_NULL)" + Introducing a function for closing the secondary connection to make this + bug less likely to happen again. - Coverity CID 1317366 - -- RELEASE-NOTES: synced with 2acaf3c804 - -Dan Fandrich (23 Aug 2015) -- tool: fix memory leak with --proto-default option + Reported-by: daboul + Closes #701 -Jay Satiro (22 Aug 2015) -- [Nathaniel Waisbrot brought this change] +- [Gisle Vanem brought this change] - CURLOPT_DEFAULT_PROTOCOL: added - - - Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default - protocol for schemeless URLs. - - - Add new tool option --proto-default to expose - CURLOPT_DEFAULT_PROTOCOL. - - In the case of schemeless URLs libcurl will behave in this way: - - When the option is used libcurl will use the supplied default. - - When the option is not used, libcurl will follow its usual plan of - guessing from the hostname and falling back to 'http'. + openssl: use the correct OpenSSL/BoringSSL/LibreSSL in messages -- runtests: Allow for spaces in server-verify curl custom path +- HTTP2.md: HTTP/2 by default for curl's HTTPS connections -Daniel Stenberg (22 Aug 2015) -- NTLM: recent boringssl brought DES_set_odd_parity back - - ... so improve the #ifdefs for using our local implementation. +- [Anders Bakken brought this change] -- configure: detect latest boringssl - - Since boringssl brought back DES_set_odd_parity again, it cannot be used - to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define - seems better anyway. - - URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/ - Original-patch-by: Bertrand Simonnet + pipeline: Sanity check pipeline pointer before accessing it. - Closes #393 - -- configure: change functions to detect openssl (clones) + I got a crash with this stack: - ... since boringssl moved the former ones and the check started to fail. + curl/lib/url.c:2873 (Curl_removeHandleFromPipeline) + curl/lib/url.c:2919 (Curl_getoff_all_pipelines) + curl/lib/multi.c:561 (curl_multi_remove_handle) + curl/lib/url.c:415 (Curl_close) + curl/lib/easy.c:859 (curl_easy_cleanup) - URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/ - Original-patch-by: Bertrand Simonnet + Closes #704 -- [Alessandro Ghedini brought this change] +- HTTP2.md: mention the disable ALPN and NPN options - openssl: handle lack of server cert when strict checking disabled +- TODO: 17.12 keep running, read instructions from pipe/socket - If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER - and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server - doesn't present a certificate at all. + And delete trailing whitespace + And rename section 17 to "command line tool" from "client" - Closes #392 + Closes #702 -- ftp: clear the do_more bit when the server has connected +- README.md: linkified - The multi state machine would otherwise go into the DO_MORE state after - DO, even for the case when the FTP state machine had already performed - those duties, which caused libcurl to get stuck in that state and fail - miserably. This occured for for active ftp uploads. + It also makes it less readable as plain text, so let's keep this + primarily for github use. - Reported-by: Patricia Muscalu - -- [Jactry Zeng brought this change] - - travis.yml: Add OS X testbot. - -- [Rémy Léone brought this change] + Removed the top ascii art logo, as it looks weird when markdownified. - travis: Upgrading to container based build - - http://docs.travis-ci.com/user/migrating-from-legacy +- README.md: markdown version of README - Closes #388 - -- RELEASE-NOTES: synced with 14ff86256b13e + Attempt to make it look more appealing on github -- [Erik Janssen brought this change] +Jay Satiro (6 Mar 2016) +- mprintf: update trio project link - rtsp: stop reading empty DESCRIBE responses - - Based-on-patch-by: Jim Hollinger +Daniel Stenberg (6 Mar 2016) +- CURLOPT_ACCEPTTIMEOUT_MS.3: added example -- [Erik Janssen brought this change] +- CURLOPT_ACCEPT_ENCODING.3: added example - rtsp: support basic/digest authentication +- CURLOPT_APPEND.3: added example -- [Sam Roth brought this change] +- CURLOPT_NOPROGRESS.3: added example, conform to stardard style - CURLMOPT_PUSHFUNCTION.3: fix argument types +Steve Holme (6 Mar 2016) +- build-openssl/checksrc.bat: Fixed prepend vs append of Perl path - Closes #389 - Closes #386 + Fixed inconsistency from commit 1eae114065 and 0ad6c72227 of the order + in which Perl was added to the PATH. -- [Marcel Raad brought this change] +Daniel Stenberg (6 Mar 2016) +- opts: added two examples - inet_pton.c: Fix MSVC run-time check failure - - Visual Studio complains with a message box: - - "Run-Time Check Failure #1 - A cast to a smaller data type has caused a - loss of data. If this was intentional, you should mask the source of - the cast with the appropriate bitmask. - - For example: - char c = (i & 0xFF); - - Changing the code in this way will not affect the quality of the - resulting optimized code." - - This is because only 'val' is cast to unsigned char, so the "& 0xff" has - no effect. - - Closes #387 +- CURLOPT_SSL_CTX_FUNCTION.3: use .NF for example -Jay Satiro (18 Aug 2015) -- docs: Update the redirect protocols disabled by default +- CURLOPT_SSL_CTX_FUNCTION.3: added example - - Clarify that FILE and SCP are disabled by default since 7.19.4 - - Add that SMB and SMBS are disabled by default since 7.40.0 - - Add CURLPROTO_SMBS to the list of protocols + and removed erroneous reference to test case lib509 -- gitignore: Sort for readability - - find . -name .gitignore -print0 | xargs -i -0 sort -o '{}' '{}' +- curlx.c: use more curl style code -Daniel Stenberg (15 Aug 2015) -- curl_easy_getinfo.3: fix superfluous space +- test46: change cookie expiry date - ... and changed "oriented" to "related" + Since two of the cookies would now otherwise expire and cause the test + to fail after commit 20de9b4f09 - Closes #378 - -- CURLOPT_HTTP_VERSION.3: connection re-use goes before version + Discussed in #697 -- [Daniel Kahn Gillmor brought this change] +Jay Satiro (5 Mar 2016) +- [Viktor Szakats brought this change] - curl.1: Document weaknesses in SSLv2 and SSLv3 - - Acknowledge that SSLv3 is also widely considered to be insecure. + makefile.m32: add missing libs for static -winssl-ssh2 builds - Also, provide references for people who want to know more about why it's - insecure. - -Steve Holme (14 Aug 2015) -- generate.bat: Added support for generating only the prerequisite files + Bug: https://github.com/curl/curl/pull/693 -- generate.bat: Only call buildconf.bat if it exists +- mbedtls: fix user-specified SSL protocol version + + Prior to this change when a single protocol CURL_SSLVERSION_ was + specified by the user that version was set only as the minimum version + but not as the maximum version as well. -- generate.bat: Fixed issues when ran in directories with special chars +Steve Holme (5 Mar 2016) +- .gitignore: Added *.VC.opendb and *.vcxproj.user files for VC14 -Daniel Stenberg (14 Aug 2015) -- [Brad King brought this change] +- build-openssl.bat: Fixed cannot find perl if installed but not in path - cmake: Fix CurlTests check for gethostbyname_r with 5 arguments - - Fix the check code to pass 5 arguments instead of 6. This typo was - introduced by commit aebfd4cfbf (cmake: fix gethostby{addr,name}_r in - CurlTests, 2014-10-31). +- checksrc.bat: Fixed cannot find perl if installed but not in path -Steve Holme (14 Aug 2015) -- * buildconf.bat: Fixed issues when ran in directories with special chars - - Bug: https://github.com/bagder/curl/pull/379 - Reported-by: Daniel Seither +Jay Satiro (5 Mar 2016) +- [Viktor Szakats brought this change] -Jay Satiro (13 Aug 2015) -- curl_global_init_mem.3: Stronger thread safety warning + makefile.m32: fix to allow -ssh2-winssl combination - Bug: http://curl.haxx.se/mail/lib-2015-08/0016.html - Reported-by: Eric Ridge - -Daniel Stenberg (12 Aug 2015) -- [Svyatoslav Mishyn brought this change] + In makefile.m32, option -ssh2 (libssh2) automatically implied -ssl + (OpenSSL) option, with no way to override it with -winssl. Since both + libssh2 and curl support using Windows's built-in SSL backend, modify + the logic to allow that combination. - curl_multi_add_handle.3: fix a typo - - "can not" => "cannot" +- cookie: Don't expire session cookies in remove_expired - closes #377 - -- [Alessandro Ghedini brought this change] - - docs: fix typos + Prior to this change cookies with an expiry date that failed parsing + and were converted to session cookies could be purged in remove_expired. - closes #376 - -- bump: start working toward 7.45.0 - -- THANKS: remove duplicate name - -- THANKS-filter: merge Todd's names - -- THANKS: 13 new contributors from the 7.44.0 RELEASE-NOTES - -Version 7.44.0 (11 Aug 2015) - -Daniel Stenberg (11 Aug 2015) -- RELEASE-NOTES: synced with c75a1e775061 - -- [Svyatoslav Mishyn brought this change] + Bug: https://github.com/curl/curl/issues/697 + Reported-by: Seth Mos - curl_formget.3: correct return code +Daniel Stenberg (3 Mar 2016) +- cookie: remove redundant check - Closes #375 - -- [Svyatoslav Mishyn brought this change] - - libcurl-tutorial.3: fix formatting + ... as it was already checked previously within the function. - Closes #374 - -- [Svyatoslav Mishyn brought this change] - - curl_easy_recv.3: fix formatting + Reported-by: Dmitry-Me + Closes #695 +Jay Satiro (1 Mar 2016) - [Anders Bakken brought this change] - http2: discard frames with no SessionHandle - - Return 0 instead of NGHTTP2_ERR_CALLBACK_FAILURE if we can't locate the - SessionHandle. Apparently mod_h2 will sometimes send a frame for a - stream_id we're finished with. + url: if Curl_done is premature then pipeline not in use - Use nghttp2_session_get_stream_user_data and - nghttp2_session_set_stream_user_data to identify SessionHandles instead - of a hash. + Prevent a crash if 2 (or more) requests are made to the same host and + pipelining is enabled and the connection does not complete. - Closes #372 - -- RELEASE-NOTES: synced with 9ee40ce2aba + Bug: https://github.com/curl/curl/pull/690 - [Viktor Szakats brought this change] - build: refer to fixed libidn versions + makefile.m32: allow to pass .dll/.exe-specific LDFLAGS - closes #371 - -- Revert "configure: disable libidn by default" + using envvars `CURL_LDFLAG_EXTRAS_DLL` and + `CURL_LDFLAG_EXTRAS_EXE` respectively. This + is useful f.e. to pass ASLR-related extra + options, that are required to make this + feature work when using the mingw toolchain. - This reverts commit e6749055d65398315fd77f5b5b8234c5552ac2d3. + Ref: https://github.com/curl/curl/pull/670#issuecomment-190863985 - ... since libidn has since been fixed. - -- [Jakub Zakrzewski brought this change] + Closes https://github.com/curl/curl/pull/689 - CMake: s/HAVE_GSS_API/HAVE_GSSAPI/ to match header define - - Otherwise the build only pretended to use GSS-API +Daniel Stenberg (29 Feb 2016) +- formpost: fix memory leaks in AddFormData error branches - Closes #370 + Reported-by: Dmitry-Me + Fixes #688 -- SFTP: fix range request off-by-one in size check - - Reported-by: Tim Stack +Jay Satiro (28 Feb 2016) +- getinfo: Fix syntax error when mbedTLS - Closes #359 + The assignment of the mbedTLS TLS session info in the parent commit was + incorrect. Change the assignment to a pointer to the session structure. -- test46: update cookie expire time +- getinfo: Add support for mbedTLS TLS session info - ... since it went old and thus was expired and caused the test to fail! - -Steve Holme (9 Aug 2015) -- generate.bat: Use buildconf.bat for prerequisite file generation - -- buildconf.bat: Tidy up of comments after recent commits + .. and preprocessor check TLS session info is defined for all backends. -- buildconf.bat: Added full generation of src\tool_hugehelp.c - - Added support for generating the full man page based on code from - generate.bat. +Daniel Stenberg (26 Feb 2016) +- ROADMAP: clarify on the TLS proxy, mention HTTP cookies to work on -- buildconf.bat: Added detection of groff, nroff, perl and gzip +- file: try reading from files with no size - To allow for the full generation of tool_hugehelp.c added detection of - the required programs - based on code from generate.bat. - -- buildconf.bat: Move DOS variable clean-up code to separate function + Some systems have special files that report as 0 bytes big, but still + contain data that can be read (for example /proc/cpuinfo on + Linux). Starting now, a zero byte size is considered "unknown" size and + will be read as far as possible anyway. - Rather than duplicate future variables, during clean-up of both success - and error conditions, use a common function that can be called by both. - -- RELEASE-NOTES: Synced with 39dcf352d2 - -- buildconf.bat: Added error messages on failure - -- buildconf.bat: Generate and clean files in the same order - -- buildconf.bat: Maintain compatibility with DOS based systems + Reported-by: Jesse Tan - Commit f08e30d7bc broke compatibility with DOS and non Windows NT based - versions of Windows due to the use of the setlocal command. + Closes #681 -Jay Satiro (9 Aug 2015) -- CURLOPT_RESOLVE.3: Note removal support was added in 7.42 +Jay Satiro (25 Feb 2016) +- configure: warn on invalid ca bundle or path - Bug: http://curl.haxx.se/mail/lib-2015-08/0019.html - Reported-by: Inca R - -Steve Holme (8 Aug 2015) -- checksrc.bat: Fixed error when missing *.c and *.h files + - Warn if --with-ca-bundle file does not exist. - File Not Found - -- checksrc.bat: Fixed incorrect 'lib\vtls' path check in commit 333c36b276 - -- checksrc.bat: Fixed error when [directory] isn't a curl source directory + - Warn if --with-ca-path directory does not contain certificates. - The system cannot find the file specified. - -- checksrc.bat: Added check for unknown arguments - -- scripts: Added missing comments - -- scripts: Always perform setlocal and endlocal calls in pairs + - Improve help messages for both. - Ensure that there isn't a mismatch between setlocal and endlocal calls, - which could have happened due to setlocal being called after certain - error conditions were checked for. - -- scripts: Allow -help to be specified in any argument + Example configure output: - Allow the -help command line argument to be specified in any argument - and not just as the first. - -Daniel Stenberg (6 Aug 2015) -- [juef brought this change] - - curl_multi_remove_handle.3: fix formatting + ca cert bundle: /some/file (warning: certs not found) + ca cert path: /some/dir (warning: certs not found) - closes #366 + Bug: https://github.com/curl/curl/issues/404 + Reported-by: Jeffrey Walton -Steve Holme (6 Aug 2015) -- README: Added notes about 'Running DLL based configurations' +Daniel Stenberg (24 Feb 2016) +- Curl_read: check for activated HTTP/1 pipelining, not only requested - ...as well as a TODO for a future enhancement to the project files. + ... as when pipelining is used, we read things into a unified buffer and + we don't do that with HTTP/2. This could then easily make programs that + set CURLMOPT_PIPELINING = CURLPIPE_HTTP1|CURLPIPE_MULTIPLEX to get data + intermixed or plain broken between HTTP/2 streams. - Thanks-to: Jay Satiro - -- RELEASE-NOTES: Synced with cf8975387f - -- buildconf.bat: Synchronise no repository error with generate.bat - -- generate.bat: Added a check for the presence of a git repository + Reported-by: Anders Bakken -- [Jay Satiro brought this change] +Patrick Monnerat (24 Feb 2016) +- os400: Fix ILE/RPG definition of CURLOPT_TFTP_NO_OPTIONS - build: Added wolfSSL configurations to VC10+ project files +Jay Satiro (23 Feb 2016) +- getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION - URL: https://github.com/bagder/curl/pull/174 - -- [Jay Satiro brought this change] - - build: Added wolfSSL build script for Visual Studio projects + The two options are almost the same, except in the case of OpenSSL: - Added the wolfSSL build script, based on build-openssl.bat, as well as - the property sheet and header file required for the upcoming additions - to the Visual Studio project files. - -Daniel Stenberg (6 Aug 2015) -- CHANGES: refer to the online changelog + CURLINFO_TLS_SESSION OpenSSL session internals is SSL_CTX *. - Suggested-by: mc0e - -- [Isaac Boukris brought this change] - - NTLM: handle auth for only a single request + CURLINFO_TLS_SSL_PTR OpenSSL session internals is SSL *. - Currently when the server responds with 401 on NTLM authenticated - connection (re-used) we consider it to have failed. However this is - legitimate and may happen when for example IIS is set configured to - 'authPersistSingleRequest' or when the request goes thru a proxy (with - 'via' header). + For backwards compatibility we couldn't modify CURLINFO_TLS_SESSION to + return an SSL pointer for OpenSSL. - Implemented by imploying an additional state once a connection is - re-used to indicate that if we receive 401 we need to restart - authentication. + Also, add support for the 'internals' member to point to SSL object for + the other backends axTLS, PolarSSL, Secure Channel, Secure Transport and + wolfSSL. - Closes #363 - -Steve Holme (5 Aug 2015) -- RELEASE-NOTES: Synced with 473807b95f - -- generate.bat: Use buildconf.bat for prerequisite file clean-up - -- buildconf.bat: Added support for file clean-up via -clean - -- buildconf.bat: Added progress output - -- buildconf.bat: Avoid using goto for file not in repository + Bug: https://github.com/curl/curl/issues/234 + Reported-by: dkjjr89@users.noreply.github.com + + Bug: https://curl.haxx.se/mail/lib-2015-09/0127.html + Reported-by: Michael König -Daniel Stenberg (5 Aug 2015) -- curl_slist_append.3: add error checking to the example - -Steve Holme (5 Aug 2015) -- buildconf.bat: Added display of usage text with -help - -- buildconf.bat: Added exit codes for error handling - -- buildconf.bat: Added our standard copyright header - -- buildconf.bat: Use lower-case for commands and reserved keywords - -- generate.bat: Only clean prerequisite files when in ALL mode - -- generate.bat: Moved error messages out of sub-routines - -- generate.bat: More use of lower-case for commands and reserved keywords - -Daniel Stenberg (3 Aug 2015) -- libcurl.3: fix a single typo +Daniel Stenberg (23 Feb 2016) +- multi_remove_handle: keep the timeout list until after disconnect - Closes #361 - -- RELEASE-NOTES: synced with c4eb10e2f06f - -- SSH: three state machine fixups + The internal Curl_done() function uses Curl_expire() at times and that + uses the timeout list. Better clean up the list once we're done using + it. This caused a segfault. - The SSH state machine didn't clear the 'rc' variable appropriately in a - two places which prevented it from looping the way it should. And it - lacked an 'else' statement that made it possible to erroneously get - stuck in the SSH_AUTH_AGENT state. + Reported-by: 蔡文凱 + Bug: https://curl.haxx.se/mail/lib-2016-02/0097.html + +Kamil Dudka (23 Feb 2016) +- tests/sshserver.pl: use RSA instead of DSA for host auth - Reported-by: Tim Stack + DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP + test cases to be skipped. Using RSA for host authentication works with + both old and new versions of OpenSSH. - Closes #357 - -- curl_gssapi: remove 'const' to fix compiler warnings + Reported-by: Karlson2k - initialization discards 'const' qualifier from pointer target type + Closes #676 -- docs: formpost needs the full size at start of upload +Jay Satiro (23 Feb 2016) +- TFTP: add option to suppress TFTP option requests (Part 2) - Closes #360 - -Steve Holme (1 Aug 2015) -- sspi: Fix typo from left over from old code which referenced NTLM + - Add tests. - References to NTLM in the identity generation should have been removed - in commit c469941293 but not all were. - -- win32: Fix compilation warnings from commit 40c921f8b8 + - Add an example to CURLOPT_TFTP_NO_OPTIONS.3. - connect.c:953:5: warning: initializer element is not computable at load - time - connect.c:953:5: warning: missing initializer for field 'dwMinorVersion' - of 'OSVERSIONINFOEX' - curl_sspi.c:97:5: warning: initializer element is not computable at load - time - curl_sspi.c:97:5: warning: missing initializer for field 'szCSDVersion' - of 'OSVERSIONINFOEX' - -- schannel: Fix compilation warning from commit 7a8e861a56 + - Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS. - schannel.c:1125:5: warning: missing initializer for field 'dwMinorVersion' - of 'OSVERSIONINFOEX' [-Wmissing-field-initializers + Bug: https://github.com/curl/curl/issues/481 -Daniel Stenberg (31 Jul 2015) -- libcurl-thread.3: minor reformatting +- [Michael Koenig brought this change] -Jay Satiro (31 Jul 2015) -- curl_global_init_mem.3: Warn threaded resolver needs thread safe funcs + TFTP: add option to suppress TFTP option requests (Part 1) - Bug: http://curl.haxx.se/mail/lib-2015-07/0149.html - Reported-by: Eric Ridge - -- libcurl-thread.3: Warn memory functions must be thread safe + Some TFTP server implementations ignore the "TFTP Option extension" + (RFC 1782-1784, 2347-2349), or implement it in a flawed way, causing + problems with libcurl. Another switch for curl_easy_setopt + "CURLOPT_TFTP_NO_OPTIONS" is introduced which prevents libcurl from + sending TFTP option requests to a server, avoiding many problems caused + by faulty implementations. - Bug: http://curl.haxx.se/mail/lib-2015-07/0149.html - Reported-by: Eric Ridge + Bug: https://github.com/curl/curl/issues/481 -Steve Holme (31 Jul 2015) -- RELEASE-NOTES: Synced with 8b1d00ac1a +Daniel Stenberg (22 Feb 2016) +- [Karlson2k brought this change] -- INSTALL: Minor formatting correction in 'Legacy Windows and SSL' section + runtests: Fixed usage of %PWD on MinGW64 - ...as well as some rewording. + Closes #672 -Kamil Dudka (30 Jul 2015) -- http: move HTTP/2 cleanup code off http_disconnect() - - Otherwise it would never be called for an HTTP/2 connection, which has - its own disconnect handler. - - I spotted this while debugging - where the http_disconnect() handler was called on an FTP session handle - causing 'dnf' to crash. conn->data->req.protop of type (struct FTP *) - was reinterpreted as type (struct HTTP *) which resulted in SIGSEGV in - Curl_add_buffer_free() after printing the "Connection cache is full, - closing the oldest one." message. - - A previously working version of libcurl started to crash after it was - recompiled with the HTTP/2 support despite the HTTP/2 protocol was not - actually used. This commit makes it work again although I suspect the - root cause (reinterpreting session handle data of incompatible protocol) - still has to be fixed. Otherwise the same will happen when mixing FTP - and HTTP/2 connections and exceeding the connection cache limit. - - Reported-by: Tomas Tomecek - Bug: https://bugzilla.redhat.com/1248389 +Jay Satiro (20 Feb 2016) +- CURLOPT_DEBUGFUNCTION.3: Fix example -Daniel Stenberg (30 Jul 2015) - [Viktor Szakats brought this change] - ABI doc: use secure URL - -- ABI: remove the ascii logo - - and made the indent level to 1 - -- libcurl-multi.3: mention curl_multi_wait - - ... and some general rewordings to improve this docs. - - Reported-by: Tim Stack + src/Makefile.m32: add CURL_{LD,C}FLAGS_EXTRAS support - Closes #356 - -Steve Holme (30 Jul 2015) -- maketgz: Fixed some VC makefiles missing from the release tarball + Sync with lib/Makefile.m32 which already uses those variables. - VC7, VC11, VC12 and VC14 makefiles were missing from the release - tarball. + Bug: https://github.com/curl/curl/pull/670 -- RELEASE-NOTES: Synced with 2d7e165761 +Dan Fandrich (20 Feb 2016) +- Enabled test 1437 after the bug fix in commit 3fa220a6 -- build: Added VC14 project files to Makefile.am +Jay Satiro (19 Feb 2016) +- [Emil Lerner brought this change] -- build: Added VC14 project files + curl_sasl: Fix memory leak in digest parser - Updates to Makefile.am for the generation of the project files in - the tarball to follow. - -Jay Satiro (29 Jul 2015) -- libcurl-thread.3: Clarify CURLOPT_NOSIGNAL takes long value 1L - -Steve Holme (28 Jul 2015) -- generate.bat: Use lower-case for commands and reserved keywords + If any parameter in a HTTP DIGEST challenge message is present multiple + times, memory allocated for all but the last entry should be freed. - Whilst there are no coding standards for the batch files used in curl, - most tend to use lower-case for keywords and upper-case for variables. + Bug: https://github.com/curl/curl/pull/667 -- build: Added initial VC14 support to generate.bat +Dan Fandrich (19 Feb 2016) +- Added test 1437 to verify a memory leak - Visual Studio project files and updates to makefile.am to follow. - -- build: Fixed missing .opensdf files from VC10+ .gitignore files + Reported-by: neex@users.noreply.github.com -- build: Use $(ProjectName) macro for curl.exe and curld.exe filenames +Jay Satiro (18 Feb 2016) +- CURLOPT_COOKIEFILE.3: HTTP headers must be Set-Cookie style - This wasn't possible with the old curlsrc project filenames, but like - commit 2a615a2b64 and 11397eb6dd for libcurl use the built in Visual - Studio macros for the output filenames. + Bug: https://github.com/curl/curl/issues/666 + Reported-by: baumanj@users.noreply.github.com -- build: Renamed curl src Visual Studio project files +- curl.1: HTTP headers for --cookie must be Set-Cookie style - Following commit 957fcd9049 and in preparation for adding the VC14 - project files renamed the curl source project files. - -Daniel Stenberg (28 Jul 2015) -- [Jay Satiro brought this change] + Bug: https://github.com/curl/curl/issues/666 + Reported-by: baumanj@users.noreply.github.com - libcurl-thread.3: Revert to stricter handle wording - - .. also update formatting and add WinSSL and wolfSSL to the SSL/TLS - handlers list. +Daniel Stenberg (18 Feb 2016) +- curl.1: add a missing dash -- [Jay Satiro brought this change] +- CONTRIBUTING.md: fix links - libcurl-thread.3: Consolidate thread safety info +- ISSUE_TEMPLATE: github issue template - This is a new document to consolidate our thread safety information from - several documents (curl-www:features, libcurl.3, libcurl-tutorial.3). - Each document's section on multi-threading will now point to this one. + First version, try this out! -Steve Holme (27 Jul 2015) -- README: Corrected formatting for 'Legacy Windows and SSL' section +- CONTRIBUTING.md: move into .github - ...as well as some wording. + To hide github specific files somewhat from the rest. -- build-openssl.bat: Added support for VC14 +- opts: add references -Daniel Stenberg (26 Jul 2015) -- RELEASE-NOTES: synced with 0f645adc95390e8 +- examples/make: add 'checksrc' target -- test1902: attempt to make the test more reliable - - Closes #355 +- 10-at-a-time: typecast the argument passed to sleep() -- comment: fix comment about adding new option support +- externalsocket.c: fix compiler warning for fwrite return type -Jay Satiro (25 Jul 2015) -- build-openssl.bat: Show syntax if required args are missing +- anyauthput.c: fix compiler warnings -Daniel Stenberg (26 Jul 2015) -- TODO: improve how curl works in a windows console window - - Closes #322 for now +- simplessl.c: warning: while with space -- 1.11 minimize dependencies with dynamicly loaded modules +- curlx.c: i2s_ASN1_IA5STRING() clashes with an openssl function - Closes #349 for now + Reported-By: Gisle Vanem -Jay Satiro (25 Jul 2015) -- tool_operate: Fix CURLOPT_SSL_OPTIONS for builds without HTTPS +- http2: don't decompress gzip decoding automatically - - Set CURLOPT_SSL_OPTIONS only if the tool enabled an SSL option. + At one point during the development of HTTP/2, the commit 133cdd29ea0 + introduced automatic decompression of Content-Encoding as that was what + the spec said then. Now however, HTTP/2 should work the same way as + HTTP/1 in this regard. - Broken by me several days ago in 172b2be. - https://github.com/bagder/curl/commit/172b2be#diff-70b44ee478e58d4e1ddcf9c9a73d257b + Reported-by: Kazuho Oku - Bug: http://curl.haxx.se/mail/lib-2015-07/0119.html - Reported-by: Dan Fandrich + Closes #661 + +Jay Satiro (16 Feb 2016) +- [Tatsuhiro Tsujikawa brought this change] -Daniel Stenberg (25 Jul 2015) -- configure: check if OpenSSL linking wants -ldl + http: Don't break the header into chunks if HTTP/2 - To make it easier to link with static versions of OpenSSL, the configure - script now checks if -ldl is needed for linking. + nghttp2 callback deals with TLS layer and therefore the header does not + need to be broken into chunks. - Help-by: TJ Saunders + Bug: https://github.com/curl/curl/issues/659 + Reported-by: Kazuho Oku -- [Michael Kaufmann brought this change] +Daniel Stenberg (16 Feb 2016) +- [Viktor Szakats brought this change] - HTTP: ignore "Content-Encoding: compress" - - Currently, libcurl rejects responses with "Content-Encoding: compress" - when CURLOPT_ACCEPT_ENCODING is set to "". I think that libcurl should - treat the Content-Encoding "compress" the same as other - Content-Encodings that it does not support, e.g. "bzip2". That means - just ignoring it. + openssl: use macro to guard the opaque EVP_PKEY branch -- [Marcel Raad brought this change] +- [Viktor Szakats brought this change] - openssl: work around MSVC warning + openssl: avoid direct PKEY access with OpenSSL 1.1.0 - MSVC 12 complains: + by using API instead of accessing an internal structure. + This is required starting OpenSSL 1.1.0-pre3. - lib\vtls\openssl.c(1554): warning C4701: potentially uninitialized local - variable 'verstr' used It's a false positive, but as it's normally not, - I have enabled warning-as-error for that warning. - -- [MichaÅ‚ Fita brought this change] + Closes #650 - configure: add --disable-rt option - - This option disables any attempts in configure to create dependency on - stuff requiring linking to librt.so and libpthread.so, in this case this - means clock_gettime(CLOCK_MONOTONIC, &mt). - - We were in need to build curl which doesn't link libpthread.so to avoid - the following bug: - https://sourceware.org/bugzilla/show_bug.cgi?id=16628. +- RELEASE-NOTES: synced with ede0bfc079da -Kamil Dudka (23 Jul 2015) -- http2: verify success of strchr() in http2_send() - - Detected by Coverity. - - Error: NULL_RETURNS: - lib/http2.c:1301: returned_null: "strchr" returns null (checked 103 out of 109 times). - lib/http2.c:1301: var_assigned: Assigning: "hdbuf" = null return value from "strchr". - lib/http2.c:1302: dereference: Incrementing a pointer which might be null: "hdbuf". - 1300| - 1301| hdbuf = strchr(hdbuf, 0x0a); - 1302|-> ++hdbuf; - 1303| - 1304| authority_idx = 0; +- [Clint Clayton brought this change] -Jay Satiro (22 Jul 2015) -- Windows: Fix VerifyVersionInfo calls - - - Fix the VerifyVersionInfo calls, which we use to test for the OS major - version, to also test for the minor version as well as the service pack - major and minor versions. - - MSDN: "If you are testing the major version, you must also test the - minor version and the service pack major and minor versions." + CURLOPT_CONNECTTIMEOUT_MS.3: Fix example to use milliseconds option - https://msdn.microsoft.com/en-us/library/windows/desktop/ms725492.aspx + Change the example in the docs for CURLOPT_CONNECTTIMEOUT_MS to use + CURLOPT_CONNECTTIMEOUT_MS instead of CURLOPT_CONNECTTIMEOUT. - Bug: https://github.com/bagder/curl/pull/353#issuecomment-123493098 - Reported-by: Marcel Raad - -- [Marcel Raad brought this change] - - schannel: Replace deprecated GetVersion with VerifyVersionInfo - -Steve Holme (21 Jul 2015) -- makefile: Added support for VC14 - -Patrick Monnerat (21 Jul 2015) -- os400: ebcdic wrappers for new functions. Upgrade ILE/RPG bindings. - -- libcurl: VERSIONINFO update - Addition of new procedures curl_pushheader_bynum and curl_pushheader_byname - requires VERSIONINFO updating. - -- http2: satisfy external references even if http2 is not compiled in. + Closes #653 -Daniel Stenberg (20 Jul 2015) -- http2: add stream != NULL checks for reliability - - They should not trigger, but in case of internal problems we at least - avoid crashes this way. +- opt-docs: add more references -Jay Satiro (18 Jul 2015) -- symbols-in-versions: Add new CURLSSLOPT_NO_REVOKE symbol +- [David Byron brought this change] -- SSL: Add an option to disable certificate revocation checks - - New tool option --ssl-no-revoke. - New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS. + SCP: use libssh2_scp_recv2 to support > 2GB files on windows - Currently this option applies only to WinSSL where we have automatic - certificate revocation checking by default. According to the - ssl-compared chart there are other backends that have automatic checking - (NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at - some later point. + libssh2_scp_recv2 is introduced in libssh2 1.7.0 - to be released "any + day now. - Bug: https://github.com/bagder/curl/issues/264 - Reported-by: zenden2k + Closes #451 -- runtests: Allow for spaces in curl custom path +Jay Satiro (13 Feb 2016) +- [Shine Fan brought this change] + + gtls: fix for builds lacking encrypted key file support - .. also fix some typos in test's FILEFORMAT spec. + Bug: https://github.com/curl/curl/pull/651 -- [David Woodhouse brought this change] +Dan Fandrich (13 Feb 2016) +- test1604: Add to Makefile.inc so it gets run - ntlm_wb: Fix theoretical memory leak - - Static analysis indicated that my commit 9008f3d564 ("ntlm_wb: Fix - hard-coded limit on NTLM auth packet size") introduced a potential - memory leak on an error path, because we forget to free the buffer - before returning an error. - - Fix this. +Jay Satiro (12 Feb 2016) +- generate.bat: Fix comment bug by removing old comments - Although actually, it never happens in practice because we never *get* - here with state == NTLMSTATE_TYPE1. The state is always zero. That - might want cleaning up in a separate patch. + Remove NOTES section, it's no longer needed since we aren't setting the + errorlevel and more importantly the recently updated URL in the comments + is causing some unusual behavior that breaks the script. - Reported-by: Terri Oda - -- strerror: Add CRYPT_E_REVOKED to SSPI error strings + Closes https://github.com/curl/curl/issues/649 -Kamil Dudka (14 Jul 2015) -- libtest: call PR_Cleanup() on exit if NSPR is used +Kamil Dudka (12 Feb 2016) +- curl.1: --disable-{eprt,epsv} are ignored for IPv6 hosts - This prevents valgrind from reporting possibly lost memory that NSPR - uses for file descriptor cache and other globally allocated internal - data structures. + The behavior has been clarified in CURLOPT_FTP_USE_{EPRT,EPSV}.3 man + pages since curl-7_12_3~131. This patch makes it clear in the curl.1 + man page, too. - Reported-by: Å tefan Kremeň + Bug: https://bugzilla.redhat.com/1305970 -Jay Satiro (14 Jul 2015) -- [John Malmberg brought this change] +Daniel Stenberg (12 Feb 2016) +- dist: ship buildconf.bat too + + As the winbuild/* stuff uses it! - openssl: VMS support for SHA256 +- curlx_tvdiff: handle 32bit time_t overflows - setup-vms.h: More symbols for SHA256, hacks for older VAX + On 32bit systems, make sure we don't overflow and return funky values + for very large time differences. - openssl.h: Use OpenSSL OPENSSL_NO_SHA256 macro to allow building on VAX. + Reported-by: Anders Bakken - openssl.c: Use OpenSSL version checks and OPENSSL_NO_SHA256 macro to - allow building on VAX and 64 bit VMS. - -- examples: Fix typo in multi-single.c - -Daniel Stenberg (7 Jul 2015) -- [Tatsuhiro Tsujikawa brought this change] - - http2: Fix memory leak in push header array - -Dan Fandrich (2 Jul 2015) -- test2041: fixed line endings in protocol part - -- cyassl: fixed mismatched sha256sum function prototype - -Daniel Stenberg (1 Jul 2015) -- [moparisthebest brought this change] - - SSL: Pinned public key hash support + Closes #646 -- examples: provide sections +- examples: fix some compiler warnings -- [John Malmberg brought this change] +- simplessl.c: fix my breakage - OpenVMS: VMS Software, Inc now the supplier. +- examples: adhere to curl code style - setup-vms.h: Symbol case fixups submitted by Michael Steve + All plain C examples now (mostly) adhere to the curl code style. While + they are only examples, they had diverted so much and contained all + sorts of different mixed code styles by now. Having them use a unified + style helps users and readability. Also, as they get copy-and-pasted + widely by users, making sure they're clean and nice is a good idea. - build_gnv_curl_pcsi_desc.com: VSI aka as VMS Software, is now the - supplier of new versions of VMS. The install kit needs to accept - VSI as a producer. + 573 checksrc warnings were addressed. -Jay Satiro (30 Jun 2015) -- multi: Move http2 push function declarations to header end +- examples/cookie_interface.c: add cleanup call - This change necessary for binary compatibility. + cleaning up handles is a good idea as we leak memory otherwise - Prior to this change test 1135 failed due to the order of functions. + Also, line wrapped before 80 columns. -- symbols-in-versions: Add new http2 push symbols +Kamil Dudka (10 Feb 2016) +- nss: search slash in forward direction in dup_nickname() - Prior to this change test 1119 failed due to the missing symbols. - -Daniel Stenberg (30 Jun 2015) -- RELEASE-NOTES: synced with e6749055d653 + It is wasteful to search it backwards if we look for _any_ slash. -- configure: disable libidn by default - - For security reasons, until there is a fix. +- nss: do not count enabled cipher-suites - Bug: http://curl.haxx.se/mail/lib-2015-06/0143.html - Reported-by: Gustavo Grieco, Feist Josselin - -- SSL-PROBLEMS: mention WinSSL problems in WinXP + We only care if at least one cipher-suite is enabled, so it does + not make any sense to iterate till the end and count all enabled + cipher-suites. -- CODE_OF_CONDUCT.md: added - - Just to underscore how we treat each other in this project. Nothing new - really, but could be useful for newcomers and outsiders to see our - values. +Daniel Stenberg (10 Feb 2016) +- contributors.sh: make 79 the max column width (from 80) -- tool_header_cb: fflush the header stream - - Flush the header stream when -D is used so that they are sent off - earlier. - - Bug: https://github.com/bagder/curl/issues/324 - Reported-by: Cédric Connes +- RELEASE-NOTES: synced with c276aefee3995 -- [Roger Leigh brought this change] +- mbedtls.c: re-indent to better match curl standards - tests: Distribute CMakeLists.txt files in subdirectories +- [Rafael Antonio brought this change] -- CURLOPT_FAILONERROR.3: mention that it closes the connection + mbedtls: fix memory leak when destroying SSL connection data - Reported-by: bemoody - Bug: https://github.com/bagder/curl/issues/325 - -- curl_multi_setopt.3: alpha sort the options + Closes #626 -- curl_multi_setopt.3: add the new push options +- mbedtls: fix ALPN usage segfault + + Since we didn't keep the input argument around after having called + mbedtls, it could end up accessing the wrong memory when figuring out + the ALPN protocols. + + Closes #642 -- [Tatsuhiro Tsujikawa brought this change] +Jay Satiro (9 Feb 2016) +- [Timotej Lazar brought this change] - http2: Use nghttp2 library error code for error return value + opts: update references to renamed options -- [Tatsuhiro Tsujikawa brought this change] +- KNOWN_BUGS: Update #92 - Windows device prefix - http2: Harden header validation for curl_pushheader_byname +- tool_doswin: Support for literal path prefix \\?\ - Since we do prefix match using given header by application code - against header name pair in format "NAME:VALUE", and VALUE part can - contain ":", we have to careful about existence of ":" in header - parameter. ":" should be allowed to match HTTP/2 pseudo-header field, - and other use of ":" in header must be treated as error, and - curl_pushheader_byname should return NULL. This commit implements - this behaviour. - -- [Tatsuhiro Tsujikawa brought this change] - - CURLMOPT_PUSHFUNCTION.3: Remove unused variable - -- CURLMOPT_PUSHFUNCTION.3: added example + For example something like --output \\?\C:\foo -- http2: curl_pushheader_byname now takes a const char * +Daniel Stenberg (9 Feb 2016) +- configure: state "BoringSSL" in summary when that was detected -- http2-serverpush.c: example code +- [David Benjamin brought this change] -- http2: free all header memory after the push callback - -- http2: init the pushed transfer properly - -- http2: fixed the header accessor functions for the push callback - -- http2: setup the new pushed stream properly - -- http2: initial implementation of the push callback - -- http2: initial HTTP/2 server push types/docs - -- test1531: verify POSTFIELDSIZE set after add_handle + openssl: remove most BoringSSL #ifdefs. - Following the fix made in 903b6e05565bf. - -- pretransfer: init state.infilesize here, not in add_handle + As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of + BoringSSL #ifdefs in cURL should be unnecessary: - ... to properly support that options are set to the handle after it is - added to the multi handle. + - BoringSSL provides no-op stubs for compatibility which replaces most + #ifdefs. - Bug: http://curl.haxx.se/mail/lib-2015-06/0122.html - Reported-by: Stefan Bühler - -Jay Satiro (21 Jun 2015) -- [Lior Kaplan brought this change] - - tool_help: fix --tlsv1 help text to use >= for TLSv1 - -- INSTALL: Advise use of non-native SSL for Windows <= XP + - DES_set_odd_parity has been in BoringSSL for nearly a year now. Remove + the compatibility codepath. - Advise that WinSSL in versions <= XP will not be able to connect to - servers that no longer support the legacy handshakes and algorithms used - by those versions, and to use an alternate backend like OpenSSL instead. + - With a small tweak to an extend_key_56_to_64 call, the NTLM code + builds fine. - Bug: https://github.com/bagder/curl/issues/253 - Reported-by: zenden2k - -Kamil Dudka (19 Jun 2015) -- curl_easy_setopt.3: restore contents removed by mistake + - Switch OCSP-related #ifdefs to the more generally useful + OPENSSL_NO_OCSP. - ... in commit curl-7_43_0-18-g570076e - -Daniel Stenberg (19 Jun 2015) -- curl_easy_setopt.3: mention CURLOPT_PIPEWAIT - -Jay Satiro (18 Jun 2015) -- cookie: Fix bug in export if any-domain cookie is present + The only #ifdefs which remain are Curl_ossl_version and the #undefs to + work around OpenSSL and wincrypt.h name conflicts. (BoringSSL leaves + that to the consumer. The in-header workaround makes things sensitive to + include order.) - In 3013bb6 I had changed cookie export to ignore any-domain cookies, - however the logic I used to do so was incorrect, and would lead to a - busy loop in the case of exporting a cookie list that contained - any-domain cookies. The result of that is worse though, because in that - case the other cookies would not be written resulting in an empty file - once the application is terminated to stop the busy loop. - -Dan Fandrich (18 Jun 2015) -- FTP: fixed compiling with --disable-proxy, broken in b88f980a - -Daniel Stenberg (18 Jun 2015) -- tool: always provide negotiate/kerberos options + This change errs on the side of removing conditionals despite many of + the restored codepaths being no-ops. (BoringSSL generally adds no-op + compatibility stubs when possible. OPENSSL_VERSION_NUMBER #ifdefs are + bad enough!) - libcurl can still be built with it, even if the tool is not. Maintain - independence! - -- TODO: Support IDNA2008 + Closes #640 -- [Viktor Szakats brought this change] +Jay Satiro (8 Feb 2016) +- KNOWN_BUGS: Windows device prefix is required for devices - Makefile.m32: add support for CURL_LDFLAG_EXTRAS +- tool_urlglob: Allow reserved dos device names (Windows) - It is similar to existing CURL_CFLAG_EXTRAS, but for - extra linker option. - -- RTSP: removed another piece of dead code + Allow --output to reserved dos device names without the device prefix + for backwards compatibility. + + Example: --output NUL can be used instead of --output \\.\NUL - Coverity CID 1306668 + Bug: https://github.com/curl/curl/commit/4520534#commitcomment-15954863 + Reported-by: Gisle Vanem -- openssl: fix use of uninitialized buffer +Daniel Stenberg (8 Feb 2016) +- cookies: allow spaces in cookie names, cut of trailing spaces - Make sure that the error buffer is always initialized and simplify the - use of it to make the logic easier. + It turns out Firefox and Chrome both allow spaces in cookie names and + there are sites out there using that. - Bug: https://github.com/bagder/curl/issues/318 - Reported-by: sneis - -- examples: more descriptions - -- examples: add descriptions with + Turned out the code meant to strip off trailing space from cookie names + didn't work. Fixed now. + + Test case 8 modified to verify both these changes. - Using this fixed format for example descriptions, we can generate a - better list on the web site. + Closes #639 -- libcurl-errors.3: fix typo +Patrick Monnerat (8 Feb 2016) +- Merge branch 'master' of github.com:curl/curl -- curl_easy_setopt.3: option order doesn't matter +- os400: sync ILE/RPG definitions with latest public header files. -- openssl: fix build with BoringSSL - - OPENSSL_load_builtin_modules does not exist in BoringSSL. Regression - from cae43a1 +Daniel Stenberg (8 Feb 2016) +- [Ludwig Nussel brought this change] -- [Paul Howarth brought this change] + SSLCERTS: update wrt SSL CA certificate store - openssl: Fix build with openssl < ~ 0.9.8f - - The symbol SSL3_MT_NEWSESSION_TICKET appears to have been introduced at - around openssl 0.9.8f, and the use of it in lib/vtls/openssl.c breaks - builds with older openssls (certainly with 0.9.8b, which is the latest - older version I have to try with). +- [Ludwig Nussel brought this change] -- FTP: do the HTTP CONNECT for data connection blocking + configure: --with-ca-fallback: use built-in TLS CA fallback + + When trying to verify a peer without having any root CA certificates + set, this makes libcurl use the TLS library's built in default as + fallback. - ** WORK-AROUND ** + Closes #569 + +- Proxy-Connection: stop sending this header by default - The introduced non-blocking general behaviour for Curl_proxyCONNECT() - didn't work for the data connection establishment unless it was very - fast. The newly introduced function argument makes it operate in a more - blocking manner, more like it used to work in the past. This blocking - approach is only used when the FTP data connecting through HTTP proxy. + RFC 7230 says we should stop. Firefox already stopped. - Blocking like this is bad. A better fix would make it work more - asynchronously. + Bug: https://github.com/curl/curl/issues/633 + Reported-By: Brad Fitzpatrick - Bug: https://github.com/bagder/curl/issues/278 - -- bump: start the journey toward 7.44.0 - -Jay Satiro (17 Jun 2015) -- CURLOPT_ERRORBUFFER.3: Fix example, escape backslashes + Closes #633 -- CURLOPT_ERRORBUFFER.3: Improve example +- bump: work toward the next release -Version 7.43.0 (17 Jun 2015) +- THANKS: 2 contributors from the 7.47.1 release -Daniel Stenberg (17 Jun 2015) -- RELEASE-NOTES: 7.43.0 release +- RELEASE-PROCEDURE: remove the github upload part + + ... as we're HTTPS on the main site now, there's no point in that + extra step -- THANKS: updated with 7.43.0 names +Version 7.47.1 (8 Feb 2016) -- [Kamil Dudka brought this change] +Daniel Stenberg (8 Feb 2016) +- RELEASE-NOTES: curl 7.47.1 time! - http: do not leak basic auth credentials on re-used connections +Jay Satiro (8 Feb 2016) +- tool_operhlp: Check for backslashes in get_url_file_name - CVE-2015-3236 + Extract the filename from the last slash or backslash. Prior to this + change backslashes could be part of the filename. - This partially reverts commit curl-7_39_0-237-g87c4abb + This change needed for the curl tool built for Cygwin. Refer to the + CYGWIN addendum in advisory 20160127B. - Reported-by: Tomas Tomecek, Kamil Dudka - Bug: http://curl.haxx.se/docs/adv_20150617A.html - -- [Kamil Dudka brought this change] + Bug: https://curl.haxx.se/docs/adv_20160127B.html - test2040: verify basic auth on re-used connections +Daniel Stenberg (7 Feb 2016) +- RELEASE-NOTES: synced with d6a8869ea34 -- SMB: rangecheck values read off incoming packet - - CVE-2015-3237 +Jay Satiro (6 Feb 2016) +- openssl: Fix signed/unsigned mismatch warning in X509V3_ext - Detected by Coverity. CID 1299430. + sk_X509_EXTENSION_num may return an unsigned integer, however the value + will fit in an int. - Bug: http://curl.haxx.se/docs/adv_20150617B.html + Bug: https://github.com/curl/curl/commit/dd1b44c#commitcomment-15913896 + Reported-by: Gisle Vanem -Jay Satiro (17 Jun 2015) -- schannel: schannel_recv overhaul - - This commit is several drafts squashed together. The changes from each - draft are noted below. If any changes are similar and possibly - contradictory the change in the latest draft takes precedence. - - Bug: https://github.com/bagder/curl/issues/244 - Reported-by: Chris Araman - - %% - %% Draft 1 - %% - - return 0 if len == 0. that will have to be documented. - - continue on and process the caches regardless of raw recv - - if decrypted data will be returned then set the error code to CURLE_OK - and return its count - - if decrypted data will not be returned and the connection has closed - (eg nread == 0) then return 0 and CURLE_OK - - if decrypted data will not be returned and the connection *hasn't* - closed then set the error code to CURLE_AGAIN --only if an error code - isn't already set-- and return -1 - - narrow the Win2k workaround to only Win2k +Daniel Stenberg (7 Feb 2016) +- TODO: 17.11 -w output to stderr + +Jay Satiro (6 Feb 2016) +- [Michael Kaufmann brought this change] + + idn_win32: Better error checking - %% - %% Draft 2 - %% - - Trying out a change in flow to handle corner cases. + .. also fix a conversion bug in the unused function + curl_win32_ascii_to_idn(). - %% - %% Draft 3 - %% - - Back out the lazier decryption change made in draft2. + And remove wprintfs on error (Jay). - %% - %% Draft 4 - %% - - Some formatting and branching changes - - Decrypt all encrypted cached data when len == 0 - - Save connection closed state - - Change special Win2k check to use connection closed state + Bug: https://github.com/curl/curl/pull/637 + +- [Gisle Vanem brought this change] + + examples/asiohiper: Avoid function name collision on Windows - %% - %% Draft 5 - %% - - Default to CURLE_AGAIN in cleanup if an error code wasn't set and the - connection isn't closed. + closesocket => close_socket + Winsock already has the former. - %% - %% Draft 6 - %% - - Save the last error only if it is an unrecoverable error. + Bug: https://curl.haxx.se/mail/lib-2016-02/0016.html + +- [Gisle Vanem brought this change] + + examples/htmltitle: Use _stricmp on Windows - Prior to this I saved the last error state in all cases; unfortunately - the logic to cover that in all cases would lead to some muddle and I'm - concerned that could then lead to a bug in the future so I've replaced - it by only recording an unrecoverable error and that state will persist. + Bug: https://curl.haxx.se/mail/lib-2016-02/0017.html + +Daniel Stenberg (6 Feb 2016) +- COPYING: clarify that Daniel is not the sole author - - Do not recurse on renegotiation. + ... done on request and as it is a fair point. + +Jay Satiro (5 Feb 2016) +- unit1604: Fix unit setup return code + +- tool_doswin: Use type SANITIZEcode in sanitize_file_name + +- tool_doswin: Improve sanitization processing - Instead we'll continue on to process any trailing encrypted data - received during the renegotiation only. + - Add unit test 1604 to test the sanitize_file_name function. - - Move the err checks in cleanup after the check for decrypted data. + - Use -DCURL_STATICLIB when building libcurltool for unit testing. - In either case decrypted data is always returned but I think it's easier - to understand when those err checks come after the decrypted data check. + - Better detection of reserved DOS device names. - %% - %% Draft 7 - %% - - Regardless of len value go directly to cleanup if there is an - unrecoverable error or a close_notify was already received. Prior to - this change we only acknowledged those two states if len != 0. + - New flags to modify sanitize behavior: - - Fix a bug in connection closed behavior: Set the error state in the - cleanup, because we don't know for sure it's an error until that time. + SANITIZE_ALLOW_COLONS: Allow colons + SANITIZE_ALLOW_PATH: Allow path separators and colons + SANITIZE_ALLOW_RESERVED: Allow reserved device names + SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename - - (Related to above) In the case the connection is closed go "greedy" - with the decryption to make sure all remaining encrypted data has been - decrypted even if it is not needed at that time by the caller. This is - necessary because we can only tell if the connection closed gracefully - (close_notify) once all encrypted data has been decrypted. + - Restore sanitization of banned characters from user-specified outfile. - - Do not renegotiate when an unrecoverable error is pending. + Prior to this commit sanitization of a user-specified outfile was + temporarily disabled in 2b6dadc because there was no way to allow path + separators and colons through while replacing other banned characters. + Now in such a case we call the sanitize function with + SANITIZE_ALLOW_PATH which allows path separators and colons to pass + through. - %% - %% Draft 8 - %% - - Don't show 'server closed the connection' info message twice. - - Show an info message if server closed abruptly (missing close_notify). + Closes https://github.com/curl/curl/issues/624 + Reported-by: Octavio Schroeder + +- [Viktor Szakats brought this change] -Daniel Stenberg (16 Jun 2015) -- [Paul Oliver brought this change] + URLs: change more http to https - Fix typo in docs +- sasl_sspi: Fix memory leak in domain populate + + Free an existing domain before replacing it. - s/curret/current/ + Bug: https://github.com/curl/curl/issues/635 + Reported-by: silveja1@users.noreply.github.com +Daniel Stenberg (4 Feb 2016) - [Viktor Szakats brought this change] - docs: update URLs - -- RELEASE-NOTES: synced with f29f2cbd00dbe5f + URLs: follow GitHub project rename (also Travis CI) + + Closes #632 -- [Viktor Szakats brought this change] +- CHANGES.o: fix references to curl.haxx.nu + + I removed the scheme prefix from the URLs references this host name, as + we don't own/run that anymore but the name is kept for historic reasons. - README: use secure protocol for Git repository +- HISTORY: add some info about when we used which host names +Jay Satiro (2 Feb 2016) - [Viktor Szakats brought this change] - HTTP2.md: use SSL/TLS IETF URLs + URLs: change more http to https -- [Viktor Szakats brought this change] +Dan Fandrich (3 Feb 2016) +- URLs: Change more haxx.se URLs from http: to https: - LICENSE-MIXING: update URLs - - * use SSL/TLS where available - * follow permanent redirects +Daniel Stenberg (3 Feb 2016) +- RELEASE-NOTES: synced with 4af40b364 -- LICENSE-MIXING: refreshed +- URLs: change all http:// URLs to https:// -- curl_easy_duphandle: see also *reset +- configure: update the copyright year range in output -- rtsp_do: fix DEAD CODE +- dotdot: allow an empty input string too - "At condition p_request, the value of p_request cannot be NULL." + It isn't used by the code in current conditions but for safety it seems + sensible to at least not crash on such input. - Coverity CID 1306668. + Extended unit test 1395 to verify this too as well as a plain "/" input. -- security:choose_mech fix DEAD CODE warning - - ... by removing the "do {} while (0)" block. - - Coverity CID 1306669 +- HTTPS: update a bunch of URLs from HTTP to HTTPS -- curl.1: netrc is in man section 5 +- [Sergei Nikulov brought this change] -- curl.1: small format fix + AppVeyor: updated to handle OpenSSL/WinSSL builds - use \fI-style instead of .BR for references + Closes #621 -- urldata: store POST size in state.infilesize too +Jay Satiro (1 Feb 2016) +- tool_operate: Don't sanitize --output path (Windows) + + Due to path separators being incorrectly sanitized in --output + pathnames, eg -o c:\foo => c__foo - ... to simplify checking when PUT _or_ POST have completed. + This is a partial revert of 3017d8a until I write a proper fix. The + remote-name will continue to be sanitized, but if the user specified an + --output with string replacement (#1, #2, etc) that data is unsanitized + until I finish a fix. - Reported-by: Frank Meier - Bug: http://curl.haxx.se/mail/lib-2015-06/0019.html + Bug: https://github.com/bagder/curl/issues/624 + Reported-by: Octavio Schroeder -Dan Fandrich (14 Jun 2015) -- test1530: added http to required features +- curl.1: Explain remote-name behavior if file already exists + + .. also warn about letting the server pick the filename. -Jay Satiro (14 Jun 2015) -- [Drake Arconis brought this change] +- [Gisle Vanem brought this change] - build: Fix typo from OpenSSL 1.0.2 version detection fix + urldata: Error on missing SSL backend-specific connect info -- [Drake Arconis brought this change] +Daniel Stenberg (28 Jan 2016) +- bump: towards the next (7.47.1 ?) - build: Properly detect OpenSSL 1.0.2 when using configure +- [Sergei Nikulov brought this change] -- curl_multi_info_read.3: fix example formatting + cmake: fixed when OpenSSL enabled on Windows and schannel detected + + Closes #617 -Daniel Stenberg (13 Jun 2015) -- BINDINGS: there's a new R binding in town! +Jay Satiro (28 Jan 2016) +- [Sergei Nikulov brought this change] -- BINDINGS: added the Xojo binding + urldata: moved common variable out of ifdef + + Closes https://github.com/bagder/curl/pull/618 -Jay Satiro (11 Jun 2015) -- [Joel Depooter brought this change] +- [Viktor Szakats brought this change] - schannel: Add support for optional client certificates + tool_doswin: silence unused function warning - Some servers will request a client certificate, but not require one. - This change allows libcurl to connect to such servers when using - schannel as its ssl/tls backend. When a server requests a client - certificate, libcurl will now continue the handshake without one, - rather than terminating the handshake. The server can then decide - if that is acceptable or not. Prior to this change, libcurl would - terminate the handshake, reporting a SEC_I_INCOMPLETE_CREDENTIALS - error. + tool_doswin.c:185:14: warning: 'msdosify' defined but not used + [-Wunused-function] + + Closes https://github.com/bagder/curl/pull/616 -Daniel Stenberg (11 Jun 2015) -- curl_easy_cleanup.3: provide more SEE ALSO +Daniel Stenberg (27 Jan 2016) +- getredirect.c: fix variable name + + Reported-by: Bernard Spil -- debug: remove http2 debug leftovers +Version 7.47.0 (27 Jan 2016) -- VERSIONS: now using markdown +Daniel Stenberg (27 Jan 2016) +- examples/Makefile.inc: specify programs without .c! -- RELEASE-PROCEDURE: remove ascii logo at the top of file +- THANKS: 6 new contributors from 7.47.0 release notes -- INTERNALS: absorbed docs/LIBCURL-STRUCTS +- [Isaac Boukris brought this change] -- INTERNALS: cat lib/README* >> INTERNALS + NTLM: Fix ConnectionExists to compare Proxy credentials - and a conversion to markdown. Removed the lib/README.* files. The idea - being to move toward having INTERNALS as the one and only "book" of - internals documentation. + Proxy NTLM authentication should compare credentials when + re-using a connection similar to host authentication, as it + authenticate the connection. - Added a TOC to top of the document. - -Jay Satiro (8 Jun 2015) -- openssl: LibreSSL and BoringSSL do not use TLS_client_method + Example: + curl -v -x http://proxy:port http://host/ -U good_user:good_pwd + --proxy-ntlm --next -x http://proxy:port http://host/ + [-U fake_user:fake_pwd --proxy-ntlm] - Although OpenSSL 1.1.0+ deprecated SSLv23_client_method in favor of - TLS_client_method LibreSSL and BoringSSL didn't and still use - SSLv23_client_method. + CVE-2016-0755 - Bug: https://github.com/bagder/curl/commit/49a6642#commitcomment-11578009 - Reported-by: asavah@users.noreply.github.com + Bug: http://curl.haxx.se/docs/adv_20160127A.html -Daniel Stenberg (9 Jun 2015) -- RELEASE-NOTES: synced with 20ac3458068 +- [Ray Satiro brought this change] -- CURLOPT_OPENSOCKETFUNCTION: return error at once + curl: avoid local drive traversal when saving file (Windows) + + curl does not sanitize colons in a remote file name that is used as the + local file name. This may lead to a vulnerability on systems where the + colon is a special path character. Currently Windows/DOS is the only OS + where this vulnerability applies. + + CVE-2016-0754 + + Bug: http://curl.haxx.se/docs/adv_20160127B.html + +- RELEASE-NOTES: 7.47.0 + +- FAQ: language fix in 4.19 + +- [paulehoffman brought this change] + + FAQ: Update to point to GitHub + + Current FAQ didn't make it clear where the main repo is. + + Closes #612 + +- maketgz: generate date stamp with LC_TIME=C + + bug: http://curl.haxx.se/mail/lib-2016-01/0123.html + +- curl_multi_socket_action.3: line wrap + +- RELEASE-NOTES: synced with d58ba66eeceb + +Steve Holme (21 Jan 2016) +- TODO: "Create remote directories" for SMB + +Jay Satiro (18 Jan 2016) +- mbedtls: Fix pinned key return value on fail + + - Switch from verifying a pinned public key in a callback during the + certificate verification to inline after the certificate verification. + + The callback method had three problems: + + 1. If a pinned public key didn't match, CURLE_SSL_PINNEDPUBKEYNOTMATCH + was not returned. + + 2. If peer certificate verification was disabled the pinned key + verification did not take place as it should. + + 3. (related to #2) If there was no certificate of depth 0 the callback + would not have checked the pinned public key. + + Though all those problems could have been fixed it would have made the + code more complex. Instead we now verify inline after the certificate + verification in mbedtls_connect_step2. + + Ref: http://curl.haxx.se/mail/lib-2016-01/0047.html + Ref: https://github.com/bagder/curl/pull/601 + +- tests: Add a test for pinnedpubkey fail even when insecure + + Because disabling the peer verification (--insecure) must not disable + the public key pinning check (--pinnedpubkey). + +- [Daniel Schauenberg brought this change] + + CURLINFO_RESPONSE_CODE.3: add example + +Kamil Dudka (15 Jan 2016) +- ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL + + The CURLOPT_SSH_PUBLIC_KEYFILE option has been documented to handle + empty strings specially since curl-7_25_0-31-g05a443a but the behavior + was unintentionally removed in curl-7_38_0-47-gfa7d04f. + + This commit restores the original behavior and clarifies it in the + documentation that NULL and "" have both the same meaning when passed + to CURLOPT_SSH_PUBLIC_KEYFILE. + + Bug: http://curl.haxx.se/mail/lib-2016-01/0072.html + +Daniel Stenberg (14 Jan 2016) +- RELEASE-NOTES: synced with 35083ca60ed035a + +- openssl: improved error detection/reporting + + ... by extracting the LIB + REASON from the OpenSSL error code. OpenSSL + 1.1.0+ returned a new func number of another cerfificate fail so this + required a fix and this is the better way to catch this error anyway. + +- openssl: for 1.1.0+ they now provide a SSLeay() macro of their own + +- CURLOPT_RESOLVE.3: minor language polish + +- configure: assume IPv6 works when cross-compiled + + The configure test uses AC_TRY_RUN to figure out if an ipv6 socket + works, and testing like that doesn't work for cross-compiles. These days + IPv6 support is widespread so a blind guess is probably more likely to + be 'yes' than 'no' now. + + Further: anyone who cross-compiles can use configure's --disable-ipv6 to + explicitly disable IPv6 and that also works for cross-compiles. + + Made happen after discussions in issue #594 + +- TODO: "Try to URL encode given URL" + + Closes #514 + +- ConnectionExists: only do pipelining/multiplexing when asked + + When an HTTP/2 upgrade request fails (no protocol switch), it would + previously detect that as still possible to pipeline on (which is + acorrect) and do that when PIPEWAIT was enabled even if pipelining was + not explictily enabled. + + It should only pipelined if explicitly asked to. + + Closes #584 + +- [Mohammad AlSaleh brought this change] + + lib: Prefix URLs with lower-case protocol names/schemes + + Before this patch, if a URL does not start with the protocol + name/scheme, effective URLs would be prefixed with upper-case protocol + names/schemes. This behavior might not be expected by library users or + end users. + + For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the + URL is "hostname/path". The effective URL would be + "HTTPS://hostname/path" instead of "https://hostname/path". + + After this patch, effective URLs would be prefixed with a lower-case + protocol name/scheme. + + Closes #597 + + Signed-off-by: Mohammad AlSaleh + +- [Alessandro Ghedini brought this change] + + scripts: don't generate and install zsh completion when cross-compiling + +- [Alessandro Ghedini brought this change] + + scripts: fix zsh completion generation + + The script should use the just-built curl, not the system one. This fixes + zsh completion generation when no system curl is installed. + +- [Alessandro Ghedini brought this change] + + zsh.pl: fail if no curl is found + + Instead of generation a broken completion file. + +- [Michael Kaufmann brought this change] + + IDN host names: Remove the port number before converting to ACE + + Closes #596 + +Jay Satiro (10 Jan 2016) +- runtests: Add mbedTLS to the SSL backends + + .. and enable SSLpinning tests for mbedTLS, BoringSSL and LibreSSL. + +Daniel Stenberg (10 Jan 2016) +- [Thomas Glanzmann brought this change] + + mbedtls: implement CURLOPT_PINNEDPUBLICKEY + +Jay Satiro (9 Jan 2016) +- [Tatsuhiro Tsujikawa brought this change] + + url: Fix compile error with --enable-werror + +- [Tatsuhiro Tsujikawa brought this change] + + http2: Ensure that http2_handle_stream_close is called + + Previously, when HTTP/2 is enabled and used, and stream has content + length known, Curl_read was not called when there was no bytes left to + read. Because of this, we could not make sure that + http2_handle_stream_close was called for every stream. Since we use + http2_handle_stream_close to emit trailer fields, they were + effectively ignored. This commit changes the code so that Curl_read is + called even if no bytes left to read, to ensure that + http2_handle_stream_close is called for every stream. + + Discussed in https://github.com/bagder/curl/pull/564 + +Daniel Stenberg (8 Jan 2016) +- http2: handle the received SETTINGS frame + + This regression landed in 5778e6f5 and made libcurl not act on received + settings and instead stayed with its internal defaults. + + Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html + Reported-by: Bankde + +- Revert "multiplex: allow only once HTTP/2 is actually used" + + This reverts commit 46cb70e9fa81c9a56de484cdd7c5d9d0d9fbec36. + + Bug: http://curl.haxx.se/mail/lib-2016-01/0031.html + +Jay Satiro (8 Jan 2016) +- [Tatsuhiro Tsujikawa brought this change] + + http2: Fix PUSH_PROMISE headers being treated as trailers + + Discussed in https://github.com/bagder/curl/pull/564 + +Daniel Stenberg (8 Jan 2016) +- [Michael Kaufmann brought this change] + + connection reuse: IDN host names fixed + + Use the ACE form of IDN hostnames as key in the connection cache. Add + new tests. + + Closes #592 + +- tests: mark IPv6 FTP and FTPS tests with the FTP keyword + +Jay Satiro (7 Jan 2016) +- mbedtls: Fix ALPN support + + - Fix ALPN reply detection. + + - Wrap nghttp2 code in ifdef USE_NGHTTP2. + + + Prior to this change ALPN and HTTP/2 did not work properly in mbedTLS. + +- http2: Fix client write for trailers on stream close + + Check that the trailer buffer exists before attempting a client write + for trailers on stream close. + + Refer to comments in https://github.com/bagder/curl/pull/564 + +Daniel Stenberg (7 Jan 2016) +- COPYING: update general copyright year range + +- ConnectionExists: add missing newline in infof() call + + Mistake from commit a464f33843ee1 + +- multiplex: allow only once HTTP/2 is actually used + + To make sure curl doesn't allow multiplexing before a connection is + upgraded to HTTP/2 (like when Upgrade: h2c fails), we must make sure the + connection uses HTTP/2 as well and not only check what's wanted. + + Closes #584 + + Patch-by: c0ff + +Jay Satiro (4 Jan 2016) +- curl_global_init.3: Add Windows-specific info for init via DLL + + - Add to both curl_global_init.3 and libcurl.3 the caveat for Windows + that initializing libcurl via a DLL's DllMain or static initializer + could cause a deadlock. + + Bug: https://github.com/bagder/curl/issues/586 + Reported-by: marc-groundctl@users.noreply.github.com + +Daniel Stenberg (4 Jan 2016) +- FAQ: clarify who to mail about ECCN clarifications + +- progressfunc.c: spellfix description + +- docs/examples/multi-app.c: fix bad desc formatting + +- examples: added descriptions + +- example/simple.c: add description + +- getredirect.c: a new example + +Marc Hoersken (27 Dec 2015) +- RELEASE-NOTES: add 5e0e81a9c4e35f04ca + +Daniel Stenberg (26 Dec 2015) +- RELEASE-NOTES: synced with 2aec4359db1088b10d + +Marc Hoersken (26 Dec 2015) +- test 1515: add data check + +- test 1515: add MSYS support by passing a relative path + + MSYS would otherwise turn a /-style path into a C:\-style path. + +- test 539: use datacheck mode text for ASCII-mode LISTings + + While still using datacheck mode binary for the inline reply data. + +- runtests.pl: check up to 5 data parts with different text modes + + Move the text-mode conversion for reply/replycheck from the verify + section into the load section and add support for 4 more check parts. + +Daniel Stenberg (24 Dec 2015) +- CURLOPT_RANGE: for HTTP servers, range support is optional + +Marc Hoersken (24 Dec 2015) +- tests 1048 and 1050: use datacheck mode text for ASCII-mode LISTings + +- tests 706 and 707: use datacheck mode text for ASCII-mode LISTings + +- tests 400,403,406: use datacheck mode text for ASCII-mode LISTings + +- sockfilt.c: fix calculation of sleep timeout on Windows - When CURL_SOCKET_BAD is returned in the callback, it should be treated - as an error (CURLE_COULDNT_CONNECT) if no other socket is subsequently - created when trying to connect to a server. + Not converting to double caused small timeouts to be skipped. + +- tests first.c: fix calculation of sleep timeout on Windows - Bug: http://curl.haxx.se/mail/lib-2015-06/0047.html + Not converting to double caused small timeouts to be skipped. -- fopen.c: fix a few compiler warnings +- test 573: add more debug output + +- ftplistparser.c: fix handling of file LISTings using Windows EOL + + Previously file.txt[CR][LF] would have been returned as file.tx + (without the last t) if filetype is symlink. Now the t is + included and the internal item_length includes the zero byte. + + Spotted using test 576 on Windows. -- [Ville Skyttä brought this change] +- test 16: fix on Linux (and Windows) by using plain ASCII characters + + Follow up on b064ff0c351bb287557228575ef4c1d079b866fb, thanks Daniel. - docs: Spelling fixes +- tftpd server: add Windows support by writing files in binary mode -- [Ville Skyttä brought this change] +- tests 252-255: use datacheck mode text for ASCII-mode LISTings - docs: man page indentation and syntax fixes +- test 16: fix on Windows by converting data file from ANSI to UTF-8 + +Daniel Stenberg (23 Dec 2015) +- Makefile.inc: s/curl_SOURCES/CURL_FILES + + This allows the root Makefile.am to include the Makefile.inc without + causing automake to warn on it (variables named *_SOURCES are + magic). curl_SOURCES is then instead assigned properly in + src/Makefile.am only. + + Closes #577 + +- [Anders Bakken brought this change] + + ConnectionExists: with *PIPEWAIT, wait for connections + + Try harder to prevent libcurl from opening up an additional socket when + CURLOPT_PIPEWAIT is set. Accomplished by letting ongoing TCP and TLS + handshakes complete first before the decision is made. + + Closes #575 + +- [Anders Bakken brought this change] + + Add .dir-locals and set c-basic-offset to 2. + + This makes it easier for emacs users to automatically get the right + 2-space indentation when they edit curl source files. + + c++-mode is in there as well because Emacs can't easily know if + something is a C or C++ header. + + Closes #574 + +- [Johannes Schindelin brought this change] + + configure: detect IPv6 support on Windows + + This patch was "nicked" from the MINGW-packages project by Daniel. + + https://github.com/Alexpux/MINGW-packages/commit/9253d0bf58a1486e91f7efb5316e7fdb48fa4007 + Signed-off-by: Johannes Schindelin + +- configure: allow static builds on mingw + + This patch is adopted from the MINGW-packages project. It makes it + possible to build curl both shared and static again. + + URL: https://github.com/Alexpux/MINGW-packages/tree/master/mingw-w64-curl + +Marc Hoersken (17 Dec 2015) +- test 1326: fix file check since curl is outputting binary data + +- test 1326: fix getting stuck on Windows due to incomplete request + + The request needs to be read and send in binary mode in order to use + CRLF instead of LF. Adding --upload-file - causes curl to read stdin + in binary mode. + +Daniel Stenberg (17 Dec 2015) +- RELEASE-NOTES: command line option recount + +Dan Fandrich (16 Dec 2015) +- scripts/Makefile: build zsh script even in an out-of-tree build + +Marc Hoersken (16 Dec 2015) +- sockfilt.c: added some debug output to select_ws + +- sockfilt.c: keep lines shorter than 80 chars + +- sockfilt.c: do not wait on unreliable file or pipe handle + + The previous implementation caused issues on modern MSYS2 runtimes. + +Daniel Stenberg (16 Dec 2015) +- cyassl: deal with lack of *get_peer_certificate + + The function is only present in wolfssl/cyassl if it was built with + --enable-opensslextra. With these checks added, pinning support is disabled + unless the TLS lib has that function available. + + Also fix the mistake in configure that checks for the wrong lib name. + + Closes #566 + +- wolfssl: handle builds without SSLv3 support + +- [Tatsuhiro Tsujikawa brought this change] + + http2: Support trailer fields + + This commit adds trailer support in HTTP/2. In HTTP/1.1, chunked + encoding must be used to send trialer fields. HTTP/2 deprecated any + trandfer-encoding, including chunked. But trailer fields are now + always available. + + Since trailer fields are relatively rare these days (gRPC uses them + extensively though), allocating buffer for trailer fields is done when + we detect that HEADERS frame containing trailer fields is started. We + use Curl_add_buffer_* functions to buffer all trailers, just like we + do for regular header fields. And then deliver them when stream is + closed. We have to be careful here so that all data are delivered to + upper layer before sending trailers to the application. + + We can deliver trailer field one by one using NGHTTP2_ERR_PAUSE + mechanism, but current method is far more simple. + + Another possibility is use chunked encoding internally for HTTP/2 + traffic. I have not tested it, but it could add another overhead. + + Closes #564 -Linus Nielsen (8 Jun 2015) -- help: Add --proxy-service-name and --service-name to the --help output +- RELEASE-NOTES: synced with 6c2c019654e658a -Jay Satiro (7 Jun 2015) -- openssl: Fix verification of server-sent legacy intermediates +Jay Satiro (15 Dec 2015) +- x509asn1: Fix host altname verification - - Try building a chain using issuers in the trusted store first to avoid - problems with server-sent legacy intermediates. + - In Curl_verifyhost check all altnames in the certificate. - Prior to this change server-sent legacy intermediates with missing - legacy issuers would cause verification to fail even if the client's CA - bundle contained a valid replacement for the intermediate and an - alternate chain could be constructed that would verify successfully. + Prior to this change only the first altname was checked. Only the GSKit + SSL backend was affected by this bug. - https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest + Bug: http://curl.haxx.se/mail/lib-2015-12/0062.html + Reported-by: John Kohl -Daniel Stenberg (5 Jun 2015) -- BINDINGS: update several URLs +Daniel Stenberg (15 Dec 2015) +- curl --expect100-timeout: added - Stop linking to the curl.haxx.se anchor pages, they are usually only - themselves pointers to the real page so better point there directly - instead. + This is the new command line option to set the value for the existing + libcurl option CURLOPT_EXPECT_100_TIMEOUT_MS -- BINDINGS: the curl-rust binding +- cyassl: fix compiler warning on type conversion -- curl.h: add CURL_HTTP_VERSION_2 - - The protocol is named "HTTP/2" after all. It is an alias for the - existing CURL_HTTP_VERSION_2_0 enum. +- curlver: the pending release will become 7.47.0 -- openssl: removed error string #ifdef - - ERR_error_string_n() was introduced in 0.9.6, no need to #ifdef anymore +- [Anders Bakken brought this change] -- openssl: removed USERDATA_IN_PWD_CALLBACK kludge + setstropt: const-correctness - Code for OpenSSL 0.9.4 serves no purpose anymore! + Closes #565 -- openssl: remove SSL_get_session()-using code - - It was present for OpenSSL 0.9.5 code but we only support 0.9.7 or - later. +- ROADMAP: implemented HTTP2 for HTTPS-only -- openssl: remove dummy callback use from SSL_CTX_set_verify() - - The existing callback served no purpose. +- HTTP2.md: spell fix and remove TODO now implemented -- LIBCURL-STRUCTS: clarify for multiplexing +- libressl: the latest openssl x509 funcs are not in libressl -Jay Satiro (3 Jun 2015) -- cookie: Stop exporting any-domain cookies +- curl: use 2TLS by default - Prior to this change any-domain cookies (cookies without a domain that - are sent to any domain) were exported with domain name "unknown". + Make this the default for the curl tool (if built with HTTP/2 powers + enabled) unless a specific HTTP version is requested on the command + line. - Bug: https://github.com/bagder/curl/issues/292 + This should allow more users to get HTTP/2 powers without having to + change anything. -Daniel Stenberg (3 Jun 2015) -- RELEASE-PROCEDURE: refreshed 'coming dates' +- http: add libcurl option to allow HTTP/2 for HTTPS only + + ... and stick to 1.1 for HTTP. This is in line with what browsers do and + should have very little risk. -Jay Satiro (2 Jun 2015) -- curl_setup: Change fopen text macros to use 't' for MSDOS +- openssl: adapt to openssl >= 1.1.0 X509 opaque structs - Bug: https://github.com/bagder/curl/pull/258#issuecomment-107915198 - Reported-by: Gisle Vanem + Closes #491 -Daniel Stenberg (2 Jun 2015) -- curl_multi_timeout.3: added example +- openssl: avoid BIO_reset() warnings since it returns a value -- curl_multi_perform.3: added example +- openssl: adapt to 1.1.0+ name changes -- curl_multi_info_read.3: added example +- scripts/makefile: add standard header -- checksrc: detect fopen() for text without the FOPEN_* macros +- scripts/Makefile: fix GNUism and survive no perl - Follow-up to e8423f9ce150 with discussionis in - https://github.com/bagder/curl/pull/258 + Closes #555 - This check scans for fopen() with a mode string without 'b' present, as - it may indicate that an FOPEN_* define should rather be used. + Reported-by: Thomas Klausner + +- fix b6d5cb40d7038fe -- curl_getdate.3: update RFC reference +- [Tatsuhiro Tsujikawa brought this change] -Jay Satiro (1 Jun 2015) -- curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT - - - Change fopen calls to use FOPEN_READTEXT instead of "r" or "rt" - - Change fopen calls to use FOPEN_WRITETEXT instead of "w" or "wt" - - This change is to explicitly specify when we need to read/write text. - Unfortunately 't' is not part of POSIX fopen so we can't specify it - directly. Instead we now have FOPEN_READTEXT, FOPEN_WRITETEXT. + http2: Fix hanging paused stream - Prior to this change we had an issue on Windows if an application that - uses libcurl overrides the default file mode to binary. The default file - mode in Windows is normally text mode (translation mode) and that's what - libcurl expects. + When NGHTTP2_ERR_PAUSE is returned from data_source_read_callback, we + might not process DATA frame fully. Calling nghttp2_session_mem_recv() + again will continue to process DATA frame, but if there is no incoming + frames, then we have to call it again with 0-length data. Without this, + on_stream_close callback will not be called, and stream could be hanged. - Bug: https://github.com/bagder/curl/pull/258#issuecomment-107093055 - Reported-by: Orgad Shaneh + Bug: http://curl.haxx.se/mail/lib-2015-11/0103.html + Reported-by: Francisco Moraes -Daniel Stenberg (1 Jun 2015) -- http2-upload.c: use PIPEWAIT for playing HTTP/2 better +- [Christian Stewart brought this change] -- http2-download: check for CURLPIPE_MULTIPLEX properly + build: fix compilation error with CURL_DISABLE_VERBOSE_STRINGS - Bug: http://curl.haxx.se/mail/lib-2015-06/0001.html - Reported-by: Rafayel Mkrtchyan - -- [Isaac Boukris brought this change] - - HTTP-NTLM: fail auth on connection close instead of looping + With curl disable verbose strings in http.c the compilation fails due to + the data variable being undefined later on in the function. - Bug: https://github.com/bagder/curl/issues/256 - -- 5.6 Refuse "downgrade" redirects - -- README.pingpong: removed - -- ROADMAP: remove HTTP/2 multiplexing - its here now - -- HTTP2.md: formatted properly + Closes #558 -- HTTP2: moved docs into docs/ and make it markdown +Jay Satiro (7 Dec 2015) +- [Gisle Vanem brought this change] -- README.http2: refreshed and added multiplexing info + config-win32: Fix warning HAVE_WINSOCK2_H undefined -- dist: add the http2 examples +- [Gisle Vanem brought this change] -- http2 examples: clean up some comments + openssl: BoringSSL doesn't have CONF_modules_free -- examples: added two programs doing multiplexed HTTP/2 +- [Gisle Vanem brought this change] -- scripts: moved contributors.sh and contrithanks.sh into subdir + lwip: Fix compatibility issues with later versions + + The name of the header guard in lwIP's has changed from + '__LWIP_OPT_H__' to 'LWIP_HDR_OPT_H' (bug #35874 in May 2015). + + Other fixes: + + - In curl_setup.h, the problem with an old PSDK doesn't apply if lwIP is + used. + + - In memdebug.h, the 'socket' should be undefined first due to lwIP's + lwip_socket() macro. + + - In curl_addrinfo.c lwIP's getaddrinfo() + freeaddrinfo() macros need + special handling because they were undef'ed in memdebug.h. + + - In select.c we can't use preprocessor conditionals inside select if + MSVC and select is a macro, as it is with lwIP. + + http://curl.haxx.se/mail/lib-2015-12/0023.html + http://curl.haxx.se/mail/lib-2015-12/0024.html -- RELEASE-NOTES: synced with c005790ff1c0a +Patrick Monnerat (7 Dec 2015) +- os400: define CURL_VERSION_PSL in ILE/RPG binding -- [Daniel Melani brought this change] +Jay Satiro (7 Dec 2015) +- [Gisle Vanem brought this change] - openssl: typo in comment + version: Add flag CURL_VERSION_PSL for libpsl -Jay Satiro (27 May 2015) -- openssl: Use TLS_client_method for OpenSSL 1.1.0+ +- formdata: Check if length is too large for memory - SSLv23_client_method is deprecated starting in OpenSSL 1.1.0. The - equivalent is TLS_client_method. + - If the size of the length type (curl_off_t) is greater than the size + of the size_t type then check before allocating memory to make sure the + value of length will fit in a size_t without overflow. If it doesn't + then return CURLE_BAD_FUNCTION_ARGUMENT. - https://github.com/openssl/openssl/commit/13c9bb3#diff-708d3ae0f2c2973b272b811315381557 + Bug: https://github.com/bagder/curl/issues/425#issuecomment-154518679 + Reported-by: Steve Holme -Daniel Stenberg (26 May 2015) -- FAQ: How do I port libcurl to my OS? +Steve Holme (3 Dec 2015) +- tests: Corrected copy and pasted comments from commit e643c5c908 -Jay Satiro (25 May 2015) -- CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain - - Document that if Set-Cookie is used without a domain then the cookie is - sent for any domain and will not be modified. +Daniel Stenberg (3 Dec 2015) +- curl: remove keepalive #ifdef checks done on libcurl's behalf - Bug: http://curl.haxx.se/mail/lib-2015-05/0137.html - Reported-by: Alexander Dyagilev - -Daniel Stenberg (25 May 2015) -- [Tatsuhiro Tsujikawa brought this change] + They didn't match the ifdef logic used within libcurl anyway so they + could indeed warn for the wrong case - plus the tool cannot know how the + lib actually performs at that level. - http2: Copy data passed in Curl_http2_switched into HTTP/2 connection buffer - - Previously, after seeing upgrade to HTTP/2, we feed data followed by - upgrade response headers directly to nghttp2_session_mem_recv() in - Curl_http2_switched(). But it turns out that passed buffer, mem, is - part of stream->mem, and callbacks called by - nghttp2_session_mem_recv() will write stream specific data into - stream->mem, overwriting input data. This will corrupt input, and - most likely frame length error is detected by nghttp2 library. The - fix is first copy the passed data to HTTP/2 connection buffer, - httpc->inbuf, and call nghttp2_session_mem_recv(). +Steve Holme (2 Dec 2015) +- test947: Corrected typo in test name -Jay Satiro (24 May 2015) -- CURLOPT_COOKIE.3: Explain that the cookies won't be modified +- tests: Disable the OAUTHBEARER tests when using a non-default port number - The CURLOPT_COOKIE doc says it "sets the cookie header explicitly in the - outgoing request(s)." However there seems to be some user confusion - about cookie modification. Document that the cookies set by this option - are not modified by the cookie engine. + Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail + if a custom port number is specified via the -b option of runtests.pl. - Bug: http://curl.haxx.se/mail/lib-2015-05/0115.html - Reported-by: Alexander Dyagilev - -- CURLOPT_COOKIELIST.3: Add example + Suggested by: Kamil Dudka + Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html -Dan Fandrich (24 May 2015) -- testcurl.pl: use rel2abs to make the source directory absolute +Daniel Stenberg (2 Dec 2015) +- bump: towards next release - This function makes a platform-specific absolute path which uses - backslashes on Windows. This form works when passing it on the - command-line, as well as if the source is on another drive. + for all we know now, it might be called 7.46.1 -- conncache: fixed memory leak on OOM (torture tests) +Version 7.46.0 (1 Dec 2015) -Daniel Stenberg (24 May 2015) -- perl: remove subdir, not touched in 9 years +Daniel Stenberg (1 Dec 2015) +- RELEASE-NOTES: updated contributor count for 7.46.0 -- log2changes.pl: moved to scripts/ +- THANKS: new contributors from the 7.46.0 release -- [Alessandro Ghedini brought this change] +- THANKS-filter: single Tim Rühsen spelling - scripts: add zsh.pl for generating zsh completion +- docs/examples: gitignore some more built examples -Dan Fandrich (23 May 2015) -- test1510: another flaky test +- RELEASE-NOTES; this bug was never released -Daniel Stenberg (22 May 2015) -- security: fix "Unchecked return value" from sscanf() - - By (void) prefixing it and adding a comment. Did some minor related - cleanups. - - Coverity CID 1299423. +- RELEASE-NOTES: synced with e55f15454efacb0 -- security: simplify choose_mech - - Coverity CID 1299424 identified dead code because of checks that could - never equal true (if the mechanism's name was NULL). - - Simplified the function by removing a level of pointers and removing the - loop and array that weren't used. +- [Flavio Medeiros brought this change] -- RTSP: catch attempted unsupported requests better - - Replace use of assert with code that properly catches bad input at - run-time even in non-debug builds. + Curl_read_plain: clean up ifdefs that break statements - This flaw was sort of detected by Coverity CID 1299425 which claimed the - "case RTSPREQ_NONE" was dead code. + Closes #546 -- share_init: fix OOM crash - - A failed calloc() would lead to NULL pointer use. - - Coverity CID 1299427. +- http2: convert some verbose output into debug-only output -- parse_proxy: switch off tunneling if non-HTTP proxy - - non-HTTP proxy implies not using CURLOPT_HTTPPROXYTUNNEL +- http2 push: add missing inits of new stream - Bug: http://curl.haxx.se/mail/lib-2015-05/0056.html - Reported-by: Sean Boudreau + - set the correct stream_id for pushed streams + - init maxdownload and size properly -- curl: fix potential NULL dereference +- http2 push: set weight for new stream - Coverity CID 1299428: Dereference after null check (FORWARD_NULL) + give the new stream the old one's stream_weight internally to avoid + sending a PRIORITY frame unless asked for it -- http2: on_frame_recv: return early on stream 0 +- curl_setup.h: undef freeaddrinfo in c-ares block to fix build - Coverity CID 1299426 warned about possible NULL dereference otherwise, - but that would only ever happen if we get invalid HTTP/2 data with - frames for stream 0. Avoid this risk by returning early when stream 0 is - used. + Fixes warnings 78c25c854a added. -- http: removed self assignment +- nonblock: fix setting non-blocking mode for Amiga - Follow-up fix from b0143a2a33f0 + IoctlSocket() apparently wants a pointer to a long, passed as a char * + in its third parameter. This bug was introduced already back in commit + c5fdeef41d from October 1 2001! - Detected by coverity. CID 1299429 - -- [Tatsuhiro Tsujikawa brought this change] + Bug: http://curl.haxx.se/mail/lib-2015-11/0088.html + Reported-by: Norbert Kett - http2: Make HTTP Upgrade work +- zsh install: fix DESTDIR support - This commit just add implicitly opened stream 1 to streams hash. + Reported-by: Mohammad AlSaleh -Jay Satiro (22 May 2015) -- strerror: Change SEC_E_ILLEGAL_MESSAGE description - - Prior to this change the description for SEC_E_ILLEGAL_MESSAGE was OS - and language specific, and invariably translated to something not very - helpful like: "The message received was unexpected or badly formatted." - - Bug: https://github.com/bagder/curl/issues/267 - Reported-by: Michael Osipov +Dan Fandrich (27 Nov 2015) +- lib: Only define curl_dofreeaddrinfo if struct addrinfo is available -- telnet: Fix read-callback change for Windows builds +Steve Holme (27 Nov 2015) +- tool_paramhlp: Fixed display of URL index in password prompt for --next - Refer to b0143a2 for more information on the read-callback change. - -Daniel Stenberg (21 May 2015) -- CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy! + Commit f3bae6ed73 added the URL index to the password prompt when using + --next. Unfortunately, because the size_t specifier (%zu) is not + supported by all sprintf() implementations we use the curl_off_t format + specifier instead. The display of an incorrect value arises on platforms + where size_t and curl_off_t are of a different size. -Dan Fandrich (21 May 2015) -- testcurl.pl: allow source to be in an arbitrary directory +Daniel Stenberg (25 Nov 2015) +- timecond: do not add if-modified-since without timecondition - This way, the build directory can be located on an entirely different - filesystem from the source code (e.g. a tmpfs). - -Daniel Stenberg (20 May 2015) -- read_callback: move to SessionHandle from connectdata + The RTSP code path didn't skip adding the if-modified-since for certain + RTSP code paths, even if CURLOPT_TIMECONDITION was set to + CURL_TIMECOND_NONE. - With many easy handles using the same connection for multiplexing, it is - important we store and keep the transfer-oriented stuff in the - SessionHandle so that callbacks and callback data work fine even when - many easy handles share the same physical connection. - -- http2: show stream IDs in decimal + Also, an unknown non-zero CURLOPT_TIMECONDITION value no longer equals + CURL_TIMECOND_IFMODSINCE. - It makes them easier to match output from the nghttpd test server. + Bug: http://stackoverflow.com/questions/33903982/curl-timecond-none-doesnt-work-how-to-remove-if-modified-since-header -- [Tatsuhiro Tsujikawa brought this change] +- RELEASE-NOTES: synced with 99d17a5e2ba77e58 - http2: Faster http2 upload +- examples/README: cut out the incomplete list - Previously, when we send all given buffer in data_source_callback, we - return NGHTTP2_ERR_DEFERRED, and nghttp2 library removes this stream - temporarily for writing. This itself is good. If this is the sole - stream in the session, nghttp2_session_want_write() returns zero, - which means that libcurl does not check writeability of the underlying - socket. This leads to very slow upload, because it seems curl only - upload 16k something per 1 second. To fix this, if we still have data - to send, call nghttp2_session_resume_data after nghttp2_session_send. - This makes nghttp2_session_want_write() returns nonzero (if connection - window still opens), and as a result, socket writeability is checked, - and upload speed becomes normal. - -- [Dmitry Eremin-Solenikov brought this change] + ... and add a generic explanation for them instead. Each example file + should contain its own description these days. - gtls: don't fail on non-fatal alerts during handshake - - Stop curl from failing when non-fatal alert is received during - handshake. This e.g. fixes lots of problems when working with https - sites through proxies. +- test1513: make sure the callback is only called once -- curl_easy_unescape.3: update RFC reference - - Reported-by: bsammon - Bug: https://github.com/bagder/curl/issues/282 +- [Daniel Shahaf brought this change] -Jay Satiro (20 May 2015) -- CURLOPT_POSTFIELDS.3: Mention curl_easy_escape - - .. also correct some variable naming in curl_easy_escape.3 + build: Install zsh completion - Bug: https://github.com/bagder/curl/issues/281 - Reported-by: bsammon@users.noreply.github.com - -Daniel Stenberg (19 May 2015) -- [Brian Prodoehl brought this change] + Fixes #534 + Closes #537 - openssl: Use SSL_CTX_set_msg_callback and SSL_CTX_set_msg_callback_arg +- done: make sure the final progress update is made - BoringSSL removed support for direct callers of SSL_CTX_callback_ctrl - and SSL_CTX_ctrl, so move to a way that should work on BoringSSL and - OpenSSL. + It would previously be skipped if an existing error was returned, but + would lead to a previous value being left there and later used. + CURLINFO_TOTAL_TIME for example. - re #275 - -Jay Satiro (19 May 2015) -- curl.1: fix missing space in section --data - -Daniel Stenberg (19 May 2015) -- transfer: remove erroneous and misleading comment - -Kamil Dudka (19 May 2015) -- http: silence compile-time warnings without USE_NGHTTP2 + Still it avoids that final progress update if we reached DONE as the + result of a callback abort to avoid another callback to be called after + an abort-by-callback. - Error: CLANG_WARNING: - lib/http.c:173:16: warning: Value stored to 'http' during its initialization is never read + Reported-by: Lukas Ruzicka - Error: COMPILER_WARNING: - lib/http.c: scope_hint: In function ‘http_disconnect’ - lib/http.c:173:16: warning: unused variable ‘http’ [-Wunused-variable] + Closes #538 -Jay Satiro (19 May 2015) -- transfer: Replace __func__ instances with function name - - .. also make __func__ replacement in multi. +- curl: expanded the -XHEAD warning text - Prior to this change debug builds would fail to build if the compiler - was building pre-c99 and didn't support __func__. - -Daniel Stenberg (19 May 2015) -- [Viktor Szakats brought this change] - - build: bump version in default nghttp2 paths - -- INTERNALS: we require nghttp2 1.0.0+ now - -Jay Satiro (18 May 2015) -- http: Add some include guards for the new HTTP/2 stuff + ... to also mention the specific options used. -Daniel Stenberg (18 May 2015) -- http2: store upload state per stream +- Revert "cleanup: general removal of TODO (and similar) comments" - Use a curl_off_t for upload left - -- http2: fix build when NOT h2-enabled - -- http2: switch to use Curl_hash_destroy() + This reverts commit 64e959ffe37c436503f9fed1ce2d6ee6ae50bd9a. - as after 4883f7019d3, the *_clean() function only flushes the hash. + Feedback-by: Dan Fandrich + URL: http://curl.haxx.se/mail/lib-2015-11/0062.html -- curlver: restore LIBCURL_VERSION_NUM defined as a full number +- CURLOPT_HEADERFUNCTION.3: fix typo - As it breaks configure, curl-config and test 1023 if not. - -- [Anthony Avina brought this change] - - hostip: fix unintended destruction of hash table + Refer to _HEADERDATA not _WRITEDATA. - .. and added unit1602 for hash.c - -- curlver: introducing new version number (checking) macros - -- runtests.pl: use 'h2c' now, no -14 anymore + Reported-by: MichaÅ‚ Piechowski -- [Tatsuhiro Tsujikawa brought this change] +- TODO: TCP Fast Open - http2: Ignore if we have stream ID not in hash in on_stream_close - - We could get stream ID not in the hash in on_stream_close. For - example, if we decided to reject stream (e.g., PUSH_PROMISE), then we - don't create stream and store it in hash with its stream ID. +Steve Holme (22 Nov 2015) +- examples: Added website parse-able descriptions to the e-mail examples -- [Tatsuhiro Tsujikawa brought this change] +- TODO: Added another 'multi-interface' idea - Require nghttp2 v1.0.0 - - This commit requires nghttp2 v1.0.0 to compile, and migrate to v1.0.0, - and utilize recent version of nghttp2 to simplify the code, - - First we use nghttp2_option_set_no_recv_client_magic function to - detect nghttp2 v1.0.0. That function only exists since v1.0.0. - - Since nghttp2 v0.7.5, nghttp2 ensures header field ordering, and - validates received header field. If it found error, RST_STREAM with - PROTOCOL_ERROR is issued. Since we require v1.0.0, we can utilize - this feature to simplify libcurl code. This commit does this. +- smb.c: Fixed compilation warnings - Migration from 0.7 series are done based on nghttp2 migration - document. For libcurl, we removed the code sending first 24 bytes - client magic. It is now done by nghttp2 library. - on_invalid_frame_recv callback signature changed, and is updated - accordingly. + smb.c:134:3: warning: conversion to 'short unsigned int' from 'int' may + alter its value + smb.c:146:42: warning: conversion to 'unsigned int' from 'long long + unsigned int' may alter its value + smb.c:146:65: warning: conversion to 'unsigned int' from 'long long + unsigned int' may alter its value -- http2: infof length in on_frame_send() +- schannel: Corrected copy/paste error in commit 8d17117683 -- pipeline: switch some code over to functions +- schannel: Use GetVersionEx() when VerifyVersionInfo() isn't available - ... to "compartmentalize" a bit and make it easier to change behavior - when multiplexing is used instead of good old pipelining. - -- symbols-in-versions: add CURLOPT_PIPEWAIT + Regression from commit 7a8e861a5 as highlighted in the msys autobuilds. -- CURLOPT_PIPEWAIT: added +- examples: Fixed compilation warnings - By setting this option to 1 libcurl will wait for a connection to reveal - if it is possible to pipeline/multiplex on before it continues. - -- Curl_http_readwrite_headers: minor code simplification - -- IsPipeliningPossible: fixed for http2 - -- http2: bump the h2 buffer size to 32K for speed + pop3-multi.c:96:5: warning: implicit declaration of function 'memset' + imap-multi.c:96:5: warning: implicit declaration of function 'memset' + http2-download.c:226:5: warning: implicit declaration of function 'memset' + http2-upload.c:290:5: warning: implicit declaration of function 'memset' + http2-upload.c:290:5: warning: implicit declaration of function 'memset' -- http2: remove the stream from the hash in stream_close callback +- Makefile.inc: Fixed test run error - ... and suddenly things work much better! + test845 not present in tests/data/Makefile.inc -- http2: if there is paused data, do not clear the drain field +Daniel Stenberg (20 Nov 2015) +- TODO: remove duplicated title -- http2: rename s/data/pausedata +- TODO: added two more libcurl ideas + + Moved some ideas from "next major" to just ordinary ideas since we can + always add new things while keeping the old without doing a "next + major". -- http2: "stream %x" in all outputs to make it easier to search for +Steve Holme (20 Nov 2015) +- tests: Re-enabled tests 889 and 890 following POP3 fix -- http2: Curl_expire() all handles with incoming traffic - - ... so that they'll get handled next in the multi loop. +- pop3: Differentiate between success and continuation responses -- http2: don't signal settings change for same values +- pop3: Added clarity on some server response codes -- http2: set default concurrency, fix ConnectionExists for multiplex +Daniel Stenberg (20 Nov 2015) +- [Daniel Shahaf brought this change] -- bundles: store no/default/pipeline/multiplex - - to allow code to act differently on the situation. + build: Fix theoretical infinite loops - Also added some more info message for the connection re-use function to - make it clearer when connections are not re-used. - -- http2: lazy init header_recvbuf + Add error-checking to 'cd' in a few cases where omitting the checks + might result in an infinite loop. - It makes us use less memory when not doing HTTP/2 and subsequently also - makes us not have to cleanup HTTP/2 related data when not using HTTP/2! - -- http2: separate multiplex/pipelining + cleanup memory leaks - -- CURLMOPT_PIPELINE: bit 1 is for multiplexing - -- [Tatsuhiro Tsujikawa brought this change] + Closes #535 - http2: Fix bug that data to be drained are overwritten by pending "paused" data +Patrick Monnerat (19 Nov 2015) +- curl.h: s/#defien/#define/ -- [Tatsuhiro Tsujikawa brought this change] +- os400: synchronize ILE/RPG header file - http2: Don't call nghttp2_session_mem_recv while it is paused by a stream +- os400: Provide options for libssh2 use in compile scripts. Adjust README. -- [Tatsuhiro Tsujikawa brought this change] +Daniel Stenberg (19 Nov 2015) +- [danielsh@apache.org brought this change] - http2: Read data left in connection buffer after pause + zsh completion: Preserve single quotes in output + + When an option's help string contains literal single quotes, those + single quotes would be stripped from the option's description in the + completion output (unless the zsh RC_QUOTES option were set while the + completion function was being sourced, which is not the default). This + patch makes the completion output contain single quotes where the --help + output does. - Previously when we do pause because of out of buffer, we just throw - away unread data in connection buffer. This just broke protocol - framing, and I saw occasional FRAME_SIZE_ERROR. This commit fix this - issue by remembering how much data read, and in the next iteration, we - process remaining data. + Closes #532 -- [Tatsuhiro Tsujikawa brought this change] +Jay Satiro (18 Nov 2015) +- [MaxGiting brought this change] - http2: Fix streams get stuck + FAQ: Grammar changes - This commit fixes the bug that streams get stuck if stream gets some - DATA, and stream->closed becomes true at the same time. Previously, - in this condition, after we processed DATA, we are going to try to - read data from underlying transport, but there is no data, and gets - EAGAIN. There was no code path to evaludate stream->closed. - -- http2: store incoming h2 SETTINGS + Closes https://github.com/bagder/curl/pull/533 -- pipeline: move function to pipeline.c and make static +Daniel Stenberg (17 Nov 2015) +- http2: http_done: don't free already-freed push headers + + The push headers are freed after the push callback has been invoked, + meaning this code should only free the headers if the callback was never + invoked and thus the headers weren't freed at that time. - ... as it was only used from there. + Reported-by: Davey Shafik -- IsPipeliningPossible: http2 can always "pipeline" (multiplex) +- [Anders Bakken brought this change] -- http2: remove debug logging from on_frame_recv + getconnectinfo: Don't call recv(2) if socket == -1 + + Closes #528 -- http2: remove the closed check in http2_recv +- CURLMOPT_PUSHFUNCTION.3: *_byname() returns only the first header - With the "drained" functionality we can get here slightly asynchronously - so the stream have have been closed but there is pending data left to - read. + ... if there are more than one using the same name -- http2: bump the h2 buffer to 8K +- http2: minor comment typo -- http2: Curl_read should not use the single buffer - - ... as it does for pipelining when we're multiplexing, as we need the - different buffers to store incoming data correctly for all streams. +- sasl; fix checksrc warnings -- http2: more debug outputs +Steve Holme (15 Nov 2015) +- RELEASE-NOTES: Adjusted for the recent OAuth 2.0 activity -- http2: leave WAITPERFORM when conn is multiplexed +- tests: Disabled 889 and 890 until we support POP3 continuation responses - No need to wait for our "spot" like for pipelining - -- http2: force "drainage" of streams + As POP3 final and continuation responses both begin with a + character, + and both the finalcode and contcode variables in SASLprotoc are set as + such, we cannot tell the difference between them when we are expecting + an optional continuation from the server such as the following: + + + something else from the server + +OK final response - ... which is necessary since the socket won't be readable but there is - data waiting in the buffer. + Disabled these tests until such a time we can tell the responses apart. -- http2: move the mem+len pair to the stream struct +- tests: Corrected typos from commit ba4d8f7eba -- http2: more stream-oriented data, stream ID 0 is for connections +- tests: Added OAUTHBEARER failure response tests -- http2: move lots of state data to the 'stream' struct +- oauth2: Support OAUTHBEARER failures sent as continuation responses - ... from the connection struct. The stream one being the 'struct HTTP' - which is kept in the SessionHandle struct (easy handle). + According to RFC7628 a failure message may be sent by the server in a + base64 encoded JSON string as a continuation response. - lookup streams for incoming frames in the stream hash, hashing is based - on the stream id and we get the SessionHandle for the incoming stream - that way. - -- HTTP: partial start at fixing up hash-lookups on http2 frame receival - -- http: a stream hash for h2 multiplexing + Currently only implemented for OAUTHBEARER and not XAUTH2. -- http: a stream hash for h2 multiplexing +Daniel Stenberg (15 Nov 2015) +- RELEASE-NOTES: synced with 808a17ee675 -- http2: debug log when receiving unexpected stream_id +Steve Holme (14 Nov 2015) +- tests: Renamed existing OAuth 2.0 (XOAUTH) tests -- http2: move stream_id to the HTTP struct (per-stream) +- tests: Added OAuth 2.0 (OAUTHBEARER) tests -- Curl_http2_setup: only do it once and enable multiplex on the server +- oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMP - Once we know we are HTTP/2 enabled we know the server can multiplex. + OAUTHBEARER is now the official "registered" SASL mechanism name for + OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some + servers won't support the new mechanism yet. -- http: switch on "pipelining" (multiplexing) for HTTP/2 servers - - ... and do not blacklist any. +Daniel Stenberg (13 Nov 2015) +- RELEASE-NOTES: recounted curl_easy_setopt() options -- README.pipelining: removed +- typecheck-gcc.h: add missing slist-using options - All the details mentioned here are better documented in man pages - -Dan Fandrich (14 May 2015) -- build: removed bundles.c from make files + CURLOPT_RESOLVE and CURLOPT_PROXYHEADER were missing - This file was removed in commit fd137786 - -Daniel Stenberg (14 May 2015) -- Curl_conncache_add_conn: fix memory leak on OOM - -- CURLMOPT_MAX_HOST_CONNECTIONS: host = host name + port number + Also sorted the list. -- conncache: keep bundles on host+port bases, not only host names +- typecheck-gcc.h: added CURLOPT_CLOSESOCKETDATA - Previously we counted all connections to a specific host name and that - would be used for the CURLMOPT_MAX_HOST_CONNECTIONS check for example, - while servers on different port numbers are normally considered - different "origins" on the web and should thus be considered different - hosts. + ... and sorted curl_is_cb_data_option alphabetically -- bundles: merged into conncache.c - - All the existing Curl_bundle* functions were only ever used from within - the conncache.c file, so I moved them over and made them static (and - removed the Curl_ prefix). +Jay Satiro (13 Nov 2015) +- [Sebastian Pohlschmidt brought this change] -- hostcache: made all host caches use structs, not pointers + openssl: Free modules on cleanup - This avoids unnecessary dynamic allocs and as this also removed the last - users of *hash_alloc() and *hash_destroy(), those two functions are now - removed. - -- multi: converted socket hash into non-allocated struct + Curl_ossl_init calls OPENSSL_load_builtin_modules() but + Curl_ossl_cleanup doesn't make a call to free these modules. - avoids extra dynamic allocation + Bug: https://github.com/bagder/curl/issues/526 -- connection cache: avoid Curl_hash_alloc() +Steve Holme (13 Nov 2015) +- symbols-in-versions: Added new CURLOPTTYPE_STRINGPOINT alias - ... by using plain structs instead of pointers for the connection cache, - we can avoid several dynamic allocations that weren't necessary. - -- proxy: add newline to info message - -Patrick Monnerat (8 May 2015) -- FTP: fix dangling conn->ip_addr dereference on verbose EPSV. - -- FTP: Make EPSV use the control IP address rather than the original host. - This ensures an alternate address is not used. - Does not apply to proxy tunnel. - -Daniel Stenberg (8 May 2015) -- [Alessandro Ghedini brought this change] - - tool_help: fix formatting for --next option - -- [Egon Eckert brought this change] + ...following commit aba281e762 to fix test 1119. - opts: improved the TCP keepalive examples +Daniel Stenberg (13 Nov 2015) +- curl: mark two more options strings for --libcurl output -Jay Satiro (8 May 2015) -- winbuild: Document the option used to statically link the CRT - - - Document option RTLIBCFG (runtime library configuration). +- typecheck-gcc.h: add some missing string types - Bug: https://github.com/bagder/curl/issues/254 - Reported-by: Bert Huijben - -- [Orgad Shaneh brought this change] + Also sorted that list alphabetically - netrc: Read in text mode when cygwin +- curl.h: introducing the STRINGPOINT alias - Use text mode when cygwin to eliminate trailing carriage returns. + As an alias for OBJECTPOINT. Provided to allow us to grep for all string + options easier. + +- cleanup: general removal of TODO (and similar) comments - Bug: https://github.com/bagder/curl/pull/258 + They tend to never get updated anyway so they're frequently inaccurate + and we never go back to revisit them anyway. We document issues to work + on properly in KNOWN_BUGS and TODO instead. -Patrick Monnerat (5 May 2015) -- OS400: Add SPNEGO service name options to ILE/RPG binding. +- ftplistparser: remove empty function -Daniel Stenberg (4 May 2015) -- curl_multi_info_read.3: fix typo - - Reported-by: Liviu Chircu +- openssl: remove #if check for 0.9.7 for ENGINE_load_private_key -- MANUAL: language fix +- openssl: all supported versions have X509_STORE_set_flags - Reported-by: Fred Stluka - Bug: https://github.com/bagder/curl/issues/255 + Simplify by removing #ifdefs and macros -- [Alessandro Ghedini brought this change] +- openssl: remove 0.9.3 check - gtls: properly retrieve certificate status +- openssl: remove #ifdefs for < 0.9.5 support - Also print the revocation reason if appropriate. + We only support >= 0.9.7 -- OpenSSL: conditional check for SSL3_RT_HEADER - - The symbol is fairly new. - - Reported-by: Kamil Dudka +- lib/vtls/openssl: remove unused traces of yassl ifdefs -- openssl: skip trace outputs for ssl_ver == 0 - - The OpenSSL trace callback is wonderfully undocumented but given a - journey in the source code, it seems the cases were ssl_ver is zero - doesn't follow the same pattern and thus turned out confusing and - misleading. For now, we skip doing any CURLINFO_TEXT logging on those - but keep sending them as CURLINFO_SSL_DATA_OUT/IN. - - Also, I added direction to the text info and I edited some functions - slightly. +Dan Fandrich (12 Nov 2015) +- [dfandrich brought this change] + + unit1603: Demote hash mismatch failure to a warning - Bug: https://github.com/bagder/curl/issues/219 - Reported-by: Jay Satiro, Ashish Shukla + The hashes can vary between architectures (e.g. Sparc differs from x86_64). + This is not a fatal problem but just reduces the coverage of these white-box + tests, as the assumptions about into which hash bucket each key falls are no + longer valid. -Marc Hoersken (2 May 2015) -- schannel.c: Small changes +- [dfandrich brought this change] -- schannel.c: Improve code path and readability + unit1603: Added unit tests for hash functions -- schannel.c: Improve error and return code handling upon aa99a63f03 +- [dfandrich brought this change] -- [Chris Araman brought this change] + unit1602: Fixed failure in torture test - schannel: fix regression in schannel_recv - - https://github.com/bagder/curl/issues/244 +Steve Holme (12 Nov 2015) +- sasl: Re-introduced XOAUTH2 in the default enabled authentication mechanism - Commit 145c263 changed the behavior when Curl_read_plain returns - CURLE_AGAIN. We now handle CURLE_AGAIN and SEC_I_CONTEXT_EXPIRED - correctly. - -- Bug born in changes made several days ago 9a91e80. + Following the fix in commit d6d58dd558 it is necessary to re-introduce + XOAUTH2 in the default enabled authentication mechanism, which was + removed in commit 7b2012f262, otherwise users will have to specify + AUTH=XOAUTH2 in the URL. - Commit: https://github.com/bagder/curl/commit/926cb9f - Reported-by: Ray Satiro - -Daniel Stenberg (30 Apr 2015) -- [Michael Osipov brought this change] + Note: OAuth 2.0 will only be used when the bearer is specified. - configure: remove missing and make it autogenerate - - The missing file has not been autogenerated because a temporary fix was - employed in acinclude.m4 which blocked update. Removed that fix and a recent - version of missing is copied to build root. +- [Stefan Bühler brought this change] -- [Michael Osipov brought this change] + sasl_sspi: fix identity memory leak in digest authentication - acinclude.m4: fix test for default CA cert bundle/path - - test(1) on HP-UX requires a single equals sign and fails with two. - Let's use one and make every OS happy. +- [Stefan Bühler brought this change] -- CONTRIBUTING.md: remove the sourceforge mention + sasl_sspi: fixed unicode build for digest authentication - Reported-By: Michael Osipov + Closes #525 -Dan Fandrich (30 Apr 2015) -- http_negotiate_sspi: added missing data variable +- oauth2: Re-factored OAuth 2.0 state variable -Daniel Stenberg (30 Apr 2015) -- [Michael Osipov brought this change] +- sasl: Don't choose OAuth 2.0 if mechanism not advertised + + Regression from commit 9e8ced9890 which meant if --oauth2-bearer was + specified but the SASL mechanism wasn't supported by the server then + the mechanism would be chosen. - configure: remove --automake from libtoolize call +Daniel Stenberg (12 Nov 2015) +- runtests: more compact "System characteristics" output - That option is not mentioned in the man page of libtoolize 2.4.4.19-fda4. - Moveover, a comment in line 2623 says "--automake is for 1.5 compatibility". + - no point in repeating curl features that is already listed as features + from the curl -V output - This option is redundant now. + - remove the port numbers/unix domain path from the output unless + verbose is used, as that is rarely interesting to users. -- [Viktor Szakats brought this change] +- runtests: rename conditional curl-features to $has_[name] - build: update depedency versions, urls, example makefiles +Steve Holme (11 Nov 2015) +- oauth2: Introduced support for host and port details - - update default versions of dependencies (except for rare/old platforms) - - update urls - - sync examples makefiles with main ones - - remove line ending space + Added support to the OAuth 2.0 message function for host and port, in + order to accommodate the official OAUTHBEARER SASL mechanism which is + to be added shortly. -- [Michael Osipov brought this change] +- curl_setup.h: Removed duplicate CURL_DISABLE_RTSP when HTTP_ONLY defined - configure: remove autogenerated files by autoconf +- cmake: Add missing feature macros in config header (Part 2) - * install-sh is always regenerated - * mkinstalldirs was already redudant years ago. Automake uses install for - that. See: http://lists.gnu.org/archive/html/automake/2007-03/msg00015.html - -- [Anders Bakken brought this change] + In addition to commit a215381c94 added the RTSP, RTMP and SMB protocols. - curl_multi_add_handle: next is already NULL +Daniel Stenberg (10 Nov 2015) +- [Douglas Creager brought this change] -Jay Satiro (30 Apr 2015) -- schannel: Fix out of bounds array - - Bug born in changes made several days ago 9a91e80. + cmake: Add missing feature macros in config header - Bug: http://curl.haxx.se/mail/lib-2015-04/0199.html - Reported-by: Brian Chrisman - -- docs/libcurl: gitignore libcurl-symbols.3 + The curl_config.h file can be generated either from curl_config.h.cmake + or curl_config.h.in, depending on whether you're building using CMake or + the autotools. The CMake template header doesn't include entries for + all of the protocols that you can disable, which (I think) means that + you can't actually disable those protocols when building via CMake. - Bug: http://curl.haxx.se/mail/lib-2015-04/0191.html - Reported-by: Michael Osipov + Closes #523 -- [Viktor Szakats brought this change] +- [Douglas Creager brought this change] - lib/makefile.m32: add arch -m32/-m64 to LDFLAGS + BoringSSL: Work with stricter BIO_get_mem_data() + + BoringSSL implements `BIO_get_mem_data` as a function, instead of a + macro, and expects the output pointer to be a `char **`. We have to add + an explicit cast to grab the pointer as a `const char **`. - This fixes using a multi-target mingw distro to build curl .dll for the - non-default target. - (mirroring the same patch present in src/makefile.m32) + Closes #524 -Daniel Stenberg (29 Apr 2015) -- RELEASE-NOTES: synced with cd39b944afc +- http2: rectify the http2 version #if check - I've not mentioned the bug fixes that were shipped in 7.42.1 from the - 7_42 branch. + We need 1.0.0 or later. Also verified by configure. -- THANKS: merged from the 7.42.1 release +Steve Holme (9 Nov 2015) +- oauth2: Don't use XAUTH2 in OAuth 2.0 function name -- CURLOPT_HEADEROPT: default to separate - - Make the HTTP headers separated by default for improved security and - reduced risk for information leakage. +- oauth2: Don't use XOAUTH2 in OAuth 2.0 variables + +- oauth2: Use OAuth 2.0 rather than XOAUTH2 in comments - Bug: http://curl.haxx.se/docs/adv_20150429.html - Reported-by: Yehezkel Horowitz, Oren Souroujon + When referring to OAuth 2.0 we should use the official name rather the + SASL mechanism name. diff --git a/CMakeLists.txt b/CMakeLists.txt index 06f18cf59..7113c7ea2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -42,6 +42,7 @@ cmake_minimum_required(VERSION 2.8 FATAL_ERROR) set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/CMake;${CMAKE_MODULE_PATH}") include(Utilities) include(Macros) +include(CMakeDependentOption) project( CURL C ) @@ -72,11 +73,16 @@ include_directories(${PROJECT_BINARY_DIR}/include/curl) include_directories( ${CURL_SOURCE_DIR}/include ) option(BUILD_CURL_EXE "Set to ON to build cURL executable." ON) -option(BUILD_CURL_TESTS "Set to ON to build cURL tests." ON) option(CURL_STATICLIB "Set to ON to build libcurl with static linking." OFF) option(ENABLE_ARES "Set to ON to enable c-ares support" OFF) -option(ENABLE_THREADED_RESOLVER "Set to ON to enable POSIX threaded DNS lookup" OFF) - +if(WIN32) + CMAKE_DEPENDENT_OPTION(ENABLE_THREADED_RESOLVER + "Set to ON to enable threaded DNS lookup" + ON "NOT ENABLE_ARES" + OFF) +else() + option(ENABLE_THREADED_RESOLVER "Set to ON to enable POSIX threaded DNS lookup" OFF) +endif() option(ENABLE_DEBUG "Set to ON to enable curl debug features" OFF) option(ENABLE_CURLDEBUG "Set to ON to build with TrackMemory feature enabled" OFF) @@ -108,12 +114,6 @@ if(ENABLE_ARES) set(CURL_LIBS ${CURL_LIBS} ${CARES_LIBRARY}) endif() -option(BUILD_DASHBOARD_REPORTS "Set to ON to activate reporting of cURL builds here http://www.cdash.org/CDashPublic/index.php?project=CURL" OFF) -if(BUILD_DASHBOARD_REPORTS) - #INCLUDE(Dart) - include(CTest) -endif(BUILD_DASHBOARD_REPORTS) - if(MSVC) option(BUILD_RELEASE_DEBUG_DIRS "Set OFF to build each configuration to a separate directory" OFF) mark_as_advanced(BUILD_RELEASE_DEBUG_DIRS) @@ -257,13 +257,17 @@ if(WIN32) endif(WIN32) if(ENABLE_THREADED_RESOLVER) - check_include_file_concat("pthread.h" HAVE_PTHREAD_H) - if(HAVE_PTHREAD_H) - set(CMAKE_THREAD_PREFER_PTHREAD 1) - find_package(Threads) - if(CMAKE_USE_PTHREADS_INIT) - set(CURL_LIBS ${CURL_LIBS} ${CMAKE_THREAD_LIBS_INIT}) - set(USE_THREADS_POSIX 1) + if(WIN32) + set(USE_THREADS_WIN32 ON) + else() + check_include_file_concat("pthread.h" HAVE_PTHREAD_H) + if(HAVE_PTHREAD_H) + set(CMAKE_THREAD_PREFER_PTHREAD 1) + find_package(Threads) + if(CMAKE_USE_PTHREADS_INIT) + set(CURL_LIBS ${CURL_LIBS} ${CMAKE_THREAD_LIBS_INIT}) + set(USE_THREADS_POSIX 1) + endif() endif() endif() endif() @@ -330,11 +334,10 @@ if(CMAKE_USE_OPENSSL) endif() if(NOT CURL_DISABLE_LDAP) - if(WIN32) option(USE_WIN32_LDAP "Use Windows LDAP implementation" ON) if(USE_WIN32_LDAP) - check_library_exists("wldap32" cldap_open "" HAVE_WLDAP32) + check_library_exists_concat("wldap32" cldap_open HAVE_WLDAP32) if(NOT HAVE_WLDAP32) set(USE_WIN32_LDAP OFF) endif() @@ -349,78 +352,78 @@ if(NOT CURL_DISABLE_LDAP) if(CMAKE_USE_OPENLDAP AND USE_WIN32_LDAP) message(FATAL_ERROR "Cannot use USE_WIN32_LDAP and CMAKE_USE_OPENLDAP at the same time") endif() - + # Now that we know, we're not using windows LDAP... - if(NOT USE_WIN32_LDAP) + if(USE_WIN32_LDAP) + check_include_file_concat("winldap.h" HAVE_WINLDAP_H) + check_include_file_concat("winber.h" HAVE_WINBER_H) + else() # Check for LDAP set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_LIBRARIES}) check_library_exists_concat(${CMAKE_LDAP_LIB} ldap_init HAVE_LIBLDAP) check_library_exists_concat(${CMAKE_LBER_LIB} ber_init HAVE_LIBLBER) - else() - check_include_file_concat("winldap.h" HAVE_WINLDAP_H) - check_include_file_concat("winber.h" HAVE_WINBER_H) - endif() - - set(CMAKE_REQUIRED_INCLUDES_BAK ${CMAKE_REQUIRED_INCLUDES}) - set(CMAKE_LDAP_INCLUDE_DIR "" CACHE STRING "Path to LDAP include directory") - if(CMAKE_LDAP_INCLUDE_DIR) - list(APPEND CMAKE_REQUIRED_INCLUDES ${CMAKE_LDAP_INCLUDE_DIR}) - endif() - check_include_file_concat("ldap.h" HAVE_LDAP_H) - check_include_file_concat("lber.h" HAVE_LBER_H) - - if(NOT HAVE_LDAP_H) - message(STATUS "LDAP_H not found CURL_DISABLE_LDAP set ON") - set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE) - set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES_BAK}) #LDAP includes won't be used - elseif(NOT HAVE_LIBLDAP) - message(STATUS "LDAP library '${CMAKE_LDAP_LIB}' not found CURL_DISABLE_LDAP set ON") - set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE) - set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES_BAK}) #LDAP includes won't be used - else() - if(CMAKE_USE_OPENLDAP) - set(USE_OPENLDAP ON) - endif() + + set(CMAKE_REQUIRED_INCLUDES_BAK ${CMAKE_REQUIRED_INCLUDES}) + set(CMAKE_LDAP_INCLUDE_DIR "" CACHE STRING "Path to LDAP include directory") if(CMAKE_LDAP_INCLUDE_DIR) - include_directories(${CMAKE_LDAP_INCLUDE_DIR}) - endif() - set(NEED_LBER_H ON) - set(_HEADER_LIST) - if(HAVE_WINDOWS_H) - list(APPEND _HEADER_LIST "windows.h") - endif() - if(HAVE_SYS_TYPES_H) - list(APPEND _HEADER_LIST "sys/types.h") + list(APPEND CMAKE_REQUIRED_INCLUDES ${CMAKE_LDAP_INCLUDE_DIR}) endif() - list(APPEND _HEADER_LIST "ldap.h") + check_include_file_concat("ldap.h" HAVE_LDAP_H) + check_include_file_concat("lber.h" HAVE_LBER_H) + + if(NOT HAVE_LDAP_H) + message(STATUS "LDAP_H not found CURL_DISABLE_LDAP set ON") + set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE) + set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES_BAK}) #LDAP includes won't be used + elseif(NOT HAVE_LIBLDAP) + message(STATUS "LDAP library '${CMAKE_LDAP_LIB}' not found CURL_DISABLE_LDAP set ON") + set(CURL_DISABLE_LDAP ON CACHE BOOL "" FORCE) + set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES_BAK}) #LDAP includes won't be used + else() + if(CMAKE_USE_OPENLDAP) + set(USE_OPENLDAP ON) + endif() + if(CMAKE_LDAP_INCLUDE_DIR) + include_directories(${CMAKE_LDAP_INCLUDE_DIR}) + endif() + set(NEED_LBER_H ON) + set(_HEADER_LIST) + if(HAVE_WINDOWS_H) + list(APPEND _HEADER_LIST "windows.h") + endif() + if(HAVE_SYS_TYPES_H) + list(APPEND _HEADER_LIST "sys/types.h") + endif() + list(APPEND _HEADER_LIST "ldap.h") - set(_SRC_STRING "") - foreach(_HEADER ${_HEADER_LIST}) - set(_INCLUDE_STRING "${_INCLUDE_STRING}#include <${_HEADER}>\n") - endforeach() + set(_SRC_STRING "") + foreach(_HEADER ${_HEADER_LIST}) + set(_INCLUDE_STRING "${_INCLUDE_STRING}#include <${_HEADER}>\n") + endforeach() - set(_SRC_STRING - " - ${_INCLUDE_STRING} - int main(int argc, char ** argv) - { - BerValue *bvp = NULL; - BerElement *bep = ber_init(bvp); - ber_free(bep, 1); - return 0; - }" - ) - set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -DLDAP_DEPRECATED=1") - list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LDAP_LIB}) - if(HAVE_LIBLBER) - list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LBER_LIB}) - endif() - check_c_source_compiles("${_SRC_STRING}" NOT_NEED_LBER_H) + set(_SRC_STRING + " + ${_INCLUDE_STRING} + int main(int argc, char ** argv) + { + BerValue *bvp = NULL; + BerElement *bep = ber_init(bvp); + ber_free(bep, 1); + return 0; + }" + ) + set(CMAKE_REQUIRED_DEFINITIONS "${CMAKE_REQUIRED_DEFINITIONS} -DLDAP_DEPRECATED=1") + list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LDAP_LIB}) + if(HAVE_LIBLBER) + list(APPEND CMAKE_REQUIRED_LIBRARIES ${CMAKE_LBER_LIB}) + endif() + check_c_source_compiles("${_SRC_STRING}" NOT_NEED_LBER_H) - if(NOT_NEED_LBER_H) - set(NEED_LBER_H OFF) - else() - set(CURL_TEST_DEFINES "${CURL_TEST_DEFINES} -DNEED_LBER_H") + if(NOT_NEED_LBER_H) + set(NEED_LBER_H OFF) + else() + set(CURL_TEST_DEFINES "${CURL_TEST_DEFINES} -DNEED_LBER_H") + endif() endif() endif() @@ -578,6 +581,7 @@ if(NOT UNIX) if(HAVE_SCHANNEL_H) set(USE_SCHANNEL ON) set(SSL_ENABLED ON) + set(CURL_LIBS ${CURL_LIBS} "crypt32") endif() endif() endif() @@ -673,6 +677,7 @@ if(NOT HAVE_SIZEOF_SSIZE_T) set(ssize_t __int64) endif(NOT ssize_t AND SIZEOF___INT64 EQUAL SIZEOF_SIZE_T) endif(NOT HAVE_SIZEOF_SSIZE_T) +# off_t is sized later, after the HAVE_FILE_OFFSET_BITS test # Different sizeofs, etc. @@ -871,9 +876,14 @@ foreach(CURL_TEST ) curl_internal_test(${CURL_TEST}) endforeach(CURL_TEST) + if(HAVE_FILE_OFFSET_BITS) set(_FILE_OFFSET_BITS 64) + set(CMAKE_REQUIRED_FLAGS "-D_FILE_OFFSET_BITS=64") endif(HAVE_FILE_OFFSET_BITS) +check_type_size("off_t" SIZEOF_OFF_T) +set(CMAKE_REQUIRED_FLAGS) + foreach(CURL_TEST HAVE_GLIBC_STRERROR_R HAVE_POSIX_STRERROR_R @@ -935,16 +945,6 @@ if(NOT CURL_SPECIAL_LIBZ) endif(NOT HAVE_ZLIB_H) endif(NOT CURL_SPECIAL_LIBZ) -if(_FILE_OFFSET_BITS) - set(_FILE_OFFSET_BITS 64) -endif(_FILE_OFFSET_BITS) -set(CMAKE_REQUIRED_FLAGS "-D_FILE_OFFSET_BITS=64") -set(CMAKE_EXTRA_INCLUDE_FILES "${CMAKE_CURRENT_SOURCE_DIR}/curl/curl.h") -check_type_size("curl_off_t" SIZEOF_CURL_OFF_T) -set(CMAKE_EXTRA_INCLUDE_FILES) -set(CMAKE_REQUIRED_FLAGS) - - # Check for nonblocking set(HAVE_DISABLED_NONBLOCKING 1) if(HAVE_FIONBIO OR @@ -1017,6 +1017,11 @@ if(WIN32) add_definitions(-D_WIN32_WINNT=0x0501) endif(WIN32) +# For windows, all compilers used by cmake should support large files +if(WIN32) + set(USE_WIN32_LARGE_FILES ON) +endif(WIN32) + if(MSVC) add_definitions(-D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE) endif(MSVC) @@ -1041,7 +1046,9 @@ add_subdirectory(lib) if(BUILD_CURL_EXE) add_subdirectory(src) endif() -if(BUILD_CURL_TESTS) + +include(CTest) +if(BUILD_TESTING) add_subdirectory(tests) endif() @@ -1066,8 +1073,10 @@ _add_if("OpenSSL" SSL_ENABLED AND USE_OPENSSL) _add_if("IPv6" ENABLE_IPV6) _add_if("unix-sockets" USE_UNIX_SOCKETS) _add_if("libz" HAVE_LIBZ) -_add_if("AsynchDNS" USE_ARES OR USE_THREADS_POSIX) +_add_if("AsynchDNS" USE_ARES OR USE_THREADS_POSIX OR USE_THREADS_WIN32) _add_if("IDN" HAVE_LIBIDN) +_add_if("Largefile" (CURL_SIZEOF_CURL_OFF_T GREATER 4) AND + ((SIZEOF_OFF_T GREATER 4) OR USE_WIN32_LARGE_FILES)) # TODO SSP1 (WinSSL) check is missing _add_if("SSPI" USE_WINDOWS_SSPI) _add_if("GSS-API" HAVE_GSSAPI) diff --git a/Makefile.am b/Makefile.am index 61cc5ec16..2986acf69 100644 --- a/Makefile.am +++ b/Makefile.am @@ -149,8 +149,8 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ) \ bin_SCRIPTS = curl-config -SUBDIRS = lib src include scripts -DIST_SUBDIRS = $(SUBDIRS) tests packages docs +SUBDIRS = lib src include +DIST_SUBDIRS = $(SUBDIRS) tests packages docs scripts pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libcurl.pc @@ -282,6 +282,9 @@ ca-firefox: lib/firefox-db2pem.sh checksrc: cd lib && $(MAKE) checksrc cd src && $(MAKE) checksrc + cd tests && $(MAKE) checksrc + cd include/curl && $(MAKE) checksrc + cd docs/examples && $(MAKE) checksrc .PHONY: vc-ide @@ -294,6 +297,8 @@ vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS) \ @(win32_lib_srcs='$(LIB_CFILES)'; \ win32_lib_hdrs='$(LIB_HFILES) config-win32.h'; \ win32_lib_rc='$(LIB_RCFILES)'; \ + win32_lib_vauth_srcs='$(LIB_VAUTH_CFILES)'; \ + win32_lib_vauth_hdrs='$(LIB_VAUTH_HFILES)'; \ win32_lib_vtls_srcs='$(LIB_VTLS_CFILES)'; \ win32_lib_vtls_hdrs='$(LIB_VTLS_HFILES)'; \ win32_src_srcs='$(CURL_CFILES)'; \ @@ -304,6 +309,8 @@ vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS) \ \ sorted_lib_srcs=`for file in $$win32_lib_srcs; do echo $$file; done | sort`; \ sorted_lib_hdrs=`for file in $$win32_lib_hdrs; do echo $$file; done | sort`; \ + sorted_lib_vauth_srcs=`for file in $$win32_lib_vauth_srcs; do echo $$file; done | sort`; \ + sorted_lib_vauth_hdrs=`for file in $$win32_lib_vauth_hdrs; do echo $$file; done | sort`; \ sorted_lib_vtls_srcs=`for file in $$win32_lib_vtls_srcs; do echo $$file; done | sort`; \ sorted_lib_vtls_hdrs=`for file in $$win32_lib_vtls_hdrs; do echo $$file; done | sort`; \ sorted_src_srcs=`for file in $$win32_src_srcs; do echo $$file; done | sort`; \ @@ -314,10 +321,11 @@ vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS) \ awk_code='\ function gen_element(type, dir, file)\ {\ + sub(/vauth\//, "", file);\ sub(/vtls\//, "", file);\ \ spaces=" ";\ - if(dir == "lib\\vtls")\ + if(dir == "lib\\vauth" || dir == "lib\\vtls")\ tabs=" ";\ else\ tabs=" ";\ @@ -371,6 +379,14 @@ function gen_element(type, dir, file)\ split(lib_rc, arr);\ for(val in arr) gen_element(proj_type, "lib", arr[val]);\ }\ + else if($$0 == "CURL_LIB_VAUTH_C_FILES") {\ + split(lib_vauth_srcs, arr);\ + for(val in arr) gen_element(proj_type, "lib\\vauth", arr[val]);\ + }\ + else if($$0 == "CURL_LIB_VAUTH_H_FILES") {\ + split(lib_vauth_hdrs, arr);\ + for(val in arr) gen_element(proj_type, "lib\\vauth", arr[val]);\ + }\ else if($$0 == "CURL_LIB_VTLS_C_FILES") {\ split(lib_vtls_srcs, arr);\ for(val in arr) gen_element(proj_type, "lib\\vtls", arr[val]);\ @@ -414,6 +430,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC6_LIBTMPL) > $(VC6_LIBDSP) || { exit 1; }; \ @@ -432,6 +450,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC7_LIBTMPL) > $(VC7_LIBVCPROJ) || { exit 1; }; \ @@ -450,6 +470,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC71_LIBTMPL) > $(VC71_LIBVCPROJ) || { exit 1; }; \ @@ -468,6 +490,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC8_LIBTMPL) > $(VC8_LIBVCPROJ) || { exit 1; }; \ @@ -486,6 +510,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC9_LIBTMPL) > $(VC9_LIBVCPROJ) || { exit 1; }; \ @@ -504,6 +530,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC10_LIBTMPL) > $(VC10_LIBVCXPROJ) || { exit 1; }; \ @@ -522,6 +550,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC11_LIBTMPL) > $(VC11_LIBVCXPROJ) || { exit 1; }; \ @@ -540,6 +570,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC12_LIBTMPL) > $(VC12_LIBVCXPROJ) || { exit 1; }; \ @@ -558,6 +590,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC14_LIBTMPL) > $(VC14_LIBVCXPROJ) || { exit 1; }; \ diff --git a/Makefile.in b/Makefile.in index 509d0db38..f86dfc41b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -43,7 +43,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -610,10 +610,16 @@ CLEANFILES = $(VC6_LIBDSP) $(VC6_SRCDSP) $(VC7_LIBVCPROJ) $(VC7_SRCVCPROJ) \ $(VC14_LIBVCXPROJ) $(VC14_SRCVCXPROJ) bin_SCRIPTS = curl-config -SUBDIRS = lib src include scripts -DIST_SUBDIRS = $(SUBDIRS) tests packages docs +SUBDIRS = lib src include +DIST_SUBDIRS = $(SUBDIRS) tests packages docs scripts pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libcurl.pc +LIB_VAUTH_CFILES = vauth/vauth.c vauth/cleartext.c vauth/cram.c \ + vauth/digest.c vauth/digest_sspi.c vauth/krb5_gssapi.c \ + vauth/krb5_sspi.c vauth/ntlm.c vauth/ntlm_sspi.c vauth/oauth2.c \ + vauth/spnego_gssapi.c vauth/spnego_sspi.c + +LIB_VAUTH_HFILES = vauth/vauth.h vauth/digest.h vauth/ntlm.h LIB_VTLS_CFILES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c \ vtls/polarssl.c vtls/polarssl_threadlock.c vtls/axtls.c \ vtls/cyassl.c vtls/schannel.c vtls/darwinssl.c vtls/gskit.c \ @@ -637,12 +643,10 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \ pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c \ openldap.c curl_gethostname.c gopher.c idn_win32.c \ - http_negotiate_sspi.c http_proxy.c non-ascii.c asyn-ares.c \ - asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \ - curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_multibyte.c \ - hostcheck.c conncache.c pipeline.c dotdot.c x509asn1.c \ - http2.c curl_sasl_sspi.c smb.c curl_sasl_gssapi.c curl_endian.c \ - curl_des.c + http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \ + http_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c \ + curl_multibyte.c hostcheck.c conncache.c pipeline.c dotdot.c \ + x509asn1.c http2.c smb.c curl_endian.c curl_des.c system_win32.c LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h \ @@ -657,15 +661,15 @@ LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ slist.h nonblock.h curl_memrchr.h imap.h pop3.h smtp.h pingpong.h \ rtsp.h curl_threads.h warnless.h curl_hmac.h curl_rtmp.h \ curl_gethostname.h gopher.h http_proxy.h non-ascii.h asyn.h \ - curl_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h \ - curl_ntlm_msgs.h curl_sasl.h curl_multibyte.h hostcheck.h \ - conncache.h curl_setup_once.h multihandle.h setup-vms.h pipeline.h \ - dotdot.h x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \ - curl_printf.h + http_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h \ + curl_sasl.h curl_multibyte.h hostcheck.h conncache.h \ + curl_setup_once.h multihandle.h setup-vms.h pipeline.h dotdot.h \ + x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \ + curl_printf.h system_win32.h LIB_RCFILES = libcurl.rc -CSOURCES = $(LIB_CFILES) $(LIB_VTLS_CFILES) -HHEADERS = $(LIB_HFILES) $(LIB_VTLS_HFILES) +CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) +HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) # libcurl has sources that provide functions named curlx_* that aren't part of # the official API, but we re-use the code here to avoid duplication. @@ -1429,6 +1433,9 @@ ca-firefox: lib/firefox-db2pem.sh checksrc: cd lib && $(MAKE) checksrc cd src && $(MAKE) checksrc + cd tests && $(MAKE) checksrc + cd include/curl && $(MAKE) checksrc + cd docs/examples && $(MAKE) checksrc .PHONY: vc-ide @@ -1441,6 +1448,8 @@ vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS) \ @(win32_lib_srcs='$(LIB_CFILES)'; \ win32_lib_hdrs='$(LIB_HFILES) config-win32.h'; \ win32_lib_rc='$(LIB_RCFILES)'; \ + win32_lib_vauth_srcs='$(LIB_VAUTH_CFILES)'; \ + win32_lib_vauth_hdrs='$(LIB_VAUTH_HFILES)'; \ win32_lib_vtls_srcs='$(LIB_VTLS_CFILES)'; \ win32_lib_vtls_hdrs='$(LIB_VTLS_HFILES)'; \ win32_src_srcs='$(CURL_CFILES)'; \ @@ -1451,6 +1460,8 @@ vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS) \ \ sorted_lib_srcs=`for file in $$win32_lib_srcs; do echo $$file; done | sort`; \ sorted_lib_hdrs=`for file in $$win32_lib_hdrs; do echo $$file; done | sort`; \ + sorted_lib_vauth_srcs=`for file in $$win32_lib_vauth_srcs; do echo $$file; done | sort`; \ + sorted_lib_vauth_hdrs=`for file in $$win32_lib_vauth_hdrs; do echo $$file; done | sort`; \ sorted_lib_vtls_srcs=`for file in $$win32_lib_vtls_srcs; do echo $$file; done | sort`; \ sorted_lib_vtls_hdrs=`for file in $$win32_lib_vtls_hdrs; do echo $$file; done | sort`; \ sorted_src_srcs=`for file in $$win32_src_srcs; do echo $$file; done | sort`; \ @@ -1461,10 +1472,11 @@ vc-ide: $(VC6_LIBDSP_DEPS) $(VC6_SRCDSP_DEPS) $(VC7_LIBVCPROJ_DEPS) \ awk_code='\ function gen_element(type, dir, file)\ {\ + sub(/vauth\//, "", file);\ sub(/vtls\//, "", file);\ \ spaces=" ";\ - if(dir == "lib\\vtls")\ + if(dir == "lib\\vauth" || dir == "lib\\vtls")\ tabs=" ";\ else\ tabs=" ";\ @@ -1518,6 +1530,14 @@ function gen_element(type, dir, file)\ split(lib_rc, arr);\ for(val in arr) gen_element(proj_type, "lib", arr[val]);\ }\ + else if($$0 == "CURL_LIB_VAUTH_C_FILES") {\ + split(lib_vauth_srcs, arr);\ + for(val in arr) gen_element(proj_type, "lib\\vauth", arr[val]);\ + }\ + else if($$0 == "CURL_LIB_VAUTH_H_FILES") {\ + split(lib_vauth_hdrs, arr);\ + for(val in arr) gen_element(proj_type, "lib\\vauth", arr[val]);\ + }\ else if($$0 == "CURL_LIB_VTLS_C_FILES") {\ split(lib_vtls_srcs, arr);\ for(val in arr) gen_element(proj_type, "lib\\vtls", arr[val]);\ @@ -1561,6 +1581,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC6_LIBTMPL) > $(VC6_LIBDSP) || { exit 1; }; \ @@ -1579,6 +1601,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC7_LIBTMPL) > $(VC7_LIBVCPROJ) || { exit 1; }; \ @@ -1597,6 +1621,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC71_LIBTMPL) > $(VC71_LIBVCPROJ) || { exit 1; }; \ @@ -1615,6 +1641,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC8_LIBTMPL) > $(VC8_LIBVCPROJ) || { exit 1; }; \ @@ -1633,6 +1661,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC9_LIBTMPL) > $(VC9_LIBVCPROJ) || { exit 1; }; \ @@ -1651,6 +1681,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC10_LIBTMPL) > $(VC10_LIBVCXPROJ) || { exit 1; }; \ @@ -1669,6 +1701,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC11_LIBTMPL) > $(VC11_LIBVCXPROJ) || { exit 1; }; \ @@ -1687,6 +1721,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC12_LIBTMPL) > $(VC12_LIBVCXPROJ) || { exit 1; }; \ @@ -1705,6 +1741,8 @@ function gen_element(type, dir, file)\ -v lib_srcs="$$sorted_lib_srcs" \ -v lib_hdrs="$$sorted_lib_hdrs" \ -v lib_rc="$$win32_lib_rc" \ + -v lib_vauth_srcs="$$sorted_lib_vauth_srcs" \ + -v lib_vauth_hdrs="$$sorted_lib_vauth_hdrs" \ -v lib_vtls_srcs="$$sorted_lib_vtls_srcs" \ -v lib_vtls_hdrs="$$sorted_lib_vtls_hdrs" \ "$$awk_code" $(srcdir)/$(VC14_LIBTMPL) > $(VC14_LIBVCXPROJ) || { exit 1; }; \ diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 54029dbce..2973b75a8 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,95 +1,61 @@ -Curl and libcurl 7.48.0 +Curl and libcurl 7.50.2 - Public curl releases: 153 - Command line options: 179 - curl_easy_setopt() options: 221 + Public curl releases: 158 + Command line options: 185 + curl_easy_setopt() options: 224 Public functions in libcurl: 61 - Contributors: 1364 - -This release includes the following changes: - - o configure: --with-ca-fallback: use built-in TLS CA fallback [2] - o TFTP: add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS [22] - o getinfo: CURLINFO_TLS_SSL_PTR supersedes CURLINFO_TLS_SESSION [25] - o added CODE_STYLE.md [47] + Contributors: 1441 This release includes the following bugfixes: - o Proxy-Connection: stop sending this header by default [1] - o os400: sync ILE/RPG definitions with latest public header files - o cookies: allow spaces in cookie names, cut of trailing spaces [3] - o tool_urlglob: Allow reserved dos device names (Windows) [4] - o openssl: remove most BoringSSL #ifdefs [5] - o tool_doswin: Support for literal path prefix \\?\ - o mbedtls: fix ALPN usage segfault [6] - o mbedtls: fix memory leak when destroying SSL connection data [7] - o nss: do not count enabled cipher-suites - o examples/cookie_interface.c: add cleanup call - o examples: adhere to curl code style - o curlx_tvdiff: handle 32bit time_t overflows [8] - o dist: ship buildconf.bat too - o curl.1: --disable-{eprt,epsv} are ignored for IPv6 hosts [9] - o generate.bat: Fix comment bug by removing old comments [10] - o test1604: Add to Makefile.inc so it gets run - o gtls: fix for builds lacking encrypted key file support [11] - o SCP: use libssh2_scp_recv2 to support > 2GB files on windows [12] - o CURLOPT_CONNECTTIMEOUT_MS.3: Fix example to use milliseconds option [13] - o cookie: do not refuse cookies to localhost [14] - o openssl: avoid direct PKEY access with OpenSSL 1.1.0 [15] - o http: Don't break the header into chunks if HTTP/2 [16] - o http2: don't decompress gzip decoding automatically [17] - o curlx.c: i2s_ASN1_IA5STRING() clashes with an openssl function - o curl.1: add a missing dash - o curl.1: HTTP headers for --cookie must be Set-Cookie style [18] - o CURLOPT_COOKIEFILE.3: HTTP headers must be Set-Cookie style [18] - o curl_sasl: Fix memory leak in digest parser [19] - o src/Makefile.m32: add CURL_{LD,C}FLAGS_EXTRAS support [20] - o CURLOPT_DEBUGFUNCTION.3: Fix example - o runtests: Fixed usage of %PWD on MinGW64 [21] - o tests/sshserver.pl: use RSA instead of DSA for host auth [23] - o multi_remove_handle: keep the timeout list until after disconnect [24] - o Curl_read: check for activated HTTP/1 pipelining, not only requested - o configure: warn on invalid ca bundle or path [26] - o file: try reading from files with no size [27] - o getinfo: Add support for mbedTLS TLS session info - o formpost: fix memory leaks in AddFormData error branches [28] - o makefile.m32: allow to pass .dll/.exe-specific LDFLAGS [29] - o url: if Curl_done is premature then pipeline not in use [30] - o cookie: remove redundant check [31] - o cookie: Don't expire session cookies in remove_expired [32] - o makefile.m32: fix to allow -ssh2-winssl combination [33] - o checksrc.bat: Fixed cannot find perl if installed but not in path - o build-openssl.bat: Fixed cannot find perl if installed but not in path - o mbedtls: fix user-specified SSL protocol version - o makefile.m32: add missing libs for static -winssl-ssh2 builds [34] - o test46: change cookie expiry date [35] - o pipeline: Sanity check pipeline pointer before accessing it [36] - o openssl: use the correct OpenSSL/BoringSSL/LibreSSL in messages - o ftp_done: clear tunnel_state when secondary socket closes [37] - o opt-docs: fix heading macros [38] - o imap/pop3/smtp: Fixed connections upgraded with TLS are not reused [39] - o curl_multi_wait: never return -1 in 'numfds' [40] - o url.c: fix clang warning: no newline at end of file - o krb5: improved type handling to avoid clang compiler warnings - o cookies: first n/v pair in Set-Cookie: is the cookie, then parameters [41] - o multi: avoid blocking during CURLM_STATE_WAITPROXYCONNECT [42] - o multi hash: ensure modulo performed on curl_socket_t [43] - o curl: glob_range: no need to check unsigned variable for negative - o easy: add check to malloc() when running event-based - o CURLOPT_SSLENGINE.3: Only for OpenSSL built with engine support [44] - o version: thread safety - o openssl: verbose: show matching SAN pattern - o openssl: adapt to OpenSSL 1.1.0 API breakage in ERR_remove_thread_state() - o formdata.c: Fixed compilation warning - o configure: use cpp -P when needed [45] - o imap.c: Fixed compilation warning with /Wall enabled - o config-w32.h: Fixed compilation warning when /Wall enabled - o ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabled - o build: Added missing Visual Studio filter files for VC10 onwards - o easy: Remove poll failure check in easy_transfer - o mbedtls: fix compiler warning - o build-wolfssl: Update VS properties for wolfSSL v3.9.0 - o Fixed various compilation warnings when verbose strings disabled + o mbedtls: Added support for NTLM + o SSH: fixed SFTP/SCP transfer problems [1] + o multi: make Curl_expire() work with 0 ms timeouts + o mk-ca-bundle.pl: -m keeps ca cert meta data in output [2] + o TFTP: Fix upload problem with piped input [3] + o CURLOPT_TCP_NODELAY: now enabled by default [4] + o mbedtls: set verbose TLS debug when MBEDTLS_DEBUG is defined [5] + o http2: always wait for readable socket + o cmake: Enable win32 large file support by default + o cmake: Enable win32 threaded resolver by default + o winbuild: Avoid setting redundant CFLAGS to compile commands [6] + o curl.h: make CURL_NO_OLDIES define CURL_STRICTER + o docs: make more markdown files use .md extension + o docs: CONTRIBUTE and LICENSE-MIXING were converted to markdown + o winbuild: Allow changing C compiler via environment variable CC [7] + o rtsp: accept any RTSP session id [8] + o HTTP: retry failed HEAD requests on reused connections too + o configure: add zlib search with pkg-config [9] + o openssl: accept subjectAltName iPAddress if no dNSName match [10] + o MANUAL: Remove invalid link to LDAP documentation [11] + o socks: improved connection procedure [12] + o proxy: reject attempts to use unsupported proxy schemes + o proxy: bring back use of "Proxy-Connection:" [13] + o curl: allow "pkcs11:" prefix for client certificates [14] + o spnego_sspi: fix memory leak in case *outlen is zero [15] + o SOCKS: improve verbose output of SOCKS5 connection sequence + o SOCKS: display the hostname returned by the SOCKS5 proxy server + o http/sasl: Query authentication mechanism supported by SSPI before using + o sasl: Don't use GSSAPI authentication when domain name not specified [16] + o win: Basic support for Universal Windows Platform apps [17] + o nss: fix incorrect use of a previously loaded certificate from file + o nss: work around race condition in PK11_FindSlotByName() [18] + o ftp: fix wrong poll on the secondary socket [19] + o openssl: build warning-free with 1.1.0 (again) + o HTTP: stop parsing headers when switching to unknown protocols [20] + o test219: Add http as a required feature + o TLS: random file/egd doesn't have to match for conn reuse + o schannel: Disable ALPN for Wine since it is causing problems [21] + o http2: make sure stream errors don't needlessly close the connection [22] + o http2: return CURLE_HTTP2_STREAM for unexpected stream close [23] + o darwinssl: --cainfo is intended for backward compatibility only + o speed caps: not based on average speeds anymore [24] + o configure: make the cpp -P detection not clobber CPPFLAGS [25] + o http2: use named define instead of magic constant in read callback + o http2: skip the content-length parsing, detect unknown size + o http2: return EOF when done uploading without known size [26] + o darwinssl: test for errSecSuccess in PKCS12 import rather than noErr [27] + o openssl: fix CURLINFO_SSL_VERIFYRESULT [28] This release includes the following known bugs: @@ -98,62 +64,45 @@ This release includes the following known bugs: This release would not have looked like this without help, code, reports and advice from friends like these: - Anders Bakken, Brad Fitzpatrick, Clint Clayton, Dan Fandrich, - Daniel Stenberg, David Benjamin, David Byron, Emil Lerner, Eric S. Raymond, - Gisle Vanem, Jaime Fullaondo, Jeffrey Walton, Jesse Tan, Justin Ehlert, - Kamil Dudka, Kazuho Oku, Ludwig Nussel, Maksim Kuzevanov, Michael König, - Oliver Graute, Patrick Monnerat, Rafael Antonio, Ray Satiro, Seth Mos, - Shine Fan, Steve Holme, Tatsuhiro Tsujikawa, Timotej Lazar, Tim Rühsen, - Viktor Szakáts, - (30 contributors) + Ales Novak, Bill Nagel, Christian Fillion, Craig Davison, Dambaev Alexander, + Dan Donahue, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg, + David Kalnischkies, David Woodhouse, Erik Janssen, Gaurav Malhotra, + János Fekete, Kamil Dudka, Marcel Raad, Marc Hörsken, Marco Deckel, + Mark Hamilton, Mark Nottingham, Michael Kaufmann, Miroslav Franc, + Nick Zitzmann, Olivier Brunel, Peter Wang, Ray Satiro, Ronnie Mose, + Sergei Nikulov, Serj Kalichev, Simon Warta, Steve Holme, Tatsuhiro Tsujikawa, + Thomas Glanzmann, Tim Rühsen, wmsch on github, + (35 contributors) Thanks! (and sorry if I forgot to mention someone) References to bug reports and discussions on issues: - [1] = https://curl.haxx.se/bug/?i=633 - [2] = https://curl.haxx.se/bug/?i=569 - [3] = https://curl.haxx.se/bug/?i=639 - [4] = https://github.com/curl/curl/commit/4520534#commitcomment-15954863 - [5] = https://curl.haxx.se/bug/?i=640 - [6] = https://curl.haxx.se/bug/?i=642 - [7] = https://curl.haxx.se/bug/?i=626 - [8] = https://curl.haxx.se/bug/?i=646 - [9] = https://bugzilla.redhat.com/1305970 - [10] = https://curl.haxx.se/bug/?i=649 - [11] = https://curl.haxx.se/bug/?i=651 - [12] = https://curl.haxx.se/bug/?i=451 - [13] = https://curl.haxx.se/bug/?i=653 - [14] = https://curl.haxx.se/bug/?i=658 - [15] = https://curl.haxx.se/bug/?i=650 - [16] = https://curl.haxx.se/bug/?i=659 - [17] = https://curl.haxx.se/bug/?i=661 - [18] = https://curl.haxx.se/bug/?i=666 - [19] = https://curl.haxx.se/bug/?i=667 - [20] = https://curl.haxx.se/bug/?i=670 - [21] = https://curl.haxx.se/bug/?i=672 - [22] = https://curl.haxx.se/bug/?i=481 - [23] = https://curl.haxx.se/bug/?i=676 - [24] = https://curl.haxx.se/mail/lib-2016-02/0097.html - [25] = https://curl.haxx.se/libcurl/c/CURLINFO_TLS_SSL_PTR.html - [26] = https://curl.haxx.se/bug/?i=404 - [27] = https://curl.haxx.se/bug/?i=681 - [28] = https://curl.haxx.se/bug/?i=688 - [29] = https://curl.haxx.se/bug/?i=689 - [30] = https://curl.haxx.se/bug/?i=690 - [31] = https://curl.haxx.se/bug/?i=695 - [32] = https://curl.haxx.se/bug/?i=697 - [33] = https://curl.haxx.se/bug/?i=692 - [34] = https://curl.haxx.se/bug/?i=693 - [35] = https://curl.haxx.se/bug/?i=697 - [36] = https://curl.haxx.se/bug/?i=704 - [37] = https://curl.haxx.se/bug/?i=701 - [38] = https://curl.haxx.se/bug/?i=705 - [39] = https://curl.haxx.se/bug/?i=422 - [40] = https://curl.haxx.se/bug/?i=707 - [41] = https://curl.haxx.se/bug/?i=709 - [42] = https://curl.haxx.se/bug/?i=703 - [43] = https://curl.haxx.se/bug/?i=712 - [44] = https://curl.haxx.se/mail/lib-2016-03/0150.html - [45] = https://curl.haxx.se/bug/?i=719 - [47] = https://curl.haxx.se/dev/code-style.html + [1] = https://curl.haxx.se/mail/lib-2016-07/0057.html + [2] = https://curl.haxx.se/bug/?i=937 + [3] = https://curl.haxx.se/bug/?i=857 + [4] = https://curl.haxx.se/mail/lib-2016-06/0143.html + [5] = https://curl.haxx.se/mail/lib-2016-08/0017.html + [6] = https://curl.haxx.se/bug/?i=949 + [7] = https://curl.haxx.se/bug/?i=952 + [8] = https://curl.haxx.se/mail/lib-2016-08/0076.html + [9] = https://curl.haxx.se/bug/?i=956 + [10] = https://curl.haxx.se/bug/?i=959 + [11] = https://curl.haxx.se/bug/?i=962 + [12] = https://curl.haxx.se/bug/?i=944 + [13] = https://curl.haxx.se/bug/?i=954 + [14] = https://curl.haxx.se/mail/lib-2016-08/0122.html + [15] = https://curl.haxx.se/bug/?i=970 + [16] = https://curl.haxx.se/bug/?i=718 + [17] = https://curl.haxx.se/bug/?i=820 + [18] = https://bugzilla.mozilla.org/1297397 + [19] = https://curl.haxx.se/bug/?i=978 + [20] = https://curl.haxx.se/bug/?i=899 + [21] = https://curl.haxx.se/bug/?i=983 + [22] = https://curl.haxx.se/bug/?i=941 + [23] = https://curl.haxx.se/bug/?i=986 + [24] = https://curl.haxx.se/bug/?i=971 + [25] = https://curl.haxx.se/bug/?i=958 + [26] = https://curl.haxx.se/bug/?i=982 + [27] = https://curl.haxx.se/bug/?i=993 + [28] = https://curl.haxx.se/bug/?i=995 diff --git a/acinclude.m4 b/acinclude.m4 index 2c2e51b90..312efcb47 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -32,8 +32,8 @@ dnl actually be a single double-quoted string concatenating all them. AC_DEFUN([CURL_CHECK_DEF], [ AC_REQUIRE([CURL_CPP_P])dnl OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" AS_VAR_PUSHDEF([ac_HaveDef], [curl_cv_have_def_$1])dnl AS_VAR_PUSHDEF([ac_Def], [curl_cv_def_$1])dnl if test -z "$SED"; then @@ -174,7 +174,7 @@ dnl ------------------------------------------------- dnl Check for compilable and valid windows.h header AC_DEFUN([CURL_CHECK_HEADER_WINDOWS], [ - AC_CACHE_CHECK([for windows.h], [ac_cv_header_windows_h], [ + AC_CACHE_CHECK([for windows.h], [curl_cv_header_windows_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -190,12 +190,12 @@ AC_DEFUN([CURL_CHECK_HEADER_WINDOWS], [ #endif ]]) ],[ - ac_cv_header_windows_h="yes" + curl_cv_header_windows_h="yes" ],[ - ac_cv_header_windows_h="no" + curl_cv_header_windows_h="no" ]) ]) - case "$ac_cv_header_windows_h" in + case "$curl_cv_header_windows_h" in yes) AC_DEFINE_UNQUOTED(HAVE_WINDOWS_H, 1, [Define to 1 if you have the windows.h header file.]) @@ -212,9 +212,9 @@ dnl Check if building a native Windows target AC_DEFUN([CURL_CHECK_NATIVE_WINDOWS], [ AC_REQUIRE([CURL_CHECK_HEADER_WINDOWS])dnl - AC_CACHE_CHECK([whether build target is a native Windows one], [ac_cv_native_windows], [ - if test "$ac_cv_header_windows_h" = "no"; then - ac_cv_native_windows="no" + AC_CACHE_CHECK([whether build target is a native Windows one], [curl_cv_native_windows], [ + if test "$curl_cv_header_windows_h" = "no"; then + curl_cv_native_windows="no" else AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ @@ -227,13 +227,13 @@ AC_DEFUN([CURL_CHECK_NATIVE_WINDOWS], [ #endif ]]) ],[ - ac_cv_native_windows="yes" + curl_cv_native_windows="yes" ],[ - ac_cv_native_windows="no" + curl_cv_native_windows="no" ]) fi ]) - AM_CONDITIONAL(DOING_NATIVE_WINDOWS, test "x$ac_cv_native_windows" = xyes) + AM_CONDITIONAL(DOING_NATIVE_WINDOWS, test "x$curl_cv_native_windows" = xyes) ]) @@ -243,7 +243,7 @@ dnl Check for compilable and valid winsock.h header AC_DEFUN([CURL_CHECK_HEADER_WINSOCK], [ AC_REQUIRE([CURL_CHECK_HEADER_WINDOWS])dnl - AC_CACHE_CHECK([for winsock.h], [ac_cv_header_winsock_h], [ + AC_CACHE_CHECK([for winsock.h], [curl_cv_header_winsock_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -260,12 +260,12 @@ AC_DEFUN([CURL_CHECK_HEADER_WINSOCK], [ #endif ]]) ],[ - ac_cv_header_winsock_h="yes" + curl_cv_header_winsock_h="yes" ],[ - ac_cv_header_winsock_h="no" + curl_cv_header_winsock_h="no" ]) ]) - case "$ac_cv_header_winsock_h" in + case "$curl_cv_header_winsock_h" in yes) AC_DEFINE_UNQUOTED(HAVE_WINSOCK_H, 1, [Define to 1 if you have the winsock.h header file.]) @@ -280,7 +280,7 @@ dnl Check for compilable and valid winsock2.h header AC_DEFUN([CURL_CHECK_HEADER_WINSOCK2], [ AC_REQUIRE([CURL_CHECK_HEADER_WINDOWS])dnl - AC_CACHE_CHECK([for winsock2.h], [ac_cv_header_winsock2_h], [ + AC_CACHE_CHECK([for winsock2.h], [curl_cv_header_winsock2_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -297,12 +297,12 @@ AC_DEFUN([CURL_CHECK_HEADER_WINSOCK2], [ #endif ]]) ],[ - ac_cv_header_winsock2_h="yes" + curl_cv_header_winsock2_h="yes" ],[ - ac_cv_header_winsock2_h="no" + curl_cv_header_winsock2_h="no" ]) ]) - case "$ac_cv_header_winsock2_h" in + case "$curl_cv_header_winsock2_h" in yes) AC_DEFINE_UNQUOTED(HAVE_WINSOCK2_H, 1, [Define to 1 if you have the winsock2.h header file.]) @@ -317,7 +317,7 @@ dnl Check for compilable and valid ws2tcpip.h header AC_DEFUN([CURL_CHECK_HEADER_WS2TCPIP], [ AC_REQUIRE([CURL_CHECK_HEADER_WINSOCK2])dnl - AC_CACHE_CHECK([for ws2tcpip.h], [ac_cv_header_ws2tcpip_h], [ + AC_CACHE_CHECK([for ws2tcpip.h], [curl_cv_header_ws2tcpip_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -335,12 +335,12 @@ AC_DEFUN([CURL_CHECK_HEADER_WS2TCPIP], [ #endif ]]) ],[ - ac_cv_header_ws2tcpip_h="yes" + curl_cv_header_ws2tcpip_h="yes" ],[ - ac_cv_header_ws2tcpip_h="no" + curl_cv_header_ws2tcpip_h="no" ]) ]) - case "$ac_cv_header_ws2tcpip_h" in + case "$curl_cv_header_ws2tcpip_h" in yes) AC_DEFINE_UNQUOTED(HAVE_WS2TCPIP_H, 1, [Define to 1 if you have the ws2tcpip.h header file.]) @@ -355,7 +355,7 @@ dnl Check for compilable and valid winldap.h header AC_DEFUN([CURL_CHECK_HEADER_WINLDAP], [ AC_REQUIRE([CURL_CHECK_HEADER_WINDOWS])dnl - AC_CACHE_CHECK([for winldap.h], [ac_cv_header_winldap_h], [ + AC_CACHE_CHECK([for winldap.h], [curl_cv_header_winldap_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -375,12 +375,12 @@ AC_DEFUN([CURL_CHECK_HEADER_WINLDAP], [ #endif ]]) ],[ - ac_cv_header_winldap_h="yes" + curl_cv_header_winldap_h="yes" ],[ - ac_cv_header_winldap_h="no" + curl_cv_header_winldap_h="no" ]) ]) - case "$ac_cv_header_winldap_h" in + case "$curl_cv_header_winldap_h" in yes) AC_DEFINE_UNQUOTED(HAVE_WINLDAP_H, 1, [Define to 1 if you have the winldap.h header file.]) @@ -395,7 +395,7 @@ dnl Check for compilable and valid winber.h header AC_DEFUN([CURL_CHECK_HEADER_WINBER], [ AC_REQUIRE([CURL_CHECK_HEADER_WINLDAP])dnl - AC_CACHE_CHECK([for winber.h], [ac_cv_header_winber_h], [ + AC_CACHE_CHECK([for winber.h], [curl_cv_header_winber_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -417,12 +417,12 @@ AC_DEFUN([CURL_CHECK_HEADER_WINBER], [ #endif ]]) ],[ - ac_cv_header_winber_h="yes" + curl_cv_header_winber_h="yes" ],[ - ac_cv_header_winber_h="no" + curl_cv_header_winber_h="no" ]) ]) - case "$ac_cv_header_winber_h" in + case "$curl_cv_header_winber_h" in yes) AC_DEFINE_UNQUOTED(HAVE_WINBER_H, 1, [Define to 1 if you have the winber.h header file.]) @@ -438,7 +438,7 @@ dnl and check if it is needed even with ldap.h AC_DEFUN([CURL_CHECK_HEADER_LBER], [ AC_REQUIRE([CURL_CHECK_HEADER_WINDOWS])dnl - AC_CACHE_CHECK([for lber.h], [ac_cv_header_lber_h], [ + AC_CACHE_CHECK([for lber.h], [curl_cv_header_lber_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -462,12 +462,12 @@ AC_DEFUN([CURL_CHECK_HEADER_LBER], [ ber_free(bep, 1); ]]) ],[ - ac_cv_header_lber_h="yes" + curl_cv_header_lber_h="yes" ],[ - ac_cv_header_lber_h="no" + curl_cv_header_lber_h="no" ]) ]) - if test "$ac_cv_header_lber_h" = "yes"; then + if test "$curl_cv_header_lber_h" = "yes"; then AC_DEFINE_UNQUOTED(HAVE_LBER_H, 1, [Define to 1 if you have the lber.h header file.]) # @@ -518,7 +518,7 @@ dnl Check for compilable and valid ldap.h header AC_DEFUN([CURL_CHECK_HEADER_LDAP], [ AC_REQUIRE([CURL_CHECK_HEADER_LBER])dnl - AC_CACHE_CHECK([for ldap.h], [ac_cv_header_ldap_h], [ + AC_CACHE_CHECK([for ldap.h], [curl_cv_header_ldap_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -544,12 +544,12 @@ AC_DEFUN([CURL_CHECK_HEADER_LDAP], [ int res = ldap_unbind(ldp); ]]) ],[ - ac_cv_header_ldap_h="yes" + curl_cv_header_ldap_h="yes" ],[ - ac_cv_header_ldap_h="no" + curl_cv_header_ldap_h="no" ]) ]) - case "$ac_cv_header_ldap_h" in + case "$curl_cv_header_ldap_h" in yes) AC_DEFINE_UNQUOTED(HAVE_LDAP_H, 1, [Define to 1 if you have the ldap.h header file.]) @@ -564,7 +564,7 @@ dnl Check for compilable and valid ldap_ssl.h header AC_DEFUN([CURL_CHECK_HEADER_LDAP_SSL], [ AC_REQUIRE([CURL_CHECK_HEADER_LDAP])dnl - AC_CACHE_CHECK([for ldap_ssl.h], [ac_cv_header_ldap_ssl_h], [ + AC_CACHE_CHECK([for ldap_ssl.h], [curl_cv_header_ldap_ssl_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -592,12 +592,12 @@ AC_DEFUN([CURL_CHECK_HEADER_LDAP_SSL], [ LDAP *ldp = ldapssl_init("dummy", LDAPS_PORT, 1); ]]) ],[ - ac_cv_header_ldap_ssl_h="yes" + curl_cv_header_ldap_ssl_h="yes" ],[ - ac_cv_header_ldap_ssl_h="no" + curl_cv_header_ldap_ssl_h="no" ]) ]) - case "$ac_cv_header_ldap_ssl_h" in + case "$curl_cv_header_ldap_ssl_h" in yes) AC_DEFINE_UNQUOTED(HAVE_LDAP_SSL_H, 1, [Define to 1 if you have the ldap_ssl.h header file.]) @@ -612,7 +612,7 @@ dnl Check for compilable and valid ldapssl.h header AC_DEFUN([CURL_CHECK_HEADER_LDAPSSL], [ AC_REQUIRE([CURL_CHECK_HEADER_LDAP])dnl - AC_CACHE_CHECK([for ldapssl.h], [ac_cv_header_ldapssl_h], [ + AC_CACHE_CHECK([for ldapssl.h], [curl_cv_header_ldapssl_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -644,12 +644,12 @@ AC_DEFUN([CURL_CHECK_HEADER_LDAPSSL], [ LDAP *ldp = ldap_ssl_init("dummy", LDAPS_PORT, cert_label); ]]) ],[ - ac_cv_header_ldapssl_h="yes" + curl_cv_header_ldapssl_h="yes" ],[ - ac_cv_header_ldapssl_h="no" + curl_cv_header_ldapssl_h="no" ]) ]) - case "$ac_cv_header_ldapssl_h" in + case "$curl_cv_header_ldapssl_h" in yes) AC_DEFINE_UNQUOTED(HAVE_LDAPSSL_H, 1, [Define to 1 if you have the ldapssl.h header file.]) @@ -866,7 +866,7 @@ dnl Check for compilable and valid malloc.h header, dnl and check if it is needed even with stdlib.h AC_DEFUN([CURL_CHECK_HEADER_MALLOC], [ - AC_CACHE_CHECK([for malloc.h], [ac_cv_header_malloc_h], [ + AC_CACHE_CHECK([for malloc.h], [curl_cv_header_malloc_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #include @@ -877,12 +877,12 @@ AC_DEFUN([CURL_CHECK_HEADER_MALLOC], [ free(q); ]]) ],[ - ac_cv_header_malloc_h="yes" + curl_cv_header_malloc_h="yes" ],[ - ac_cv_header_malloc_h="no" + curl_cv_header_malloc_h="no" ]) ]) - if test "$ac_cv_header_malloc_h" = "yes"; then + if test "$curl_cv_header_malloc_h" = "yes"; then AC_DEFINE_UNQUOTED(HAVE_MALLOC_H, 1, [Define to 1 if you have the malloc.h header file.]) # @@ -918,7 +918,7 @@ dnl and check if it is needed even with stdlib.h for dnl memory related functions. AC_DEFUN([CURL_CHECK_HEADER_MEMORY], [ - AC_CACHE_CHECK([for memory.h], [ac_cv_header_memory_h], [ + AC_CACHE_CHECK([for memory.h], [curl_cv_header_memory_h], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #include @@ -929,12 +929,12 @@ AC_DEFUN([CURL_CHECK_HEADER_MEMORY], [ free(q); ]]) ],[ - ac_cv_header_memory_h="yes" + curl_cv_header_memory_h="yes" ],[ - ac_cv_header_memory_h="no" + curl_cv_header_memory_h="no" ]) ]) - if test "$ac_cv_header_memory_h" = "yes"; then + if test "$curl_cv_header_memory_h" = "yes"; then AC_DEFINE_UNQUOTED(HAVE_MEMORY_H, 1, [Define to 1 if you have the memory.h header file.]) # @@ -1158,7 +1158,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETNAMEINFO], [ # AC_DEFINE_UNQUOTED(HAVE_GETNAMEINFO, 1, [Define to 1 if you have the getnameinfo function.]) - ac_cv_func_getnameinfo="yes" + curl_cv_func_getnameinfo="yes" fi fi ]) @@ -1213,7 +1213,7 @@ AC_DEFUN([CURL_CHECK_NI_WITHSCOPEID], [ netdb.h netinet/in.h arpa/inet.h) # AC_CACHE_CHECK([for working NI_WITHSCOPEID], - [ac_cv_working_ni_withscopeid], [ + [curl_cv_working_ni_withscopeid], [ AC_RUN_IFELSE([ AC_LANG_PROGRAM([[ #ifdef HAVE_STDLIB_H @@ -1271,10 +1271,10 @@ AC_DEFUN([CURL_CHECK_NI_WITHSCOPEID], [ ]]) # AC-LANG-PROGRAM ],[ # Exit code == 0. Program worked. - ac_cv_working_ni_withscopeid="yes" + curl_cv_working_ni_withscopeid="yes" ],[ # Exit code != 0. Program failed. - ac_cv_working_ni_withscopeid="no" + curl_cv_working_ni_withscopeid="no" ],[ # Program is not run when cross-compiling. So we assume # NI_WITHSCOPEID will work if we are able to compile it. @@ -1287,13 +1287,13 @@ AC_DEFUN([CURL_CHECK_NI_WITHSCOPEID], [ unsigned int dummy= NI_NUMERICHOST | NI_NUMERICSERV | NI_WITHSCOPEID; ]]) ],[ - ac_cv_working_ni_withscopeid="yes" + curl_cv_working_ni_withscopeid="yes" ],[ - ac_cv_working_ni_withscopeid="no" + curl_cv_working_ni_withscopeid="no" ]) # AC-COMPILE-IFELSE ]) # AC-RUN-IFELSE ]) # AC-CACHE-CHECK - case "$ac_cv_working_ni_withscopeid" in + case "$curl_cv_working_ni_withscopeid" in yes) AC_DEFINE(HAVE_NI_WITHSCOPEID, 1, [Define to 1 if NI_WITHSCOPEID exists and works.]) @@ -1427,7 +1427,7 @@ AC_DEFUN([CURL_CHECK_FUNC_RECV], [ # AC_DEFINE_UNQUOTED(HAVE_RECV, 1, [Define to 1 if you have the recv function.]) - ac_cv_func_recv="yes" + curl_cv_func_recv="yes" fi else AC_MSG_ERROR([Unable to link function recv]) @@ -1594,7 +1594,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SEND], [ # AC_DEFINE_UNQUOTED(HAVE_SEND, 1, [Define to 1 if you have the send function.]) - ac_cv_func_send="yes" + curl_cv_func_send="yes" fi else AC_MSG_ERROR([Unable to link function send]) @@ -1607,7 +1607,7 @@ dnl Check for MSG_NOSIGNAL AC_DEFUN([CURL_CHECK_MSG_NOSIGNAL], [ AC_CHECK_HEADERS(sys/types.h sys/socket.h) - AC_CACHE_CHECK([for MSG_NOSIGNAL], [ac_cv_msg_nosignal], [ + AC_CACHE_CHECK([for MSG_NOSIGNAL], [curl_cv_msg_nosignal], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -1635,12 +1635,12 @@ AC_DEFUN([CURL_CHECK_MSG_NOSIGNAL], [ int flag=MSG_NOSIGNAL; ]]) ],[ - ac_cv_msg_nosignal="yes" + curl_cv_msg_nosignal="yes" ],[ - ac_cv_msg_nosignal="no" + curl_cv_msg_nosignal="no" ]) ]) - case "$ac_cv_msg_nosignal" in + case "$curl_cv_msg_nosignal" in yes) AC_DEFINE_UNQUOTED(HAVE_MSG_NOSIGNAL, 1, [Define to 1 if you have the MSG_NOSIGNAL flag.]) @@ -1658,7 +1658,7 @@ AC_DEFUN([CURL_CHECK_STRUCT_TIMEVAL], [ AC_REQUIRE([CURL_CHECK_HEADER_WINSOCK])dnl AC_REQUIRE([CURL_CHECK_HEADER_WINSOCK2])dnl AC_CHECK_HEADERS(sys/types.h sys/time.h time.h sys/socket.h) - AC_CACHE_CHECK([for struct timeval], [ac_cv_struct_timeval], [ + AC_CACHE_CHECK([for struct timeval], [curl_cv_struct_timeval], [ AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ #undef inline @@ -1697,12 +1697,12 @@ AC_DEFUN([CURL_CHECK_STRUCT_TIMEVAL], [ ts.tv_usec = 0; ]]) ],[ - ac_cv_struct_timeval="yes" + curl_cv_struct_timeval="yes" ],[ - ac_cv_struct_timeval="no" + curl_cv_struct_timeval="no" ]) ]) - case "$ac_cv_struct_timeval" in + case "$curl_cv_struct_timeval" in yes) AC_DEFINE_UNQUOTED(HAVE_STRUCT_TIMEVAL, 1, [Define to 1 if you have the timeval struct.]) @@ -1740,13 +1740,13 @@ AC_DEFUN([TYPE_SIG_ATOMIC_T], [ ]]) ],[ AC_MSG_RESULT([no]) - ac_cv_sig_atomic_t_volatile="no" + curl_cv_sig_atomic_t_volatile="no" ],[ AC_MSG_RESULT([yes]) - ac_cv_sig_atomic_t_volatile="yes" + curl_cv_sig_atomic_t_volatile="yes" ]) # - if test "$ac_cv_sig_atomic_t_volatile" = "yes"; then + if test "$curl_cv_sig_atomic_t_volatile" = "yes"; then AC_DEFINE(HAVE_SIG_ATOMIC_T_VOLATILE, 1, [Define to 1 if sig_atomic_t is already defined as volatile.]) fi @@ -1878,10 +1878,10 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOCK_GETTIME_MONOTONIC], [ ]]) ],[ AC_MSG_RESULT([yes]) - ac_cv_func_clock_gettime="yes" + curl_func_clock_gettime="yes" ],[ AC_MSG_RESULT([no]) - ac_cv_func_clock_gettime="no" + curl_func_clock_gettime="no" ]) fi dnl Definition of HAVE_CLOCK_GETTIME_MONOTONIC is intentionally postponed @@ -1897,7 +1897,7 @@ dnl check and prepended to LIBS any needed libraries. AC_DEFUN([CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC], [ AC_REQUIRE([CURL_CHECK_FUNC_CLOCK_GETTIME_MONOTONIC])dnl # - if test "$ac_cv_func_clock_gettime" = "yes"; then + if test "$curl_func_clock_gettime" = "yes"; then # AC_MSG_CHECKING([for clock_gettime in libraries]) # @@ -1942,11 +1942,11 @@ AC_DEFUN([CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC], [ X-unknown) AC_MSG_RESULT([cannot find clock_gettime]) AC_MSG_WARN([HAVE_CLOCK_GETTIME_MONOTONIC will not be defined]) - ac_cv_func_clock_gettime="no" + curl_func_clock_gettime="no" ;; X-) AC_MSG_RESULT([no additional lib required]) - ac_cv_func_clock_gettime="yes" + curl_func_clock_gettime="yes" ;; *) if test -z "$curl_cv_save_LIBS"; then @@ -1955,13 +1955,13 @@ AC_DEFUN([CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC], [ LIBS="$curl_cv_gclk_LIBS $curl_cv_save_LIBS" fi AC_MSG_RESULT([$curl_cv_gclk_LIBS]) - ac_cv_func_clock_gettime="yes" + curl_func_clock_gettime="yes" ;; esac # dnl only do runtime verification when not cross-compiling if test "x$cross_compiling" != "xyes" && - test "$ac_cv_func_clock_gettime" = "yes"; then + test "$curl_func_clock_gettime" = "yes"; then AC_MSG_CHECKING([if monotonic clock_gettime works]) AC_RUN_IFELSE([ AC_LANG_PROGRAM([[ @@ -1993,12 +1993,12 @@ AC_DEFUN([CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC], [ ],[ AC_MSG_RESULT([no]) AC_MSG_WARN([HAVE_CLOCK_GETTIME_MONOTONIC will not be defined]) - ac_cv_func_clock_gettime="no" + curl_func_clock_gettime="no" LIBS="$curl_cv_save_LIBS" ]) fi # - case "$ac_cv_func_clock_gettime" in + case "$curl_func_clock_gettime" in yes) AC_DEFINE_UNQUOTED(HAVE_CLOCK_GETTIME_MONOTONIC, 1, [Define to 1 if you have the clock_gettime function and monotonic timer.]) @@ -2159,7 +2159,7 @@ AC_DEFUN([CURL_CONFIGURE_CURL_SOCKLEN_T], [ AC_MSG_CHECKING([size of curl_socklen_t]) curl_sizeof_curl_socklen_t="unknown" curl_pull_headers_socklen_t="unknown" - if test "$ac_cv_header_ws2tcpip_h" = "yes"; then + if test "$curl_cv_header_ws2tcpip_h" = "yes"; then tst_pull_header_checks='none ws2tcpip' tst_size_checks='4' else @@ -2453,7 +2453,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SELECT], [ # AC_DEFINE_UNQUOTED(HAVE_SELECT, 1, [Define to 1 if you have the select function.]) - ac_cv_func_select="yes" + curl_cv_func_select="yes" fi fi ]) @@ -2565,8 +2565,8 @@ dnl regarding the paths this will scan: dnl /etc/ssl/certs/ca-certificates.crt Debian systems dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat -dnl /usr/local/share/certs/ca-root.crt FreeBSD -dnl /etc/ssl/cert.pem OpenBSD +dnl /usr/local/share/certs/ca-root-nss.crt FreeBSD +dnl /etc/ssl/cert.pem OpenBSD, FreeBSD (symlink) dnl /etc/ssl/certs/ (ca path) SUSE AC_DEFUN([CURL_CHECK_CA_BUNDLE], [ @@ -2640,7 +2640,7 @@ AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]), for a in /etc/ssl/certs/ca-certificates.crt \ /etc/pki/tls/certs/ca-bundle.crt \ /usr/share/ssl/certs/ca-bundle.crt \ - /usr/local/share/certs/ca-root.crt \ + /usr/local/share/certs/ca-root-nss.crt \ /etc/ssl/cert.pem \ "$cac"; do if test -f "$a"; then @@ -3011,7 +3011,7 @@ AC_DEFUN([CURL_CHECK_WIN32_LARGEFILE], [ AC_REQUIRE([CURL_CHECK_HEADER_WINDOWS])dnl AC_MSG_CHECKING([whether build target supports WIN32 file API]) curl_win32_file_api="no" - if test "$ac_cv_header_windows_h" = "yes"; then + if test "$curl_cv_header_windows_h" = "yes"; then if test x"$enable_largefile" != "xno"; then AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ @@ -3187,12 +3187,15 @@ TEST EINVAL TEST if test "x$cpp_p" = "xno"; then AC_MSG_WARN([failed to figure out cpp -P alternative]) # without -P - CPPPFLAGS=$OLDCPPFLAGS + CPPPFLAG="" else # with -P - CPPPFLAGS=$CPPFLAGS + CPPPFLAG="-P" fi dnl restore CPPFLAGS CPPFLAGS=$OLDCPPFLAGS + else + # without -P + CPPPFLAG="" fi ]) diff --git a/config.guess b/config.guess index 16592509d..0967f2afa 100755 --- a/config.guess +++ b/config.guess @@ -1,8 +1,8 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright 1992-2015 Free Software Foundation, Inc. +# Copyright 1992-2016 Free Software Foundation, Inc. -timestamp='2015-08-20' +timestamp='2016-04-02' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -27,7 +27,7 @@ timestamp='2015-08-20' # Originally written by Per Bothner; maintained since 2000 by Ben Elliston. # # You can get the latest version of this script from: -# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess # # Please send patches to . @@ -50,7 +50,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright 1992-2015 Free Software Foundation, Inc. +Copyright 1992-2016 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -237,6 +237,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} exit ;; + *:LibertyBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/^.*BSD\.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-libertybsd${UNAME_RELEASE} + exit ;; *:ekkoBSD:*:*) echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} exit ;; @@ -268,42 +272,42 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` case "$ALPHA_CPU_TYPE" in "EV4 (21064)") - UNAME_MACHINE="alpha" ;; + UNAME_MACHINE=alpha ;; "EV4.5 (21064)") - UNAME_MACHINE="alpha" ;; + UNAME_MACHINE=alpha ;; "LCA4 (21066/21068)") - UNAME_MACHINE="alpha" ;; + UNAME_MACHINE=alpha ;; "EV5 (21164)") - UNAME_MACHINE="alphaev5" ;; + UNAME_MACHINE=alphaev5 ;; "EV5.6 (21164A)") - UNAME_MACHINE="alphaev56" ;; + UNAME_MACHINE=alphaev56 ;; "EV5.6 (21164PC)") - UNAME_MACHINE="alphapca56" ;; + UNAME_MACHINE=alphapca56 ;; "EV5.7 (21164PC)") - UNAME_MACHINE="alphapca57" ;; + UNAME_MACHINE=alphapca57 ;; "EV6 (21264)") - UNAME_MACHINE="alphaev6" ;; + UNAME_MACHINE=alphaev6 ;; "EV6.7 (21264A)") - UNAME_MACHINE="alphaev67" ;; + UNAME_MACHINE=alphaev67 ;; "EV6.8CB (21264C)") - UNAME_MACHINE="alphaev68" ;; + UNAME_MACHINE=alphaev68 ;; "EV6.8AL (21264B)") - UNAME_MACHINE="alphaev68" ;; + UNAME_MACHINE=alphaev68 ;; "EV6.8CX (21264D)") - UNAME_MACHINE="alphaev68" ;; + UNAME_MACHINE=alphaev68 ;; "EV6.9A (21264/EV69A)") - UNAME_MACHINE="alphaev69" ;; + UNAME_MACHINE=alphaev69 ;; "EV7 (21364)") - UNAME_MACHINE="alphaev7" ;; + UNAME_MACHINE=alphaev7 ;; "EV7.9 (21364A)") - UNAME_MACHINE="alphaev79" ;; + UNAME_MACHINE=alphaev79 ;; esac # A Pn.n version is a patched version. # A Vn.n version is a released version. # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` # Reset EXIT trap before exiting to avoid spurious non-zero exit code. exitcode=$? trap '' 0 @@ -376,16 +380,16 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in exit ;; i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) eval $set_cc_for_build - SUN_ARCH="i386" + SUN_ARCH=i386 # If there is a compiler, see if it is configured for 64-bit objects. # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. # This test works for both compilers. - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if [ "$CC_FOR_BUILD" != no_compiler_found ]; then if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null then - SUN_ARCH="x86_64" + SUN_ARCH=x86_64 fi fi echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` @@ -410,7 +414,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in exit ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` - test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + test "x${UNAME_RELEASE}" = x && UNAME_RELEASE=3 case "`/bin/arch`" in sun3) echo m68k-sun-sunos${UNAME_RELEASE} @@ -635,13 +639,13 @@ EOF sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 523) HP_ARCH=hppa1.0 ;; # CPU_PA_RISC1_0 + 528) HP_ARCH=hppa1.1 ;; # CPU_PA_RISC1_1 532) # CPU_PA_RISC2_0 case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; - '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 + 32) HP_ARCH=hppa2.0n ;; + 64) HP_ARCH=hppa2.0w ;; + '') HP_ARCH=hppa2.0 ;; # HP-UX 10.20 esac ;; esac fi @@ -680,11 +684,11 @@ EOF exit (0); } EOF - (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + (CCOPTS="" $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` test -z "$HP_ARCH" && HP_ARCH=hppa fi ;; esac - if [ ${HP_ARCH} = "hppa2.0w" ] + if [ ${HP_ARCH} = hppa2.0w ] then eval $set_cc_for_build @@ -697,12 +701,12 @@ EOF # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess # => hppa64-hp-hpux11.23 - if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | + if echo __LP64__ | (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | grep -q __LP64__ then - HP_ARCH="hppa2.0w" + HP_ARCH=hppa2.0w else - HP_ARCH="hppa64" + HP_ARCH=hppa64 fi fi echo ${HP_ARCH}-hp-hpux${HPUX_REV} @@ -807,14 +811,14 @@ EOF echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) - FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_PROC=`uname -m | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` + FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/ /_/'` echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) @@ -896,7 +900,7 @@ EOF exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix @@ -919,7 +923,7 @@ EOF EV68*) UNAME_MACHINE=alphaev68 ;; esac objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="gnulibc1" ; fi + if test "$?" = 0 ; then LIBC=gnulibc1 ; fi echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; arc:Linux:*:* | arceb:Linux:*:*) @@ -965,6 +969,9 @@ EOF ia64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; + k1om:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; m32r*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; @@ -1120,7 +1127,7 @@ EOF # uname -m prints for DJGPP always 'pc', but it prints nothing about # the processor, so we play safe by assuming i586. # Note: whatever this is, it MUST be the same as what config.sub - # prints for the "djgpp" host, or else GDB configury will decide that + # prints for the "djgpp" host, or else GDB configure will decide that # this is a cross-build. echo i586-pc-msdosdjgpp exit ;; @@ -1269,6 +1276,9 @@ EOF SX-8R:SUPER-UX:*:*) echo sx8r-nec-superux${UNAME_RELEASE} exit ;; + SX-ACE:SUPER-UX:*:*) + echo sxace-nec-superux${UNAME_RELEASE} + exit ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} exit ;; @@ -1282,9 +1292,9 @@ EOF UNAME_PROCESSOR=powerpc fi if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if [ "$CC_FOR_BUILD" != no_compiler_found ]; then if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null then case $UNAME_PROCESSOR in @@ -1306,7 +1316,7 @@ EOF exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) UNAME_PROCESSOR=`uname -p` - if test "$UNAME_PROCESSOR" = "x86"; then + if test "$UNAME_PROCESSOR" = x86; then UNAME_PROCESSOR=i386 UNAME_MACHINE=pc fi @@ -1337,7 +1347,7 @@ EOF # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 # operating systems. - if test "$cputype" = "386"; then + if test "$cputype" = 386; then UNAME_MACHINE=i386 else UNAME_MACHINE="$cputype" @@ -1379,7 +1389,7 @@ EOF echo i386-pc-xenix exit ;; i*86:skyos:*:*) - echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE} | sed -e 's/ .*$//'` exit ;; i*86:rdos:*:*) echo ${UNAME_MACHINE}-pc-rdos @@ -1390,6 +1400,9 @@ EOF x86_64:VMkernel:*:*) echo ${UNAME_MACHINE}-unknown-esx exit ;; + amd64:Isilon\ OneFS:*:*) + echo x86_64-unknown-onefs + exit ;; esac cat >&2 <&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: failed to figure out cpp -P alternative" >&5 $as_echo "$as_me: WARNING: failed to figure out cpp -P alternative" >&2;} # without -P - CPPPFLAGS=$OLDCPPFLAGS + CPPPFLAG="" else # with -P - CPPPFLAGS=$CPPFLAGS + CPPPFLAG="-P" fi CPPFLAGS=$OLDCPPFLAGS + else + # without -P + CPPPFLAG="" fi @@ -6245,8 +6248,8 @@ if ac_fn_c_try_compile "$LINENO"; then : else OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" as_ac_HaveDef=`$as_echo "curl_cv_have_def_$tmp_fmt" | $as_tr_sh` as_ac_Def=`$as_echo "curl_cv_def_$tmp_fmt" | $as_tr_sh` if test -z "$SED"; then @@ -6363,8 +6366,8 @@ if ac_fn_c_try_compile "$LINENO"; then : else OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" as_ac_HaveDef=`$as_echo "curl_cv_have_def_$tmp_fmt" | $as_tr_sh` as_ac_Def=`$as_echo "curl_cv_def_$tmp_fmt" | $as_tr_sh` if test -z "$SED"; then @@ -16130,8 +16133,8 @@ esac $as_echo_n "checking if compiler is DEC/Compaq/HP C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16174,8 +16177,8 @@ rm -f conftest.err conftest.i conftest.$ac_ext OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16237,8 +16240,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is HP-UX C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16299,8 +16302,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is IBM C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16369,8 +16372,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is Intel C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16417,8 +16420,8 @@ $as_echo "yes" >&6; } compiler_num="$curl_cv_def___INTEL_COMPILER" OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16493,8 +16496,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is clang... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16566,8 +16569,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is GNU C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16632,8 +16635,8 @@ $as_echo "yes" >&6; } flags_opt_off="-O0" OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16684,8 +16687,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is LCC... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16746,8 +16749,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is SGI MIPSpro C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16790,8 +16793,8 @@ rm -f conftest.err conftest.i conftest.$ac_ext OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16834,8 +16837,8 @@ rm -f conftest.err conftest.i conftest.$ac_ext OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16898,8 +16901,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is SGI MIPS C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -16942,8 +16945,8 @@ rm -f conftest.err conftest.i conftest.$ac_ext OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -17006,8 +17009,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is SunPro C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -17068,8 +17071,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is Tiny C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -17130,8 +17133,8 @@ $as_echo "no" >&6; } $as_echo_n "checking if compiler is Watcom C... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -17177,8 +17180,8 @@ rm -f conftest.err conftest.i conftest.$ac_ext $as_echo "yes" >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -18485,7 +18488,7 @@ $as_echo_n "checking if compiler supports hiding library internal symbols... " > ;; GNU_C) if test "$compiler_num" -ge "304"; then - if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null ; then + if $CC --help --verbose 2>/dev/null | grep fvisibility= >/dev/null ; then tmp_EXTERN="__attribute__ ((__visibility__ (\"default\")))" tmp_CFLAGS="-fvisibility=hidden" supports_symbol_hiding="yes" @@ -18702,7 +18705,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for windows.h" >&5 $as_echo_n "checking for windows.h... " >&6; } -if ${ac_cv_header_windows_h+:} false; then : +if ${curl_cv_header_windows_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -18732,19 +18735,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_windows_h="yes" + curl_cv_header_windows_h="yes" else - ac_cv_header_windows_h="no" + curl_cv_header_windows_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_windows_h" >&5 -$as_echo "$ac_cv_header_windows_h" >&6; } - case "$ac_cv_header_windows_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_windows_h" >&5 +$as_echo "$curl_cv_header_windows_h" >&6; } + case "$curl_cv_header_windows_h" in yes) cat >>confdefs.h <<_ACEOF @@ -18762,12 +18765,12 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build target is a native Windows one" >&5 $as_echo_n "checking whether build target is a native Windows one... " >&6; } -if ${ac_cv_native_windows+:} false; then : +if ${curl_cv_native_windows+:} false; then : $as_echo_n "(cached) " >&6 else - if test "$ac_cv_header_windows_h" = "no"; then - ac_cv_native_windows="no" + if test "$curl_cv_header_windows_h" = "no"; then + curl_cv_native_windows="no" else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -18791,20 +18794,20 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_native_windows="yes" + curl_cv_native_windows="yes" else - ac_cv_native_windows="no" + curl_cv_native_windows="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_native_windows" >&5 -$as_echo "$ac_cv_native_windows" >&6; } - if test "x$ac_cv_native_windows" = xyes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_native_windows" >&5 +$as_echo "$curl_cv_native_windows" >&6; } + if test "x$curl_cv_native_windows" = xyes; then DOING_NATIVE_WINDOWS_TRUE= DOING_NATIVE_WINDOWS_FALSE='#' else @@ -18813,12 +18816,12 @@ else fi -case X-"$ac_cv_native_windows" in +case X-"$curl_cv_native_windows" in X-yes) { $as_echo "$as_me:${as_lineno-$LINENO}: checking for winsock.h" >&5 $as_echo_n "checking for winsock.h... " >&6; } -if ${ac_cv_header_winsock_h+:} false; then : +if ${curl_cv_header_winsock_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -18849,19 +18852,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_winsock_h="yes" + curl_cv_header_winsock_h="yes" else - ac_cv_header_winsock_h="no" + curl_cv_header_winsock_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_winsock_h" >&5 -$as_echo "$ac_cv_header_winsock_h" >&6; } - case "$ac_cv_header_winsock_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_winsock_h" >&5 +$as_echo "$curl_cv_header_winsock_h" >&6; } + case "$curl_cv_header_winsock_h" in yes) cat >>confdefs.h <<_ACEOF @@ -18874,7 +18877,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for winsock2.h" >&5 $as_echo_n "checking for winsock2.h... " >&6; } -if ${ac_cv_header_winsock2_h+:} false; then : +if ${curl_cv_header_winsock2_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -18905,19 +18908,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_winsock2_h="yes" + curl_cv_header_winsock2_h="yes" else - ac_cv_header_winsock2_h="no" + curl_cv_header_winsock2_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_winsock2_h" >&5 -$as_echo "$ac_cv_header_winsock2_h" >&6; } - case "$ac_cv_header_winsock2_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_winsock2_h" >&5 +$as_echo "$curl_cv_header_winsock2_h" >&6; } + case "$curl_cv_header_winsock2_h" in yes) cat >>confdefs.h <<_ACEOF @@ -18930,7 +18933,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ws2tcpip.h" >&5 $as_echo_n "checking for ws2tcpip.h... " >&6; } -if ${ac_cv_header_ws2tcpip_h+:} false; then : +if ${curl_cv_header_ws2tcpip_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -18962,19 +18965,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_ws2tcpip_h="yes" + curl_cv_header_ws2tcpip_h="yes" else - ac_cv_header_ws2tcpip_h="no" + curl_cv_header_ws2tcpip_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_ws2tcpip_h" >&5 -$as_echo "$ac_cv_header_ws2tcpip_h" >&6; } - case "$ac_cv_header_ws2tcpip_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_ws2tcpip_h" >&5 +$as_echo "$curl_cv_header_ws2tcpip_h" >&6; } + case "$curl_cv_header_ws2tcpip_h" in yes) cat >>confdefs.h <<_ACEOF @@ -18987,7 +18990,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for winldap.h" >&5 $as_echo_n "checking for winldap.h... " >&6; } -if ${ac_cv_header_winldap_h+:} false; then : +if ${curl_cv_header_winldap_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -19021,19 +19024,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_winldap_h="yes" + curl_cv_header_winldap_h="yes" else - ac_cv_header_winldap_h="no" + curl_cv_header_winldap_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_winldap_h" >&5 -$as_echo "$ac_cv_header_winldap_h" >&6; } - case "$ac_cv_header_winldap_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_winldap_h" >&5 +$as_echo "$curl_cv_header_winldap_h" >&6; } + case "$curl_cv_header_winldap_h" in yes) cat >>confdefs.h <<_ACEOF @@ -19046,7 +19049,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for winber.h" >&5 $as_echo_n "checking for winber.h... " >&6; } -if ${ac_cv_header_winber_h+:} false; then : +if ${curl_cv_header_winber_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -19082,19 +19085,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_winber_h="yes" + curl_cv_header_winber_h="yes" else - ac_cv_header_winber_h="no" + curl_cv_header_winber_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_winber_h" >&5 -$as_echo "$ac_cv_header_winber_h" >&6; } - case "$ac_cv_header_winber_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_winber_h" >&5 +$as_echo "$curl_cv_header_winber_h" >&6; } + case "$curl_cv_header_winber_h" in yes) cat >>confdefs.h <<_ACEOF @@ -19106,18 +19109,18 @@ _ACEOF ;; *) - ac_cv_header_winsock_h="no" - ac_cv_header_winsock2_h="no" - ac_cv_header_ws2tcpip_h="no" - ac_cv_header_winldap_h="no" - ac_cv_header_winber_h="no" + curl_cv_header_winsock_h="no" + curl_cv_header_winsock2_h="no" + curl_cv_header_ws2tcpip_h="no" + curl_cv_header_winldap_h="no" + curl_cv_header_winber_h="no" ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build target supports WIN32 file API" >&5 $as_echo_n "checking whether build target supports WIN32 file API... " >&6; } curl_win32_file_api="no" - if test "$ac_cv_header_windows_h" = "yes"; then + if test "$curl_cv_header_windows_h" = "yes"; then if test x"$enable_largefile" != "xno"; then cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -19901,8 +19904,8 @@ fi if test "$HAVE_GETHOSTBYNAME" != "1" then - if test "$ac_cv_header_windows_h" = "yes"; then - if test "$ac_cv_header_winsock_h" = "yes"; then + if test "$curl_cv_header_windows_h" = "yes"; then + if test "$curl_cv_header_winsock_h" = "yes"; then case $host in *-*-mingw32ce*) winsock_LIB="-lwinsock" @@ -19912,7 +19915,7 @@ then ;; esac fi - if test "$ac_cv_header_winsock2_h" = "yes"; then + if test "$curl_cv_header_winsock2_h" = "yes"; then winsock_LIB="-lws2_32" fi if test ! -z "$winsock_LIB"; then @@ -20133,96 +20136,6 @@ if test "$HAVE_GETHOSTBYNAME" != "1"; then as_fn_error $? "couldn't find libraries for gethostbyname()" "$LINENO" 5 fi -ac_fn_c_check_func "$LINENO" "strcasecmp" "ac_cv_func_strcasecmp" -if test "x$ac_cv_func_strcasecmp" = xyes; then : - -else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for strcasecmp in -lresolve" >&5 -$as_echo_n "checking for strcasecmp in -lresolve... " >&6; } -if ${ac_cv_lib_resolve_strcasecmp+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lresolve $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - -#ifdef __cplusplus -extern "C" -#endif -char strcasecmp (); -int main (void) -{ -return strcasecmp (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_resolve_strcasecmp=yes -else - ac_cv_lib_resolve_strcasecmp=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolve_strcasecmp" >&5 -$as_echo "$ac_cv_lib_resolve_strcasecmp" >&6; } -if test "x$ac_cv_lib_resolve_strcasecmp" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBRESOLVE 1 -_ACEOF - - LIBS="-lresolve $LIBS" - -fi - -fi - - -if test "$ac_cv_lib_resolve_strcasecmp" = "$ac_cv_func_strcasecmp"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for strcasecmp in -lresolve" >&5 -$as_echo_n "checking for strcasecmp in -lresolve... " >&6; } -if ${ac_cv_lib_resolve_strcasecmp+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lresolve -lnsl $LIBS" -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - -#ifdef __cplusplus -extern "C" -#endif -char strcasecmp (); -int main (void) -{ -return strcasecmp (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_resolve_strcasecmp=yes -else - ac_cv_lib_resolve_strcasecmp=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolve_strcasecmp" >&5 -$as_echo "$ac_cv_lib_resolve_strcasecmp" >&6; } -if test "x$ac_cv_lib_resolve_strcasecmp" = xyes; then : - LIBS="-lresolve $LIBS" -fi - -fi -ac_cv_func_strcasecmp="no" - curl_includes_winsock2="\ /* includes start */ @@ -20243,7 +20156,7 @@ curl_includes_winsock2="\ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for windows.h" >&5 $as_echo_n "checking for windows.h... " >&6; } -if ${ac_cv_header_windows_h+:} false; then : +if ${curl_cv_header_windows_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -20273,19 +20186,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_windows_h="yes" + curl_cv_header_windows_h="yes" else - ac_cv_header_windows_h="no" + curl_cv_header_windows_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_windows_h" >&5 -$as_echo "$ac_cv_header_windows_h" >&6; } - case "$ac_cv_header_windows_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_windows_h" >&5 +$as_echo "$curl_cv_header_windows_h" >&6; } + case "$curl_cv_header_windows_h" in yes) cat >>confdefs.h <<_ACEOF @@ -20303,7 +20216,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for winsock.h" >&5 $as_echo_n "checking for winsock.h... " >&6; } -if ${ac_cv_header_winsock_h+:} false; then : +if ${curl_cv_header_winsock_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -20334,19 +20247,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_winsock_h="yes" + curl_cv_header_winsock_h="yes" else - ac_cv_header_winsock_h="no" + curl_cv_header_winsock_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_winsock_h" >&5 -$as_echo "$ac_cv_header_winsock_h" >&6; } - case "$ac_cv_header_winsock_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_winsock_h" >&5 +$as_echo "$curl_cv_header_winsock_h" >&6; } + case "$curl_cv_header_winsock_h" in yes) cat >>confdefs.h <<_ACEOF @@ -20359,7 +20272,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for winsock2.h" >&5 $as_echo_n "checking for winsock2.h... " >&6; } -if ${ac_cv_header_winsock2_h+:} false; then : +if ${curl_cv_header_winsock2_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -20390,19 +20303,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_winsock2_h="yes" + curl_cv_header_winsock2_h="yes" else - ac_cv_header_winsock2_h="no" + curl_cv_header_winsock2_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_winsock2_h" >&5 -$as_echo "$ac_cv_header_winsock2_h" >&6; } - case "$ac_cv_header_winsock2_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_winsock2_h" >&5 +$as_echo "$curl_cv_header_winsock2_h" >&6; } + case "$curl_cv_header_winsock2_h" in yes) cat >>confdefs.h <<_ACEOF @@ -20557,13 +20470,13 @@ if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } - ac_cv_func_clock_gettime="yes" + curl_func_clock_gettime="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_clock_gettime="no" + curl_func_clock_gettime="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext @@ -20571,7 +20484,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext # - if test "$ac_cv_func_clock_gettime" = "yes"; then + if test "$curl_func_clock_gettime" = "yes"; then # { $as_echo "$as_me:${as_lineno-$LINENO}: checking for clock_gettime in libraries" >&5 $as_echo_n "checking for clock_gettime in libraries... " >&6; } @@ -20633,12 +20546,12 @@ rm -f core conftest.err conftest.$ac_objext \ $as_echo "cannot find clock_gettime" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: HAVE_CLOCK_GETTIME_MONOTONIC will not be defined" >&5 $as_echo "$as_me: WARNING: HAVE_CLOCK_GETTIME_MONOTONIC will not be defined" >&2;} - ac_cv_func_clock_gettime="no" + curl_func_clock_gettime="no" ;; X-) { $as_echo "$as_me:${as_lineno-$LINENO}: result: no additional lib required" >&5 $as_echo "no additional lib required" >&6; } - ac_cv_func_clock_gettime="yes" + curl_func_clock_gettime="yes" ;; *) if test -z "$curl_cv_save_LIBS"; then @@ -20648,12 +20561,12 @@ $as_echo "no additional lib required" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_gclk_LIBS" >&5 $as_echo "$curl_cv_gclk_LIBS" >&6; } - ac_cv_func_clock_gettime="yes" + curl_func_clock_gettime="yes" ;; esac # if test "x$cross_compiling" != "xyes" && - test "$ac_cv_func_clock_gettime" = "yes"; then + test "$curl_func_clock_gettime" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if monotonic clock_gettime works" >&5 $as_echo_n "checking if monotonic clock_gettime works... " >&6; } if test "$cross_compiling" = yes; then : @@ -20708,7 +20621,7 @@ else $as_echo "no" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: HAVE_CLOCK_GETTIME_MONOTONIC will not be defined" >&5 $as_echo "$as_me: WARNING: HAVE_CLOCK_GETTIME_MONOTONIC will not be defined" >&2;} - ac_cv_func_clock_gettime="no" + curl_func_clock_gettime="no" LIBS="$curl_cv_save_LIBS" fi @@ -20718,7 +20631,7 @@ fi fi # - case "$ac_cv_func_clock_gettime" in + case "$curl_func_clock_gettime" in yes) cat >>confdefs.h <<_ACEOF @@ -20755,9 +20668,147 @@ else OPT_ZLIB="" fi + + if test -n "$PKG_CONFIG"; then + PKGCONFIG="$PKG_CONFIG" + else + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. +set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_PKGCONFIG+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $PKGCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_dummy="$PATH:/usr/bin:/usr/local/bin" +for as_dir in $as_dummy +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PKGCONFIG=$ac_cv_path_PKGCONFIG +if test -n "$PKGCONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG" >&5 +$as_echo "$PKGCONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_path_PKGCONFIG"; then + ac_pt_PKGCONFIG=$PKGCONFIG + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_ac_pt_PKGCONFIG+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $ac_pt_PKGCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_ac_pt_PKGCONFIG="$ac_pt_PKGCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_dummy="$PATH:/usr/bin:/usr/local/bin" +for as_dir in $as_dummy +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_ac_pt_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +ac_pt_PKGCONFIG=$ac_cv_path_ac_pt_PKGCONFIG +if test -n "$ac_pt_PKGCONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKGCONFIG" >&5 +$as_echo "$ac_pt_PKGCONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_pt_PKGCONFIG" = x; then + PKGCONFIG="no" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + PKGCONFIG=$ac_pt_PKGCONFIG + fi +else + PKGCONFIG="$ac_cv_path_PKGCONFIG" +fi + + fi + + if test "x$PKGCONFIG" != "xno"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for zlib options with pkg-config" >&5 +$as_echo_n "checking for zlib options with pkg-config... " >&6; } + itexists=` + if test -n ""; then + PKG_CONFIG_LIBDIR="" + export PKG_CONFIG_LIBDIR + fi + $PKGCONFIG --exists zlib >/dev/null 2>&1 && echo 1` + + if test -z "$itexists"; then + PKGCONFIG="no" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: found" >&5 +$as_echo "found" >&6; } + fi + fi + + + if test "$PKGCONFIG" != "no" ; then + LIBS="`$PKGCONFIG --libs-only-l zlib` $LIBS" + LDFLAGS="`$PKGCONFIG --libs-only-L zlib` $LDFLAGS" + CPPFLAGS="`$PKGCONFIG --cflags-only-I zlib` $CPPFLAGS" + OPT_ZLIB="" + HAVE_LIBZ="1" + fi + if test -z "$OPT_ZLIB" ; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inflateEnd in -lz" >&5 + if test -z "$HAVE_LIBZ"; then + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inflateEnd in -lz" >&5 $as_echo_n "checking for inflateEnd in -lz... " >&6; } if ${ac_cv_lib_z_inflateEnd+:} false; then : $as_echo_n "(cached) " >&6 @@ -20797,7 +20848,7 @@ else OPT_ZLIB="/usr/local" fi - + fi fi if test -n "$OPT_ZLIB"; then @@ -20931,7 +20982,7 @@ if test x$CURL_DISABLE_LDAP != x1 ; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for lber.h" >&5 $as_echo_n "checking for lber.h... " >&6; } -if ${ac_cv_header_lber_h+:} false; then : +if ${curl_cv_header_lber_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -20969,19 +21020,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_lber_h="yes" + curl_cv_header_lber_h="yes" else - ac_cv_header_lber_h="no" + curl_cv_header_lber_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_lber_h" >&5 -$as_echo "$ac_cv_header_lber_h" >&6; } - if test "$ac_cv_header_lber_h" = "yes"; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_lber_h" >&5 +$as_echo "$curl_cv_header_lber_h" >&6; } + if test "$curl_cv_header_lber_h" = "yes"; then cat >>confdefs.h <<_ACEOF #define HAVE_LBER_H 1 @@ -21048,7 +21099,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldap.h" >&5 $as_echo_n "checking for ldap.h... " >&6; } -if ${ac_cv_header_ldap_h+:} false; then : +if ${curl_cv_header_ldap_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -21088,19 +21139,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_ldap_h="yes" + curl_cv_header_ldap_h="yes" else - ac_cv_header_ldap_h="no" + curl_cv_header_ldap_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_ldap_h" >&5 -$as_echo "$ac_cv_header_ldap_h" >&6; } - case "$ac_cv_header_ldap_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_ldap_h" >&5 +$as_echo "$curl_cv_header_ldap_h" >&6; } + case "$curl_cv_header_ldap_h" in yes) cat >>confdefs.h <<_ACEOF @@ -21113,7 +21164,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldapssl.h" >&5 $as_echo_n "checking for ldapssl.h... " >&6; } -if ${ac_cv_header_ldapssl_h+:} false; then : +if ${curl_cv_header_ldapssl_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -21159,19 +21210,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_ldapssl_h="yes" + curl_cv_header_ldapssl_h="yes" else - ac_cv_header_ldapssl_h="no" + curl_cv_header_ldapssl_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_ldapssl_h" >&5 -$as_echo "$ac_cv_header_ldapssl_h" >&6; } - case "$ac_cv_header_ldapssl_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_ldapssl_h" >&5 +$as_echo "$curl_cv_header_ldapssl_h" >&6; } + case "$curl_cv_header_ldapssl_h" in yes) cat >>confdefs.h <<_ACEOF @@ -21184,7 +21235,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldap_ssl.h" >&5 $as_echo_n "checking for ldap_ssl.h... " >&6; } -if ${ac_cv_header_ldap_ssl_h+:} false; then : +if ${curl_cv_header_ldap_ssl_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -21226,19 +21277,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_ldap_ssl_h="yes" + curl_cv_header_ldap_ssl_h="yes" else - ac_cv_header_ldap_ssl_h="no" + curl_cv_header_ldap_ssl_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_ldap_ssl_h" >&5 -$as_echo "$ac_cv_header_ldap_ssl_h" >&6; } - case "$ac_cv_header_ldap_ssl_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_ldap_ssl_h" >&5 +$as_echo "$curl_cv_header_ldap_ssl_h" >&6; } + case "$curl_cv_header_ldap_ssl_h" in yes) cat >>confdefs.h <<_ACEOF @@ -21250,7 +21301,7 @@ _ACEOF if test -z "$LDAPLIBNAME" ; then - if test "$ac_cv_native_windows" = "yes"; then + if test "$curl_cv_native_windows" = "yes"; then LDAPLIBNAME="wldap32" LBERLIBNAME="no" fi @@ -21929,7 +21980,7 @@ fi $as_echo_n "checking whether to enable Windows native SSL/TLS (Windows native builds only)... " >&6; } if test "$curl_ssl_msg" = "$init_ssl_msg"; then if test "x$OPT_WINSSL" != "xno" && - test "x$ac_cv_native_windows" = "xyes"; then + test "x$curl_cv_native_windows" = "xyes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } @@ -21946,6 +21997,7 @@ $as_echo "#define USE_WINDOWS_SSPI 1" >>confdefs.h USE_WINDOWS_SSPI=1 curl_sspi_msg="enabled" + LIBS="-lcrypt32 $LIBS" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } @@ -22714,8 +22766,8 @@ $as_echo "$as_me: Added $LIB_OPENSSL to LD_LIBRARY_PATH" >&6;} $as_echo_n "checking for OpenSSL headers version... " >&6; } OLDCPPFLAGS=$CPPFLAGS - # CPPPFLAGS comes from CURL_CPP_P - CPPFLAGS="$CPPPFLAGS" + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" if test -z "$SED"; then as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 fi @@ -24527,7 +24579,9 @@ done if test "x$cyassllibname" = "xwolfssl"; then for ac_func in wolfSSLv3_client_method \ - wolfSSL_get_peer_certificate + wolfSSL_CTX_UseSupportedCurve \ + wolfSSL_get_peer_certificate \ + wolfSSL_UseALPN do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@ -24540,12 +24594,14 @@ fi done else - for ac_func in CyaSSL_get_peer_certificate + for ac_func in CyaSSL_CTX_UseSupportedCurve \ + CyaSSL_get_peer_certificate do : - ac_fn_c_check_func "$LINENO" "CyaSSL_get_peer_certificate" "ac_cv_func_CyaSSL_get_peer_certificate" -if test "x$ac_cv_func_CyaSSL_get_peer_certificate" = xyes; then : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF -#define HAVE_CYASSL_GET_PEER_CERTIFICATE 1 +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi @@ -25161,7 +25217,7 @@ fi for a in /etc/ssl/certs/ca-certificates.crt \ /etc/pki/tls/certs/ca-bundle.crt \ /usr/share/ssl/certs/ca-bundle.crt \ - /usr/local/share/certs/ca-root.crt \ + /usr/local/share/certs/ca-root-nss.crt \ /etc/ssl/cert.pem \ "$cac"; do if test -f "$a"; then @@ -27294,7 +27350,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for malloc.h" >&5 $as_echo_n "checking for malloc.h... " >&6; } -if ${ac_cv_header_malloc_h+:} false; then : +if ${curl_cv_header_malloc_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -27319,19 +27375,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_malloc_h="yes" + curl_cv_header_malloc_h="yes" else - ac_cv_header_malloc_h="no" + curl_cv_header_malloc_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_malloc_h" >&5 -$as_echo "$ac_cv_header_malloc_h" >&6; } - if test "$ac_cv_header_malloc_h" = "yes"; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_malloc_h" >&5 +$as_echo "$curl_cv_header_malloc_h" >&6; } + if test "$curl_cv_header_malloc_h" = "yes"; then cat >>confdefs.h <<_ACEOF #define HAVE_MALLOC_H 1 @@ -27382,7 +27438,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for memory.h" >&5 $as_echo_n "checking for memory.h... " >&6; } -if ${ac_cv_header_memory_h+:} false; then : +if ${curl_cv_header_memory_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -27407,19 +27463,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_memory_h="yes" + curl_cv_header_memory_h="yes" else - ac_cv_header_memory_h="no" + curl_cv_header_memory_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_memory_h" >&5 -$as_echo "$ac_cv_header_memory_h" >&6; } - if test "$ac_cv_header_memory_h" = "yes"; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_memory_h" >&5 +$as_echo "$curl_cv_header_memory_h" >&6; } + if test "$curl_cv_header_memory_h" = "yes"; then cat >>confdefs.h <<_ACEOF #define HAVE_MEMORY_H 1 @@ -27792,7 +27848,7 @@ done { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timeval" >&5 $as_echo_n "checking for struct timeval... " >&6; } -if ${ac_cv_struct_timeval+:} false; then : +if ${curl_cv_struct_timeval+:} false; then : $as_echo_n "(cached) " >&6 else @@ -27845,19 +27901,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_struct_timeval="yes" + curl_cv_struct_timeval="yes" else - ac_cv_struct_timeval="no" + curl_cv_struct_timeval="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_timeval" >&5 -$as_echo "$ac_cv_struct_timeval" >&6; } - case "$ac_cv_struct_timeval" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_struct_timeval" >&5 +$as_echo "$curl_cv_struct_timeval" >&6; } + case "$curl_cv_struct_timeval" in yes) cat >>confdefs.h <<_ACEOF @@ -28116,7 +28172,7 @@ _ACEOF soname_bump=no -if test x"$ac_cv_native_windows" != "xyes" && +if test x"$curl_cv_native_windows" != "xyes" && test $ac_cv_sizeof_off_t -ne $curl_sizeof_curl_off_t; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: This libcurl built is probably not ABI compatible with previous" >&5 $as_echo "$as_me: WARNING: This libcurl built is probably not ABI compatible with previous" >&2;} @@ -28221,7 +28277,7 @@ curl_includes_ws2tcpip="\ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for windows.h" >&5 $as_echo_n "checking for windows.h... " >&6; } -if ${ac_cv_header_windows_h+:} false; then : +if ${curl_cv_header_windows_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -28251,19 +28307,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_windows_h="yes" + curl_cv_header_windows_h="yes" else - ac_cv_header_windows_h="no" + curl_cv_header_windows_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_windows_h" >&5 -$as_echo "$ac_cv_header_windows_h" >&6; } - case "$ac_cv_header_windows_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_windows_h" >&5 +$as_echo "$curl_cv_header_windows_h" >&6; } + case "$curl_cv_header_windows_h" in yes) cat >>confdefs.h <<_ACEOF @@ -28281,7 +28337,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for winsock2.h" >&5 $as_echo_n "checking for winsock2.h... " >&6; } -if ${ac_cv_header_winsock2_h+:} false; then : +if ${curl_cv_header_winsock2_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -28312,19 +28368,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_winsock2_h="yes" + curl_cv_header_winsock2_h="yes" else - ac_cv_header_winsock2_h="no" + curl_cv_header_winsock2_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_winsock2_h" >&5 -$as_echo "$ac_cv_header_winsock2_h" >&6; } - case "$ac_cv_header_winsock2_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_winsock2_h" >&5 +$as_echo "$curl_cv_header_winsock2_h" >&6; } + case "$curl_cv_header_winsock2_h" in yes) cat >>confdefs.h <<_ACEOF @@ -28337,7 +28393,7 @@ _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ws2tcpip.h" >&5 $as_echo_n "checking for ws2tcpip.h... " >&6; } -if ${ac_cv_header_ws2tcpip_h+:} false; then : +if ${curl_cv_header_ws2tcpip_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -28369,19 +28425,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_ws2tcpip_h="yes" + curl_cv_header_ws2tcpip_h="yes" else - ac_cv_header_ws2tcpip_h="no" + curl_cv_header_ws2tcpip_h="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_ws2tcpip_h" >&5 -$as_echo "$ac_cv_header_ws2tcpip_h" >&6; } - case "$ac_cv_header_ws2tcpip_h" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_header_ws2tcpip_h" >&5 +$as_echo "$curl_cv_header_ws2tcpip_h" >&6; } + case "$curl_cv_header_ws2tcpip_h" in yes) cat >>confdefs.h <<_ACEOF @@ -28506,7 +28562,7 @@ $as_echo "$curl_typeof_curl_socklen_t" >&6; } $as_echo_n "checking size of curl_socklen_t... " >&6; } curl_sizeof_curl_socklen_t="unknown" curl_pull_headers_socklen_t="unknown" - if test "$ac_cv_header_ws2tcpip_h" = "yes"; then + if test "$curl_cv_header_ws2tcpip_h" = "yes"; then tst_pull_header_checks='none ws2tcpip' tst_size_checks='4' else @@ -28884,19 +28940,19 @@ if ac_fn_c_try_link "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_sig_atomic_t_volatile="no" + curl_cv_sig_atomic_t_volatile="no" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } - ac_cv_sig_atomic_t_volatile="yes" + curl_cv_sig_atomic_t_volatile="yes" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext # - if test "$ac_cv_sig_atomic_t_volatile" = "yes"; then + if test "$curl_cv_sig_atomic_t_volatile" = "yes"; then $as_echo "#define HAVE_SIG_ATOMIC_T_VOLATILE 1" >>confdefs.h @@ -29190,7 +29246,7 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SELECT 1 _ACEOF - ac_cv_func_select="yes" + curl_cv_func_select="yes" fi fi @@ -29377,7 +29433,7 @@ cat >>confdefs.h <<_ACEOF #define HAVE_RECV 1 _ACEOF - ac_cv_func_recv="yes" + curl_cv_func_recv="yes" fi else as_fn_error $? "Unable to link function recv" "$LINENO" 5 @@ -29601,7 +29657,7 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SEND 1 _ACEOF - ac_cv_func_send="yes" + curl_cv_func_send="yes" fi else as_fn_error $? "Unable to link function send" "$LINENO" 5 @@ -29623,7 +29679,7 @@ done { $as_echo "$as_me:${as_lineno-$LINENO}: checking for MSG_NOSIGNAL" >&5 $as_echo_n "checking for MSG_NOSIGNAL... " >&6; } -if ${ac_cv_msg_nosignal+:} false; then : +if ${curl_cv_msg_nosignal+:} false; then : $as_echo_n "(cached) " >&6 else @@ -29665,19 +29721,19 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_msg_nosignal="yes" + curl_cv_msg_nosignal="yes" else - ac_cv_msg_nosignal="no" + curl_cv_msg_nosignal="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_msg_nosignal" >&5 -$as_echo "$ac_cv_msg_nosignal" >&6; } - case "$ac_cv_msg_nosignal" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_msg_nosignal" >&5 +$as_echo "$curl_cv_msg_nosignal" >&6; } + case "$curl_cv_msg_nosignal" in yes) cat >>confdefs.h <<_ACEOF @@ -29855,11 +29911,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_ALARM 1 _ACEOF - ac_cv_func_alarm="yes" + curl_cv_func_alarm="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_alarm="no" + curl_cv_func_alarm="no" fi @@ -30061,11 +30117,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_BASENAME 1 _ACEOF - ac_cv_func_basename="yes" + curl_cv_func_basename="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_basename="no" + curl_cv_func_basename="no" fi @@ -30228,11 +30284,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_CLOSESOCKET 1 _ACEOF - ac_cv_func_closesocket="yes" + curl_cv_func_closesocket="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_closesocket="no" + curl_cv_func_closesocket="no" fi @@ -30367,11 +30423,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_CLOSESOCKET_CAMEL 1 _ACEOF - ac_cv_func_closesocket_camel="yes" + curl_cv_func_closesocket_camel="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_closesocket_camel="no" + curl_cv_func_closesocket_camel="no" fi @@ -30512,11 +30568,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_CONNECT 1 _ACEOF - ac_cv_func_connect="yes" + curl_cv_func_connect="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_connect="no" + curl_cv_func_connect="no" fi @@ -30689,7 +30745,7 @@ cat >>confdefs.h <<_ACEOF #define HAVE_FCNTL 1 _ACEOF - ac_cv_func_fcntl="yes" + curl_cv_func_fcntl="yes" # tst_compi_fcntl_o_nonblock="unknown" @@ -30701,7 +30757,7 @@ _ACEOF ;; esac # - if test "$ac_cv_func_fcntl" = "yes"; then + if test "$curl_cv_func_fcntl" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if fcntl O_NONBLOCK is compilable" >&5 $as_echo_n "checking if fcntl O_NONBLOCK is compilable... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -30763,17 +30819,17 @@ cat >>confdefs.h <<_ACEOF #define HAVE_FCNTL_O_NONBLOCK 1 _ACEOF - ac_cv_func_fcntl_o_nonblock="yes" + curl_cv_func_fcntl_o_nonblock="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_fcntl_o_nonblock="no" + curl_cv_func_fcntl_o_nonblock="no" fi else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_fcntl="no" + curl_cv_func_fcntl="no" fi @@ -30943,11 +30999,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_FDOPEN 1 _ACEOF - ac_cv_func_fdopen="yes" + curl_cv_func_fdopen="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_fdopen="no" + curl_cv_func_fdopen="no" fi @@ -31111,11 +31167,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_FREEADDRINFO 1 _ACEOF - ac_cv_func_freeaddrinfo="yes" + curl_cv_func_freeaddrinfo="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_freeaddrinfo="no" + curl_cv_func_freeaddrinfo="no" fi @@ -31290,11 +31346,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_FREEIFADDRS 1 _ACEOF - ac_cv_func_freeifaddrs="yes" + curl_cv_func_freeifaddrs="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_freeifaddrs="no" + curl_cv_func_freeifaddrs="no" fi @@ -31524,11 +31580,11 @@ $as_echo "#define HAVE_FSETXATTR_6 1" >>confdefs.h fi # - ac_cv_func_fsetxattr="yes" + curl_cv_func_fsetxattr="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_fsetxattr="no" + curl_cv_func_fsetxattr="no" fi @@ -31673,11 +31729,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_FTRUNCATE 1 _ACEOF - ac_cv_func_ftruncate="yes" + curl_cv_func_ftruncate="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_ftruncate="no" + curl_cv_func_ftruncate="no" fi @@ -31914,15 +31970,15 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GETADDRINFO 1 _ACEOF - ac_cv_func_getaddrinfo="yes" + curl_cv_func_getaddrinfo="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_getaddrinfo="no" - ac_cv_func_getaddrinfo_threadsafe="no" + curl_cv_func_getaddrinfo="no" + curl_cv_func_getaddrinfo_threadsafe="no" fi # - if test "$ac_cv_func_getaddrinfo" = "yes"; then + if test "$curl_cv_func_getaddrinfo" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if getaddrinfo is threadsafe" >&5 $as_echo_n "checking if getaddrinfo is threadsafe... " >&6; } case $host_os in @@ -31964,7 +32020,7 @@ $as_echo_n "checking if getaddrinfo is threadsafe... " >&6; } ;; esac if test "$tst_tsafe_getaddrinfo" = "unknown" && - test "$ac_cv_native_windows" = "yes"; then + test "$curl_cv_native_windows" = "yes"; then tst_tsafe_getaddrinfo="yes" fi if test "$tst_tsafe_getaddrinfo" = "unknown"; then @@ -32087,9 +32143,9 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GETADDRINFO_THREADSAFE 1 _ACEOF - ac_cv_func_getaddrinfo_threadsafe="yes" + curl_cv_func_getaddrinfo_threadsafe="yes" else - ac_cv_func_getaddrinfo_threadsafe="no" + curl_cv_func_getaddrinfo_threadsafe="no" fi fi @@ -32228,11 +32284,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GAI_STRERROR 1 _ACEOF - ac_cv_func_gai_strerror="yes" + curl_cv_func_gai_strerror="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_gai_strerror="no" + curl_cv_func_gai_strerror="no" fi @@ -32370,11 +32426,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GETHOSTBYADDR 1 _ACEOF - ac_cv_func_gethostbyaddr="yes" + curl_cv_func_gethostbyaddr="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_gethostbyaddr="no" + curl_cv_func_gethostbyaddr="no" fi @@ -32619,11 +32675,11 @@ $as_echo "#define HAVE_GETHOSTBYADDR_R_8 1" >>confdefs.h fi # - ac_cv_func_gethostbyaddr_r="yes" + curl_cv_func_gethostbyaddr_r="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_gethostbyaddr_r="no" + curl_cv_func_gethostbyaddr_r="no" fi @@ -32761,11 +32817,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GETHOSTBYNAME 1 _ACEOF - ac_cv_func_gethostbyname="yes" + curl_cv_func_gethostbyname="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_gethostbyname="no" + curl_cv_func_gethostbyname="no" fi @@ -33010,11 +33066,11 @@ $as_echo "#define HAVE_GETHOSTBYNAME_R_6 1" >>confdefs.h fi # - ac_cv_func_gethostbyname_r="yes" + curl_cv_func_gethostbyname_r="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_gethostbyname_r="no" + curl_cv_func_gethostbyname_r="no" fi @@ -33199,11 +33255,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GETHOSTNAME 1 _ACEOF - ac_cv_func_gethostname="yes" + curl_cv_func_gethostname="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_gethostname="no" + curl_cv_func_gethostname="no" fi @@ -33404,11 +33460,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GETIFADDRS 1 _ACEOF - ac_cv_func_getifaddrs="yes" + curl_cv_func_getifaddrs="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_getifaddrs="no" + curl_cv_func_getifaddrs="no" fi @@ -33652,11 +33708,11 @@ $as_echo "#define GETSERVBYPORT_R_BUFSIZE sizeof(struct servent_data)" >>confdef $as_echo "#define GETSERVBYPORT_R_BUFSIZE 4096" >>confdefs.h fi - ac_cv_func_getservbyport_r="yes" + curl_cv_func_getservbyport_r="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_getservbyport_r="no" + curl_cv_func_getservbyport_r="no" fi @@ -33889,11 +33945,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GMTIME_R 1 _ACEOF - ac_cv_func_gmtime_r="yes" + curl_cv_func_gmtime_r="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_gmtime_r="no" + curl_cv_func_gmtime_r="no" fi @@ -34135,11 +34191,11 @@ $as_echo "#define HAVE_INET_NTOA_R_3 1" >>confdefs.h fi # - ac_cv_func_inet_ntoa_r="yes" + curl_cv_func_inet_ntoa_r="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_inet_ntoa_r="no" + curl_cv_func_inet_ntoa_r="no" fi @@ -34382,11 +34438,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_INET_NTOP 1 _ACEOF - ac_cv_func_inet_ntop="yes" + curl_cv_func_inet_ntop="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_inet_ntop="no" + curl_cv_func_inet_ntop="no" fi @@ -34622,11 +34678,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_INET_PTON 1 _ACEOF - ac_cv_func_inet_pton="yes" + curl_cv_func_inet_pton="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_inet_pton="no" + curl_cv_func_inet_pton="no" fi @@ -34805,13 +34861,13 @@ cat >>confdefs.h <<_ACEOF #define HAVE_IOCTL 1 _ACEOF - ac_cv_func_ioctl="yes" + curl_cv_func_ioctl="yes" # tst_compi_ioctl_fionbio="unknown" tst_allow_ioctl_fionbio="unknown" # - if test "$ac_cv_func_ioctl" = "yes"; then + if test "$curl_cv_func_ioctl" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if ioctl FIONBIO is compilable" >&5 $as_echo_n "checking if ioctl FIONBIO is compilable... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -34873,11 +34929,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_IOCTL_FIONBIO 1 _ACEOF - ac_cv_func_ioctl_fionbio="yes" + curl_cv_func_ioctl_fionbio="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_ioctl_fionbio="no" + curl_cv_func_ioctl_fionbio="no" fi @@ -34885,7 +34941,7 @@ $as_echo "no" >&6; } tst_compi_ioctl_siocgifaddr="unknown" tst_allow_ioctl_siocgifaddr="unknown" # - if test "$ac_cv_func_ioctl" = "yes"; then + if test "$curl_cv_func_ioctl" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if ioctl SIOCGIFADDR is compilable" >&5 $as_echo_n "checking if ioctl SIOCGIFADDR is compilable... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -34948,17 +35004,17 @@ cat >>confdefs.h <<_ACEOF #define HAVE_IOCTL_SIOCGIFADDR 1 _ACEOF - ac_cv_func_ioctl_siocgifaddr="yes" + curl_cv_func_ioctl_siocgifaddr="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_ioctl_siocgifaddr="no" + curl_cv_func_ioctl_siocgifaddr="no" fi else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_ioctl="no" + curl_cv_func_ioctl="no" fi @@ -35093,13 +35149,13 @@ cat >>confdefs.h <<_ACEOF #define HAVE_IOCTLSOCKET 1 _ACEOF - ac_cv_func_ioctlsocket="yes" + curl_cv_func_ioctlsocket="yes" # tst_compi_ioctlsocket_fionbio="unknown" tst_allow_ioctlsocket_fionbio="unknown" # - if test "$ac_cv_func_ioctlsocket" = "yes"; then + if test "$curl_cv_func_ioctlsocket" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if ioctlsocket FIONBIO is compilable" >&5 $as_echo_n "checking if ioctlsocket FIONBIO is compilable... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -35161,17 +35217,17 @@ cat >>confdefs.h <<_ACEOF #define HAVE_IOCTLSOCKET_FIONBIO 1 _ACEOF - ac_cv_func_ioctlsocket_fionbio="yes" + curl_cv_func_ioctlsocket_fionbio="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_ioctlsocket_fionbio="no" + curl_cv_func_ioctlsocket_fionbio="no" fi else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_ioctlsocket="no" + curl_cv_func_ioctlsocket="no" fi @@ -35316,13 +35372,13 @@ cat >>confdefs.h <<_ACEOF #define HAVE_IOCTLSOCKET_CAMEL 1 _ACEOF - ac_cv_func_ioctlsocket_camel="yes" + curl_cv_func_ioctlsocket_camel="yes" # tst_compi_ioctlsocket_camel_fionbio="unknown" tst_allow_ioctlsocket_camel_fionbio="unknown" # - if test "$ac_cv_func_ioctlsocket_camel" = "yes"; then + if test "$curl_cv_func_ioctlsocket_camel" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if IoctlSocket FIONBIO is compilable" >&5 $as_echo_n "checking if IoctlSocket FIONBIO is compilable... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -35384,17 +35440,17 @@ cat >>confdefs.h <<_ACEOF #define HAVE_IOCTLSOCKET_CAMEL_FIONBIO 1 _ACEOF - ac_cv_func_ioctlsocket_camel_fionbio="yes" + curl_cv_func_ioctlsocket_camel_fionbio="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_ioctlsocket_camel_fionbio="no" + curl_cv_func_ioctlsocket_camel_fionbio="no" fi else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_ioctlsocket_camel="no" + curl_cv_func_ioctlsocket_camel="no" fi @@ -35595,11 +35651,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_LOCALTIME_R 1 _ACEOF - ac_cv_func_localtime_r="yes" + curl_cv_func_localtime_r="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_localtime_r="no" + curl_cv_func_localtime_r="no" fi @@ -35783,11 +35839,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_MEMRCHR 1 _ACEOF - ac_cv_func_memrchr="yes" + curl_cv_func_memrchr="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_memrchr="no" + curl_cv_func_memrchr="no" fi @@ -35985,11 +36041,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_POLL_FINE 1 _ACEOF - ac_cv_func_poll="yes" + curl_cv_func_poll="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_poll="no" + curl_cv_func_poll="no" fi @@ -36127,13 +36183,13 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SETSOCKOPT 1 _ACEOF - ac_cv_func_setsockopt="yes" + curl_cv_func_setsockopt="yes" # tst_compi_setsockopt_so_nonblock="unknown" tst_allow_setsockopt_so_nonblock="unknown" # - if test "$ac_cv_func_setsockopt" = "yes"; then + if test "$curl_cv_func_setsockopt" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking if setsockopt SO_NONBLOCK is compilable" >&5 $as_echo_n "checking if setsockopt SO_NONBLOCK is compilable... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -36195,17 +36251,17 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SETSOCKOPT_SO_NONBLOCK 1 _ACEOF - ac_cv_func_setsockopt_so_nonblock="yes" + curl_cv_func_setsockopt_so_nonblock="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_setsockopt_so_nonblock="no" + curl_cv_func_setsockopt_so_nonblock="no" fi else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_setsockopt="no" + curl_cv_func_setsockopt="no" fi @@ -36375,11 +36431,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SIGACTION 1 _ACEOF - ac_cv_func_sigaction="yes" + curl_cv_func_sigaction="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_sigaction="no" + curl_cv_func_sigaction="no" fi @@ -36524,11 +36580,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SIGINTERRUPT 1 _ACEOF - ac_cv_func_siginterrupt="yes" + curl_cv_func_siginterrupt="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_siginterrupt="no" + curl_cv_func_siginterrupt="no" fi @@ -36673,11 +36729,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SIGNAL 1 _ACEOF - ac_cv_func_signal="yes" + curl_cv_func_signal="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_signal="no" + curl_cv_func_signal="no" fi @@ -36888,11 +36944,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SIGSETJMP 1 _ACEOF - ac_cv_func_sigsetjmp="yes" + curl_cv_func_sigsetjmp="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_sigsetjmp="no" + curl_cv_func_sigsetjmp="no" fi @@ -37033,11 +37089,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SOCKET 1 _ACEOF - ac_cv_func_socket="yes" + curl_cv_func_socket="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_socket="no" + curl_cv_func_socket="no" fi @@ -37185,11 +37241,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_SOCKETPAIR 1 _ACEOF - ac_cv_func_socketpair="yes" + curl_cv_func_socketpair="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_socketpair="no" + curl_cv_func_socketpair="no" fi @@ -37334,11 +37390,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRCASECMP 1 _ACEOF - ac_cv_func_strcasecmp="yes" + curl_cv_func_strcasecmp="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strcasecmp="no" + curl_cv_func_strcasecmp="no" fi @@ -37483,11 +37539,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRCMPI 1 _ACEOF - ac_cv_func_strcmpi="yes" + curl_cv_func_strcmpi="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strcmpi="no" + curl_cv_func_strcmpi="no" fi @@ -37632,11 +37688,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRDUP 1 _ACEOF - ac_cv_func_strdup="yes" + curl_cv_func_strdup="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strdup="no" + curl_cv_func_strdup="no" fi @@ -38037,11 +38093,11 @@ cat >>confdefs.h <<_ACEOF _ACEOF fi - ac_cv_func_strerror_r="yes" + curl_cv_func_strerror_r="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strerror_r="no" + curl_cv_func_strerror_r="no" fi # if test "$tst_compi_strerror_r" = "yes" && @@ -38193,11 +38249,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRICMP 1 _ACEOF - ac_cv_func_stricmp="yes" + curl_cv_func_stricmp="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_stricmp="no" + curl_cv_func_stricmp="no" fi @@ -38342,11 +38398,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRNCASECMP 1 _ACEOF - ac_cv_func_strncasecmp="yes" + curl_cv_func_strncasecmp="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strncasecmp="no" + curl_cv_func_strncasecmp="no" fi @@ -38491,11 +38547,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRNCMPI 1 _ACEOF - ac_cv_func_strncmpi="yes" + curl_cv_func_strncmpi="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strncmpi="no" + curl_cv_func_strncmpi="no" fi @@ -38640,11 +38696,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRNICMP 1 _ACEOF - ac_cv_func_strnicmp="yes" + curl_cv_func_strnicmp="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strnicmp="no" + curl_cv_func_strnicmp="no" fi @@ -38789,11 +38845,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRSTR 1 _ACEOF - ac_cv_func_strstr="yes" + curl_cv_func_strstr="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strstr="no" + curl_cv_func_strstr="no" fi @@ -38938,11 +38994,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRTOK_R 1 _ACEOF - ac_cv_func_strtok_r="yes" + curl_cv_func_strtok_r="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strtok_r="no" + curl_cv_func_strtok_r="no" fi @@ -39087,11 +39143,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_STRTOLL 1 _ACEOF - ac_cv_func_strtoll="yes" + curl_cv_func_strtoll="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_strtoll="no" + curl_cv_func_strtoll="no" fi @@ -39261,11 +39317,11 @@ cat >>confdefs.h <<_ACEOF #define HAVE_WRITEV 1 _ACEOF - ac_cv_func_writev="yes" + curl_cv_func_writev="yes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } - ac_cv_func_writev="no" + curl_cv_func_writev="no" fi @@ -39660,13 +39716,13 @@ cat >>confdefs.h <<_ACEOF #define HAVE_GETNAMEINFO 1 _ACEOF - ac_cv_func_getnameinfo="yes" + curl_cv_func_getnameinfo="yes" fi fi if test "$ipv6" = "yes"; then - if test "$ac_cv_func_getaddrinfo" = "yes"; then + if test "$curl_cv_func_getaddrinfo" = "yes"; then $as_echo "#define ENABLE_IPV6 1" >>confdefs.h @@ -39691,7 +39747,7 @@ done # { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working NI_WITHSCOPEID" >&5 $as_echo_n "checking for working NI_WITHSCOPEID... " >&6; } -if ${ac_cv_working_ni_withscopeid+:} false; then : +if ${curl_cv_working_ni_withscopeid+:} false; then : $as_echo_n "(cached) " >&6 else @@ -39719,11 +39775,11 @@ int main (void) _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_working_ni_withscopeid="yes" + curl_cv_working_ni_withscopeid="yes" else - ac_cv_working_ni_withscopeid="no" + curl_cv_working_ni_withscopeid="no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext # AC-COMPILE-IFELSE @@ -39797,12 +39853,12 @@ _ACEOF if ac_fn_c_try_run "$LINENO"; then : # Exit code == 0. Program worked. - ac_cv_working_ni_withscopeid="yes" + curl_cv_working_ni_withscopeid="yes" else # Exit code != 0. Program failed. - ac_cv_working_ni_withscopeid="no" + curl_cv_working_ni_withscopeid="no" fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ @@ -39811,9 +39867,9 @@ fi # AC-RUN-IFELSE fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_working_ni_withscopeid" >&5 -$as_echo "$ac_cv_working_ni_withscopeid" >&6; } # AC-CACHE-CHECK - case "$ac_cv_working_ni_withscopeid" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_working_ni_withscopeid" >&5 +$as_echo "$curl_cv_working_ni_withscopeid" >&6; } # AC-CACHE-CHECK + case "$curl_cv_working_ni_withscopeid" in yes) $as_echo "#define HAVE_NI_WITHSCOPEID 1" >>confdefs.h @@ -39829,15 +39885,15 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to set a socket into non-blocking mode" >&5 $as_echo_n "checking how to set a socket into non-blocking mode... " >&6; } - if test "x$ac_cv_func_fcntl_o_nonblock" = "xyes"; then + if test "x$curl_cv_func_fcntl_o_nonblock" = "xyes"; then tst_method="fcntl O_NONBLOCK" - elif test "x$ac_cv_func_ioctl_fionbio" = "xyes"; then + elif test "x$curl_cv_func_ioctl_fionbio" = "xyes"; then tst_method="ioctl FIONBIO" - elif test "x$ac_cv_func_ioctlsocket_fionbio" = "xyes"; then + elif test "x$curl_cv_func_ioctlsocket_fionbio" = "xyes"; then tst_method="ioctlsocket FIONBIO" - elif test "x$ac_cv_func_ioctlsocket_camel_fionbio" = "xyes"; then + elif test "x$curl_cv_func_ioctlsocket_camel_fionbio" = "xyes"; then tst_method="IoctlSocket FIONBIO" - elif test "x$ac_cv_func_setsockopt_so_nonblock" = "xyes"; then + elif test "x$curl_cv_func_setsockopt_so_nonblock" = "xyes"; then tst_method="setsockopt SO_NONBLOCK" fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $tst_method" >&5 @@ -40091,7 +40147,7 @@ else fi -if test "x$ac_cv_native_windows" != "xyes" && +if test "x$curl_cv_native_windows" != "xyes" && test "x$enable_shared" = "xyes"; then build_libhostname=yes else @@ -40234,7 +40290,7 @@ $as_echo_n "checking whether to enable SSPI support (Windows native builds only) if test "${enable_sspi+set}" = set; then : enableval=$enable_sspi; case "$enableval" in yes) - if test "$ac_cv_native_windows" = "yes"; then + if test "$curl_cv_native_windows" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } @@ -40325,7 +40381,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable NTLM delegation to winbind's helper" >&5 $as_echo_n "checking whether to enable NTLM delegation to winbind's helper... " >&6; } - if test "$ac_cv_native_windows" = "yes" || + if test "$curl_cv_native_windows" = "yes" || test "x$SSL_ENABLED" = "x"; then want_ntlm_wb_file="" want_ntlm_wb="no" @@ -40454,7 +40510,7 @@ fi $as_echo_n "checking whether hiding of library internal symbols will actually happen... " >&6; } CFLAG_CURL_SYMBOL_HIDING="" doing_symbol_hiding="no" - if test x"$ac_cv_native_windows" != "xyes" && + if test x"$curl_cv_native_windows" != "xyes" && test "$want_symbol_hiding" = "yes" && test "$supports_symbol_hiding" = "yes"; then doing_symbol_hiding="yes" @@ -40581,8 +40637,8 @@ fi if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then if test "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \ - -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \ - -o "x$DARWINSSL_ENABLED" = "x1"; then + -o "x$GNUTLS_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ + -o "x$NSS_ENABLED" = "x1" -o "x$DARWINSSL_ENABLED" = "x1"; then SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM" if test "x$CURL_DISABLE_HTTP" != "x1" -a \ @@ -40653,8 +40709,8 @@ fi if test "x$CURL_DISABLE_SMB" != "x1" \ -a "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" \ -a \( "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \ - -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \ - -o "x$DARWINSSL_ENABLED" = "x1" \); then + -o "x$GNUTLS_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ + -o "x$NSS_ENABLED" = "x1" -o "x$DARWINSSL_ENABLED" = "x1" \); then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB" if test "x$SSL_ENABLED" = "x1"; then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMBS" @@ -42685,7 +42741,6 @@ $as_echo X"$file" | cat <<_LT_EOF >> "$cfgfile" #! $SHELL # Generated automatically by $as_me ($PACKAGE) $VERSION -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: # NOTE: Changes made to this file will be lost: look at ltmain.sh. # Provide generalized library-building support services. diff --git a/configure.ac b/configure.ac index b208d4d11..083e18c95 100644 --- a/configure.ac +++ b/configure.ac @@ -339,7 +339,7 @@ dnl ********************************************************************** CURL_CHECK_HEADER_WINDOWS CURL_CHECK_NATIVE_WINDOWS -case X-"$ac_cv_native_windows" in +case X-"$curl_cv_native_windows" in X-yes) CURL_CHECK_HEADER_WINSOCK CURL_CHECK_HEADER_WINSOCK2 @@ -348,11 +348,11 @@ case X-"$ac_cv_native_windows" in CURL_CHECK_HEADER_WINBER ;; *) - ac_cv_header_winsock_h="no" - ac_cv_header_winsock2_h="no" - ac_cv_header_ws2tcpip_h="no" - ac_cv_header_winldap_h="no" - ac_cv_header_winber_h="no" + curl_cv_header_winsock_h="no" + curl_cv_header_winsock2_h="no" + curl_cv_header_ws2tcpip_h="no" + curl_cv_header_winldap_h="no" + curl_cv_header_winber_h="no" ;; esac CURL_CHECK_WIN32_LARGEFILE @@ -742,8 +742,8 @@ fi if test "$HAVE_GETHOSTBYNAME" != "1" then dnl This is for winsock systems - if test "$ac_cv_header_windows_h" = "yes"; then - if test "$ac_cv_header_winsock_h" = "yes"; then + if test "$curl_cv_header_windows_h" = "yes"; then + if test "$curl_cv_header_winsock_h" = "yes"; then case $host in *-*-mingw32ce*) winsock_LIB="-lwinsock" @@ -753,7 +753,7 @@ then ;; esac fi - if test "$ac_cv_header_winsock2_h" = "yes"; then + if test "$curl_cv_header_winsock2_h" = "yes"; then winsock_LIB="-lws2_32" fi if test ! -z "$winsock_LIB"; then @@ -851,17 +851,6 @@ if test "$HAVE_GETHOSTBYNAME" != "1"; then AC_MSG_ERROR([couldn't find libraries for gethostbyname()]) fi -dnl resolve lib? -AC_CHECK_FUNC(strcasecmp, , [ AC_CHECK_LIB(resolve, strcasecmp) ]) - -if test "$ac_cv_lib_resolve_strcasecmp" = "$ac_cv_func_strcasecmp"; then - AC_CHECK_LIB(resolve, strcasecmp, - [LIBS="-lresolve $LIBS"], - , - -lnsl) -fi -ac_cv_func_strcasecmp="no" - CURL_CHECK_LIBS_CONNECT CURL_NETWORK_LIBS=$LIBS @@ -902,17 +891,30 @@ else OPT_ZLIB="" fi + CURL_CHECK_PKGCONFIG(zlib) + + if test "$PKGCONFIG" != "no" ; then + LIBS="`$PKGCONFIG --libs-only-l zlib` $LIBS" + LDFLAGS="`$PKGCONFIG --libs-only-L zlib` $LDFLAGS" + CPPFLAGS="`$PKGCONFIG --cflags-only-I zlib` $CPPFLAGS" + OPT_ZLIB="" + HAVE_LIBZ="1" + fi + if test -z "$OPT_ZLIB" ; then - dnl check for the lib first without setting any new path, since many - dnl people have it in the default path - AC_CHECK_LIB(z, inflateEnd, + if test -z "$HAVE_LIBZ"; then + + dnl Check for the lib without setting any new path, since many + dnl people have it in the default path + + AC_CHECK_LIB(z, inflateEnd, dnl libz found, set the variable [HAVE_LIBZ="1" LIBS="-lz $LIBS"], dnl if no lib found, try /usr/local [OPT_ZLIB="/usr/local"]) - + fi fi dnl Add a nonempty path to the compiler flags @@ -999,7 +1001,7 @@ if test x$CURL_DISABLE_LDAP != x1 ; then CURL_CHECK_HEADER_LDAP_SSL if test -z "$LDAPLIBNAME" ; then - if test "$ac_cv_native_windows" = "yes"; then + if test "$curl_cv_native_windows" = "yes"; then dnl Windows uses a single and unique LDAP library name LDAPLIBNAME="wldap32" LBERLIBNAME="no" @@ -1349,7 +1351,7 @@ AC_HELP_STRING([--without-winssl], [disable Windows native SSL/TLS]), AC_MSG_CHECKING([whether to enable Windows native SSL/TLS (Windows native builds only)]) if test "$curl_ssl_msg" = "$init_ssl_msg"; then if test "x$OPT_WINSSL" != "xno" && - test "x$ac_cv_native_windows" = "xyes"; then + test "x$curl_cv_native_windows" = "xyes"; then AC_MSG_RESULT(yes) AC_DEFINE(USE_SCHANNEL, 1, [to enable Windows native SSL/TLS support]) AC_SUBST(USE_SCHANNEL, [1]) @@ -1359,6 +1361,7 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support]) AC_SUBST(USE_WINDOWS_SSPI, [1]) curl_sspi_msg="enabled" + LIBS="-lcrypt32 $LIBS" else AC_MSG_RESULT(no) fi @@ -2206,10 +2209,13 @@ if test "$curl_ssl_msg" = "$init_ssl_msg"; then dnl Recent WolfSSL versions build without SSLv3 by default dnl WolfSSL needs configure --enable-opensslextra to have *get_peer* AC_CHECK_FUNCS(wolfSSLv3_client_method \ - wolfSSL_get_peer_certificate) + wolfSSL_CTX_UseSupportedCurve \ + wolfSSL_get_peer_certificate \ + wolfSSL_UseALPN) else dnl Cyassl needs configure --enable-opensslextra to have *get_peer* - AC_CHECK_FUNCS(CyaSSL_get_peer_certificate) + AC_CHECK_FUNCS(CyaSSL_CTX_UseSupportedCurve \ + CyaSSL_get_peer_certificate) fi if test -n "$cyassllib"; then @@ -3170,7 +3176,7 @@ AC_CHECK_SIZEOF(time_t) AC_CHECK_SIZEOF(off_t) soname_bump=no -if test x"$ac_cv_native_windows" != "xyes" && +if test x"$curl_cv_native_windows" != "xyes" && test $ac_cv_sizeof_off_t -ne $curl_sizeof_curl_off_t; then AC_MSG_WARN([This libcurl built is probably not ABI compatible with previous]) AC_MSG_WARN([builds! You MUST read lib/README.curl_off_t to figure it out.]) @@ -3338,7 +3344,7 @@ dnl and get the types of five of its arguments. CURL_CHECK_FUNC_GETNAMEINFO if test "$ipv6" = "yes"; then - if test "$ac_cv_func_getaddrinfo" = "yes"; then + if test "$curl_cv_func_getaddrinfo" = "yes"; then AC_DEFINE(ENABLE_IPV6, 1, [Define if you want to enable IPv6 support]) IPV6_ENABLED=1 AC_SUBST(IPV6_ENABLED) @@ -3405,7 +3411,7 @@ AM_CONDITIONAL(USE_MANUAL, test x"$USE_MANUAL" = x1) CURL_CHECK_LIB_ARES AM_CONDITIONAL(USE_EMBEDDED_ARES, test x$embedded_ares = xyes) -if test "x$ac_cv_native_windows" != "xyes" && +if test "x$curl_cv_native_windows" != "xyes" && test "x$enable_shared" = "xyes"; then build_libhostname=yes else @@ -3475,7 +3481,7 @@ AC_HELP_STRING([--enable-sspi],[Enable SSPI]) AC_HELP_STRING([--disable-sspi],[Disable SSPI]), [ case "$enableval" in yes) - if test "$ac_cv_native_windows" = "yes"; then + if test "$curl_cv_native_windows" = "yes"; then AC_MSG_RESULT(yes) AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support]) AC_SUBST(USE_WINDOWS_SSPI, [1]) @@ -3704,8 +3710,8 @@ fi if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then if test "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \ - -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \ - -o "x$DARWINSSL_ENABLED" = "x1"; then + -o "x$GNUTLS_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ + -o "x$NSS_ENABLED" = "x1" -o "x$DARWINSSL_ENABLED" = "x1"; then SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM" if test "x$CURL_DISABLE_HTTP" != "x1" -a \ @@ -3777,8 +3783,8 @@ fi if test "x$CURL_DISABLE_SMB" != "x1" \ -a "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" \ -a \( "x$OPENSSL_ENABLED" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \ - -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \ - -o "x$DARWINSSL_ENABLED" = "x1" \); then + -o "x$GNUTLS_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \ + -o "x$NSS_ENABLED" = "x1" -o "x$DARWINSSL_ENABLED" = "x1" \); then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMB" if test "x$SSL_ENABLED" = "x1"; then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS SMBS" diff --git a/docs/CHECKSRC.md b/docs/CHECKSRC.md new file mode 100644 index 000000000..591e066f6 --- /dev/null +++ b/docs/CHECKSRC.md @@ -0,0 +1,124 @@ +# checksrc + +This is the tool we use within the curl project to scan C source code and +check that it adheres to our [Source Code Style guide](CODE_STYLE.md). + +## Usage + + checksrc.pl [options] [file1] [file2] ... + +## Command line options + +`-W[file]` whitelists that file and excludes it from being checked. Helpful +when, for example, one of the files is generated. + +`-D[dir]` directory name to prepend to file names when accessing them. + +`-h` shows the help output, that also lists all recognized warnings + +## What does checksrc warn for? + +checksrc does not check and verify the code against the entire style guide, +but the script is instead an effort to detect the most common mistakes and +syntax mistakes that contributers make before they get accustomed to our code +style. Heck, many of us regulars do the mistakes too and this script helps us +keep the code in shape. + + checksrc.pl -h + +Lists how to use the script and it lists all existing warnings it has and +problems it detects. At the time of this writing, the existing checksrc +warnings are: + +- `BADCOMMAND`: There's a bad !checksrc! instruction in the code. See the + **Ignore certain warnings** section below for details. + +- `BANNEDFUNC`: A banned function was used. The funtions sprintf, vsprintf, + strcat, strncat, gets are **never** allowed in curl source code. + +- `BRACEELSE`: '} else' on the same line. The else is supposed to be on the + following line. + +- `BRACEPOS`: wrong position for an open brace (`{`). + +- `COMMANOSPACE`: a comma without following space + +- `COPYRIGHT`: the file is missing a copyright statement! + +- `CPPCOMMENTS`: `//` comment detected, that's not C89 compliant + +- `FOPENMODE`: `fopen()` needs a macro for the mode string, use it + +- `INDENTATION`: detected a wrong start column for code. Note that this warning + only checks some specific places and will certainly miss many bad + indentations. + +- `LONGLINE`: A line is longer than 79 columns. + +- `PARENBRACE`: `){` was used without sufficient space in between. + +- `RETURNNOSPACE`: `return` was used without space between the keyword and the + following value. + +- `SPACEAFTERPAREN`: there was a space after open parenthesis, `( text`. + +- `SPACEBEFORECLOSE`: there was a space before a close parenthesis, `text )`. + +- `SPACEBEFORECOMMA`: there was a space before a comma, `one , two`. + +- `SPACEBEFOREPAREN`: there was a space before an open parenthesis, `if (`, + where one was not expected + +- `SPACESEMILCOLON`: there was a space before semicolon, ` ;`. + +- `TABS`: TAB characters are not allowed! + +- `TRAILINGSPACE`: Trailing white space on the line + +- `UNUSEDIGNORE`: a checksrc inlined warning ignore was asked for but not used, + that's an ignore that should be removed or changed to get used. + +## Ignore certain warnings + +Due to the nature of the source code and the flaws of the checksrc tool, there +is sometimes a need to ignore specific warnings. checksrc allows a few +different ways to do this. + +### Inline ignore + +You can control what to ignore within a specific source file by providing +instructions to checksrc in the source code itself. You need a magic marker +that is `!checksrc!` followed by the instruction. The instruction can ask to +ignore a specific warning N number of times or you ignore all of them until +you mark the end of the ignored section. + +Inline ignores are only done for that single specific source code file. + +Example + + /* !checksrc! disable LONGLINE all */ + +This will ignore the warning for overly long lines until it is re-enabled with: + + /* !checksrc! enable LONGLINE */ + +If the enabling isn't performed before the end of the file, it will be enabled +automatically for the next file. + +You can also opt to ignore just N violations so that if you have a single long +line you just can't shorten and is agreed to be fine anyway: + + /* !checksrc! disable LONGLINE 1 */ + +... and the warning for long lines will be enabled again automatically after +it has ignored that single warning. The number `1` can of course be changed to +any other integer number. It can be used to make sure only the exact intended +instances are ignored and nothing extra. + +### Directory wide ignore patterns + +This is a method we've transitioned away from. Use inline ignores as far as +possible. + +Make a `checksrc.whitelist` file in the directory of the source code with the +false positive, and include the full offending line into this file. diff --git a/docs/CODE_STYLE.md b/docs/CODE_STYLE.md index 033a33bce..73a4d94b7 100644 --- a/docs/CODE_STYLE.md +++ b/docs/CODE_STYLE.md @@ -160,6 +160,7 @@ Examples: ptr = &address; contents = *pointer; complement = ~bits; + empty = (!*string) ? TRUE : FALSE; ## Platform dependent code diff --git a/docs/CONTRIBUTE b/docs/CONTRIBUTE deleted file mode 100644 index 9e84175ba..000000000 --- a/docs/CONTRIBUTE +++ /dev/null @@ -1,261 +0,0 @@ - _ _ ____ _ - ___| | | | _ \| | - / __| | | | |_) | | - | (__| |_| | _ <| |___ - \___|\___/|_| \_\_____| - - When Contributing Source Code - - This document is intended to offer guidelines that can be useful to keep in - mind when you decide to contribute to the project. This concerns new features - as well as corrections to existing flaws or bugs. - - 1. Learning cURL - 1.1 Join the Community - 1.2 License - 1.3 What To Read - - 2. Write a good patch - 2.1 Follow code style - 2.2 Non-clobbering All Over - 2.3 Write Separate Patches - 2.4 Patch Against Recent Sources - 2.5 Document - 2.6 Test Cases - - 3. Pushing Out Your Changes - 3.1 Write Access to git Repository - 3.2 How To Make a Patch with git - 3.3 How To Make a Patch without git - 3.4 How to get your changes into the main sources - 3.5 Write good commit messages - 3.6 About pull requests - -============================================================================== - -1. Learning cURL - -1.1 Join the Community - - Skip over to https://curl.haxx.se/mail/ and join the appropriate mailing - list(s). Read up on details before you post questions. Read this file before - you start sending patches! We prefer patches and discussions being held on - the mailing list(s), not sent to individuals. - - Before posting to one of the curl mailing lists, please read up on the mailing - list etiquette: https://curl.haxx.se/mail/etiquette.html - - We also hang out on IRC in #curl on irc.freenode.net - - If you're at all interested in the code side of things, consider clicking - 'watch' on the curl repo at github to get notified on pull requests and new - issues posted there. - -1.2. License - - When contributing with code, you agree to put your changes and new code under - the same license curl and libcurl is already using unless stated and agreed - otherwise. - - If you add a larger piece of code, you can opt to make that file or set of - files to use a different license as long as they don't enforce any changes to - the rest of the package and they make sense. Such "separate parts" can not be - GPL licensed (as we don't want copyleft to affect users of libcurl) but they - must use "GPL compatible" licenses (as we want to allow users to use libcurl - properly in GPL licensed environments). - - When changing existing source code, you do not alter the copyright of the - original file(s). The copyright will still be owned by the original - creator(s) or those who have been assigned copyright by the original - author(s). - - By submitting a patch to the curl project, you are assumed to have the right - to the code and to be allowed by your employer or whatever to hand over that - patch/code to us. We will credit you for your changes as far as possible, to - give credit but also to keep a trace back to who made what changes. Please - always provide us with your full real name when contributing! - -1.3 What To Read - - Source code, the man pages, the INTERNALS document, TODO, KNOWN_BUGS and the - most recent changes in the git log. Just lurking on the curl-library mailing - list is gonna give you a lot of insights on what's going on right now. Asking - there is a good idea too. - -2. Write a good patch - -2.1 Follow code style - - When writing C code, follow the CODE_STYLE already established in the - project. Consistent style makes code easier to read and mistakes less likely - to happen. - -2.2 Non-clobbering All Over - - When you write new functionality or fix bugs, it is important that you don't - fiddle all over the source files and functions. Remember that it is likely - that other people have done changes in the same source files as you have and - possibly even in the same functions. If you bring completely new - functionality, try writing it in a new source file. If you fix bugs, try to - fix one bug at a time and send them as separate patches. - -2.3 Write Separate Patches - - It is annoying when you get a huge patch from someone that is said to fix 511 - odd problems, but discussions and opinions don't agree with 510 of them - or - 509 of them were already fixed in a different way. Then the patcher needs to - extract the single interesting patch from somewhere within the huge pile of - source, and that gives a lot of extra work. Preferably, all fixes that - correct different problems should be in their own patch with an attached - description exactly what they correct so that all patches can be selectively - applied by the maintainer or other interested parties. - - Also, separate patches enable bisecting much better when we track problems in - the future. - -2.4 Patch Against Recent Sources - - Please try to get the latest available sources to make your patches - against. It makes the life of the developers so much easier. The very best is - if you get the most up-to-date sources from the git repository, but the - latest release archive is quite OK as well! - -2.5 Document - - Writing docs is dead boring and one of the big problems with many open source - projects. Someone's gotta do it. It makes it a lot easier if you submit a - small description of your fix or your new features with every contribution so - that it can be swiftly added to the package documentation. - - The documentation is always made in man pages (nroff formatted) or plain - ASCII files. All HTML files on the web site and in the release archives are - generated from the nroff/ASCII versions. - -2.6 Test Cases - - Since the introduction of the test suite, we can quickly verify that the main - features are working as they're supposed to. To maintain this situation and - improve it, all new features and functions that are added need to be tested - in the test suite. Every feature that is added should get at least one valid - test case that verifies that it works as documented. If every submitter also - posts a few test cases, it won't end up as a heavy burden on a single person! - - If you don't have test cases or perhaps you have done something that is very - hard to write tests for, do explain exactly how you have otherwise tested and - verified your changes. - -3. Pushing Out Your Changes - -3.1 Write Access to git Repository - - If you are a frequent contributor, or have another good reason, you can of - course get write access to the git repository and then you'll be able to push - your changes straight into the git repo instead of sending changes by mail as - patches. Just ask if this is what you'd want. You will be required to have - posted a few quality patches first, before you can be granted push access. - -3.2 How To Make a Patch with git - - You need to first checkout the repository: - - git clone https://github.com/curl/curl.git - - You then proceed and edit all the files you like and you commit them to your - local repository: - - git commit [file] - - As usual, group your commits so that you commit all changes that at once that - constitutes a logical change. See also section "3.5 Write good commit - messages". - - Once you have done all your commits and you're happy with what you see, you - can make patches out of your changes that are suitable for mailing: - - git format-patch remotes/origin/master - - This creates files in your local directory named NNNN-[name].patch for each - commit. - - Now send those patches off to the curl-library list. You can of course opt to - do that with the 'git send-email' command. - -3.3 How To Make a Patch without git - - Keep a copy of the unmodified curl sources. Make your changes in a separate - source tree. When you think you have something that you want to offer the - curl community, use GNU diff to generate patches. - - If you have modified a single file, try something like: - - diff -u unmodified-file.c my-changed-one.c > my-fixes.diff - - If you have modified several files, possibly in different directories, you - can use diff recursively: - - diff -ur curl-original-dir curl-modified-sources-dir > my-fixes.diff - - The GNU diff and GNU patch tools exist for virtually all platforms, including - all kinds of Unixes and Windows: - - For unix-like operating systems: - - https://savannah.gnu.org/projects/patch/ - https://www.gnu.org/software/diffutils/ - - For Windows: - - http://gnuwin32.sourceforge.net/packages/patch.htm - http://gnuwin32.sourceforge.net/packages/diffutils.htm - -3.4 How to get your changes into the main sources - - Submit your patch to the curl-library mailing list. - - Make the patch against as recent sources as possible. - - Make sure your patch adheres to the source indent and coding style of already - existing source code. Failing to do so just adds more work for me. - - Respond to replies on the list about the patch and answer questions and/or - fix nits/flaws. This is very important. I will take lack of replies as a sign - that you're not very anxious to get your patch accepted and I tend to simply - drop such patches from my TODO list. - - If you've followed the above paragraphs and your patch still hasn't been - incorporated after some weeks, consider resubmitting it to the list. - -3.5 Write good commit messages - - A short guide to how to do fine commit messages in the curl project. - - ---- start ---- - [area]: [short line describing the main effect] - - [separate the above single line from the rest with an empty line] - - [full description, no wider than 72 columns that describe as much as - possible as to why this change is made, and possibly what things - it fixes and everything else that is related] - - [Bug: link to source of the report or more related discussion] - [Reported-by: John Doe - credit the reporter] - [whatever-else-by: credit all helpers, finders, doers] - ---- stop ---- - - Don't forget to use commit --author="" if you commit someone else's work, - and make sure that you have your own user and email setup correctly in git - before you commit - -3.6 About pull requests - - With git (and especially github) it is easy and tempting to send a pull - request to the curl project to have changes merged this way instead of - mailing patches to the curl-library mailing list. - - We used to dislike this but we're trying to change that and accept that this - is a frictionless way for people to contribute to the project. We now welcome - pull requests! - - We will continue to avoid using github's merge tools to make the history - linear and to make sure commits follow our style guidelines. diff --git a/docs/CONTRIBUTE.md b/docs/CONTRIBUTE.md new file mode 100644 index 000000000..cbda0c046 --- /dev/null +++ b/docs/CONTRIBUTE.md @@ -0,0 +1,247 @@ +# Contributing to the curl project + +This document is intended to offer guidelines on how to best contribute to the +curl project. This concerns new features as well as corrections to existing +flaws or bugs. + +## Learning cURL + +### Join the Community + +Skip over to [https://curl.haxx.se/mail/](https://curl.haxx.se/mail/) and join +the appropriate mailing list(s). Read up on details before you post +questions. Read this file before you start sending patches! We prefer +questions sent to and discussions being held on the mailing list(s), not sent +to individuals. + +Before posting to one of the curl mailing lists, please read up on the +[mailing list etiquette](https://curl.haxx.se/mail/etiquette.html). + +We also hang out on IRC in #curl on irc.freenode.net + +If you're at all interested in the code side of things, consider clicking +'watch' on the [curl repo on github](https://github.com/curl/curl) to get +notified on pull requests and new issues posted there. + +### License and copyright + +When contributing with code, you agree to put your changes and new code under +the same license curl and libcurl is already using unless stated and agreed +otherwise. + +If you add a larger piece of code, you can opt to make that file or set of +files to use a different license as long as they don't enforce any changes to +the rest of the package and they make sense. Such "separate parts" can not be +GPL licensed (as we don't want copyleft to affect users of libcurl) but they +must use "GPL compatible" licenses (as we want to allow users to use libcurl +properly in GPL licensed environments). + +When changing existing source code, you do not alter the copyright of the +original file(s). The copyright will still be owned by the original creator(s) +or those who have been assigned copyright by the original author(s). + +By submitting a patch to the curl project, you are assumed to have the right +to the code and to be allowed by your employer or whatever to hand over that +patch/code to us. We will credit you for your changes as far as possible, to +give credit but also to keep a trace back to who made what changes. Please +always provide us with your full real name when contributing! + +### What To Read + +Source code, the man pages, the [INTERNALS +document](https://curl.haxx.se/dev/internals.html), +[TODO](https://curl.haxx.se/docs/todo.html), +[KNOWN_BUGS](https://curl.haxx.se/docs/knownbugs.html) and the [most recent +changes](https://curl.haxx.se/dev/sourceactivity.html) in git. Just lurking on +the [curl-library mailing +list](https://curl.haxx.se/mail/list.cgi?list=curl-library) will give you a +lot of insights on what's going on right now. Asking there is a good idea too. + +## Write a good patch + +### Follow code style + +When writing C code, follow the +[CODE_STYLE](https://curl.haxx.se/dev/code-style.html) already established in +the project. Consistent style makes code easier to read and mistakes less +likely to happen. Run `make checksrc` before you submit anything, to make sure +you follow the basic style. That script doesn't verify everything, but if it +complains you know you have work to do. + +### Non-clobbering All Over + +When you write new functionality or fix bugs, it is important that you don't +fiddle all over the source files and functions. Remember that it is likely +that other people have done changes in the same source files as you have and +possibly even in the same functions. If you bring completely new +functionality, try writing it in a new source file. If you fix bugs, try to +fix one bug at a time and send them as separate patches. + +### Write Separate Changes + +It is annoying when you get a huge patch from someone that is said to fix 511 +odd problems, but discussions and opinions don't agree with 510 of them - or +509 of them were already fixed in a different way. Then the person merging +this change needs to extract the single interesting patch from somewhere +within the huge pile of source, and that gives a lot of extra work. + +Preferably, each fix that correct a problem should be in its own patch/commit +with its own description/commit message stating exactly what they correct so +that all changes can be selectively applied by the maintainer or other +interested parties. + +Also, separate changes enable bisecting much better when we track problems +and regression in the future. + +### Patch Against Recent Sources + +Please try to get the latest available sources to make your patches against. +It makes the lives of the developers so much easier. The very best is if you +get the most up-to-date sources from the git repository, but the latest +release archive is quite OK as well! + +### Documentation + +Writing docs is dead boring and one of the big problems with many open source +projects. Someone's gotta do it. It makes it a lot easier if you submit a +small description of your fix or your new features with every contribution so +that it can be swiftly added to the package documentation. + +The documentation is always made in man pages (nroff formatted) or plain +ASCII files. All HTML files on the web site and in the release archives are +generated from the nroff/ASCII versions. + +### Test Cases + +Since the introduction of the test suite, we can quickly verify that the main +features are working as they're supposed to. To maintain this situation and +improve it, all new features and functions that are added need to be tested +in the test suite. Every feature that is added should get at least one valid +test case that verifies that it works as documented. If every submitter also +posts a few test cases, it won't end up as a heavy burden on a single person! + +If you don't have test cases or perhaps you have done something that is very +hard to write tests for, do explain exactly how you have otherwise tested and +verified your changes. + +## Sharing Your Changes + +### How to get your changes into the main sources + +Ideally you file a [pull request on +github](https://github.com/curl/curl/pulls), but you can also send your plain +patch to [the curl-library mailing +list](https://curl.haxx.se/mail/list.cgi?list=curl-library). + +Either way, your change will be reviewed and discussed there and you will be +expected to correct flaws pointed out and update accordingly, or the change +risk stalling and eventually just get deleted without action. As a submitter +of a change, you are the owner of that change until it has been merged. + +Respond on the list or on github about the change and answer questions and/or +fix nits/flaws. This is very important. We will take lack of replies as a +sign that you're not very anxious to get your patch accepted and we tend to +simply drop such changes. + +### About pull requests + +With github it is easy to send a [pull +request](https://github.com/curl/curl/pulls) to the curl project to have +changes merged. + +We prefer pull requests to mailed patches, as it makes it a proper git commit +that is easy to merge and they are easy to track and not that easy to loose +in a flood of many emails, like they sometimes do on the mailing lists. + +When you ajust your pull requests after review, consider squashing the +commits so that we can review the full updated version more easily. + +### Making quality patches + +Make the patch against as recent sources as possible. + +If you've followed the tips in this document and your patch still hasn't been +incorporated or responded to after some weeks, consider resubmitting it to +the list or better yet: change it to a pull request. + +### Write good commit messages + +A short guide to how to write commit messages in the curl project. + + ---- start ---- + [area]: [short line describing the main effect] + -- empty line -- + [full description, no wider than 72 columns that describe as much as + possible as to why this change is made, and possibly what things + it fixes and everything else that is related] + -- empty line -- + [Bug: URL to source of the report or more related discussion] + [Reported-by: John Doe - credit the reporter] + [whatever-else-by: credit all helpers, finders, doers] + ---- stop ---- + +Don't forget to use commit --author="" if you commit someone else's work, +and make sure that you have your own user and email setup correctly in git +before you commit + +### Write Access to git Repository + +If you are a very frequent contributor, you may be given push access to the +git repository and then you'll be able to push your changes straight into the +git repo instead of sending changes as pull requests or by mail as patches. + +Just ask if this is what you'd want. You will be required to have posted +several high quality patches first, before you can be granted push access. + +### How To Make a Patch with git + +You need to first checkout the repository: + + git clone https://github.com/curl/curl.git + +You then proceed and edit all the files you like and you commit them to your +local repository: + + git commit [file] + +As usual, group your commits so that you commit all changes that at once that +constitutes a logical change. + +Once you have done all your commits and you're happy with what you see, you +can make patches out of your changes that are suitable for mailing: + + git format-patch remotes/origin/master + +This creates files in your local directory named NNNN-[name].patch for each +commit. + +Now send those patches off to the curl-library list. You can of course opt to +do that with the 'git send-email' command. + +### How To Make a Patch without git + +Keep a copy of the unmodified curl sources. Make your changes in a separate +source tree. When you think you have something that you want to offer the +curl community, use GNU diff to generate patches. + +If you have modified a single file, try something like: + + diff -u unmodified-file.c my-changed-one.c > my-fixes.diff + +If you have modified several files, possibly in different directories, you +can use diff recursively: + + diff -ur curl-original-dir curl-modified-sources-dir > my-fixes.diff + +The GNU diff and GNU patch tools exist for virtually all platforms, including +all kinds of Unixes and Windows: + +For unix-like operating systems: + + - [https://savannah.gnu.org/projects/patch/](https://savannah.gnu.org/projects/patch/) + - [https://www.gnu.org/software/diffutils/](https://www.gnu.org/software/diffutils/) + +For Windows: + + - [http://gnuwin32.sourceforge.net/packages/patch.htm](http://gnuwin32.sourceforge.net/packages/patch.htm) + - [http://gnuwin32.sourceforge.net/packages/diffutils.htm](http://gnuwin32.sourceforge.net/packages/diffutils.htm) diff --git a/docs/FAQ b/docs/FAQ index 860815341..d9e538aff 100644 --- a/docs/FAQ +++ b/docs/FAQ @@ -968,8 +968,8 @@ FAQ 4.9 Curl can't authenticate to the server that requires NTLM? - NTLM support requires OpenSSL, GnuTLS, NSS, Secure Transport, or Microsoft - Windows libraries at build-time to provide this functionality. + NTLM support requires OpenSSL, GnuTLS, mbedTLS, NSS, Secure Transport, or + Microsoft Windows libraries at build-time to provide this functionality. NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You should not use such ones. @@ -1185,25 +1185,9 @@ FAQ your system has such. Note that you must never share the same handle in multiple threads. - libcurl's implementation of timeouts might use signals (depending on what it - was built to use for name resolving), and signal handling is generally not - thread-safe. Multi-threaded Applicationss that call libcurl from different - threads (on different handles) might want to use CURLOPT_NOSIGNAL, e.g.: - - curl_easy_setopt(handle, CURLOPT_NOSIGNAL, true); - - If you use a OpenSSL-powered libcurl in a multi-threaded environment, you - need to provide one or two locking functions: - - https://www.openssl.org/docs/crypto/threads.html - - If you use a GnuTLS-powered libcurl in a multi-threaded environment, you - need to provide locking function(s) for libgcrypt (which is used by GnuTLS - for the crypto functions). - - https://web.archive.org/web/20111103083330/http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html - - No special locking is needed with a NSS-powered libcurl. NSS is thread-safe. + There may be some exceptions to thread safety depending on how libcurl was + built. Please review the guidelines for thread safety to learn more: + https://curl.haxx.se/libcurl/c/threadsafe.html 5.2 How can I receive all data into a large memory chunk? @@ -1418,17 +1402,27 @@ FAQ CURLOPT_CUSTOMREQUEST to alter what exact listing command libcurl would use to list the files. - The follow-up question that tend to follow the previous one, is how a - program is supposed to parse the directory listing. How does it know what's - a file and what's a dir and what's a symlink etc. The harsh reality is that - FTP provides no such fine and easy-to-parse output. The output format FTP - servers respond to LIST commands are entirely at the server's own liking and - the NLST output doesn't reveal any types and in many cases don't even - include all the directory entries. Also, both LIST and NLST tend to hide - unix-style hidden files (those that start with a dot) by default so you need - to do "LIST -a" or similar to see them. - - The application thus needs to parse the LIST output. One such existing + The follow-up question tends to be how is a program supposed to parse the + directory listing. How does it know what's a file and what's a dir and what's + a symlink etc. If the FTP server supports the MLSD command then it will + return data in a machine-readable format that can be parsed for type. The + types are specified by RFC3659 section 7.5.1. If MLSD is not supported then + you have to work with what you're given. The LIST output format is entirely + at the server's own liking and the NLST output doesn't reveal any types and + in many cases doesn't even include all the directory entries. Also, both LIST + and NLST tend to hide unix-style hidden files (those that start with a dot) + by default so you need to do "LIST -a" or similar to see them. + + Example - List only directories. + ftp.funet.fi supports MLSD and ftp.kernel.org does not: + + curl -s ftp.funet.fi/pub/ -X MLSD | \ + perl -lne 'print if s/(?:^|;)type=dir;[^ ]+ (.+)$/$1/' + + curl -s ftp.kernel.org/pub/linux/kernel/ | \ + perl -lne 'print if s/^d[-rwx]{9}(?: +[^ ]+){7} (.+)$/$1/' + + If you need to parse LIST output in libcurl one such existing list parser is available at https://cr.yp.to/ftpparse.html Versions of libcurl since 7.21.0 also provide the ability to specify a wildcard to download multiple files from one FTP directory. diff --git a/docs/FEATURES b/docs/FEATURES index 10fbdd570..24fa56dd3 100644 --- a/docs/FEATURES +++ b/docs/FEATURES @@ -195,8 +195,8 @@ FOOTNOTES *7 = requires OpenSSL, NSS, GSKit, WinSSL or Secure Transport; GnuTLS, for example, only supports SSLv3 and TLSv1 *8 = requires libssh2 - *9 = requires OpenSSL, GnuTLS, NSS, yassl, Secure Transport or SSPI (native - Windows) + *9 = requires OpenSSL, GnuTLS, mbedTLS, NSS, yassl, Secure Transport or SSPI + (native Windows) *10 = requires any of the SSL libraries in (*1) above other than axTLS, which does not support SSLv3 *11 = requires libidn or Windows diff --git a/docs/HISTORY b/docs/HISTORY deleted file mode 100644 index f878ee105..000000000 --- a/docs/HISTORY +++ /dev/null @@ -1,284 +0,0 @@ - _ _ ____ _ - ___| | | | _ \| | - / __| | | | |_) | | - | (__| |_| | _ <| |___ - \___|\___/|_| \_\_____| - -How cURL Became Like This -========================= - -Towards the end of 1996, Daniel Stenberg was spending time writing an IRC bot -for an Amiga related channel on EFnet. He then came up with the idea to make -currency-exchange calculations available to Internet Relay Chat (IRC) -users. All the necessary data are published on the Web; he just needed to -automate their retrieval. - -Daniel simply adopted an existing command-line open-source tool, httpget, that -Brazilian Rafael Sagula had written and recently release version 0.1 of. After -a few minor adjustments, it did just what he needed. - -1997 ----- - -HttpGet 1.0 was released on April 8th 1997 with brand new HTTP proxy support. - -We soon found and fixed support for getting currencies over GOPHER. Once FTP -download support was added, the name of the project was changed and urlget 2.0 -was released in August 1997. The http-only days were already passed. - -1998 ----- - -The project slowly grew bigger. When upload capabilities were added and the -name once again was misleading, a second name change was made and on March 20, -1998 curl 4 was released. (The version numbering from the previous names was -kept.) - -(Unrelated to this project a company called Curl Corporation registered a US -trademark on the name "CURL" on May 18 1998. That company had then already -registered the curl.com domain back in November of the previous year. All this -was revealed to us much later.) - -SSL support was added, powered by the SSLeay library. - -August, first announcement of curl on freshmeat.net. - -October, with the curl 4.9 release and the introduction of cookie support, -curl was no longer released under the GPL license. Now we're at 4000 lines of -code, we switched over to the MPL license to restrict the effects of -"copyleft". - -November, configure script and reported successful compiles on several -major operating systems. The never-quite-understood -F option was added and -curl could now simulate quite a lot of a browser. TELNET support was added. - -Curl 5 was released in December 1998 and introduced the first ever curl man -page. People started making Linux RPM packages out of it. - -1999 ----- - -January, DICT support added. - -OpenSSL took over where SSLeay was abandoned. - -May, first Debian package. - -August, LDAP:// and FILE:// support added. The curl web site gets 1300 visits -weekly. Moved site to curl.haxx.nu. - -Released curl 6.0 in September. 15000 lines of code. - -December 28, added the project on Sourceforge and started using its services -for managing the project. - -2000 ----- - -Spring 2000, major internal overhaul to provide a suitable library interface. -The first non-beta release was named 7.1 and arrived in August. This offered -the easy interface and turned out to be the beginning of actually getting -other software and programs to get based on and powered by libcurl. Almost -20000 lines of code. - -June 2000: the curl site moves to "curl.haxx.se" - -August, the curl web site gets 4000 visits weekly. - -The PHP guys adopted libcurl already the same month, when the first ever third -party libcurl binding showed up. CURL has been a supported module in PHP since -the release of PHP 4.0.2. This would soon get followers. More than 16 -different bindings exist at the time of this writing. - -September, kerberos4 support was added. - -In November started the work on a test suite for curl. It was later re-written -from scratch again. The libcurl major SONAME number was set to 1. - -2001 ----- - -January, Daniel released curl 7.5.2 under a new license again: MIT (or -MPL). The MIT license is extremely liberal and can be used combined with GPL -in other projects. This would finally put an end to the "complaints" from -people involved in GPLed projects that previously were prohibited from using -libcurl while it was released under MPL only. (Due to the fact that MPL is -deemed "GPL incompatible".) - -curl supports HTTP 1.1 starting with the release of 7.7, March 22 2001. This -also introduced libcurl's ability to do persistent connections. 24000 lines of -code. The libcurl major SONAME number was bumped to 2 due to this overhaul. - -The first experimental ftps:// support was added in March 2001. - -August. curl is bundled in Mac OS X, 10.1. It was already becoming more and -more of a standard utility of Linux distributions and a regular in the BSD -ports collections. The curl web site gets 8000 visits weekly. Curl Corporation -contacted Daniel to discuss "the name issue". After Daniel's reply, they have -never since got in touch again. - -September, libcurl 7.9 introduces cookie jar and curl_formadd(). During the -forthcoming 7.9.x releases, we introduced the multi interface slowly and -without much whistles. - -2002 ----- - -June, the curl web site gets 13000 visits weekly. curl and libcurl is -35000 lines of code. Reported successful compiles on more than 40 combinations -of CPUs and operating systems. - -To estimate number of users of the curl tool or libcurl library is next to -impossible. Around 5000 downloaded packages each week from the main site gives -a hint, but the packages are mirrored extensively, bundled with numerous OS -distributions and otherwise retrieved as part of other software. - -September, with the release of curl 7.10 it is released under the MIT license -only. - -2003 ----- - -January. Started working on the distributed curl tests. The autobuilds. - -February, the curl site averages at 20000 visits weekly. At any given moment, -there's an average of 3 people browsing the curl.haxx.se site. - -Multiple new authentication schemes are supported: Digest (May), NTLM (June) -and Negotiate (June). - -November: curl 7.10.8 is released. 45000 lines of code. ~55000 unique visitors -to the curl.haxx.se site. Five official web mirrors. - -December, full-fledged SSL for FTP is supported. - -2004 ----- - -January: curl 7.11.0 introduced large file support. - -June: curl 7.12.0 introduced IDN support. 10 official web mirrors. - -This release bumped the major SONAME to 3 due to the removal of the -curl_formparse() function - -August: Curl and libcurl 7.12.1 - - Public curl release number: 82 - Releases counted from the very beginning: 109 - Available command line options: 96 - Available curl_easy_setopt() options: 120 - Number of public functions in libcurl: 36 - Amount of public web site mirrors: 12 - Number of known libcurl bindings: 26 - -2005 ----- - -April. GnuTLS can now optionally be used for the secure layer when curl is -built. - -September: TFTP support was added. - -More than 100,000 unique visitors of the curl web site. 25 mirrors. - -December: security vulnerability: libcurl URL Buffer Overflow - -2006 ----- - -January. We dropped support for Gopher. We found bugs in the implementation -that turned out having been introduced years ago, so with the conclusion that -nobody had found out in all this time we removed it instead of fixing it. - -March: security vulnerability: libcurl TFTP Packet Buffer Overflow - -April: Added the multi_socket() API - -September: The major SONAME number for libcurl was bumped to 4 due to the -removal of ftp third party transfer support. - -November: Added SCP and SFTP support - -2007 ----- - -February: Added support for the Mozilla NSS library to do the SSL/TLS stuff - -July: security vulnerability: libcurl GnuTLS insufficient cert verification - -2008 ----- - -November: - - Command line options: 128 - curl_easy_setopt() options: 158 - Public functions in libcurl: 58 - Known libcurl bindings: 37 - Contributors: 683 - - 145,000 unique visitors. >100 GB downloaded. - -2009 ----- - -March: security vulnerability: libcurl Arbitrary File Access - -August: security vulnerability: libcurl embedded zero in cert name - -December: Added support for IMAP, POP3 and SMTP - -2010 ----- - -January: Added support for RTSP - -February: security vulnerability: libcurl data callback excessive length - -March: The project switched over to use git (hosted by github) instead of CVS -for source code control - -May: Added support for RTMP - -Added support for PolarSSL to do the SSL/TLS stuff - -August: - - Public curl releases: 117 - Command line options: 138 - curl_easy_setopt() options: 180 - Public functions in libcurl: 58 - Known libcurl bindings: 39 - Contributors: 808 - - Gopher support added (re-added actually) - -2012 ----- - - July: Added support for Schannel (native Windows TLS backend) and Darwin SSL - (Native Mac OS X and iOS TLS backend). - - Supports metalink - - October: SSH-agent support. - -2013 ----- - - February: Cleaned up internals to always uses the "multi" non-blocking - approach internally and only expose the blocking API with a wrapper. - - September: First small steps on supporting HTTP/2 with nghttp2. - - October: Removed krb4 support. - - December: Happy eyeballs. - -2014 ----- - - March: first real release supporting HTTP/2 - - September: Web site had 245,000 unique visitors and served 236GB data diff --git a/docs/HISTORY.md b/docs/HISTORY.md new file mode 100644 index 000000000..ea402c6b7 --- /dev/null +++ b/docs/HISTORY.md @@ -0,0 +1,284 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +How cURL Became Like This +========================= + +Towards the end of 1996, Daniel Stenberg was spending time writing an IRC bot +for an Amiga related channel on EFnet. He then came up with the idea to make +currency-exchange calculations available to Internet Relay Chat (IRC) +users. All the necessary data are published on the Web; he just needed to +automate their retrieval. + +Daniel simply adopted an existing command-line open-source tool, httpget, that +Brazilian Rafael Sagula had written and recently release version 0.1 of. After +a few minor adjustments, it did just what he needed. + +1997 +---- + +HttpGet 1.0 was released on April 8th 1997 with brand new HTTP proxy support. + +We soon found and fixed support for getting currencies over GOPHER. Once FTP +download support was added, the name of the project was changed and urlget 2.0 +was released in August 1997. The http-only days were already passed. + +1998 +---- + +The project slowly grew bigger. When upload capabilities were added and the +name once again was misleading, a second name change was made and on March 20, +1998 curl 4 was released. (The version numbering from the previous names was +kept.) + +(Unrelated to this project a company called Curl Corporation registered a US +trademark on the name "CURL" on May 18 1998. That company had then already +registered the curl.com domain back in November of the previous year. All this +was revealed to us much later.) + +SSL support was added, powered by the SSLeay library. + +August, first announcement of curl on freshmeat.net. + +October, with the curl 4.9 release and the introduction of cookie support, +curl was no longer released under the GPL license. Now we're at 4000 lines of +code, we switched over to the MPL license to restrict the effects of +"copyleft". + +November, configure script and reported successful compiles on several +major operating systems. The never-quite-understood -F option was added and +curl could now simulate quite a lot of a browser. TELNET support was added. + +Curl 5 was released in December 1998 and introduced the first ever curl man +page. People started making Linux RPM packages out of it. + +1999 +---- + +January, DICT support added. + +OpenSSL took over where SSLeay was abandoned. + +May, first Debian package. + +August, LDAP:// and FILE:// support added. The curl web site gets 1300 visits +weekly. Moved site to curl.haxx.nu. + +Released curl 6.0 in September. 15000 lines of code. + +December 28, added the project on Sourceforge and started using its services +for managing the project. + +2000 +---- + +Spring 2000, major internal overhaul to provide a suitable library interface. +The first non-beta release was named 7.1 and arrived in August. This offered +the easy interface and turned out to be the beginning of actually getting +other software and programs to get based on and powered by libcurl. Almost +20000 lines of code. + +June 2000: the curl site moves to "curl.haxx.se" + +August, the curl web site gets 4000 visits weekly. + +The PHP guys adopted libcurl already the same month, when the first ever third +party libcurl binding showed up. CURL has been a supported module in PHP since +the release of PHP 4.0.2. This would soon get followers. More than 16 +different bindings exist at the time of this writing. + +September, kerberos4 support was added. + +In November started the work on a test suite for curl. It was later re-written +from scratch again. The libcurl major SONAME number was set to 1. + +2001 +---- + +January, Daniel released curl 7.5.2 under a new license again: MIT (or +MPL). The MIT license is extremely liberal and can be used combined with GPL +in other projects. This would finally put an end to the "complaints" from +people involved in GPLed projects that previously were prohibited from using +libcurl while it was released under MPL only. (Due to the fact that MPL is +deemed "GPL incompatible".) + +curl supports HTTP 1.1 starting with the release of 7.7, March 22 2001. This +also introduced libcurl's ability to do persistent connections. 24000 lines of +code. The libcurl major SONAME number was bumped to 2 due to this overhaul. + +The first experimental ftps:// support was added in March 2001. + +August. curl is bundled in Mac OS X, 10.1. It was already becoming more and +more of a standard utility of Linux distributions and a regular in the BSD +ports collections. The curl web site gets 8000 visits weekly. Curl Corporation +contacted Daniel to discuss "the name issue". After Daniel's reply, they have +never since got in touch again. + +September, libcurl 7.9 introduces cookie jar and curl_formadd(). During the +forthcoming 7.9.x releases, we introduced the multi interface slowly and +without much whistles. + +2002 +---- + +June, the curl web site gets 13000 visits weekly. curl and libcurl is +35000 lines of code. Reported successful compiles on more than 40 combinations +of CPUs and operating systems. + +To estimate number of users of the curl tool or libcurl library is next to +impossible. Around 5000 downloaded packages each week from the main site gives +a hint, but the packages are mirrored extensively, bundled with numerous OS +distributions and otherwise retrieved as part of other software. + +September, with the release of curl 7.10 it is released under the MIT license +only. + +2003 +---- + +January. Started working on the distributed curl tests. The autobuilds. + +February, the curl site averages at 20000 visits weekly. At any given moment, +there's an average of 3 people browsing the curl.haxx.se site. + +Multiple new authentication schemes are supported: Digest (May), NTLM (June) +and Negotiate (June). + +November: curl 7.10.8 is released. 45000 lines of code. ~55000 unique visitors +to the curl.haxx.se site. Five official web mirrors. + +December, full-fledged SSL for FTP is supported. + +2004 +---- + +January: curl 7.11.0 introduced large file support. + +June: curl 7.12.0 introduced IDN support. 10 official web mirrors. + +This release bumped the major SONAME to 3 due to the removal of the +curl_formparse() function + +August: Curl and libcurl 7.12.1 + + Public curl release number: 82 + Releases counted from the very beginning: 109 + Available command line options: 96 + Available curl_easy_setopt() options: 120 + Number of public functions in libcurl: 36 + Amount of public web site mirrors: 12 + Number of known libcurl bindings: 26 + +2005 +---- + +April. GnuTLS can now optionally be used for the secure layer when curl is +built. + +April: Added the multi_socket() API + +September: TFTP support was added. + +More than 100,000 unique visitors of the curl web site. 25 mirrors. + +December: security vulnerability: libcurl URL Buffer Overflow + +2006 +---- + +January. We dropped support for Gopher. We found bugs in the implementation +that turned out having been introduced years ago, so with the conclusion that +nobody had found out in all this time we removed it instead of fixing it. + +March: security vulnerability: libcurl TFTP Packet Buffer Overflow + +September: The major SONAME number for libcurl was bumped to 4 due to the +removal of ftp third party transfer support. + +November: Added SCP and SFTP support + +2007 +---- + +February: Added support for the Mozilla NSS library to do the SSL/TLS stuff + +July: security vulnerability: libcurl GnuTLS insufficient cert verification + +2008 +---- + +November: + + Command line options: 128 + curl_easy_setopt() options: 158 + Public functions in libcurl: 58 + Known libcurl bindings: 37 + Contributors: 683 + + 145,000 unique visitors. >100 GB downloaded. + +2009 +---- + +March: security vulnerability: libcurl Arbitrary File Access + +August: security vulnerability: libcurl embedded zero in cert name + +December: Added support for IMAP, POP3 and SMTP + +2010 +---- + +January: Added support for RTSP + +February: security vulnerability: libcurl data callback excessive length + +March: The project switched over to use git (hosted by github) instead of CVS +for source code control + +May: Added support for RTMP + +Added support for PolarSSL to do the SSL/TLS stuff + +August: + + Public curl releases: 117 + Command line options: 138 + curl_easy_setopt() options: 180 + Public functions in libcurl: 58 + Known libcurl bindings: 39 + Contributors: 808 + + Gopher support added (re-added actually) + +2012 +---- + + July: Added support for Schannel (native Windows TLS backend) and Darwin SSL + (Native Mac OS X and iOS TLS backend). + + Supports metalink + + October: SSH-agent support. + +2013 +---- + + February: Cleaned up internals to always uses the "multi" non-blocking + approach internally and only expose the blocking API with a wrapper. + + September: First small steps on supporting HTTP/2 with nghttp2. + + October: Removed krb4 support. + + December: Happy eyeballs. + +2014 +---- + + March: first real release supporting HTTP/2 + + September: Web site had 245,000 unique visitors and served 236GB data diff --git a/docs/HTTP-COOKIES b/docs/HTTP-COOKIES deleted file mode 100644 index 0e43ba760..000000000 --- a/docs/HTTP-COOKIES +++ /dev/null @@ -1,123 +0,0 @@ -Updated: July 3, 2012 (https://curl.haxx.se/docs/http-cookies.html) - _ _ ____ _ - ___| | | | _ \| | - / __| | | | |_) | | - | (__| |_| | _ <| |___ - \___|\___/|_| \_\_____| - - -HTTP Cookies - - 1. HTTP Cookies - 1.1 Cookie overview - 1.2 Cookies saved to disk - 1.3 Cookies with curl the command line tool - 1.4 Cookies with libcurl - 1.5 Cookies with javascript - -============================================================================== - -1. HTTP Cookies - - 1.1 Cookie overview - - HTTP cookies are pieces of 'name=contents' snippets that a server tells the - client to hold and then the client sends back those the server on subsequent - requests to the same domains/paths for which the cookies were set. - - Cookies are either "session cookies" which typically are forgotten when the - session is over which is often translated to equal when browser quits, or - the cookies aren't session cookies they have expiration dates after which - the client will throw them away. - - Cookies are set to the client with the Set-Cookie: header and are sent to - servers with the Cookie: header. - - For a very long time, the only spec explaining how to use cookies was the - original Netscape spec from 1994: https://curl.haxx.se/rfc/cookie_spec.html - - In 2011, RFC6265 (https://www.ietf.org/rfc/rfc6265.txt) was finally published - and details how cookies work within HTTP. - - 1.2 Cookies saved to disk - - Netscape once created a file format for storing cookies on disk so that they - would survive browser restarts. curl adopted that file format to allow - sharing the cookies with browsers, only to see browsers move away from that - format. Modern browsers no longer use it, while curl still does. - - The netscape cookie file format stores one cookie per physical line in the - file with a bunch of associated meta data, each field separated with - TAB. That file is called the cookiejar in curl terminology. - - When libcurl saves a cookiejar, it creates a file header of its own in which - there is a URL mention that will link to the web version of this document. - - 1.3 Cookies with curl the command line tool - - curl has a full cookie "engine" built in. If you just activate it, you can - have curl receive and send cookies exactly as mandated in the specs. - - Command line options: - - -b, --cookie - - tell curl a file to read cookies from and start the cookie engine, or if - it isn't a file it will pass on the given string. -b name=var works and so - does -b cookiefile. - - -j, --junk-session-cookies - - when used in combination with -b, it will skip all "session cookies" on - load so as to appear to start a new cookie session. - - -c, --cookie-jar - - tell curl to start the cookie engine and write cookies to the given file - after the request(s) - - 1.4 Cookies with libcurl - - libcurl offers several ways to enable and interface the cookie engine. These - options are the ones provided by the native API. libcurl bindings may offer - access to them using other means. - - CURLOPT_COOKIE - - Is used when you want to specify the exact contents of a cookie header to - send to the server. - - CURLOPT_COOKIEFILE - - Tell libcurl to activate the cookie engine, and to read the initial set of - cookies from the given file. Read-only. - - CURLOPT_COOKIEJAR - - Tell libcurl to activate the cookie engine, and when the easy handle is - closed save all known cookies to the given cookiejar file. Write-only. - - CURLOPT_COOKIELIST - - Provide detailed information about a single cookie to add to the internal - storage of cookies. Pass in the cookie as a HTTP header with all the - details set, or pass in a line from a netscape cookie file. This option - can also be used to flush the cookies etc. - - CURLINFO_COOKIELIST - - Extract cookie information from the internal cookie storage as a linked - list. - - 1.5 Cookies with javascript - - These days a lot of the web is built up by javascript. The webbrowser loads - complete programs that render the page you see. These javascript programs - can also set and access cookies. - - Since curl and libcurl are plain HTTP clients without any knowledge of or - capability to handle javascript, such cookies will not be detected or used. - - Often, if you want to mimic what a browser does on such web sites, you can - record web browser HTTP traffic when using such a site and then repeat the - cookie operations using curl or libcurl. diff --git a/docs/HTTP-COOKIES.md b/docs/HTTP-COOKIES.md new file mode 100644 index 000000000..a1b283454 --- /dev/null +++ b/docs/HTTP-COOKIES.md @@ -0,0 +1,104 @@ +# HTTP Cookies + +## Cookie overview + + Cookies are `name=contents` pairs that a HTTP server tells the client to + hold and then the client sends back those to the server on subsequent + requests to the same domains and paths for which the cookies were set. + + Cookies are either "session cookies" which typically are forgotten when the + session is over which is often translated to equal when browser quits, or + the cookies aren't session cookies they have expiration dates after which + the client will throw them away. + + Cookies are set to the client with the Set-Cookie: header and are sent to + servers with the Cookie: header. + + For a very long time, the only spec explaining how to use cookies was the + original [Netscape spec from 1994](https://curl.haxx.se/rfc/cookie_spec.html). + + In 2011, [RFC6265](https://www.ietf.org/rfc/rfc6265.txt) was finally + published and details how cookies work within HTTP. + +## Cookies saved to disk + + Netscape once created a file format for storing cookies on disk so that they + would survive browser restarts. curl adopted that file format to allow + sharing the cookies with browsers, only to see browsers move away from that + format. Modern browsers no longer use it, while curl still does. + + The netscape cookie file format stores one cookie per physical line in the + file with a bunch of associated meta data, each field separated with + TAB. That file is called the cookiejar in curl terminology. + + When libcurl saves a cookiejar, it creates a file header of its own in which + there is a URL mention that will link to the web version of this document. + +## Cookies with curl the command line tool + + curl has a full cookie "engine" built in. If you just activate it, you can + have curl receive and send cookies exactly as mandated in the specs. + + Command line options: + + `-b, --cookie` + + tell curl a file to read cookies from and start the cookie engine, or if it + isn't a file it will pass on the given string. -b name=var works and so does + -b cookiefile. + + `-j, --junk-session-cookies` + + when used in combination with -b, it will skip all "session cookies" on load + so as to appear to start a new cookie session. + + `-c, --cookie-jar` + + tell curl to start the cookie engine and write cookies to the given file + after the request(s) + +## Cookies with libcurl + + libcurl offers several ways to enable and interface the cookie engine. These + options are the ones provided by the native API. libcurl bindings may offer + access to them using other means. + + `CURLOPT_COOKIE` + + Is used when you want to specify the exact contents of a cookie header to + send to the server. + + `CURLOPT_COOKIEFILE` + + Tell libcurl to activate the cookie engine, and to read the initial set of + cookies from the given file. Read-only. + + `CURLOPT_COOKIEJAR` + + Tell libcurl to activate the cookie engine, and when the easy handle is + closed save all known cookies to the given cookiejar file. Write-only. + + `CURLOPT_COOKIELIST` + + Provide detailed information about a single cookie to add to the internal + storage of cookies. Pass in the cookie as a HTTP header with all the details + set, or pass in a line from a netscape cookie file. This option can also be + used to flush the cookies etc. + + `CURLINFO_COOKIELIST` + + Extract cookie information from the internal cookie storage as a linked + list. + +## Cookies with javascript + + These days a lot of the web is built up by javascript. The webbrowser loads + complete programs that render the page you see. These javascript programs + can also set and access cookies. + + Since curl and libcurl are plain HTTP clients without any knowledge of or + capability to handle javascript, such cookies will not be detected or used. + + Often, if you want to mimic what a browser does on such web sites, you can + record web browser HTTP traffic when using such a site and then repeat the + cookie operations using curl or libcurl. diff --git a/docs/HTTP2.md b/docs/HTTP2.md index bf5382070..cc5a5b334 100644 --- a/docs/HTTP2.md +++ b/docs/HTTP2.md @@ -7,7 +7,8 @@ HTTP/2 with curl Build prerequisites ------------------- - nghttp2 - - OpenSSL, NSS, GnutTLS or PolarSSL with a new enough version + - OpenSSL, libressl, BoringSSL, NSS, GnutTLS, mbedTLS, wolfSSL or SChannel + with a new enough version. [nghttp2](https://nghttp2.org/) ------------------------------- @@ -51,13 +52,17 @@ SSL libs -------- The challenge is the ALPN and NPN support and all our different SSL -backends. You may need a fairly updated SSL library version for it to -provide the necessary TLS features. Right now we support: - - - OpenSSL: ALPN and NPN - - NSS: ALPN and NPN - - GnuTLS: ALPN - - PolarSSL: ALPN +backends. You may need a fairly updated SSL library version for it to provide +the necessary TLS features. Right now we support: + + - OpenSSL: ALPN and NPN + - libressl: ALPN and NPN + - BoringSSL: ALPN and NPN + - NSS: ALPN and NPN + - GnuTLS: ALPN + - mbedTLS: ALPN + - SChannel: ALPN + - wolfSSL: ALPN Multiplexing ------------ @@ -91,6 +96,9 @@ curl tool curl offers the `--http2` command line option to enable use of HTTP/2. +curl offers the `--http2-prior-knowledge` command line option to enable use of +HTTP/2 without HTTP/1.1 Upgrade. + Since 7.47.0, the curl tool enables HTTP/2 by default for HTTPS connections. HTTP Alternative Services @@ -103,9 +111,3 @@ client can use that hint to create a new connection asynchronously. For libcurl, we may introduce a way to bring such clues to the applicaton and/or let a subsequent request use the alternate route automatically. [Spec](https://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-14) - -TODO ----- - - - Implement "prior-knowledge" HTTP/2 connections over clear text so that - curl can connect with HTTP/2 at once without 1.1+Upgrade. diff --git a/docs/INSTALL b/docs/INSTALL index d316a1ae5..2e1075ba4 100644 --- a/docs/INSTALL +++ b/docs/INSTALL @@ -1101,7 +1101,7 @@ GnuTLS https://www.gnu.org/software/gnutls/ Heimdal http://www.h5l.org/ libidn https://www.gnu.org/software/libidn/ libmetalink https://launchpad.net/libmetalink/ -libssh2 http://www.libssh2.org/ +libssh2 https://www.libssh2.org/ MIT Kerberos http://web.mit.edu/kerberos/www/dist/ NSS https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS OpenLDAP http://www.openldap.org/ diff --git a/docs/INTERNALS b/docs/INTERNALS deleted file mode 100644 index 698d66ec4..000000000 --- a/docs/INTERNALS +++ /dev/null @@ -1,1095 +0,0 @@ -Table of Contents -================= - - - [Intro](#intro) - - [git](#git) - - [Portability](#Portability) - - [Windows vs Unix](#winvsunix) - - [Library](#Library) - - [`Curl_connect`](#Curl_connect) - - [`Curl_do`](#Curl_do) - - [`Curl_readwrite`](#Curl_readwrite) - - [`Curl_done`](#Curl_done) - - [`Curl_disconnect`](#Curl_disconnect) - - [HTTP(S)](#http) - - [FTP](#ftp) - - [Kerberos](#kerberos) - - [TELNET](#telnet) - - [FILE](#file) - - [SMB](#smb) - - [LDAP](#ldap) - - [E-mail](#email) - - [General](#general) - - [Persistent Connections](#persistent) - - [multi interface/non-blocking](#multi) - - [SSL libraries](#ssl) - - [Library Symbols](#symbols) - - [Return Codes and Informationals](#returncodes) - - [AP/ABI](#abi) - - [Client](#client) - - [Memory Debugging](#memorydebug) - - [Test Suite](#test) - - [Asynchronous name resolves](#asyncdns) - - [c-ares](#cares) - - [`curl_off_t`](#curl_off_t) - - [curlx](#curlx) - - [Content Encoding](#contentencoding) - - [hostip.c explained](#hostip) - - [Track Down Memory Leaks](#memoryleak) - - [`multi_socket`](#multi_socket) - - [Structs in libcurl](#structs) - - -curl internals -============== - - This project is split in two. The library and the client. The client part - uses the library, but the library is designed to allow other applications to - use it. - - The largest amount of code and complexity is in the library part. - - - -git -=== - - All changes to the sources are committed to the git repository as soon as - they're somewhat verified to work. Changes shall be committed as independently - as possible so that individual changes can be easier spotted and tracked - afterwards. - - Tagging shall be used extensively, and by the time we release new archives we - should tag the sources with a name similar to the released version number. - - -Portability -=========== - - We write curl and libcurl to compile with C89 compilers. On 32bit and up - machines. Most of libcurl assumes more or less POSIX compliance but that's - not a requirement. - - We write libcurl to build and work with lots of third party tools, and we - want it to remain functional and buildable with these and later versions - (older versions may still work but is not what we work hard to maintain): - -Dependencies ------------- - - - OpenSSL 0.9.7 - - GnuTLS 1.2 - - zlib 1.1.4 - - libssh2 0.16 - - c-ares 1.6.0 - - libidn 0.4.1 - - cyassl 2.0.0 - - openldap 2.0 - - MIT Kerberos 1.2.4 - - GSKit V5R3M0 - - NSS 3.14.x - - axTLS 1.2.7 - - PolarSSL 1.3.0 - - Heimdal ? - - nghttp2 1.0.0 - -Operating Systems ------------------ - - On systems where configure runs, we aim at working on them all - if they have - a suitable C compiler. On systems that don't run configure, we strive to keep - curl running fine on: - - - Windows 98 - - AS/400 V5R3M0 - - Symbian 9.1 - - Windows CE ? - - TPF ? - -Build tools ------------ - - When writing code (mostly for generating stuff included in release tarballs) - we use a few "build tools" and we make sure that we remain functional with - these versions: - - - GNU Libtool 1.4.2 - - GNU Autoconf 2.57 - - GNU Automake 1.7 - - GNU M4 1.4 - - perl 5.004 - - roffit 0.5 - - groff ? (any version that supports "groff -Tps -man [in] [out]") - - ps2pdf (gs) ? - - -Windows vs Unix -=============== - - There are a few differences in how to program curl the unix way compared to - the Windows way. The four perhaps most notable details are: - - 1. Different function names for socket operations. - - In curl, this is solved with defines and macros, so that the source looks - the same at all places except for the header file that defines them. The - macros in use are sclose(), sread() and swrite(). - - 2. Windows requires a couple of init calls for the socket stuff. - - That's taken care of by the `curl_global_init()` call, but if other libs - also do it etc there might be reasons for applications to alter that - behaviour. - - 3. The file descriptors for network communication and file operations are - not easily interchangeable as in unix. - - We avoid this by not trying any funny tricks on file descriptors. - - 4. When writing data to stdout, Windows makes end-of-lines the DOS way, thus - destroying binary data, although you do want that conversion if it is - text coming through... (sigh) - - We set stdout to binary under windows - - Inside the source code, We make an effort to avoid `#ifdef [Your OS]`. All - conditionals that deal with features *should* instead be in the format - `#ifdef HAVE_THAT_WEIRD_FUNCTION`. Since Windows can't run configure scripts, - we maintain a `curl_config-win32.h` file in lib directory that is supposed to - look exactly as a `curl_config.h` file would have looked like on a Windows - machine! - - Generally speaking: always remember that this will be compiled on dozens of - operating systems. Don't walk on the edge. - - -Library -======= - - (See `LIBCURL-STRUCTS` for a separate document describing all major internal - structs and their purposes.) - - There are plenty of entry points to the library, namely each publicly defined - function that libcurl offers to applications. All of those functions are - rather small and easy-to-follow. All the ones prefixed with `curl_easy` are - put in the lib/easy.c file. - - `curl_global_init_()` and `curl_global_cleanup()` should be called by the - application to initialize and clean up global stuff in the library. As of - today, it can handle the global SSL initing if SSL is enabled and it can init - the socket layer on windows machines. libcurl itself has no "global" scope. - - All printf()-style functions use the supplied clones in lib/mprintf.c. This - makes sure we stay absolutely platform independent. - - [ `curl_easy_init()`][2] allocates an internal struct and makes some - initializations. The returned handle does not reveal internals. This is the - 'SessionHandle' struct which works as an "anchor" struct for all `curl_easy` - functions. All connections performed will get connect-specific data allocated - that should be used for things related to particular connections/requests. - - [`curl_easy_setopt()`][1] takes three arguments, where the option stuff must - be passed in pairs: the parameter-ID and the parameter-value. The list of - options is documented in the man page. This function mainly sets things in - the 'SessionHandle' struct. - - `curl_easy_perform()` is just a wrapper function that makes use of the multi - API. It basically calls `curl_multi_init()`, `curl_multi_add_handle()`, - `curl_multi_wait()`, and `curl_multi_perform()` until the transfer is done - and then returns. - - Some of the most important key functions in url.c are called from multi.c - when certain key steps are to be made in the transfer operation. - - -Curl_connect() --------------- - - Analyzes the URL, it separates the different components and connects to the - remote host. This may involve using a proxy and/or using SSL. The - `Curl_resolv()` function in lib/hostip.c is used for looking up host names - (it does then use the proper underlying method, which may vary between - platforms and builds). - - When `Curl_connect` is done, we are connected to the remote site. Then it - is time to tell the server to get a document/file. `Curl_do()` arranges - this. - - This function makes sure there's an allocated and initiated 'connectdata' - struct that is used for this particular connection only (although there may - be several requests performed on the same connect). A bunch of things are - inited/inherited from the SessionHandle struct. - - -Curl_do() ---------- - - `Curl_do()` makes sure the proper protocol-specific function is called. The - functions are named after the protocols they handle. - - The protocol-specific functions of course deal with protocol-specific - negotiations and setup. They have access to the `Curl_sendf()` (from - lib/sendf.c) function to send printf-style formatted data to the remote - host and when they're ready to make the actual file transfer they call the - `Curl_Transfer()` function (in lib/transfer.c) to setup the transfer and - returns. - - If this DO function fails and the connection is being re-used, libcurl will - then close this connection, setup a new connection and re-issue the DO - request on that. This is because there is no way to be perfectly sure that - we have discovered a dead connection before the DO function and thus we - might wrongly be re-using a connection that was closed by the remote peer. - - Some time during the DO function, the `Curl_setup_transfer()` function must - be called with some basic info about the upcoming transfer: what socket(s) - to read/write and the expected file transfer sizes (if known). - - -Curl_readwrite() ----------------- - - Called during the transfer of the actual protocol payload. - - During transfer, the progress functions in lib/progress.c are called at a - frequent interval (or at the user's choice, a specified callback might get - called). The speedcheck functions in lib/speedcheck.c are also used to - verify that the transfer is as fast as required. - - -Curl_done() ------------ - - Called after a transfer is done. This function takes care of everything - that has to be done after a transfer. This function attempts to leave - matters in a state so that `Curl_do()` should be possible to call again on - the same connection (in a persistent connection case). It might also soon - be closed with `Curl_disconnect()`. - - -Curl_disconnect() ------------------ - - When doing normal connections and transfers, no one ever tries to close any - connections so this is not normally called when `curl_easy_perform()` is - used. This function is only used when we are certain that no more transfers - is going to be made on the connection. It can be also closed by force, or - it can be called to make sure that libcurl doesn't keep too many - connections alive at the same time. - - This function cleans up all resources that are associated with a single - connection. - - -HTTP(S) -======= - - HTTP offers a lot and is the protocol in curl that uses the most lines of - code. There is a special file (lib/formdata.c) that offers all the multipart - post functions. - - base64-functions for user+password stuff (and more) is in (lib/base64.c) and - all functions for parsing and sending cookies are found in (lib/cookie.c). - - HTTPS uses in almost every means the same procedure as HTTP, with only two - exceptions: the connect procedure is different and the function used to read - or write from the socket is different, although the latter fact is hidden in - the source by the use of `Curl_read()` for reading and `Curl_write()` for - writing data to the remote server. - - `http_chunks.c` contains functions that understands HTTP 1.1 chunked transfer - encoding. - - An interesting detail with the HTTP(S) request, is the `Curl_add_buffer()` - series of functions we use. They append data to one single buffer, and when - the building is done the entire request is sent off in one single write. This - is done this way to overcome problems with flawed firewalls and lame servers. - - -FTP -=== - - The `Curl_if2ip()` function can be used for getting the IP number of a - specified network interface, and it resides in lib/if2ip.c. - - `Curl_ftpsendf()` is used for sending FTP commands to the remote server. It - was made a separate function to prevent us programmers from forgetting that - they must be CRLF terminated. They must also be sent in one single write() to - make firewalls and similar happy. - - -Kerberos --------- - - Kerberos support is mainly in lib/krb5.c and lib/security.c but also - `curl_sasl_sspi.c` and `curl_sasl_gssapi.c` for the email protocols and - `socks_gssapi.c` and `socks_sspi.c` for SOCKS5 proxy specifics. - - -TELNET -====== - - Telnet is implemented in lib/telnet.c. - - -FILE -==== - - The file:// protocol is dealt with in lib/file.c. - - -SMB -=== - - The smb:// protocol is dealt with in lib/smb.c. - - -LDAP -==== - - Everything LDAP is in lib/ldap.c and lib/openldap.c - - -E-mail -====== - - The e-mail related source code is in lib/imap.c, lib/pop3.c and lib/smtp.c. - - -General -======= - - URL encoding and decoding, called escaping and unescaping in the source code, - is found in lib/escape.c. - - While transferring data in Transfer() a few functions might get used. - `curl_getdate()` in lib/parsedate.c is for HTTP date comparisons (and more). - - lib/getenv.c offers `curl_getenv()` which is for reading environment - variables in a neat platform independent way. That's used in the client, but - also in lib/url.c when checking the proxy environment variables. Note that - contrary to the normal unix getenv(), this returns an allocated buffer that - must be free()ed after use. - - lib/netrc.c holds the .netrc parser - - lib/timeval.c features replacement functions for systems that don't have - gettimeofday() and a few support functions for timeval conversions. - - A function named `curl_version()` that returns the full curl version string - is found in lib/version.c. - - -Persistent Connections -====================== - - The persistent connection support in libcurl requires some considerations on - how to do things inside of the library. - - - The 'SessionHandle' struct returned in the [`curl_easy_init()`][2] call - must never hold connection-oriented data. It is meant to hold the root data - as well as all the options etc that the library-user may choose. - - - The 'SessionHandle' struct holds the "connection cache" (an array of - pointers to 'connectdata' structs). - - - This enables the 'curl handle' to be reused on subsequent transfers. - - - When libcurl is told to perform a transfer, it first checks for an already - existing connection in the cache that we can use. Otherwise it creates a - new one and adds that the cache. If the cache is full already when a new - connection is added added, it will first close the oldest unused one. - - - When the transfer operation is complete, the connection is left - open. Particular options may tell libcurl not to, and protocols may signal - closure on connections and then they won't be kept open of course. - - - When `curl_easy_cleanup()` is called, we close all still opened connections, - unless of course the multi interface "owns" the connections. - - The curl handle must be re-used in order for the persistent connections to - work. - - -multi interface/non-blocking -============================ - - The multi interface is a non-blocking interface to the library. To make that - interface work as good as possible, no low-level functions within libcurl - must be written to work in a blocking manner. (There are still a few spots - violating this rule.) - - One of the primary reasons we introduced c-ares support was to allow the name - resolve phase to be perfectly non-blocking as well. - - The FTP and the SFTP/SCP protocols are examples of how we adapt and adjust - the code to allow non-blocking operations even on multi-stage command- - response protocols. They are built around state machines that return when - they would otherwise block waiting for data. The DICT, LDAP and TELNET - protocols are crappy examples and they are subject for rewrite in the future - to better fit the libcurl protocol family. - - -SSL libraries -============= - - Originally libcurl supported SSLeay for SSL/TLS transports, but that was then - extended to its successor OpenSSL but has since also been extended to several - other SSL/TLS libraries and we expect and hope to further extend the support - in future libcurl versions. - - To deal with this internally in the best way possible, we have a generic SSL - function API as provided by the vtls/vtls.[ch] system, and they are the only - SSL functions we must use from within libcurl. vtls is then crafted to use - the appropriate lower-level function calls to whatever SSL library that is in - use. For example vtls/openssl.[ch] for the OpenSSL library. - - -Library Symbols -=============== - - All symbols used internally in libcurl must use a `Curl_` prefix if they're - used in more than a single file. Single-file symbols must be made static. - Public ("exported") symbols must use a `curl_` prefix. (There are exceptions, - but they are to be changed to follow this pattern in future versions.) Public - API functions are marked with `CURL_EXTERN` in the public header files so - that all others can be hidden on platforms where this is possible. - - -Return Codes and Informationals -=============================== - - I've made things simple. Almost every function in libcurl returns a CURLcode, - that must be `CURLE_OK` if everything is OK or otherwise a suitable error - code as the curl/curl.h include file defines. The very spot that detects an - error must use the `Curl_failf()` function to set the human-readable error - description. - - In aiding the user to understand what's happening and to debug curl usage, we - must supply a fair amount of informational messages by using the - `Curl_infof()` function. Those messages are only displayed when the user - explicitly asks for them. They are best used when revealing information that - isn't otherwise obvious. - - -API/ABI -======= - - We make an effort to not export or show internals or how internals work, as - that makes it easier to keep a solid API/ABI over time. See docs/libcurl/ABI - for our promise to users. - - -Client -====== - - main() resides in `src/tool_main.c`. - - `src/tool_hugehelp.c` is automatically generated by the mkhelp.pl perl script - to display the complete "manual" and the src/tool_urlglob.c file holds the - functions used for the URL-"globbing" support. Globbing in the sense that the - {} and [] expansion stuff is there. - - The client mostly messes around to setup its 'config' struct properly, then - it calls the `curl_easy_*()` functions of the library and when it gets back - control after the `curl_easy_perform()` it cleans up the library, checks - status and exits. - - When the operation is done, the ourWriteOut() function in src/writeout.c may - be called to report about the operation. That function is using the - `curl_easy_getinfo()` function to extract useful information from the curl - session. - - It may loop and do all this several times if many URLs were specified on the - command line or config file. - - -Memory Debugging -================ - - The file lib/memdebug.c contains debug-versions of a few functions. Functions - such as malloc, free, fopen, fclose, etc that somehow deal with resources - that might give us problems if we "leak" them. The functions in the memdebug - system do nothing fancy, they do their normal function and then log - information about what they just did. The logged data can then be analyzed - after a complete session, - - memanalyze.pl is the perl script present in tests/ that analyzes a log file - generated by the memory tracking system. It detects if resources are - allocated but never freed and other kinds of errors related to resource - management. - - Internally, definition of preprocessor symbol DEBUGBUILD restricts code which - is only compiled for debug enabled builds. And symbol CURLDEBUG is used to - differentiate code which is _only_ used for memory tracking/debugging. - - Use -DCURLDEBUG when compiling to enable memory debugging, this is also - switched on by running configure with --enable-curldebug. Use -DDEBUGBUILD - when compiling to enable a debug build or run configure with --enable-debug. - - curl --version will list 'Debug' feature for debug enabled builds, and - will list 'TrackMemory' feature for curl debug memory tracking capable - builds. These features are independent and can be controlled when running - the configure script. When --enable-debug is given both features will be - enabled, unless some restriction prevents memory tracking from being used. - - -Test Suite -========== - - The test suite is placed in its own subdirectory directly off the root in the - curl archive tree, and it contains a bunch of scripts and a lot of test case - data. - - The main test script is runtests.pl that will invoke test servers like - httpserver.pl and ftpserver.pl before all the test cases are performed. The - test suite currently only runs on unix-like platforms. - - You'll find a description of the test suite in the tests/README file, and the - test case data files in the tests/FILEFORMAT file. - - The test suite automatically detects if curl was built with the memory - debugging enabled, and if it was it will detect memory leaks, too. - - -Asynchronous name resolves -========================== - - libcurl can be built to do name resolves asynchronously, using either the - normal resolver in a threaded manner or by using c-ares. - - -[c-ares][3] ------- - -### Build libcurl to use a c-ares - -1. ./configure --enable-ares=/path/to/ares/install -2. make - -### c-ares on win32 - - First I compiled c-ares. I changed the default C runtime library to be the - single-threaded rather than the multi-threaded (this seems to be required to - prevent linking errors later on). Then I simply build the areslib project - (the other projects adig/ahost seem to fail under MSVC). - - Next was libcurl. I opened lib/config-win32.h and I added a: - `#define USE_ARES 1` - - Next thing I did was I added the path for the ares includes to the include - path, and the libares.lib to the libraries. - - Lastly, I also changed libcurl to be single-threaded rather than - multi-threaded, again this was to prevent some duplicate symbol errors. I'm - not sure why I needed to change everything to single-threaded, but when I - didn't I got redefinition errors for several CRT functions (malloc, stricmp, - etc.) - - -`curl_off_t` -========== - - curl_off_t is a data type provided by the external libcurl include - headers. It is the type meant to be used for the [`curl_easy_setopt()`][1] - options that end with LARGE. The type is 64bit large on most modern - platforms. - -curlx -===== - - The libcurl source code offers a few functions by source only. They are not - part of the official libcurl API, but the source files might be useful for - others so apps can optionally compile/build with these sources to gain - additional functions. - - We provide them through a single header file for easy access for apps: - "curlx.h" - -`curlx_strtoofft()` -------------------- - A macro that converts a string containing a number to a curl_off_t number. - This might use the curlx_strtoll() function which is provided as source - code in strtoofft.c. Note that the function is only provided if no - strtoll() (or equivalent) function exist on your platform. If curl_off_t - is only a 32 bit number on your platform, this macro uses strtol(). - -`curlx_tvnow()` ---------------- - returns a struct timeval for the current time. - -`curlx_tvdiff()` --------------- - returns the difference between two timeval structs, in number of - milliseconds. - -`curlx_tvdiff_secs()` ---------------------- - returns the same as curlx_tvdiff but with full usec resolution (as a - double) - -Future ------- - - Several functions will be removed from the public curl_ name space in a - future libcurl release. They will then only become available as curlx_ - functions instead. To make the transition easier, we already today provide - these functions with the curlx_ prefix to allow sources to get built properly - with the new function names. The functions this concerns are: - - - `curlx_getenv` - - `curlx_strequal` - - `curlx_strnequal` - - `curlx_mvsnprintf` - - `curlx_msnprintf` - - `curlx_maprintf` - - `curlx_mvaprintf` - - `curlx_msprintf` - - `curlx_mprintf` - - `curlx_mfprintf` - - `curlx_mvsprintf` - - `curlx_mvprintf` - - `curlx_mvfprintf` - - -Content Encoding -================ - -## About content encodings - - [HTTP/1.1][4] specifies that a client may request that a server encode its - response. This is usually used to compress a response using one of a set of - commonly available compression techniques. These schemes are 'deflate' (the - zlib algorithm), 'gzip' and 'compress'. A client requests that the sever - perform an encoding by including an Accept-Encoding header in the request - document. The value of the header should be one of the recognized tokens - 'deflate', ... (there's a way to register new schemes/tokens, see sec 3.5 of - the spec). A server MAY honor the client's encoding request. When a response - is encoded, the server includes a Content-Encoding header in the - response. The value of the Content-Encoding header indicates which scheme was - used to encode the data. - - A client may tell a server that it can understand several different encoding - schemes. In this case the server may choose any one of those and use it to - encode the response (indicating which one using the Content-Encoding header). - It's also possible for a client to attach priorities to different schemes so - that the server knows which it prefers. See sec 14.3 of RFC 2616 for more - information on the Accept-Encoding header. - -## Supported content encodings - - The 'deflate' and 'gzip' content encoding are supported by libcurl. Both - regular and chunked transfers work fine. The zlib library is required for - this feature. - -## The libcurl interface - - To cause libcurl to request a content encoding use: - - [`curl_easy_setopt`][1](curl, [`CURLOPT_ACCEPT_ENCODING`][5], string) - - where string is the intended value of the Accept-Encoding header. - - Currently, libcurl only understands how to process responses that use the - "deflate" or "gzip" Content-Encoding, so the only values for - [`CURLOPT_ACCEPT_ENCODING`][5] that will work (besides "identity," which does - nothing) are "deflate" and "gzip" If a response is encoded using the - "compress" or methods, libcurl will return an error indicating that the - response could not be decoded. If is NULL no Accept-Encoding header - is generated. If is a zero-length string, then an Accept-Encoding - header containing all supported encodings will be generated. - - The [`CURLOPT_ACCEPT_ENCODING`][5] must be set to any non-NULL value for - content to be automatically decoded. If it is not set and the server still - sends encoded content (despite not having been asked), the data is returned - in its raw form and the Content-Encoding type is not checked. - -## The curl interface - - Use the [--compressed][6] option with curl to cause it to ask servers to - compress responses using any format supported by curl. - - -hostip.c explained -================== - - The main compile-time defines to keep in mind when reading the host*.c source - file are these: - -## `CURLRES_IPV6` - - this host has getaddrinfo() and family, and thus we use that. The host may - not be able to resolve IPv6, but we don't really have to take that into - account. Hosts that aren't IPv6-enabled have CURLRES_IPV4 defined. - -## `CURLRES_ARES` - - is defined if libcurl is built to use c-ares for asynchronous name - resolves. This can be Windows or *nix. - -## `CURLRES_THREADED` - - is defined if libcurl is built to use threading for asynchronous name - resolves. The name resolve will be done in a new thread, and the supported - asynch API will be the same as for ares-builds. This is the default under - (native) Windows. - - If any of the two previous are defined, `CURLRES_ASYNCH` is defined too. If - libcurl is not built to use an asynchronous resolver, `CURLRES_SYNCH` is - defined. - -## host*.c sources - - The host*.c sources files are split up like this: - - - hostip.c - method-independent resolver functions and utility functions - - hostasyn.c - functions for asynchronous name resolves - - hostsyn.c - functions for synchronous name resolves - - asyn-ares.c - functions for asynchronous name resolves using c-ares - - asyn-thread.c - functions for asynchronous name resolves using threads - - hostip4.c - IPv4 specific functions - - hostip6.c - IPv6 specific functions - - The hostip.h is the single united header file for all this. It defines the - `CURLRES_*` defines based on the config*.h and curl_setup.h defines. - - -Track Down Memory Leaks -======================= - -## Single-threaded - - Please note that this memory leak system is not adjusted to work in more - than one thread. If you want/need to use it in a multi-threaded app. Please - adjust accordingly. - - -## Build - - Rebuild libcurl with -DCURLDEBUG (usually, rerunning configure with - --enable-debug fixes this). 'make clean' first, then 'make' so that all - files actually are rebuilt properly. It will also make sense to build - libcurl with the debug option (usually -g to the compiler) so that debugging - it will be easier if you actually do find a leak in the library. - - This will create a library that has memory debugging enabled. - -## Modify Your Application - - Add a line in your application code: - - `curl_memdebug("dump");` - - This will make the malloc debug system output a full trace of all resource - using functions to the given file name. Make sure you rebuild your program - and that you link with the same libcurl you built for this purpose as - described above. - -## Run Your Application - - Run your program as usual. Watch the specified memory trace file grow. - - Make your program exit and use the proper libcurl cleanup functions etc. So - that all non-leaks are returned/freed properly. - -## Analyze the Flow - - Use the tests/memanalyze.pl perl script to analyze the dump file: - - tests/memanalyze.pl dump - - This now outputs a report on what resources that were allocated but never - freed etc. This report is very fine for posting to the list! - - If this doesn't produce any output, no leak was detected in libcurl. Then - the leak is mostly likely to be in your code. - - -`multi_socket` -============== - - Implementation of the `curl_multi_socket` API - - The main ideas of this API are simply: - - 1 - The application can use whatever event system it likes as it gets info - from libcurl about what file descriptors libcurl waits for what action - on. (The previous API returns `fd_sets` which is very select()-centric). - - 2 - When the application discovers action on a single socket, it calls - libcurl and informs that there was action on this particular socket and - libcurl can then act on that socket/transfer only and not care about - any other transfers. (The previous API always had to scan through all - the existing transfers.) - - The idea is that [`curl_multi_socket_action()`][7] calls a given callback - with information about what socket to wait for what action on, and the - callback only gets called if the status of that socket has changed. - - We also added a timer callback that makes libcurl call the application when - the timeout value changes, and you set that with [`curl_multi_setopt()`][9] - and the [`CURLMOPT_TIMERFUNCTION`][10] option. To get this to work, - Internally, there's an added a struct to each easy handle in which we store - an "expire time" (if any). The structs are then "splay sorted" so that we - can add and remove times from the linked list and yet somewhat swiftly - figure out both how long time there is until the next nearest timer expires - and which timer (handle) we should take care of now. Of course, the upside - of all this is that we get a [`curl_multi_timeout()`][8] that should also - work with old-style applications that use [`curl_multi_perform()`][11]. - - We created an internal "socket to easy handles" hash table that given - a socket (file descriptor) return the easy handle that waits for action on - that socket. This hash is made using the already existing hash code - (previously only used for the DNS cache). - - To make libcurl able to report plain sockets in the socket callback, we had - to re-organize the internals of the [`curl_multi_fdset()`][12] etc so that - the conversion from sockets to `fd_sets` for that function is only done in - the last step before the data is returned. I also had to extend c-ares to - get a function that can return plain sockets, as that library too returned - only `fd_sets` and that is no longer good enough. The changes done to c-ares - are available in c-ares 1.3.1 and later. - - -Structs in libcurl -================== - -This section should cover 7.32.0 pretty accurately, but will make sense even -for older and later versions as things don't change drastically that often. - -## SessionHandle - - The SessionHandle handle struct is the one returned to the outside in the - external API as a "CURL *". This is usually known as an easy handle in API - documentations and examples. - - Information and state that is related to the actual connection is in the - 'connectdata' struct. When a transfer is about to be made, libcurl will - either create a new connection or re-use an existing one. The particular - connectdata that is used by this handle is pointed out by - SessionHandle->easy_conn. - - Data and information that regard this particular single transfer is put in - the SingleRequest sub-struct. - - When the SessionHandle struct is added to a multi handle, as it must be in - order to do any transfer, the ->multi member will point to the `Curl_multi` - struct it belongs to. The ->prev and ->next members will then be used by the - multi code to keep a linked list of SessionHandle structs that are added to - that same multi handle. libcurl always uses multi so ->multi *will* point to - a `Curl_multi` when a transfer is in progress. - - ->mstate is the multi state of this particular SessionHandle. When - `multi_runsingle()` is called, it will act on this handle according to which - state it is in. The mstate is also what tells which sockets to return for a - specific SessionHandle when [`curl_multi_fdset()`][12] is called etc. - - The libcurl source code generally use the name 'data' for the variable that - points to the SessionHandle. - - When doing multiplexed HTTP/2 transfers, each SessionHandle is associated - with an individual stream, sharing the same connectdata struct. Multiplexing - makes it even more important to keep things associated with the right thing! - -## connectdata - - A general idea in libcurl is to keep connections around in a connection - "cache" after they have been used in case they will be used again and then - re-use an existing one instead of creating a new as it creates a significant - performance boost. - - Each 'connectdata' identifies a single physical connection to a server. If - the connection can't be kept alive, the connection will be closed after use - and then this struct can be removed from the cache and freed. - - Thus, the same SessionHandle can be used multiple times and each time select - another connectdata struct to use for the connection. Keep this in mind, as - it is then important to consider if options or choices are based on the - connection or the SessionHandle. - - Functions in libcurl will assume that connectdata->data points to the - SessionHandle that uses this connection (for the moment). - - As a special complexity, some protocols supported by libcurl require a - special disconnect procedure that is more than just shutting down the - socket. It can involve sending one or more commands to the server before - doing so. Since connections are kept in the connection cache after use, the - original SessionHandle may no longer be around when the time comes to shut - down a particular connection. For this purpose, libcurl holds a special - dummy `closure_handle` SessionHandle in the `Curl_multi` struct to use when - needed. - - FTP uses two TCP connections for a typical transfer but it keeps both in - this single struct and thus can be considered a single connection for most - internal concerns. - - The libcurl source code generally use the name 'conn' for the variable that - points to the connectdata. - -## Curl_multi - - Internally, the easy interface is implemented as a wrapper around multi - interface functions. This makes everything multi interface. - - `Curl_multi` is the multi handle struct exposed as "CURLM *" in external APIs. - - This struct holds a list of SessionHandle structs that have been added to - this handle with [`curl_multi_add_handle()`][13]. The start of the list is - ->easyp and ->num_easy is a counter of added SessionHandles. - - ->msglist is a linked list of messages to send back when - [`curl_multi_info_read()`][14] is called. Basically a node is added to that - list when an individual SessionHandle's transfer has completed. - - ->hostcache points to the name cache. It is a hash table for looking up name - to IP. The nodes have a limited life time in there and this cache is meant - to reduce the time for when the same name is wanted within a short period of - time. - - ->timetree points to a tree of SessionHandles, sorted by the remaining time - until it should be checked - normally some sort of timeout. Each - SessionHandle has one node in the tree. - - ->sockhash is a hash table to allow fast lookups of socket descriptor to - which SessionHandle that uses that descriptor. This is necessary for the - `multi_socket` API. - - ->conn_cache points to the connection cache. It keeps track of all - connections that are kept after use. The cache has a maximum size. - - ->closure_handle is described in the 'connectdata' section. - - The libcurl source code generally use the name 'multi' for the variable that - points to the Curl_multi struct. - -## Curl_handler - - Each unique protocol that is supported by libcurl needs to provide at least - one `Curl_handler` struct. It defines what the protocol is called and what - functions the main code should call to deal with protocol specific issues. - In general, there's a source file named [protocol].c in which there's a - "struct `Curl_handler` `Curl_handler_[protocol]`" declared. In url.c there's - then the main array with all individual `Curl_handler` structs pointed to - from a single array which is scanned through when a URL is given to libcurl - to work with. - - ->scheme is the URL scheme name, usually spelled out in uppercase. That's - "HTTP" or "FTP" etc. SSL versions of the protcol need its own `Curl_handler` - setup so HTTPS separate from HTTP. - - ->setup_connection is called to allow the protocol code to allocate protocol - specific data that then gets associated with that SessionHandle for the rest - of this transfer. It gets freed again at the end of the transfer. It will be - called before the 'connectdata' for the transfer has been selected/created. - Most protocols will allocate its private 'struct [PROTOCOL]' here and assign - SessionHandle->req.protop to point to it. - - ->connect_it allows a protocol to do some specific actions after the TCP - connect is done, that can still be considered part of the connection phase. - - Some protocols will alter the connectdata->recv[] and connectdata->send[] - function pointers in this function. - - ->connecting is similarly a function that keeps getting called as long as the - protocol considers itself still in the connecting phase. - - ->do_it is the function called to issue the transfer request. What we call - the DO action internally. If the DO is not enough and things need to be kept - getting done for the entire DO sequence to complete, ->doing is then usually - also provided. Each protocol that needs to do multiple commands or similar - for do/doing need to implement their own state machines (see SCP, SFTP, - FTP). Some protocols (only FTP and only due to historical reasons) has a - separate piece of the DO state called `DO_MORE`. - - ->doing keeps getting called while issuing the transfer request command(s) - - ->done gets called when the transfer is complete and DONE. That's after the - main data has been transferred. - - ->do_more gets called during the `DO_MORE` state. The FTP protocol uses this - state when setting up the second connection. - - ->`proto_getsock` - ->`doing_getsock` - ->`domore_getsock` - ->`perform_getsock` - Functions that return socket information. Which socket(s) to wait for which - action(s) during the particular multi state. - - ->disconnect is called immediately before the TCP connection is shutdown. - - ->readwrite gets called during transfer to allow the protocol to do extra - reads/writes - - ->defport is the default report TCP or UDP port this protocol uses - - ->protocol is one or more bits in the `CURLPROTO_*` set. The SSL versions - have their "base" protocol set and then the SSL variation. Like - "HTTP|HTTPS". - - ->flags is a bitmask with additional information about the protocol that will - make it get treated differently by the generic engine: - - - `PROTOPT_SSL` - will make it connect and negotiate SSL - - - `PROTOPT_DUAL` - this protocol uses two connections - - - `PROTOPT_CLOSEACTION` - this protocol has actions to do before closing the - connection. This flag is no longer used by code, yet still set for a bunch - protocol handlers. - - - `PROTOPT_DIRLOCK` - "direction lock". The SSH protocols set this bit to - limit which "direction" of socket actions that the main engine will - concern itself about. - - - `PROTOPT_NONETWORK` - a protocol that doesn't use network (read file:) - - - `PROTOPT_NEEDSPWD` - this protocol needs a password and will use a default - one unless one is provided - - - `PROTOPT_NOURLQUERY` - this protocol can't handle a query part on the URL - (?foo=bar) - -## conncache - - Is a hash table with connections for later re-use. Each SessionHandle has - a pointer to its connection cache. Each multi handle sets up a connection - cache that all added SessionHandles share by default. - -## Curl_share - - The libcurl share API allocates a `Curl_share` struct, exposed to the - external API as "CURLSH *". - - The idea is that the struct can have a set of own versions of caches and - pools and then by providing this struct in the `CURLOPT_SHARE` option, those - specific SessionHandles will use the caches/pools that this share handle - holds. - - Then individual SessionHandle structs can be made to share specific things - that they otherwise wouldn't, such as cookies. - - The `Curl_share` struct can currently hold cookies, DNS cache and the SSL - session cache. - -## CookieInfo - - This is the main cookie struct. It holds all known cookies and related - information. Each SessionHandle has its own private CookieInfo even when - they are added to a multi handle. They can be made to share cookies by using - the share API. - - -[1]: https://curl.haxx.se/libcurl/c/curl_easy_setopt.html -[2]: https://curl.haxx.se/libcurl/c/curl_easy_init.html -[3]: http://c-ares.haxx.se/ -[4]: https://tools.ietf.org/html/rfc7230 "RFC 7230" -[5]: https://curl.haxx.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html -[6]: https://curl.haxx.se/docs/manpage.html#--compressed -[7]: https://curl.haxx.se/libcurl/c/curl_multi_socket_action.html -[8]: https://curl.haxx.se/libcurl/c/curl_multi_timeout.html -[9]: https://curl.haxx.se/libcurl/c/curl_multi_setopt.html -[10]: https://curl.haxx.se/libcurl/c/CURLMOPT_TIMERFUNCTION.html -[11]: https://curl.haxx.se/libcurl/c/curl_multi_perform.html -[12]: https://curl.haxx.se/libcurl/c/curl_multi_fdset.html -[13]: https://curl.haxx.se/libcurl/c/curl_multi_add_handle.html -[14]: https://curl.haxx.se/libcurl/c/curl_multi_info_read.html diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md new file mode 100644 index 000000000..1691fcc04 --- /dev/null +++ b/docs/INTERNALS.md @@ -0,0 +1,1094 @@ +curl internals +============== + + - [Intro](#intro) + - [git](#git) + - [Portability](#Portability) + - [Windows vs Unix](#winvsunix) + - [Library](#Library) + - [`Curl_connect`](#Curl_connect) + - [`Curl_do`](#Curl_do) + - [`Curl_readwrite`](#Curl_readwrite) + - [`Curl_done`](#Curl_done) + - [`Curl_disconnect`](#Curl_disconnect) + - [HTTP(S)](#http) + - [FTP](#ftp) + - [Kerberos](#kerberos) + - [TELNET](#telnet) + - [FILE](#file) + - [SMB](#smb) + - [LDAP](#ldap) + - [E-mail](#email) + - [General](#general) + - [Persistent Connections](#persistent) + - [multi interface/non-blocking](#multi) + - [SSL libraries](#ssl) + - [Library Symbols](#symbols) + - [Return Codes and Informationals](#returncodes) + - [AP/ABI](#abi) + - [Client](#client) + - [Memory Debugging](#memorydebug) + - [Test Suite](#test) + - [Asynchronous name resolves](#asyncdns) + - [c-ares](#cares) + - [`curl_off_t`](#curl_off_t) + - [curlx](#curlx) + - [Content Encoding](#contentencoding) + - [hostip.c explained](#hostip) + - [Track Down Memory Leaks](#memoryleak) + - [`multi_socket`](#multi_socket) + - [Structs in libcurl](#structs) + + +Intro +===== + + This project is split in two. The library and the client. The client part + uses the library, but the library is designed to allow other applications to + use it. + + The largest amount of code and complexity is in the library part. + + + +git +=== + + All changes to the sources are committed to the git repository as soon as + they're somewhat verified to work. Changes shall be committed as independently + as possible so that individual changes can be easier spotted and tracked + afterwards. + + Tagging shall be used extensively, and by the time we release new archives we + should tag the sources with a name similar to the released version number. + + +Portability +=========== + + We write curl and libcurl to compile with C89 compilers. On 32bit and up + machines. Most of libcurl assumes more or less POSIX compliance but that's + not a requirement. + + We write libcurl to build and work with lots of third party tools, and we + want it to remain functional and buildable with these and later versions + (older versions may still work but is not what we work hard to maintain): + +Dependencies +------------ + + - OpenSSL 0.9.7 + - GnuTLS 1.2 + - zlib 1.1.4 + - libssh2 0.16 + - c-ares 1.6.0 + - libidn 0.4.1 + - cyassl 2.0.0 + - openldap 2.0 + - MIT Kerberos 1.2.4 + - GSKit V5R3M0 + - NSS 3.14.x + - axTLS 1.2.7 + - PolarSSL 1.3.0 + - Heimdal ? + - nghttp2 1.0.0 + +Operating Systems +----------------- + + On systems where configure runs, we aim at working on them all - if they have + a suitable C compiler. On systems that don't run configure, we strive to keep + curl running fine on: + + - Windows 98 + - AS/400 V5R3M0 + - Symbian 9.1 + - Windows CE ? + - TPF ? + +Build tools +----------- + + When writing code (mostly for generating stuff included in release tarballs) + we use a few "build tools" and we make sure that we remain functional with + these versions: + + - GNU Libtool 1.4.2 + - GNU Autoconf 2.57 + - GNU Automake 1.7 + - GNU M4 1.4 + - perl 5.004 + - roffit 0.5 + - groff ? (any version that supports "groff -Tps -man [in] [out]") + - ps2pdf (gs) ? + + +Windows vs Unix +=============== + + There are a few differences in how to program curl the unix way compared to + the Windows way. The four perhaps most notable details are: + + 1. Different function names for socket operations. + + In curl, this is solved with defines and macros, so that the source looks + the same at all places except for the header file that defines them. The + macros in use are sclose(), sread() and swrite(). + + 2. Windows requires a couple of init calls for the socket stuff. + + That's taken care of by the `curl_global_init()` call, but if other libs + also do it etc there might be reasons for applications to alter that + behaviour. + + 3. The file descriptors for network communication and file operations are + not easily interchangeable as in unix. + + We avoid this by not trying any funny tricks on file descriptors. + + 4. When writing data to stdout, Windows makes end-of-lines the DOS way, thus + destroying binary data, although you do want that conversion if it is + text coming through... (sigh) + + We set stdout to binary under windows + + Inside the source code, We make an effort to avoid `#ifdef [Your OS]`. All + conditionals that deal with features *should* instead be in the format + `#ifdef HAVE_THAT_WEIRD_FUNCTION`. Since Windows can't run configure scripts, + we maintain a `curl_config-win32.h` file in lib directory that is supposed to + look exactly as a `curl_config.h` file would have looked like on a Windows + machine! + + Generally speaking: always remember that this will be compiled on dozens of + operating systems. Don't walk on the edge. + + +Library +======= + + (See [Structs in libcurl](#structs) for the separate section describing all + major internal structs and their purposes.) + + There are plenty of entry points to the library, namely each publicly defined + function that libcurl offers to applications. All of those functions are + rather small and easy-to-follow. All the ones prefixed with `curl_easy` are + put in the lib/easy.c file. + + `curl_global_init_()` and `curl_global_cleanup()` should be called by the + application to initialize and clean up global stuff in the library. As of + today, it can handle the global SSL initing if SSL is enabled and it can init + the socket layer on windows machines. libcurl itself has no "global" scope. + + All printf()-style functions use the supplied clones in lib/mprintf.c. This + makes sure we stay absolutely platform independent. + + [ `curl_easy_init()`][2] allocates an internal struct and makes some + initializations. The returned handle does not reveal internals. This is the + 'Curl_easy' struct which works as an "anchor" struct for all `curl_easy` + functions. All connections performed will get connect-specific data allocated + that should be used for things related to particular connections/requests. + + [`curl_easy_setopt()`][1] takes three arguments, where the option stuff must + be passed in pairs: the parameter-ID and the parameter-value. The list of + options is documented in the man page. This function mainly sets things in + the 'Curl_easy' struct. + + `curl_easy_perform()` is just a wrapper function that makes use of the multi + API. It basically calls `curl_multi_init()`, `curl_multi_add_handle()`, + `curl_multi_wait()`, and `curl_multi_perform()` until the transfer is done + and then returns. + + Some of the most important key functions in url.c are called from multi.c + when certain key steps are to be made in the transfer operation. + + +Curl_connect() +-------------- + + Analyzes the URL, it separates the different components and connects to the + remote host. This may involve using a proxy and/or using SSL. The + `Curl_resolv()` function in lib/hostip.c is used for looking up host names + (it does then use the proper underlying method, which may vary between + platforms and builds). + + When `Curl_connect` is done, we are connected to the remote site. Then it + is time to tell the server to get a document/file. `Curl_do()` arranges + this. + + This function makes sure there's an allocated and initiated 'connectdata' + struct that is used for this particular connection only (although there may + be several requests performed on the same connect). A bunch of things are + inited/inherited from the Curl_easy struct. + + +Curl_do() +--------- + + `Curl_do()` makes sure the proper protocol-specific function is called. The + functions are named after the protocols they handle. + + The protocol-specific functions of course deal with protocol-specific + negotiations and setup. They have access to the `Curl_sendf()` (from + lib/sendf.c) function to send printf-style formatted data to the remote + host and when they're ready to make the actual file transfer they call the + `Curl_Transfer()` function (in lib/transfer.c) to setup the transfer and + returns. + + If this DO function fails and the connection is being re-used, libcurl will + then close this connection, setup a new connection and re-issue the DO + request on that. This is because there is no way to be perfectly sure that + we have discovered a dead connection before the DO function and thus we + might wrongly be re-using a connection that was closed by the remote peer. + + Some time during the DO function, the `Curl_setup_transfer()` function must + be called with some basic info about the upcoming transfer: what socket(s) + to read/write and the expected file transfer sizes (if known). + + +Curl_readwrite() +---------------- + + Called during the transfer of the actual protocol payload. + + During transfer, the progress functions in lib/progress.c are called at a + frequent interval (or at the user's choice, a specified callback might get + called). The speedcheck functions in lib/speedcheck.c are also used to + verify that the transfer is as fast as required. + + +Curl_done() +----------- + + Called after a transfer is done. This function takes care of everything + that has to be done after a transfer. This function attempts to leave + matters in a state so that `Curl_do()` should be possible to call again on + the same connection (in a persistent connection case). It might also soon + be closed with `Curl_disconnect()`. + + +Curl_disconnect() +----------------- + + When doing normal connections and transfers, no one ever tries to close any + connections so this is not normally called when `curl_easy_perform()` is + used. This function is only used when we are certain that no more transfers + is going to be made on the connection. It can be also closed by force, or + it can be called to make sure that libcurl doesn't keep too many + connections alive at the same time. + + This function cleans up all resources that are associated with a single + connection. + + +HTTP(S) +======= + + HTTP offers a lot and is the protocol in curl that uses the most lines of + code. There is a special file (lib/formdata.c) that offers all the multipart + post functions. + + base64-functions for user+password stuff (and more) is in (lib/base64.c) and + all functions for parsing and sending cookies are found in (lib/cookie.c). + + HTTPS uses in almost every means the same procedure as HTTP, with only two + exceptions: the connect procedure is different and the function used to read + or write from the socket is different, although the latter fact is hidden in + the source by the use of `Curl_read()` for reading and `Curl_write()` for + writing data to the remote server. + + `http_chunks.c` contains functions that understands HTTP 1.1 chunked transfer + encoding. + + An interesting detail with the HTTP(S) request, is the `Curl_add_buffer()` + series of functions we use. They append data to one single buffer, and when + the building is done the entire request is sent off in one single write. This + is done this way to overcome problems with flawed firewalls and lame servers. + + +FTP +=== + + The `Curl_if2ip()` function can be used for getting the IP number of a + specified network interface, and it resides in lib/if2ip.c. + + `Curl_ftpsendf()` is used for sending FTP commands to the remote server. It + was made a separate function to prevent us programmers from forgetting that + they must be CRLF terminated. They must also be sent in one single write() to + make firewalls and similar happy. + + +Kerberos +-------- + + Kerberos support is mainly in lib/krb5.c and lib/security.c but also + `curl_sasl_sspi.c` and `curl_sasl_gssapi.c` for the email protocols and + `socks_gssapi.c` and `socks_sspi.c` for SOCKS5 proxy specifics. + + +TELNET +====== + + Telnet is implemented in lib/telnet.c. + + +FILE +==== + + The file:// protocol is dealt with in lib/file.c. + + +SMB +=== + + The smb:// protocol is dealt with in lib/smb.c. + + +LDAP +==== + + Everything LDAP is in lib/ldap.c and lib/openldap.c + + +E-mail +====== + + The e-mail related source code is in lib/imap.c, lib/pop3.c and lib/smtp.c. + + +General +======= + + URL encoding and decoding, called escaping and unescaping in the source code, + is found in lib/escape.c. + + While transferring data in Transfer() a few functions might get used. + `curl_getdate()` in lib/parsedate.c is for HTTP date comparisons (and more). + + lib/getenv.c offers `curl_getenv()` which is for reading environment + variables in a neat platform independent way. That's used in the client, but + also in lib/url.c when checking the proxy environment variables. Note that + contrary to the normal unix getenv(), this returns an allocated buffer that + must be free()ed after use. + + lib/netrc.c holds the .netrc parser + + lib/timeval.c features replacement functions for systems that don't have + gettimeofday() and a few support functions for timeval conversions. + + A function named `curl_version()` that returns the full curl version string + is found in lib/version.c. + + +Persistent Connections +====================== + + The persistent connection support in libcurl requires some considerations on + how to do things inside of the library. + + - The 'Curl_easy' struct returned in the [`curl_easy_init()`][2] call + must never hold connection-oriented data. It is meant to hold the root data + as well as all the options etc that the library-user may choose. + + - The 'Curl_easy' struct holds the "connection cache" (an array of + pointers to 'connectdata' structs). + + - This enables the 'curl handle' to be reused on subsequent transfers. + + - When libcurl is told to perform a transfer, it first checks for an already + existing connection in the cache that we can use. Otherwise it creates a + new one and adds that the cache. If the cache is full already when a new + connection is added added, it will first close the oldest unused one. + + - When the transfer operation is complete, the connection is left + open. Particular options may tell libcurl not to, and protocols may signal + closure on connections and then they won't be kept open of course. + + - When `curl_easy_cleanup()` is called, we close all still opened connections, + unless of course the multi interface "owns" the connections. + + The curl handle must be re-used in order for the persistent connections to + work. + + +multi interface/non-blocking +============================ + + The multi interface is a non-blocking interface to the library. To make that + interface work as good as possible, no low-level functions within libcurl + must be written to work in a blocking manner. (There are still a few spots + violating this rule.) + + One of the primary reasons we introduced c-ares support was to allow the name + resolve phase to be perfectly non-blocking as well. + + The FTP and the SFTP/SCP protocols are examples of how we adapt and adjust + the code to allow non-blocking operations even on multi-stage command- + response protocols. They are built around state machines that return when + they would otherwise block waiting for data. The DICT, LDAP and TELNET + protocols are crappy examples and they are subject for rewrite in the future + to better fit the libcurl protocol family. + + +SSL libraries +============= + + Originally libcurl supported SSLeay for SSL/TLS transports, but that was then + extended to its successor OpenSSL but has since also been extended to several + other SSL/TLS libraries and we expect and hope to further extend the support + in future libcurl versions. + + To deal with this internally in the best way possible, we have a generic SSL + function API as provided by the vtls/vtls.[ch] system, and they are the only + SSL functions we must use from within libcurl. vtls is then crafted to use + the appropriate lower-level function calls to whatever SSL library that is in + use. For example vtls/openssl.[ch] for the OpenSSL library. + + +Library Symbols +=============== + + All symbols used internally in libcurl must use a `Curl_` prefix if they're + used in more than a single file. Single-file symbols must be made static. + Public ("exported") symbols must use a `curl_` prefix. (There are exceptions, + but they are to be changed to follow this pattern in future versions.) Public + API functions are marked with `CURL_EXTERN` in the public header files so + that all others can be hidden on platforms where this is possible. + + +Return Codes and Informationals +=============================== + + I've made things simple. Almost every function in libcurl returns a CURLcode, + that must be `CURLE_OK` if everything is OK or otherwise a suitable error + code as the curl/curl.h include file defines. The very spot that detects an + error must use the `Curl_failf()` function to set the human-readable error + description. + + In aiding the user to understand what's happening and to debug curl usage, we + must supply a fair amount of informational messages by using the + `Curl_infof()` function. Those messages are only displayed when the user + explicitly asks for them. They are best used when revealing information that + isn't otherwise obvious. + + +API/ABI +======= + + We make an effort to not export or show internals or how internals work, as + that makes it easier to keep a solid API/ABI over time. See docs/libcurl/ABI + for our promise to users. + + +Client +====== + + main() resides in `src/tool_main.c`. + + `src/tool_hugehelp.c` is automatically generated by the mkhelp.pl perl script + to display the complete "manual" and the src/tool_urlglob.c file holds the + functions used for the URL-"globbing" support. Globbing in the sense that the + {} and [] expansion stuff is there. + + The client mostly messes around to setup its 'config' struct properly, then + it calls the `curl_easy_*()` functions of the library and when it gets back + control after the `curl_easy_perform()` it cleans up the library, checks + status and exits. + + When the operation is done, the ourWriteOut() function in src/writeout.c may + be called to report about the operation. That function is using the + `curl_easy_getinfo()` function to extract useful information from the curl + session. + + It may loop and do all this several times if many URLs were specified on the + command line or config file. + + +Memory Debugging +================ + + The file lib/memdebug.c contains debug-versions of a few functions. Functions + such as malloc, free, fopen, fclose, etc that somehow deal with resources + that might give us problems if we "leak" them. The functions in the memdebug + system do nothing fancy, they do their normal function and then log + information about what they just did. The logged data can then be analyzed + after a complete session, + + memanalyze.pl is the perl script present in tests/ that analyzes a log file + generated by the memory tracking system. It detects if resources are + allocated but never freed and other kinds of errors related to resource + management. + + Internally, definition of preprocessor symbol DEBUGBUILD restricts code which + is only compiled for debug enabled builds. And symbol CURLDEBUG is used to + differentiate code which is _only_ used for memory tracking/debugging. + + Use -DCURLDEBUG when compiling to enable memory debugging, this is also + switched on by running configure with --enable-curldebug. Use -DDEBUGBUILD + when compiling to enable a debug build or run configure with --enable-debug. + + curl --version will list 'Debug' feature for debug enabled builds, and + will list 'TrackMemory' feature for curl debug memory tracking capable + builds. These features are independent and can be controlled when running + the configure script. When --enable-debug is given both features will be + enabled, unless some restriction prevents memory tracking from being used. + + +Test Suite +========== + + The test suite is placed in its own subdirectory directly off the root in the + curl archive tree, and it contains a bunch of scripts and a lot of test case + data. + + The main test script is runtests.pl that will invoke test servers like + httpserver.pl and ftpserver.pl before all the test cases are performed. The + test suite currently only runs on unix-like platforms. + + You'll find a description of the test suite in the tests/README file, and the + test case data files in the tests/FILEFORMAT file. + + The test suite automatically detects if curl was built with the memory + debugging enabled, and if it was it will detect memory leaks, too. + + +Asynchronous name resolves +========================== + + libcurl can be built to do name resolves asynchronously, using either the + normal resolver in a threaded manner or by using c-ares. + + +[c-ares][3] +------ + +### Build libcurl to use a c-ares + +1. ./configure --enable-ares=/path/to/ares/install +2. make + +### c-ares on win32 + + First I compiled c-ares. I changed the default C runtime library to be the + single-threaded rather than the multi-threaded (this seems to be required to + prevent linking errors later on). Then I simply build the areslib project + (the other projects adig/ahost seem to fail under MSVC). + + Next was libcurl. I opened lib/config-win32.h and I added a: + `#define USE_ARES 1` + + Next thing I did was I added the path for the ares includes to the include + path, and the libares.lib to the libraries. + + Lastly, I also changed libcurl to be single-threaded rather than + multi-threaded, again this was to prevent some duplicate symbol errors. I'm + not sure why I needed to change everything to single-threaded, but when I + didn't I got redefinition errors for several CRT functions (malloc, stricmp, + etc.) + + +`curl_off_t` +========== + + curl_off_t is a data type provided by the external libcurl include + headers. It is the type meant to be used for the [`curl_easy_setopt()`][1] + options that end with LARGE. The type is 64bit large on most modern + platforms. + +curlx +===== + + The libcurl source code offers a few functions by source only. They are not + part of the official libcurl API, but the source files might be useful for + others so apps can optionally compile/build with these sources to gain + additional functions. + + We provide them through a single header file for easy access for apps: + "curlx.h" + +`curlx_strtoofft()` +------------------- + A macro that converts a string containing a number to a curl_off_t number. + This might use the curlx_strtoll() function which is provided as source + code in strtoofft.c. Note that the function is only provided if no + strtoll() (or equivalent) function exist on your platform. If curl_off_t + is only a 32 bit number on your platform, this macro uses strtol(). + +`curlx_tvnow()` +--------------- + returns a struct timeval for the current time. + +`curlx_tvdiff()` +-------------- + returns the difference between two timeval structs, in number of + milliseconds. + +`curlx_tvdiff_secs()` +--------------------- + returns the same as curlx_tvdiff but with full usec resolution (as a + double) + +Future +------ + + Several functions will be removed from the public curl_ name space in a + future libcurl release. They will then only become available as curlx_ + functions instead. To make the transition easier, we already today provide + these functions with the curlx_ prefix to allow sources to get built properly + with the new function names. The functions this concerns are: + + - `curlx_getenv` + - `curlx_strequal` + - `curlx_strnequal` + - `curlx_mvsnprintf` + - `curlx_msnprintf` + - `curlx_maprintf` + - `curlx_mvaprintf` + - `curlx_msprintf` + - `curlx_mprintf` + - `curlx_mfprintf` + - `curlx_mvsprintf` + - `curlx_mvprintf` + - `curlx_mvfprintf` + + +Content Encoding +================ + +## About content encodings + + [HTTP/1.1][4] specifies that a client may request that a server encode its + response. This is usually used to compress a response using one of a set of + commonly available compression techniques. These schemes are 'deflate' (the + zlib algorithm), 'gzip' and 'compress'. A client requests that the sever + perform an encoding by including an Accept-Encoding header in the request + document. The value of the header should be one of the recognized tokens + 'deflate', ... (there's a way to register new schemes/tokens, see sec 3.5 of + the spec). A server MAY honor the client's encoding request. When a response + is encoded, the server includes a Content-Encoding header in the + response. The value of the Content-Encoding header indicates which scheme was + used to encode the data. + + A client may tell a server that it can understand several different encoding + schemes. In this case the server may choose any one of those and use it to + encode the response (indicating which one using the Content-Encoding header). + It's also possible for a client to attach priorities to different schemes so + that the server knows which it prefers. See sec 14.3 of RFC 2616 for more + information on the Accept-Encoding header. + +## Supported content encodings + + The 'deflate' and 'gzip' content encoding are supported by libcurl. Both + regular and chunked transfers work fine. The zlib library is required for + this feature. + +## The libcurl interface + + To cause libcurl to request a content encoding use: + + [`curl_easy_setopt`][1](curl, [`CURLOPT_ACCEPT_ENCODING`][5], string) + + where string is the intended value of the Accept-Encoding header. + + Currently, libcurl only understands how to process responses that use the + "deflate" or "gzip" Content-Encoding, so the only values for + [`CURLOPT_ACCEPT_ENCODING`][5] that will work (besides "identity," which does + nothing) are "deflate" and "gzip" If a response is encoded using the + "compress" or methods, libcurl will return an error indicating that the + response could not be decoded. If is NULL no Accept-Encoding header + is generated. If is a zero-length string, then an Accept-Encoding + header containing all supported encodings will be generated. + + The [`CURLOPT_ACCEPT_ENCODING`][5] must be set to any non-NULL value for + content to be automatically decoded. If it is not set and the server still + sends encoded content (despite not having been asked), the data is returned + in its raw form and the Content-Encoding type is not checked. + +## The curl interface + + Use the [--compressed][6] option with curl to cause it to ask servers to + compress responses using any format supported by curl. + + +hostip.c explained +================== + + The main compile-time defines to keep in mind when reading the host*.c source + file are these: + +## `CURLRES_IPV6` + + this host has getaddrinfo() and family, and thus we use that. The host may + not be able to resolve IPv6, but we don't really have to take that into + account. Hosts that aren't IPv6-enabled have CURLRES_IPV4 defined. + +## `CURLRES_ARES` + + is defined if libcurl is built to use c-ares for asynchronous name + resolves. This can be Windows or *nix. + +## `CURLRES_THREADED` + + is defined if libcurl is built to use threading for asynchronous name + resolves. The name resolve will be done in a new thread, and the supported + asynch API will be the same as for ares-builds. This is the default under + (native) Windows. + + If any of the two previous are defined, `CURLRES_ASYNCH` is defined too. If + libcurl is not built to use an asynchronous resolver, `CURLRES_SYNCH` is + defined. + +## host*.c sources + + The host*.c sources files are split up like this: + + - hostip.c - method-independent resolver functions and utility functions + - hostasyn.c - functions for asynchronous name resolves + - hostsyn.c - functions for synchronous name resolves + - asyn-ares.c - functions for asynchronous name resolves using c-ares + - asyn-thread.c - functions for asynchronous name resolves using threads + - hostip4.c - IPv4 specific functions + - hostip6.c - IPv6 specific functions + + The hostip.h is the single united header file for all this. It defines the + `CURLRES_*` defines based on the config*.h and curl_setup.h defines. + + +Track Down Memory Leaks +======================= + +## Single-threaded + + Please note that this memory leak system is not adjusted to work in more + than one thread. If you want/need to use it in a multi-threaded app. Please + adjust accordingly. + + +## Build + + Rebuild libcurl with -DCURLDEBUG (usually, rerunning configure with + --enable-debug fixes this). 'make clean' first, then 'make' so that all + files actually are rebuilt properly. It will also make sense to build + libcurl with the debug option (usually -g to the compiler) so that debugging + it will be easier if you actually do find a leak in the library. + + This will create a library that has memory debugging enabled. + +## Modify Your Application + + Add a line in your application code: + + `curl_memdebug("dump");` + + This will make the malloc debug system output a full trace of all resource + using functions to the given file name. Make sure you rebuild your program + and that you link with the same libcurl you built for this purpose as + described above. + +## Run Your Application + + Run your program as usual. Watch the specified memory trace file grow. + + Make your program exit and use the proper libcurl cleanup functions etc. So + that all non-leaks are returned/freed properly. + +## Analyze the Flow + + Use the tests/memanalyze.pl perl script to analyze the dump file: + + tests/memanalyze.pl dump + + This now outputs a report on what resources that were allocated but never + freed etc. This report is very fine for posting to the list! + + If this doesn't produce any output, no leak was detected in libcurl. Then + the leak is mostly likely to be in your code. + + +`multi_socket` +============== + + Implementation of the `curl_multi_socket` API + + The main ideas of this API are simply: + + 1 - The application can use whatever event system it likes as it gets info + from libcurl about what file descriptors libcurl waits for what action + on. (The previous API returns `fd_sets` which is very select()-centric). + + 2 - When the application discovers action on a single socket, it calls + libcurl and informs that there was action on this particular socket and + libcurl can then act on that socket/transfer only and not care about + any other transfers. (The previous API always had to scan through all + the existing transfers.) + + The idea is that [`curl_multi_socket_action()`][7] calls a given callback + with information about what socket to wait for what action on, and the + callback only gets called if the status of that socket has changed. + + We also added a timer callback that makes libcurl call the application when + the timeout value changes, and you set that with [`curl_multi_setopt()`][9] + and the [`CURLMOPT_TIMERFUNCTION`][10] option. To get this to work, + Internally, there's an added a struct to each easy handle in which we store + an "expire time" (if any). The structs are then "splay sorted" so that we + can add and remove times from the linked list and yet somewhat swiftly + figure out both how long time there is until the next nearest timer expires + and which timer (handle) we should take care of now. Of course, the upside + of all this is that we get a [`curl_multi_timeout()`][8] that should also + work with old-style applications that use [`curl_multi_perform()`][11]. + + We created an internal "socket to easy handles" hash table that given + a socket (file descriptor) return the easy handle that waits for action on + that socket. This hash is made using the already existing hash code + (previously only used for the DNS cache). + + To make libcurl able to report plain sockets in the socket callback, we had + to re-organize the internals of the [`curl_multi_fdset()`][12] etc so that + the conversion from sockets to `fd_sets` for that function is only done in + the last step before the data is returned. I also had to extend c-ares to + get a function that can return plain sockets, as that library too returned + only `fd_sets` and that is no longer good enough. The changes done to c-ares + are available in c-ares 1.3.1 and later. + + +Structs in libcurl +================== + +This section should cover 7.32.0 pretty accurately, but will make sense even +for older and later versions as things don't change drastically that often. + +## Curl_easy + + The Curl_easy struct is the one returned to the outside in the external API + as a "CURL *". This is usually known as an easy handle in API documentations + and examples. + + Information and state that is related to the actual connection is in the + 'connectdata' struct. When a transfer is about to be made, libcurl will + either create a new connection or re-use an existing one. The particular + connectdata that is used by this handle is pointed out by + Curl_easy->easy_conn. + + Data and information that regard this particular single transfer is put in + the SingleRequest sub-struct. + + When the Curl_easy struct is added to a multi handle, as it must be in order + to do any transfer, the ->multi member will point to the `Curl_multi` struct + it belongs to. The ->prev and ->next members will then be used by the multi + code to keep a linked list of Curl_easy structs that are added to that same + multi handle. libcurl always uses multi so ->multi *will* point to a + `Curl_multi` when a transfer is in progress. + + ->mstate is the multi state of this particular Curl_easy. When + `multi_runsingle()` is called, it will act on this handle according to which + state it is in. The mstate is also what tells which sockets to return for a + specific Curl_easy when [`curl_multi_fdset()`][12] is called etc. + + The libcurl source code generally use the name 'data' for the variable that + points to the Curl_easy. + + When doing multiplexed HTTP/2 transfers, each Curl_easy is associated with + an individual stream, sharing the same connectdata struct. Multiplexing + makes it even more important to keep things associated with the right thing! + +## connectdata + + A general idea in libcurl is to keep connections around in a connection + "cache" after they have been used in case they will be used again and then + re-use an existing one instead of creating a new as it creates a significant + performance boost. + + Each 'connectdata' identifies a single physical connection to a server. If + the connection can't be kept alive, the connection will be closed after use + and then this struct can be removed from the cache and freed. + + Thus, the same Curl_easy can be used multiple times and each time select + another connectdata struct to use for the connection. Keep this in mind, as + it is then important to consider if options or choices are based on the + connection or the Curl_easy. + + Functions in libcurl will assume that connectdata->data points to the + Curl_easy that uses this connection (for the moment). + + As a special complexity, some protocols supported by libcurl require a + special disconnect procedure that is more than just shutting down the + socket. It can involve sending one or more commands to the server before + doing so. Since connections are kept in the connection cache after use, the + original Curl_easy may no longer be around when the time comes to shut down + a particular connection. For this purpose, libcurl holds a special dummy + `closure_handle` Curl_easy in the `Curl_multi` struct to use when needed. + + FTP uses two TCP connections for a typical transfer but it keeps both in + this single struct and thus can be considered a single connection for most + internal concerns. + + The libcurl source code generally use the name 'conn' for the variable that + points to the connectdata. + +## Curl_multi + + Internally, the easy interface is implemented as a wrapper around multi + interface functions. This makes everything multi interface. + + `Curl_multi` is the multi handle struct exposed as "CURLM *" in external APIs. + + This struct holds a list of Curl_easy structs that have been added to this + handle with [`curl_multi_add_handle()`][13]. The start of the list is + ->easyp and ->num_easy is a counter of added Curl_easys. + + ->msglist is a linked list of messages to send back when + [`curl_multi_info_read()`][14] is called. Basically a node is added to that + list when an individual Curl_easy's transfer has completed. + + ->hostcache points to the name cache. It is a hash table for looking up name + to IP. The nodes have a limited life time in there and this cache is meant + to reduce the time for when the same name is wanted within a short period of + time. + + ->timetree points to a tree of Curl_easys, sorted by the remaining time + until it should be checked - normally some sort of timeout. Each Curl_easy + has one node in the tree. + + ->sockhash is a hash table to allow fast lookups of socket descriptor to + which Curl_easy that uses that descriptor. This is necessary for the + `multi_socket` API. + + ->conn_cache points to the connection cache. It keeps track of all + connections that are kept after use. The cache has a maximum size. + + ->closure_handle is described in the 'connectdata' section. + + The libcurl source code generally use the name 'multi' for the variable that + points to the Curl_multi struct. + +## Curl_handler + + Each unique protocol that is supported by libcurl needs to provide at least + one `Curl_handler` struct. It defines what the protocol is called and what + functions the main code should call to deal with protocol specific issues. + In general, there's a source file named [protocol].c in which there's a + "struct `Curl_handler` `Curl_handler_[protocol]`" declared. In url.c there's + then the main array with all individual `Curl_handler` structs pointed to + from a single array which is scanned through when a URL is given to libcurl + to work with. + + ->scheme is the URL scheme name, usually spelled out in uppercase. That's + "HTTP" or "FTP" etc. SSL versions of the protcol need its own `Curl_handler` + setup so HTTPS separate from HTTP. + + ->setup_connection is called to allow the protocol code to allocate protocol + specific data that then gets associated with that Curl_easy for the rest of + this transfer. It gets freed again at the end of the transfer. It will be + called before the 'connectdata' for the transfer has been selected/created. + Most protocols will allocate its private 'struct [PROTOCOL]' here and assign + Curl_easy->req.protop to point to it. + + ->connect_it allows a protocol to do some specific actions after the TCP + connect is done, that can still be considered part of the connection phase. + + Some protocols will alter the connectdata->recv[] and connectdata->send[] + function pointers in this function. + + ->connecting is similarly a function that keeps getting called as long as the + protocol considers itself still in the connecting phase. + + ->do_it is the function called to issue the transfer request. What we call + the DO action internally. If the DO is not enough and things need to be kept + getting done for the entire DO sequence to complete, ->doing is then usually + also provided. Each protocol that needs to do multiple commands or similar + for do/doing need to implement their own state machines (see SCP, SFTP, + FTP). Some protocols (only FTP and only due to historical reasons) has a + separate piece of the DO state called `DO_MORE`. + + ->doing keeps getting called while issuing the transfer request command(s) + + ->done gets called when the transfer is complete and DONE. That's after the + main data has been transferred. + + ->do_more gets called during the `DO_MORE` state. The FTP protocol uses this + state when setting up the second connection. + + ->`proto_getsock` + ->`doing_getsock` + ->`domore_getsock` + ->`perform_getsock` + Functions that return socket information. Which socket(s) to wait for which + action(s) during the particular multi state. + + ->disconnect is called immediately before the TCP connection is shutdown. + + ->readwrite gets called during transfer to allow the protocol to do extra + reads/writes + + ->defport is the default report TCP or UDP port this protocol uses + + ->protocol is one or more bits in the `CURLPROTO_*` set. The SSL versions + have their "base" protocol set and then the SSL variation. Like + "HTTP|HTTPS". + + ->flags is a bitmask with additional information about the protocol that will + make it get treated differently by the generic engine: + + - `PROTOPT_SSL` - will make it connect and negotiate SSL + + - `PROTOPT_DUAL` - this protocol uses two connections + + - `PROTOPT_CLOSEACTION` - this protocol has actions to do before closing the + connection. This flag is no longer used by code, yet still set for a bunch + protocol handlers. + + - `PROTOPT_DIRLOCK` - "direction lock". The SSH protocols set this bit to + limit which "direction" of socket actions that the main engine will + concern itself about. + + - `PROTOPT_NONETWORK` - a protocol that doesn't use network (read file:) + + - `PROTOPT_NEEDSPWD` - this protocol needs a password and will use a default + one unless one is provided + + - `PROTOPT_NOURLQUERY` - this protocol can't handle a query part on the URL + (?foo=bar) + +## conncache + + Is a hash table with connections for later re-use. Each Curl_easy has a + pointer to its connection cache. Each multi handle sets up a connection + cache that all added Curl_easys share by default. + +## Curl_share + + The libcurl share API allocates a `Curl_share` struct, exposed to the + external API as "CURLSH *". + + The idea is that the struct can have a set of own versions of caches and + pools and then by providing this struct in the `CURLOPT_SHARE` option, those + specific Curl_easys will use the caches/pools that this share handle + holds. + + Then individual Curl_easy structs can be made to share specific things + that they otherwise wouldn't, such as cookies. + + The `Curl_share` struct can currently hold cookies, DNS cache and the SSL + session cache. + +## CookieInfo + + This is the main cookie struct. It holds all known cookies and related + information. Each Curl_easy has its own private CookieInfo even when + they are added to a multi handle. They can be made to share cookies by using + the share API. + + +[1]: https://curl.haxx.se/libcurl/c/curl_easy_setopt.html +[2]: https://curl.haxx.se/libcurl/c/curl_easy_init.html +[3]: http://c-ares.haxx.se/ +[4]: https://tools.ietf.org/html/rfc7230 "RFC 7230" +[5]: https://curl.haxx.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html +[6]: https://curl.haxx.se/docs/manpage.html#--compressed +[7]: https://curl.haxx.se/libcurl/c/curl_multi_socket_action.html +[8]: https://curl.haxx.se/libcurl/c/curl_multi_timeout.html +[9]: https://curl.haxx.se/libcurl/c/curl_multi_setopt.html +[10]: https://curl.haxx.se/libcurl/c/CURLMOPT_TIMERFUNCTION.html +[11]: https://curl.haxx.se/libcurl/c/curl_multi_perform.html +[12]: https://curl.haxx.se/libcurl/c/curl_multi_fdset.html +[13]: https://curl.haxx.se/libcurl/c/curl_multi_add_handle.html +[14]: https://curl.haxx.se/libcurl/c/curl_multi_info_read.html diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index a694ced05..5230ecbbc 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -1,259 +1,586 @@ -These are problems known to exist at the time of this release. Feel free to -join in and help us correct one or more of these! Also be sure to check the -changelog of the current development status, as one or more of these problems -may have been fixed since this was written! - -93. It is not possible to pass a 64-bit value using CURLFORM_CONTENTLEN with - CURLFORM_ARRAY, when compiled on 32-bit platforms that support 64-bit - integers. This is because the underlying structure 'curl_forms' uses a dual - purpose char* for storing these values in via casting. For more information - see the now closed related issue: - https://github.com/curl/curl/issues/608 - -92. curl tool 7.47.1 in Windows will not --output to literal paths \\?\ or to - reserved dos device names unless the device prefix \\.\ is used. To send - output to a device that has a reserved dos device name you can use the - Windows device prefix (eg: --output \\.\NUL). You can also use the - redirection operator to send output to a literal path or a reserved device - name (eg: > NUL). - The next release of curl will support --output in Windows to literal paths - and to reserved device names without the device prefix. - https://github.com/curl/curl/commit/c3aac48 - https://github.com/curl/curl/commit/4fc80f3 - -91. "curl_easy_perform hangs with imap and PolarSSL" - https://github.com/curl/curl/issues/334 - -90. IMAP "SEARCH ALL" truncates output on large boxes. "A quick search of the - code reveals that pingpong.c contains some truncation code, at line 408, - when it deems the server response to be too large truncating it to 40 - characters" - https://curl.haxx.se/bug/view.cgi?id=1366 - -89. Disabling HTTP Pipelining when there are ongoing transfers can lead to - heap corruption and crash. https://curl.haxx.se/bug/view.cgi?id=1411 - -88. libcurl doesn't support CURLINFO_FILETIME for SFTP transfers and thus - curl's -R option also doesn't work then. - -87. -J/--remote-header-name doesn't decode %-encoded file names. RFC6266 - details how it should be done. The can of worm is basically that we have no - charset handling in curl and ascii >=128 is a challenge for us. Not to - mention that decoding also means that we need to check for nastiness that is - attempted, like "../" sequences and the like. Probably everything to the left - of any embedded slashes should be cut off. - https://curl.haxx.se/bug/view.cgi?id=1294 - -86. The disconnect commands (LOGOUT and QUIT) may not be sent by IMAP, POP3 - and SMTP if a failure occurs during the authentication phase of a - connection. - -85. Wrong STARTTRANSFER timer accounting for POST requests - Timer works fine with GET requests, but while using POST the time for - CURLINFO_STARTTRANSFER_TIME is wrong. While using POST - CURLINFO_STARTTRANSFER_TIME minus CURLINFO_PRETRANSFER_TIME is near to zero - every time. - https://github.com/curl/curl/issues/218 - https://curl.haxx.se/bug/view.cgi?id=1213 - -84. CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS - backends, so relying on this information in a generic app is flaky. - -82. When building with the Windows Borland compiler, it fails because the - "tlib" tool doesn't support hyphens (minus signs) in file names and we have - such in the build. - https://curl.haxx.se/bug/view.cgi?id=1222 - -81. When using -J (with -O), automatically resumed downloading together with - "-C -" fails. Without -J the same command line works! This happens because - the resume logic is worked out before the target file name (and thus its - pre-transfer size) has been figured out! - https://curl.haxx.se/bug/view.cgi?id=1169 - -80. Curl doesn't recognize certificates in DER format in keychain, but it - works with PEM. - https://curl.haxx.se/bug/view.cgi?id=1065 - -79. SMTP. When sending data to multiple recipients, curl will abort and return - failure if one of the recipients indicate failure (on the "RCPT TO" - command). Ordinary mail programs would proceed and still send to the ones - that can receive data. This is subject for change in the future. - https://curl.haxx.se/bug/view.cgi?id=1116 - -75. NTLM authentication involving unicode user name or password only works - properly if built with UNICODE defined together with the WinSSL/schannel - backend. The original problem was mentioned in: - https://curl.haxx.se/mail/lib-2009-10/0024.html - https://curl.haxx.se/bug/view.cgi?id=896 - - The WinSSL/schannel version verified to work as mentioned in - https://curl.haxx.se/mail/lib-2012-07/0073.html - -73. if a connection is made to a FTP server but the server then just never - sends the 220 response or otherwise is dead slow, libcurl will not - acknowledge the connection timeout during that phase but only the "real" - timeout - which may surprise users as it is probably considered to be the - connect phase to most people. Brought up (and is being misunderstood) in: - https://curl.haxx.se/bug/view.cgi?id=856 - -72. "Pausing pipeline problems." - https://curl.haxx.se/mail/lib-2009-07/0214.html - -70. Problem re-using easy handle after call to curl_multi_remove_handle - https://curl.haxx.se/mail/lib-2009-07/0249.html - -68. "More questions about ares behavior". - https://curl.haxx.se/mail/lib-2009-08/0012.html - -67. When creating multipart formposts. The file name part can be encoded with - something beyond ascii but currently libcurl will only pass in the verbatim - string the app provides. There are several browsers that already do this - encoding. The key seems to be the updated draft to RFC2231: - https://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02 - -66. When using telnet, the time limitation options don't work. - https://curl.haxx.se/bug/view.cgi?id=846 - -65. When doing FTP over a socks proxy or CONNECT through HTTP proxy and the - multi interface is used, libcurl will fail if the (passive) TCP connection - for the data transfer isn't more or less instant as the code does not - properly wait for the connect to be confirmed. See test case 564 for a first - shot at a test case. - -63. When CURLOPT_CONNECT_ONLY is used, the handle cannot reliably be re-used - for any further requests or transfers. The work-around is then to close that - handle with curl_easy_cleanup() and create a new. Some more details: - https://curl.haxx.se/mail/lib-2009-04/0300.html - -61. If an upload using Expect: 100-continue receives an HTTP 417 response, - it ought to be automatically resent without the Expect:. A workaround is - for the client application to redo the transfer after disabling Expect:. - https://curl.haxx.se/mail/archive-2008-02/0043.html - -60. libcurl closes the connection if an HTTP 401 reply is received while it - is waiting for the the 100-continue response. - https://curl.haxx.se/mail/lib-2008-08/0462.html - -58. It seems sensible to be able to use CURLOPT_NOBODY and - CURLOPT_FAILONERROR with FTP to detect if a file exists or not, but it is - not working: https://curl.haxx.se/mail/lib-2008-07/0295.html - -56. When libcurl sends CURLOPT_POSTQUOTE commands when connected to a SFTP - server using the multi interface, the commands are not being sent correctly - and instead the connection is "cancelled" (the operation is considered done) - prematurely. There is a half-baked (busy-looping) patch provided in the bug - report but it cannot be accepted as-is. See - https://curl.haxx.se/bug/view.cgi?id=748 - -55. libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's - library header files exporting symbols/macros that should be kept private - to the KfW library. See ticket #5601 at http://krbdev.mit.edu/rt/ - -52. Gautam Kachroo's issue that identifies a problem with the multi interface - where a connection can be re-used without actually being properly - SSL-negotiated: - https://curl.haxx.se/mail/lib-2008-01/0277.html - -49. If using --retry and the transfer timeouts (possibly due to using -m or - -y/-Y) the next attempt doesn't resume the transfer properly from what was - downloaded in the previous attempt but will truncate and restart at the - original position where it was at before the previous failed attempt. See - https://curl.haxx.se/mail/lib-2008-01/0080.html and Mandriva bug report - https://qa.mandriva.com/show_bug.cgi?id=22565 - -48. If a CONNECT response-headers are larger than BUFSIZE (16KB) when the - connection is meant to be kept alive (like for NTLM proxy auth), the - function will return prematurely and will confuse the rest of the HTTP - protocol code. This should be very rare. - -43. There seems to be a problem when connecting to the Microsoft telnet server. - https://curl.haxx.se/bug/view.cgi?id=649 - -41. When doing an operation over FTP that requires the ACCT command (but not - when logging in), the operation will fail since libcurl doesn't detect this - and thus fails to issue the correct command: - https://curl.haxx.se/bug/view.cgi?id=635 - -39. Steffen Rumler's Race Condition in Curl_proxyCONNECT: - https://curl.haxx.se/mail/lib-2007-01/0045.html - -38. Kumar Swamy Bhatt's problem in ftp/ssl "LIST" operation: - https://curl.haxx.se/mail/lib-2007-01/0103.html - -35. Both SOCKS5 and SOCKS4 proxy connections are done blocking, which is very - bad when used with the multi interface. - -34. The SOCKS4 connection codes don't properly acknowledge (connect) timeouts. - Also see #12. According to bug #1556528, even the SOCKS5 connect code does - not do it right: https://curl.haxx.se/bug/view.cgi?id=604 - -31. "curl-config --libs" will include details set in LDFLAGS when configure is - run that might be needed only for building libcurl. Further, curl-config - --cflags suffers from the same effects with CFLAGS/CPPFLAGS. - -26. NTLM authentication using SSPI (on Windows) when (lib)curl is running in - "system context" will make it use wrong(?) user name - at least when compared - to what winhttp does. See https://curl.haxx.se/bug/view.cgi?id=535 - -23. SOCKS-related problems: - B) libcurl doesn't support FTPS over a SOCKS proxy. - E) libcurl doesn't support active FTP over a SOCKS proxy - - We probably have even more bugs and lack of features when a SOCKS proxy is - used. - -21. FTP ASCII transfers do not follow RFC959. They don't convert the data - accordingly (not for sending nor for receiving). RFC 959 section 3.1.1.1 - clearly describes how this should be done: - - The sender converts the data from an internal character representation to - the standard 8-bit NVT-ASCII representation (see the Telnet - specification). The receiver will convert the data from the standard - form to his own internal form. - - Since 7.15.4 at least line endings are converted. - -16. FTP URLs passed to curl may contain NUL (0x00) in the RFC 1738 , - , and components, encoded as "%00". The problem is that - curl_unescape does not detect this, but instead returns a shortened C - string. From a strict FTP protocol standpoint, NUL is a valid character - within RFC 959 , so the way to handle this correctly in curl would - be to use a data structure other than a plain C string, one that can handle - embedded NUL characters. From a practical standpoint, most FTP servers - would not meaningfully support NUL characters within RFC 959 , - anyway (e.g., Unix pathnames may not contain NUL). - -14. Test case 165 might fail on a system which has libidn present, but with an - old iconv version (2.1.3 is a known bad version), since it doesn't recognize - the charset when named ISO8859-1. Changing the name to ISO-8859-1 makes the - test pass, but instead makes it fail on Solaris hosts that use its native - iconv. - -13. curl version 7.12.2 fails on AIX if compiled with --enable-ares. - The workaround is to combine --enable-ares with --disable-shared - -12. When connecting to a SOCKS proxy, the (connect) timeout is not properly - acknowledged after the actual TCP connect (during the SOCKS "negotiate" - phase). - -10. To get HTTP Negotiate (SPNEGO) authentication to work fine, you need to - provide a (fake) user name (this concerns both curl and the lib) because the - code wrongly only considers authentication if there's a user name provided. - https://curl.haxx.se/bug/view.cgi?id=440 How? - https://curl.haxx.se/mail/lib-2004-08/0182.html - -8. Doing resumed upload over HTTP does not work with '-C -', because curl - doesn't do a HEAD first to get the initial size. This needs to be done - manually for HTTP PUT resume to work, and then '-C [index]'. - -6. libcurl ignores empty path parts in FTP URLs, whereas RFC1738 states that - such parts should be sent to the server as 'CWD ' (without an argument). - The only exception to this rule, is that we knowingly break this if the - empty part is first in the path, as then we use the double slashes to - indicate that the user wants to reach the root dir (this exception SHALL - remain even when this bug is fixed). - -5. libcurl doesn't treat the content-length of compressed data properly, as - it seems HTTP servers send the *uncompressed* length in that header and - libcurl thinks of it as the *compressed* length. Some explanations are here: - https://curl.haxx.se/mail/lib-2003-06/0146.html + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + + Known Bugs + +These are problems and bugs known to exist at the time of this release. Feel +free to join in and help us correct one or more of these! Also be sure to +check the changelog of the current development status, as one or more of these +problems may have been fixed or changed somewhat since this was written! + + 1. HTTP + 1.1 CURLFORM_CONTENTLEN in an array + 1.2 Disabling HTTP Pipelining + 1.3 STARTTRANSFER time is wrong for HTTP POSTs + 1.4 multipart formposts file name encoding + 1.5 Expect-100 meets 417 + 1.6 Unnecessary close when 401 received waiting for 100 + 1.7 CONNECT response larger than 16KB + 1.8 DNS timing is wrong for HTTP redirects + 1.9 HTTP/2 frames while in the connection pool kill reuse + 1.10 Strips trailing dot from host name + 1.11 transfer-encoding: chunked in HTTP/2 + 1.12 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM + + 2. TLS + 2.1 Hangs with PolarSSL + 2.2 CURLINFO_SSL_VERIFYRESULT has limited support + 2.3 DER in keychain + 2.4 GnuTLS backend skips really long certificate fields + + 3. Email protocols + 3.1 IMAP SEARCH ALL truncated response + 3.2 No disconnect command + 3.3 SMTP to multiple recipients + 3.4 POP3 expects "CRLF.CRLF" eob for some single-line responses + + 4. Command line + 4.1 -J with %-encoded file nameas + 4.2 -J with -C - fails + 4.3 --retry and transfer timeouts + + 5. Build and portability issues + 5.1 Windows Borland compiler + 5.2 curl-config --libs contains private details + 5.3 libidn and old iconv + 5.4 AIX shared build with c-ares fails + 5.5 can't handle Unicode arguments in Windows + 5.6 cmake support gaps + 5.7 Visual Studio project gaps + + 6. Authentication + 6.1 NTLM authentication and unicode + 6.2 MIT Kerberos for Windows build + 6.3 NTLM in system context uses wrong name + 6.4 Negotiate and Kerberos V5 need a fake user name + + 7. FTP + 7.1 FTP without or slow 220 response + 7.2 FTP with CONNECT and slow server + 7.3 FTP with NOBODY and FAILONERROR + 7.4 FTP with ACCT + 7.5 ASCII FTP + 7.6 FTP with NULs in URL parts + 7.7 FTP and empty path parts in the URL + 7.8 Premature transfer end but healthy control channel + + 8. TELNET + 8.1 TELNET and time limtiations don't work + 8.2 Microsoft telnet server + + 9. SFTP and SCP + 9.1 SFTP doesn't do CURLOPT_POSTQUOTE correct + + 10. SOCKS + 10.1 SOCKS proxy connections are done blocking + 10.2 SOCKS don't support timeouts + 10.3 FTPS over SOCKS + 10.4 active FTP over a SOCKS + + 11. Internals + 11.1 Curl leaks .onion hostnames in DNS + 11.2 error buffer not set if connection to multiple addresses fails + + 12. LDAP and OpenLDAP + 12.1 OpenLDAP hangs after returning results + + 13 TCP/IP + 13.1 --interface for ipv6 binds to unusable IP address + + +============================================================================== + +1. HTTP + +1.1 CURLFORM_CONTENTLEN in an array + + It is not possible to pass a 64-bit value using CURLFORM_CONTENTLEN with + CURLFORM_ARRAY, when compiled on 32-bit platforms that support 64-bit + integers. This is because the underlying structure 'curl_forms' uses a dual + purpose char* for storing these values in via casting. For more information + see the now closed related issue: + https://github.com/curl/curl/issues/608 + +1.2 Disabling HTTP Pipelining + + Disabling HTTP Pipelining when there are ongoing transfers can lead to + heap corruption and crash. https://curl.haxx.se/bug/view.cgi?id=1411 + +1.3 STARTTRANSFER time is wrong for HTTP POSTs + + Wrong STARTTRANSFER timer accounting for POST requests Timer works fine with + GET requests, but while using POST the time for CURLINFO_STARTTRANSFER_TIME + is wrong. While using POST CURLINFO_STARTTRANSFER_TIME minus + CURLINFO_PRETRANSFER_TIME is near to zero every time. + + https://github.com/curl/curl/issues/218 + https://curl.haxx.se/bug/view.cgi?id=1213 + +1.4 multipart formposts file name encoding + + When creating multipart formposts. The file name part can be encoded with + something beyond ascii but currently libcurl will only pass in the verbatim + string the app provides. There are several browsers that already do this + encoding. The key seems to be the updated draft to RFC2231: + https://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02 + +1.5 Expect-100 meets 417 + + If an upload using Expect: 100-continue receives an HTTP 417 response, it + ought to be automatically resent without the Expect:. A workaround is for + the client application to redo the transfer after disabling Expect:. + https://curl.haxx.se/mail/archive-2008-02/0043.html + +1.6 Unnecessary close when 401 received waiting for 100 + + libcurl closes the connection if an HTTP 401 reply is received while it is + waiting for the the 100-continue response. + https://curl.haxx.se/mail/lib-2008-08/0462.html + +1.7 CONNECT response larger than 16KB + + If a CONNECT response-headers are larger than BUFSIZE (16KB) when the + connection is meant to be kept alive (like for NTLM proxy auth), the function + will return prematurely and will confuse the rest of the HTTP protocol + code. This should be very rare. + +1.8 DNS timing is wrong for HTTP redirects + + When extracting timing information after HTTP redirects, only the last + transfer's results are returned and not the totals: + https://github.com/curl/curl/issues/522 + +1.9 HTTP/2 frames while in the connection pool kill reuse + + If the server sends HTTP/2 frames (like for example an HTTP/2 PING frame) to + curl while the connection is held in curl's connection pool, the socket will + be found readable when considered for reuse and that makes curl think it is + dead and then it will be closed and a new connection gets created instead. + + This is *best* fixed by adding monitoring to connections while they are kept + in the pool so that pings can be responded to appropriately. + +1.10 Strips trailing dot from host name + + When given a URL wit a trailing dot for the host name part: + "https://example.com./", libcurl will strip off the dot and use the name + without a dot internally and send it dot-less in HTTP Host: headers and in + the TLS SNI field. + + The HTTP part violates RFC 7230 section 5.4 but the SNI part is accordance + with RFC 6066 section 3. + + URLs using these trailing dots are very rare in the wild and we have not seen + or gotten any real-world problems with such URLs reported. The popular + browsers seem to have stayed with not stripping the dot for both uses (thus + they violate RFC 6066 instead of RFC 7230). + + Daniel took the discussion to the HTTPbis mailing list in March 2016: + https://lists.w3.org/Archives/Public/ietf-http-wg/2016JanMar/0430.html but + there was not major rush or interest to fix this. The impression I get is + that most HTTP people rather not rock the boat now and instead prioritize web + compatibility rather than to strictly adhere to these RFCs. + + Our current approach allows a knowing client to send a custom HTTP header + with the dot added. + + It can also be noted that while adding a trailing dot to the host name in + most (all?) cases will make the name resolve to the same set of IP addresses, + many HTTP servers will not happily accept the trailing dot there unless that + has been specificly configured to be a fine virtual host. + + If URLs with trailing dots for host names become more popular or even just + used more than for just plain fun experiments, I'm sure we will have reason + to go back and reconsider. + + See https://github.com/curl/curl/issues/716 for the discussion. + +1.11 transfer-encoding: chunked in HTTP/2 + + For HTTP/1, when -H transfer-encoding:chunked option is given, curl encodes + the request using chunked encoding. But when HTTP/2 is being used, the + command wrongly sends a request with both content-length and + transfer-encoding: chunked headers being set (and the request body is not + chunked-encoded). See https://github.com/curl/curl/issues/662 + +1.12 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM + + I'm using libcurl to POST form data using a FILE* with the CURLFORM_STREAM + option of curl_formadd(). I've noticed that if the connection drops at just + the right time, the POST is reattempted without the data from the file. It + seems like the file stream position isn't getting reset to the beginning of + the file. I found the CURLOPT_SEEKFUNCTION option and set that with a + function that performs an fseek() on the FILE*. However, setting that didn't + seem to fix the issue or even get called. See + https://github.com/curl/curl/issues/768 + + +2. TLS + +2.1 Hangs with PolarSSL + + "curl_easy_perform hangs with imap and PolarSSL" + https://github.com/curl/curl/issues/334 + + Most likely, a fix similar to commit c111178bd4 (for mbedTLS) is + necessary. Or if we just wait a little longer we'll rip out all support for + PolarSSL instead... + +2.2 CURLINFO_SSL_VERIFYRESULT has limited support + + CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS + backends, so relying on this information in a generic app is flaky. + +2.3 DER in keychain + + Curl doesn't recognize certificates in DER format in keychain, but it works + with PEM. https://curl.haxx.se/bug/view.cgi?id=1065 + +2.4 GnuTLS backend skips really long certificate fields + + libcurl calls gnutls_x509_crt_get_dn() with a fixed buffer size and if the + field is too long in the cert, it'll just return an error and the field will + be displayed blank. + + +3. Email protocols + +3.1 IMAP SEARCH ALL truncated response + + IMAP "SEARCH ALL" truncates output on large boxes. "A quick search of the + code reveals that pingpong.c contains some truncation code, at line 408, when + it deems the server response to be too large truncating it to 40 characters" + https://curl.haxx.se/bug/view.cgi?id=1366 + +3.2 No disconnect command + + The disconnect commands (LOGOUT and QUIT) may not be sent by IMAP, POP3 and + SMTP if a failure occurs during the authentication phase of a connection. + +3.3 SMTP to multiple recipients + + When sending data to multiple recipients, curl will abort and return failure + if one of the recipients indicate failure (on the "RCPT TO" + command). Ordinary mail programs would proceed and still send to the ones + that can receive data. This is subject for change in the future. + https://curl.haxx.se/bug/view.cgi?id=1116 + +3.4 POP3 expects "CRLF.CRLF" eob for some single-line responses + + You have to tell libcurl not to expect a body, when dealing with one line + response commands. Please see the POP3 examples and test cases which show + this for the NOOP and DELE commands. https://curl.haxx.se/bug/?i=740 + + +4. Command line + +4.1 -J with %-encoded file nameas + + -J/--remote-header-name doesn't decode %-encoded file names. RFC6266 details + how it should be done. The can of worm is basically that we have no charset + handling in curl and ascii >=128 is a challenge for us. Not to mention that + decoding also means that we need to check for nastiness that is attempted, + like "../" sequences and the like. Probably everything to the left of any + embedded slashes should be cut off. + https://curl.haxx.se/bug/view.cgi?id=1294 + +4.2 -J with -C - fails + + When using -J (with -O), automatically resumed downloading together with "-C + -" fails. Without -J the same command line works! This happens because the + resume logic is worked out before the target file name (and thus its + pre-transfer size) has been figured out! + https://curl.haxx.se/bug/view.cgi?id=1169 + +4.3 --retry and transfer timeouts + + If using --retry and the transfer timeouts (possibly due to using -m or + -y/-Y) the next attempt doesn't resume the transfer properly from what was + downloaded in the previous attempt but will truncate and restart at the + original position where it was at before the previous failed attempt. See + https://curl.haxx.se/mail/lib-2008-01/0080.html and Mandriva bug report + https://qa.mandriva.com/show_bug.cgi?id=22565 + + +5. Build and portability issues + +5.1 Windows Borland compiler + + When building with the Windows Borland compiler, it fails because the "tlib" + tool doesn't support hyphens (minus signs) in file names and we have such in + the build. https://curl.haxx.se/bug/view.cgi?id=1222 + +5.2 curl-config --libs contains private details + + "curl-config --libs" will include details set in LDFLAGS when configure is + run that might be needed only for building libcurl. Further, curl-config + --cflags suffers from the same effects with CFLAGS/CPPFLAGS. + +5.3 libidn and old iconv + + Test case 165 might fail on a system which has libidn present, but with an + old iconv version (2.1.3 is a known bad version), since it doesn't recognize + the charset when named ISO8859-1. Changing the name to ISO-8859-1 makes the + test pass, but instead makes it fail on Solaris hosts that use its native + iconv. + +5.4 AIX shared build with c-ares fails + + curl version 7.12.2 fails on AIX if compiled with --enable-ares. The + workaround is to combine --enable-ares with --disable-shared + +5.5 can't handle Unicode arguments in Windows + + If a URL or filename can't be encoded using the user's current codepage then + it can only be encoded properly in the Unicode character set. Windows uses + UTF-16 encoding for Unicode and stores it in wide characters, however curl + and libcurl are not equipped for that at the moment. And, except for Cygwin, + Windows can't use UTF-8 as a locale. + + https://curl.haxx.se/bug/?i=345 + https://curl.haxx.se/bug/?i=731 + +5.6 cmake support gaps + + The cmake build setup lacks several features that the autoconf build + offers. This includes: + + - symbol hiding when the shared library is built + - use of correct soname for the shared library build + - support for several TLS backends are missing + - the unit tests cause link failures in regular non-static builds + - no nghttp2 check + +5.7 Visual Studio project gaps + + The Visual Studio projects lack some features that the autoconf and nmake + builds offer, such as the following: + + - support for zlib and nghttp2 + - use of static runtime libraries + - add the test suite components + + In addition to this the following could be implemented: + + - support for other development IDEs + - add PATH environment variables for third-party DLLs + +6. Authentication + +6.1 NTLM authentication and unicode + + NTLM authentication involving unicode user name or password only works + properly if built with UNICODE defined together with the WinSSL/schannel + backend. The original problem was mentioned in: + https://curl.haxx.se/mail/lib-2009-10/0024.html + https://curl.haxx.se/bug/view.cgi?id=896 + + The WinSSL/schannel version verified to work as mentioned in + https://curl.haxx.se/mail/lib-2012-07/0073.html + +6.2 MIT Kerberos for Windows build + + libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's + library header files exporting symbols/macros that should be kept private to + the KfW library. See ticket #5601 at http://krbdev.mit.edu/rt/ + +6.3 NTLM in system context uses wrong name + + NTLM authentication using SSPI (on Windows) when (lib)curl is running in + "system context" will make it use wrong(?) user name - at least when compared + to what winhttp does. See https://curl.haxx.se/bug/view.cgi?id=535 + +6.4 Negotiate and Kerberos V5 need a fake user name + + In order to get Negotiate (SPNEGO) authentication to work in HTTP or Kerberos + V5 in the e-mail protocols, you need to provide a (fake) user name (this + concerns both curl and the lib) because the code wrongly only considers + authentication if there's a user name provided by setting + conn->bits.user_passwd in url.c https://curl.haxx.se/bug/view.cgi?id=440 How? + https://curl.haxx.se/mail/lib-2004-08/0182.html A possible solution is to + either modify this variable to be set or introduce a variable such as + new conn->bits.want_authentication which is set when any of the authentication + options are set. + + +7. FTP + +7.1 FTP without or slow 220 response + + If a connection is made to a FTP server but the server then just never sends + the 220 response or otherwise is dead slow, libcurl will not acknowledge the + connection timeout during that phase but only the "real" timeout - which may + surprise users as it is probably considered to be the connect phase to most + people. Brought up (and is being misunderstood) in: + https://curl.haxx.se/bug/view.cgi?id=856 + +7.2 FTP with CONNECT and slow server + + When doing FTP over a socks proxy or CONNECT through HTTP proxy and the multi + interface is used, libcurl will fail if the (passive) TCP connection for the + data transfer isn't more or less instant as the code does not properly wait + for the connect to be confirmed. See test case 564 for a first shot at a test + case. + +7.3 FTP with NOBODY and FAILONERROR + + It seems sensible to be able to use CURLOPT_NOBODY and CURLOPT_FAILONERROR + with FTP to detect if a file exists or not, but it is not working: + https://curl.haxx.se/mail/lib-2008-07/0295.html + +7.4 FTP with ACCT + + When doing an operation over FTP that requires the ACCT command (but not when + logging in), the operation will fail since libcurl doesn't detect this and + thus fails to issue the correct command: + https://curl.haxx.se/bug/view.cgi?id=635 + +7.5 ASCII FTP + + FTP ASCII transfers do not follow RFC959. They don't convert the data + accordingly (not for sending nor for receiving). RFC 959 section 3.1.1.1 + clearly describes how this should be done: + + The sender converts the data from an internal character representation to + the standard 8-bit NVT-ASCII representation (see the Telnet + specification). The receiver will convert the data from the standard + form to his own internal form. + + Since 7.15.4 at least line endings are converted. + +7.6 FTP with NULs in URL parts + + FTP URLs passed to curl may contain NUL (0x00) in the RFC 1738 , + , and components, encoded as "%00". The problem is that + curl_unescape does not detect this, but instead returns a shortened C string. + From a strict FTP protocol standpoint, NUL is a valid character within RFC + 959 , so the way to handle this correctly in curl would be to use a + data structure other than a plain C string, one that can handle embedded NUL + characters. From a practical standpoint, most FTP servers would not + meaningfully support NUL characters within RFC 959 , anyway (e.g., + Unix pathnames may not contain NUL). + +7.7 FTP and empty path parts in the URL + + libcurl ignores empty path parts in FTP URLs, whereas RFC1738 states that + such parts should be sent to the server as 'CWD ' (without an argument). The + only exception to this rule, is that we knowingly break this if the empty + part is first in the path, as then we use the double slashes to indicate that + the user wants to reach the root dir (this exception SHALL remain even when + this bug is fixed). + +7.8 Premature transfer end but healthy control channel + + When 'multi_done' is called before the transfer has been completed the normal + way, it is considered a "premature" transfer end. In this situation, libcurl + closes the connection assuming it doesn't know the state of the connection so + it can't be reused for subsequent requests. + + With FTP however, this isn't necessarily true but there are a bunch of + situations (listed in the ftp_done code) where it *could* keep the connection + alive even in this situation - but the current code doesn't. Fixing this would + allow libcurl to reuse FTP connections better. + +8. TELNET + +8.1 TELNET and time limtiations don't work + + When using telnet, the time limitation options don't work. + https://curl.haxx.se/bug/view.cgi?id=846 + +8.2 Microsoft telnet server + + There seems to be a problem when connecting to the Microsoft telnet server. + https://curl.haxx.se/bug/view.cgi?id=649 + + +9. SFTP and SCP + +9.1 SFTP doesn't do CURLOPT_POSTQUOTE correct + + When libcurl sends CURLOPT_POSTQUOTE commands when connected to a SFTP server + using the multi interface, the commands are not being sent correctly and + instead the connection is "cancelled" (the operation is considered done) + prematurely. There is a half-baked (busy-looping) patch provided in the bug + report but it cannot be accepted as-is. See + https://curl.haxx.se/bug/view.cgi?id=748 + + +10. SOCKS + +10.1 SOCKS proxy connections are done blocking + + Both SOCKS5 and SOCKS4 proxy connections are done blocking, which is very bad + when used with the multi interface. + +10.2 SOCKS don't support timeouts + + The SOCKS4 connection codes don't properly acknowledge (connect) timeouts. + According to bug #1556528, even the SOCKS5 connect code does not do it right: + https://curl.haxx.se/bug/view.cgi?id=604 + + When connecting to a SOCK proxy, the (connect) timeout is not properly + acknowledged after the actual TCP connect (during the SOCKS "negotiate" + phase). + +10.3 FTPS over SOCKS + + libcurl doesn't support FTPS over a SOCKS proxy. + +10.4 active FTP over a SOCKS + + libcurl doesn't support active FTP over a SOCKS proxy + + +11. Internals + +11.1 Curl leaks .onion hostnames in DNS + + Curl sends DNS requests for hostnames with a .onion TLD. This leaks + information about what the user is attempting to access, and violates this + requirement of RFC7686: https://tools.ietf.org/html/rfc7686 + + Issue: https://github.com/curl/curl/issues/543 + +11.2 error buffer not set if connection to multiple addresses fails + + If you ask libcurl to resolve a hostname like example.com to IPv6 addresses + only. But you only have IPv4 connectivity. libcurl will correctly fail with + CURLE_COULDNT_CONNECT. But the error buffer set by CURLOPT_ERRORBUFFER + remains empty. Issue: https://github.com/curl/curl/issues/544 + + +12. LDAP and OpenLDAP + +12.1 OpenLDAP hangs after returning results + + By configuration defaults, openldap automatically chase referrals on + secondary socket descriptors. The OpenLDAP backend is asynchronous and thus + should monitor all socket descriptors involved. Currently, these secondary + descriptors are not monitored, causing openldap library to never receive + data from them. + + As a temporary workaround, disable referrals chasing by configuration. + + The fix is not easy: proper automatic referrals chasing requires a + synchronous bind callback and monitoring an arbitrary number of socket + descriptors for a single easy handle (currently limited to 5). + + Generic LDAP is synchronous: OK. + + See https://github.com/curl/curl/issues/622 and + https://curl.haxx.se/mail/lib-2016-01/0101.html + + +13 TCP/IP + +13.1 --interface for ipv6 binds to unusable IP address + + Since IPv6 provides a lot of addresses with different scope, binding to an + IPv6 address needs to take the proper care so that it doesn't bind to a + locally scoped address as that is bound to fail. + + https://github.com/curl/curl/issues/686 diff --git a/docs/LICENSE-MIXING b/docs/LICENSE-MIXING deleted file mode 100644 index 68e7156d8..000000000 --- a/docs/LICENSE-MIXING +++ /dev/null @@ -1,130 +0,0 @@ - License Mixing with apps, libcurl and Third Party Libraries - =========================================================== - -libcurl can be built to use a fair amount of various third party libraries, -libraries that are written and provided by other parties that are distributed -using their own licenses. Even libcurl itself contains code that may cause -problems to some. This document attempts to describe what licenses libcurl and -the other libraries use and what possible dilemmas linking and mixing them all -can lead to for end users. - -I am not a lawyer and this is not legal advice! - -One common dilemma is that GPL[1]-licensed code is not allowed to be linked -with code licensed under the Original BSD license (with the announcement -clause). You may still build your own copies that use them all, but -distributing them as binaries would be to violate the GPL license - unless you -accompany your license with an exception[2]. This particular problem was -addressed when the Modified BSD license was created, which does not have the -announcement clause that collides with GPL. - -libcurl https://curl.haxx.se/docs/copyright.html - - Uses an MIT (or Modified BSD)-style license that is as liberal as - possible. - -OpenSSL https://www.openssl.org/source/license.html - - (May be used for SSL/TLS support) Uses an Original BSD-style license - with an announcement clause that makes it "incompatible" with GPL. You - are not allowed to ship binaries that link with OpenSSL that includes - GPL code (unless that specific GPL code includes an exception for - OpenSSL - a habit that is growing more and more common). If OpenSSL's - licensing is a problem for you, consider using another TLS library. - -GnuTLS http://www.gnutls.org/ - - (May be used for SSL/TLS support) Uses the LGPL[3] license. If this is - a problem for you, consider using another TLS library. Also note that - GnuTLS itself depends on and uses other libs (libgcrypt and - libgpg-error) and they too are LGPL- or GPL-licensed. - -WolfSSL https://www.wolfssl.com/ - - (May be used for SSL/TLS support) Uses the GPL[1] license or a - propietary license. If this is a problem for you, consider using - another TLS library. - -NSS https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS - - (May be used for SSL/TLS support) Is covered by the MPL[4] license, - the GPL[1] license and the LGPL[3] license. You may choose to license - the code under MPL terms, GPL terms, or LGPL terms. These licenses - grant you different permissions and impose different obligations. You - should select the license that best meets your needs. - -axTLS http://axtls.sourceforge.net/ - - (May be used for SSL/TLS support) Uses a Modified BSD-style license. - -mbedTLS https://tls.mbed.org/ - - (May be used for SSL/TLS support) Uses the GPL[1] license or a - propietary license. If this is a problem for you, consider using - another TLS library. - -BoringSSL https://boringssl.googlesource.com/ - - (May be used for SSL/TLS support) As an OpenSSL fork, it has the same - license as that. - -libressl http://www.libressl.org/ - - (May be used for SSL/TLS support) As an OpenSSL fork, it has the same - license as that. - -c-ares https://daniel.haxx.se/projects/c-ares/license.html - - (Used for asynchronous name resolves) Uses an MIT license that is very - liberal and imposes no restrictions on any other library or part you - may link with. - -zlib http://www.zlib.net/zlib_license.html - - (Used for compressed Transfer-Encoding support) Uses an MIT-style - license that shouldn't collide with any other library. - -MIT Kerberos http://web.mit.edu/kerberos/www/dist/ - - (May be used for GSS support) MIT licensed, that shouldn't collide - with any other parts. - -Heimdal http://www.h5l.org - - (May be used for GSS support) Heimdal is Original BSD licensed with - the announcement clause. - -GNU GSS https://www.gnu.org/software/gss/ - - (May be used for GSS support) GNU GSS is GPL licensed. Note that you - may not distribute binary curl packages that uses this if you build - curl to also link and use any Original BSD licensed libraries! - -libidn http://josefsson.org/libidn/ - - (Used for IDNA support) Uses the GNU Lesser General Public - License [3]. LGPL is a variation of GPL with slightly less aggressive - "copyleft". This license requires more requirements to be met when - distributing binaries, see the license for details. Also note that if - you distribute a binary that includes this library, you must also - include the full LGPL license text. Please properly point out what - parts of the distributed package that the license addresses. - -OpenLDAP http://www.openldap.org/software/release/license.html - - (Used for LDAP support) Uses a Modified BSD-style license. Since - libcurl uses OpenLDAP as a shared library only, I have not heard of - anyone that ships OpenLDAP linked with libcurl in an app. - -libssh2 http://www.libssh2.org/ - - (Used for scp and sftp support) libssh2 uses a Modified BSD-style - license. - -[1] = GPL - GNU General Public License: https://www.gnu.org/licenses/gpl.html -[2] = https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on - how to write such an exception to the GPL -[3] = LGPL - GNU Lesser General Public License: - https://www.gnu.org/licenses/lgpl.html -[4] = MPL - Mozilla Public License: - https://www.mozilla.org/MPL/ diff --git a/docs/LICENSE-MIXING.md b/docs/LICENSE-MIXING.md new file mode 100644 index 000000000..0bff73e6d --- /dev/null +++ b/docs/LICENSE-MIXING.md @@ -0,0 +1,124 @@ +License Mixing +============== + +libcurl can be built to use a fair amount of various third party libraries, +libraries that are written and provided by other parties that are distributed +using their own licenses. Even libcurl itself contains code that may cause +problems to some. This document attempts to describe what licenses libcurl and +the other libraries use and what possible dilemmas linking and mixing them all +can lead to for end users. + +I am not a lawyer and this is not legal advice! + +One common dilemma is that [GPL](https://www.gnu.org/licenses/gpl.html) +licensed code is not allowed to be linked with code licensed under the +[Original BSD license](https://spdx.org/licenses/BSD-4-Clause.html) (with the +announcement clause). You may still build your own copies that use them all, +but distributing them as binaries would be to violate the GPL license - unless +you accompany your license with an +[exception](https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs). This +particular problem was addressed when the [Modified BSD +license](https://opensource.org/licenses/BSD-3-Clause) was created, which does +not have the announcement clause that collides with GPL. + +## libcurl + + Uses an [MIT style license](https://curl.haxx.se/docs/copyright.html) that is + very liberal. + +## OpenSSL + + (May be used for SSL/TLS support) Uses an Original BSD-style license with an + announcement clause that makes it "incompatible" with GPL. You are not + allowed to ship binaries that link with OpenSSL that includes GPL code + (unless that specific GPL code includes an exception for OpenSSL - a habit + that is growing more and more common). If OpenSSL's licensing is a problem + for you, consider using another TLS library. + +## GnuTLS + + (May be used for SSL/TLS support) Uses the + [LGPL](https://www.gnu.org/licenses/lgpl.html) license. If this is a problem + for you, consider using another TLS library. Also note that GnuTLS itself + depends on and uses other libs (libgcrypt and libgpg-error) and they too are + LGPL- or GPL-licensed. + +## WolfSSL + + (May be used for SSL/TLS support) Uses the GPL license or a propietary + license. If this is a problem for you, consider using another TLS library. + +## NSS + + (May be used for SSL/TLS support) Is covered by the + [MPL](https://www.mozilla.org/MPL/) license, the GPL license and the LGPL + license. You may choose to license the code under MPL terms, GPL terms, or + LGPL terms. These licenses grant you different permissions and impose + different obligations. You should select the license that best meets your + needs. + +## axTLS + + (May be used for SSL/TLS support) Uses a Modified BSD-style license. + +## mbedTLS + + (May be used for SSL/TLS support) Uses the GPL license or a propietary + license. If this is a problem for you, consider using another TLS library. + +## BoringSSL + + (May be used for SSL/TLS support) As an OpenSSL fork, it has the same + license as that. + +## libressl + + (May be used for SSL/TLS support) As an OpenSSL fork, it has the same + license as that. + +## c-ares + + (Used for asynchronous name resolves) Uses an MIT license that is very + liberal and imposes no restrictions on any other library or part you may link + with. + +## zlib + + (Used for compressed Transfer-Encoding support) Uses an MIT-style license + that shouldn't collide with any other library. + +## MIT Kerberos + + (May be used for GSS support) MIT licensed, that shouldn't collide with any + other parts. + +## Heimdal + + (May be used for GSS support) Heimdal is Original BSD licensed with the + announcement clause. + +## GNU GSS + + (May be used for GSS support) GNU GSS is GPL licensed. Note that you may not + distribute binary curl packages that uses this if you build curl to also link + and use any Original BSD licensed libraries! + +## libidn + + (Used for IDNA support) Uses the GNU Lesser General Public License [3]. LGPL + is a variation of GPL with slightly less aggressive "copyleft". This license + requires more requirements to be met when distributing binaries, see the + license for details. Also note that if you distribute a binary that includes + this library, you must also include the full LGPL license text. Please + properly point out what parts of the distributed package that the license + addresses. + +## OpenLDAP + + (Used for LDAP support) Uses a Modified BSD-style license. Since libcurl uses + OpenLDAP as a shared library only, I have not heard of anyone that ships + OpenLDAP linked with libcurl in an app. + +## libssh2 + + (Used for scp and sftp support) libssh2 uses a Modified BSD-style license. diff --git a/docs/MANUAL b/docs/MANUAL index 08fdb57ae..0ea3e61f4 100644 --- a/docs/MANUAL +++ b/docs/MANUAL @@ -817,12 +817,8 @@ LDAP and offer ldap:// support. LDAP is a complex thing and writing an LDAP query is not an easy task. I do - advise you to dig up the syntax description for that elsewhere. Two places - that might suit you are: - - Netscape's "Netscape Directory SDK 3.0 for C Programmer's Guide Chapter 10: - Working with LDAP URLs": - http://developer.netscape.com/docs/manuals/dirsdk/csdk30/url.htm + advise you to dig up the syntax description for that elsewhere. One such + place might be: RFC 2255, "The LDAP URL Format" https://curl.haxx.se/rfc/rfc2255.txt diff --git a/docs/Makefile.am b/docs/Makefile.am index b202a5dd8..149e0af42 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am @@ -33,14 +33,14 @@ SUBDIRS = examples libcurl CLEANFILES = $(GENHTMLPAGES) $(PDFPAGES) -EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS \ - README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \ - KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL \ - $(PDFPAGES) LICENSE-MIXING README.netware INSTALL.devcpp \ - MAIL-ETIQUETTE HTTP-COOKIES SECURITY RELEASE-PROCEDURE SSL-PROBLEMS \ - HTTP2.md ROADMAP.md CODE_OF_CONDUCT.md CODE_STYLE.md - -MAN2HTML= roffit < $< >$@ +EXTRA_DIST = MANUAL BUGS CONTRIBUTE.md FAQ FEATURES INTERNALS.md SSLCERTS.md \ + README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \ + KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY.md INSTALL \ + $(PDFPAGES) LICENSE-MIXING.md README.netware INSTALL.devcpp \ + MAIL-ETIQUETTE HTTP-COOKIES.md SECURITY.md RELEASE-PROCEDURE SSL-PROBLEMS.md \ + HTTP2.md ROADMAP.md CODE_OF_CONDUCT.md CODE_STYLE.md CHECKSRC.md + +MAN2HTML= roffit $< >$@ SUFFIXES = .1 .html .pdf diff --git a/docs/Makefile.in b/docs/Makefile.in index 8451f04d2..0e963097b 100644 --- a/docs/Makefile.in +++ b/docs/Makefile.in @@ -448,14 +448,14 @@ PDFPAGES = curl.pdf curl-config.pdf mk-ca-bundle.pdf HTMLPAGES = $(GENHTMLPAGES) index.html SUBDIRS = examples libcurl CLEANFILES = $(GENHTMLPAGES) $(PDFPAGES) -EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS \ - README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \ - KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL \ - $(PDFPAGES) LICENSE-MIXING README.netware INSTALL.devcpp \ - MAIL-ETIQUETTE HTTP-COOKIES SECURITY RELEASE-PROCEDURE SSL-PROBLEMS \ - HTTP2.md ROADMAP.md CODE_OF_CONDUCT.md CODE_STYLE.md - -MAN2HTML = roffit < $< >$@ +EXTRA_DIST = MANUAL BUGS CONTRIBUTE.md FAQ FEATURES INTERNALS.md SSLCERTS.md \ + README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \ + KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY.md INSTALL \ + $(PDFPAGES) LICENSE-MIXING.md README.netware INSTALL.devcpp \ + MAIL-ETIQUETTE HTTP-COOKIES.md SECURITY.md RELEASE-PROCEDURE SSL-PROBLEMS.md \ + HTTP2.md ROADMAP.md CODE_OF_CONDUCT.md CODE_STYLE.md CHECKSRC.md + +MAN2HTML = roffit $< >$@ SUFFIXES = .1 .html .pdf all: all-recursive diff --git a/docs/RELEASE-PROCEDURE b/docs/RELEASE-PROCEDURE index b0700f343..1b574526e 100644 --- a/docs/RELEASE-PROCEDURE +++ b/docs/RELEASE-PROCEDURE @@ -41,6 +41,11 @@ in the curl-www repo (the web site then updates its contents automatically) +on github +--------- + +- edit the newly made release tag so that it is listed as the latest release + inform ------ @@ -78,10 +83,10 @@ Coming dates Based on the description above, here are some planned release dates (at the time of this writing): -- October 7, 2015 (version 7.45.0) -- December 2, 2015 -- January 27, 2016 -- March 23, 2016 -- May 18, 2016 -- July 13, 2016 -- September 7, 2016 +- September 7, 2016 (version 7.50.2) +- November 2, 2016 +- December 28, 2016 +- February 22, 2017 +- April 19, 2017 +- June 14, 2017 +- August 9, 2017 diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md index bad9084ec..367130d33 100644 --- a/docs/ROADMAP.md +++ b/docs/ROADMAP.md @@ -8,20 +8,31 @@ possible participation. HTTP/2 ------ -- test suite - - Base this on existing nghttp2 server to start with to make functional - tests. Later on we can adopt that code or work with nghttp2 to provide ways - to have the http2 server respond with broken responses to make sure we deal - with that nicely as well. - - To decide: if we need to bundle parts of the nghttp2 stuff that probably - won't be shipped by many distros. +Improve performance. Measurements and tests have shown that in several cases +doing transfers over HTTP/2 can be notably slower than the same transfer done +over HTTP/1. Some of that difference can be attributed the inefficient window +size handling currently in use but there are probably more to be learned and +worked on to optimize this. + +QUIC +---- + +The standardization process of QUIC has been taken to the IETF and can be +followed on the [IETF QUIC Mailing +list](https://www.ietf.org/mailman/listinfo/quic). I'd like us to get on the +bandwagon. Ideally, this would be done with a separate library/project to +handle the binary/framing layer in a similar fashion to how HTTP/2 is +implemented. This, to allow other projects to benefit from the work and to +thus broaden the interest and chance of others to participate. + +TLS 1.3 +------- -- provide option for HTTP/2 "prior knowledge" over clear text +The new version of the TLS protocol is in the pipeline and will soon start to +get used out in the wild. It offers some new interesting features and will +need the TLS libraries to adapt and quite likely provide additional or +modified APIs. libcurl needs to adapt accordingly. - As it would avoid the roundtrip-heavy Upgrade: procedures when you _know_ - it speaks HTTP/2. HTTP cookies ------------ @@ -55,12 +66,10 @@ make sure there's an easy handle passed in to `curl_formadd()`, `curl_formget()` and `curl_formfree()` by adding replacement functions and deprecating the old ones to allow custom mallocs and more -third-party SASL +Third-party SASL ---------------- -add support for third-party SASL libraries such as Cyrus SASL - may need to -move existing native and SSPI based authentication into vsasl folder after -reworking HTTP and SASL code +Add support for third-party SASL libraries such as Cyrus SASL. SASL authentication in LDAP --------------------------- diff --git a/docs/SECURITY b/docs/SECURITY deleted file mode 100644 index 7b245d7ba..000000000 --- a/docs/SECURITY +++ /dev/null @@ -1,107 +0,0 @@ - _ _ ____ _ - ___| | | | _ \| | - / __| | | | |_) | | - | (__| |_| | _ <| |___ - \___|\___/|_| \_\_____| - -curl security for developers -============================ - -This document is intended to provide guidance to curl developers on how -security vulnerabilities should be handled. - -Publishing Information ----------------------- - -All known and public curl or libcurl related vulnerabilities are listed on -[the curl web site security page](https://curl.haxx.se/docs/security.html). - -Security vulnerabilities should not be entered in the project's public bug -tracker unless the necessary configuration is in place to limit access to the -issue to only the reporter and the project's security team. - -Vulnerability Handling ----------------------- - -The typical process for handling a new security vulnerability is as follows. - -No information should be made public about a vulnerability until it is -formally announced at the end of this process. That means, for example that a -bug tracker entry must NOT be created to track the issue since that will make -the issue public and it should not be discussed on any of the project's public -mailing lists. Also messages associated with any commits should not make -any reference to the security nature of the commit if done prior to the public -announcement. - -- The person discovering the issue, the reporter, reports the vulnerability - privately to `curl-security@haxx.se`. That's an email alias that reaches a - handful of selected and trusted people. - -- Messages that do not relate to the reporting or managing of an undisclosed - security vulnerability in curl or libcurl are ignored and no further action - is required. - -- A person in the security team sends an e-mail to the original reporter to - acknowledge the report. - -- The security team investigates the report and either rejects it or accepts - it. - -- If the report is rejected, the team writes to the reporter to explain why. - -- If the report is accepted, the team writes to the reporter to let him/her - know it is accepted and that they are working on a fix. - -- The security team discusses the problem, works out a fix, considers the - impact of the problem and suggests a release schedule. This discussion - should involve the reporter as much as possible. - -- The release of the information should be "as soon as possible" and is most - often synced with an upcoming release that contains the fix. If the - reporter, or anyone else, thinks the next planned release is too far away - then a separate earlier release for security reasons should be considered. - -- Write a security advisory draft about the problem that explains what the - problem is, its impact, which versions it affects, solutions or - workarounds, when the release is out and make sure to credit all - contributors properly. - -- Request a CVE number from distros@openwall[1] when also informing and - preparing them for the upcoming public security vulnerability announcement - - attach the advisory draft for information. Note that 'distros' won't accept - an embargo longer than 19 days. - -- Update the "security advisory" with the CVE number. - -- The security team commits the fix in a private branch. The commit message - should ideally contain the CVE number. This fix is usually also distributed - to the 'distros' mailing list to allow them to use the fix prior to the - public announcement. - -- At the day of the next release, the private branch is merged into the master - branch and pushed. Once pushed, the information is accessible to the public - and the actual release should follow suit immediately afterwards. - -- The project team creates a release that includes the fix. - -- The project team announces the release and the vulnerability to the world in - the same manner we always announce releases. It gets sent to the - curl-announce, curl-library and curl-users mailing lists. - -- The security web page on the web site should get the new vulnerability - mentioned. - -[1] = http://oss-security.openwall.org/wiki/mailing-lists/distros - -CURL-SECURITY (at haxx dot se) ------------------------------- - -Who is on this list? There are a couple of criteria you must meet, and then we -might ask you to join the list or you can ask to join it. It really isn't very -formal. We basically only require that you have a long-term presence in the -curl project and you have shown an understanding for the project and its way -of working. You must've been around for a good while and you should have no -plans in vanishing in the near future. - -We do not make the list of partipants public mostly because it tends to vary -somewhat over time and a list somewhere will only risk getting outdated. diff --git a/docs/SECURITY.md b/docs/SECURITY.md new file mode 100644 index 000000000..3c07e0bbe --- /dev/null +++ b/docs/SECURITY.md @@ -0,0 +1,110 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +curl security for developers +============================ + +This document is intended to provide guidance to curl developers on how +security vulnerabilities should be handled. + +Publishing Information +---------------------- + +All known and public curl or libcurl related vulnerabilities are listed on +[the curl web site security page](https://curl.haxx.se/docs/security.html). + +Security vulnerabilities should not be entered in the project's public bug +tracker unless the necessary configuration is in place to limit access to the +issue to only the reporter and the project's security team. + +Vulnerability Handling +---------------------- + +The typical process for handling a new security vulnerability is as follows. + +No information should be made public about a vulnerability until it is +formally announced at the end of this process. That means, for example that a +bug tracker entry must NOT be created to track the issue since that will make +the issue public and it should not be discussed on any of the project's public +mailing lists. Also messages associated with any commits should not make +any reference to the security nature of the commit if done prior to the public +announcement. + +- The person discovering the issue, the reporter, reports the vulnerability + privately to `curl-security@haxx.se`. That's an email alias that reaches a + handful of selected and trusted people. + +- Messages that do not relate to the reporting or managing of an undisclosed + security vulnerability in curl or libcurl are ignored and no further action + is required. + +- A person in the security team sends an e-mail to the original reporter to + acknowledge the report. + +- The security team investigates the report and either rejects it or accepts + it. + +- If the report is rejected, the team writes to the reporter to explain why. + +- If the report is accepted, the team writes to the reporter to let him/her + know it is accepted and that they are working on a fix. + +- The security team discusses the problem, works out a fix, considers the + impact of the problem and suggests a release schedule. This discussion + should involve the reporter as much as possible. + +- The release of the information should be "as soon as possible" and is most + often synced with an upcoming release that contains the fix. If the + reporter, or anyone else, thinks the next planned release is too far away + then a separate earlier release for security reasons should be considered. + +- Write a security advisory draft about the problem that explains what the + problem is, its impact, which versions it affects, solutions or + workarounds, when the release is out and make sure to credit all + contributors properly. + +- Request a CVE number from + [distros@openwall](http://oss-security.openwall.org/wiki/mailing-lists/distros) + when also informing and preparing them for the upcoming public security + vulnerability announcement - attach the advisory draft for information. Note + that 'distros' won't accept an embargo longer than 19 days and they do not + care for Windows-specific flaws. For windows-specific flaws, request CVE + directly from MITRE. + +- Update the "security advisory" with the CVE number. + +- The security team commits the fix in a private branch. The commit message + should ideally contain the CVE number. This fix is usually also distributed + to the 'distros' mailing list to allow them to use the fix prior to the + public announcement. + +- At the day of the next release, the private branch is merged into the master + branch and pushed. Once pushed, the information is accessible to the public + and the actual release should follow suit immediately afterwards. + +- The project team creates a release that includes the fix. + +- The project team announces the release and the vulnerability to the world in + the same manner we always announce releases. It gets sent to the + curl-announce, curl-library and curl-users mailing lists. + +- The security web page on the web site should get the new vulnerability + mentioned. + + + +CURL-SECURITY (at haxx dot se) +------------------------------ + +Who is on this list? There are a couple of criteria you must meet, and then we +might ask you to join the list or you can ask to join it. It really isn't very +formal. We basically only require that you have a long-term presence in the +curl project and you have shown an understanding for the project and its way +of working. You must've been around for a good while and you should have no +plans in vanishing in the near future. + +We do not make the list of partipants public mostly because it tends to vary +somewhat over time and a list somewhere will only risk getting outdated. diff --git a/docs/SSL-PROBLEMS b/docs/SSL-PROBLEMS deleted file mode 100644 index e63987101..000000000 --- a/docs/SSL-PROBLEMS +++ /dev/null @@ -1,87 +0,0 @@ - _ _ ____ _ - ___| | | | _ \| | - / __| | | | |_) | | - | (__| |_| | _ <| |___ - \___|\___/|_| \_\_____| - -SSL problems - - First, let's establish that we often refer to TLS and SSL interchangeably as - SSL here. The current protocol is called TLS, it was called SSL a long time - ago. - - There are several known reasons why a connection that involves SSL might - fail. This is a document that attempts to details the most common ones and - how to mitigate them. - -CA certs - - CA certs are used to digitally verify the server's certificate. You need a - "ca bundle" for this. See lots of more details on this in the SSLCERTS - document. - -CA bundle missing intermediate certificates - - When using said CA bundle to verify a server cert, you will experience - problems if your CA cert does not have the certificates for the - intermediates in the whole trust chain. - -Protocol version - - Some broken servers fail to support the protocol negotiation properly that - SSL servers are supposed to handle. This may cause the connection to fail - completely. Sometimes you may need to explicitly select a SSL version to use - when connecting to make the connection succeed. - - An additional complication can be that modern SSL libraries sometimes are - built with support for older SSL and TLS versions disabled! - - All versions of SSL are considered insecure and should be avoided. Use TLS. - -Ciphers - - Clients give servers a list of ciphers to select from. If the list doesn't - include any ciphers the server wants/can use, the connection handshake - fails. - - curl has recently disabled the user of a whole bunch of seriously insecure - ciphers from its default set (slightly depending on SSL backend in use). - - You may have to explicitly provide an alternative list of ciphers for curl - to use to allow the server to use a WEAK cipher for you. - - Note that these weak ciphers are identified as flawed. For example, this - includes symmetric ciphers with less than 128 bit keys and RC4. - - WinSSL in Windows XP is not able to connect to servers that no longer - support the legacy handshakes and algorithms used by those versions, so we - advice against building curl to use WinSSL on really old Windows versions. - - References: - - https://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01 - -Allow BEAST - - BEAST is the name of a TLS 1.0 attack that surfaced 2011. When adding means - to mitigate this attack, it turned out that some broken servers out there in - the wild didn't work properly with the BEAST mitigation in place. - - To make such broken servers work, the --ssl-allow-beast option was - introduced. Exactly as it sounds, it re-introduces the BEAST vulnerability - but on the other hand it allows curl to connect to that kind of strange - servers. - -Disabling certificate revocation checks - - Some SSL backends may do certificate revocation checks (CRL, OCSP, etc) - depending on the OS or build configuration. The --ssl-no-revoke option was - introduced in 7.44.0 to disable revocation checking but currently is only - supported for WinSSL (the native Windows SSL library), with an exception in - the case of Windows' Untrusted Publishers blacklist which it seems can't be - bypassed. This option may have broader support to accommodate other SSL - backends in the future. - - References: - - https://curl.haxx.se/docs/ssl-compared.html diff --git a/docs/SSL-PROBLEMS.md b/docs/SSL-PROBLEMS.md new file mode 100644 index 000000000..91803e22d --- /dev/null +++ b/docs/SSL-PROBLEMS.md @@ -0,0 +1,87 @@ + _ _ ____ _ + ___| | | | _ \| | + / __| | | | |_) | | + | (__| |_| | _ <| |___ + \___|\___/|_| \_\_____| + +# SSL problems + + First, let's establish that we often refer to TLS and SSL interchangeably as + SSL here. The current protocol is called TLS, it was called SSL a long time + ago. + + There are several known reasons why a connection that involves SSL might + fail. This is a document that attempts to details the most common ones and + how to mitigate them. + +## CA certs + + CA certs are used to digitally verify the server's certificate. You need a + "ca bundle" for this. See lots of more details on this in the SSLCERTS + document. + +## CA bundle missing intermediate certificates + + When using said CA bundle to verify a server cert, you will experience + problems if your CA cert does not have the certificates for the + intermediates in the whole trust chain. + +## Protocol version + + Some broken servers fail to support the protocol negotiation properly that + SSL servers are supposed to handle. This may cause the connection to fail + completely. Sometimes you may need to explicitly select a SSL version to use + when connecting to make the connection succeed. + + An additional complication can be that modern SSL libraries sometimes are + built with support for older SSL and TLS versions disabled! + + All versions of SSL are considered insecure and should be avoided. Use TLS. + +## Ciphers + + Clients give servers a list of ciphers to select from. If the list doesn't + include any ciphers the server wants/can use, the connection handshake + fails. + + curl has recently disabled the user of a whole bunch of seriously insecure + ciphers from its default set (slightly depending on SSL backend in use). + + You may have to explicitly provide an alternative list of ciphers for curl + to use to allow the server to use a WEAK cipher for you. + + Note that these weak ciphers are identified as flawed. For example, this + includes symmetric ciphers with less than 128 bit keys and RC4. + + WinSSL in Windows XP is not able to connect to servers that no longer + support the legacy handshakes and algorithms used by those versions, so we + advice against building curl to use WinSSL on really old Windows versions. + + References: + + https://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01 + +## Allow BEAST + + BEAST is the name of a TLS 1.0 attack that surfaced 2011. When adding means + to mitigate this attack, it turned out that some broken servers out there in + the wild didn't work properly with the BEAST mitigation in place. + + To make such broken servers work, the --ssl-allow-beast option was + introduced. Exactly as it sounds, it re-introduces the BEAST vulnerability + but on the other hand it allows curl to connect to that kind of strange + servers. + +## Disabling certificate revocation checks + + Some SSL backends may do certificate revocation checks (CRL, OCSP, etc) + depending on the OS or build configuration. The --ssl-no-revoke option was + introduced in 7.44.0 to disable revocation checking but currently is only + supported for WinSSL (the native Windows SSL library), with an exception in + the case of Windows' Untrusted Publishers blacklist which it seems can't be + bypassed. This option may have broader support to accommodate other SSL + backends in the future. + + References: + + https://curl.haxx.se/docs/ssl-compared.html diff --git a/docs/SSLCERTS b/docs/SSLCERTS deleted file mode 100644 index 7755609c4..000000000 --- a/docs/SSLCERTS +++ /dev/null @@ -1,163 +0,0 @@ -SSL Certificate Verification -============================ - -SSL is TLS ----------- - -SSL is the old name. It is called TLS these days. - - -Native SSL ----------- - -If libcurl was built with Schannel or Secure Transport support (the native SSL -libraries included in Windows and Mac OS X), then this does not apply to -you. Scroll down for details on how the OS-native engines handle SSL -certificates. If you're not sure, then run "curl -V" and read the results. If -the version string says "WinSSL" in it, then it was built with Schannel -support. - -It is about trust ------------------ - -This system is about trust. In your local CA certificate store you have certs -from *trusted* Certificate Authorities that you then can use to verify that the -server certificates you see are valid. They're signed by one of the CAs you -trust. - -Which CAs do you trust? You can decide to trust the same set of companies your -operating system trusts, or the set one of the known browsers trust. That's -basically trust via someone else you trust. You should just be aware that -modern operating systems and browsers are setup to trust *hundreds* of -companies and recent years several such CAs have been found untrustworthy. - -Certificate Verification ------------------------- - -libcurl performs peer SSL certificate verification by default. This is done -by using a CA certificate store that the SSL library can use to make sure the -peer's server certificate is valid. - -If you communicate with HTTPS, FTPS or other TLS-using servers using -certificates that are signed by CAs present in the store, you can be sure -that the remote server really is the one it claims to be. - -If the remote server uses a self-signed certificate, if you don't install a CA -cert store, if the server uses a certificate signed by a CA that isn't -included in the store you use or if the remote host is an impostor -impersonating your favorite site, and you want to transfer files from this -server, do one of the following: - - 1. Tell libcurl to *not* verify the peer. With libcurl you disable this with - `curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);` - - With the curl command line tool, you disable this with -k/--insecure. - - 2. Get a CA certificate that can verify the remote server and use the proper - option to point out this CA cert for verification when connecting. For - libcurl hackers: `curl_easy_setopt(curl, CURLOPT_CAPATH, capath);` - - With the curl command line tool: --cacert [file] - - 3. Add the CA cert for your server to the existing default CA certificate - store. The default CA certificate store can changed at compile time with the - following configure options: - - --with-ca-bundle=FILE: use the specified file as CA certificate store. CA - certificates need to be concatenated in PEM format into this file. - - --with-ca-path=PATH: use the specified path as CA certificate store. CA - certificates need to be stored as individual PEM files in this directory. - You may need to run c_rehash after adding files there. - - If neither of the two options is specified, configure will try to auto-detect - a setting. It's also possible to explicitly not hardcode any default store - but rely on the built in default the crypto library may provide instead. - You can achieve that by passing both --without-ca-bundle and - --without-ca-path to the configure script. - - If you use Internet Explorer, this is one way to get extract the CA cert - for a particular server: - - - View the certificate by double-clicking the padlock - - Find out where the CA certificate is kept (Certificate> - Authority Information Access>URL) - - Get a copy of the crt file using curl - - Convert it from crt to PEM using the openssl tool: - openssl x509 -inform DES -in yourdownloaded.crt \ - -out outcert.pem -text - - Add the 'outcert.pem' to the CA certificate store or use it stand-alone - as described below. - - If you use the 'openssl' tool, this is one way to get extract the CA cert - for a particular server: - - - `openssl s_client -connect xxxxx.com:443 |tee logfile` - - type "QUIT", followed by the "ENTER" key - - The certificate will have "BEGIN CERTIFICATE" and "END CERTIFICATE" - markers. - - If you want to see the data in the certificate, you can do: "openssl - x509 -inform PEM -in certfile -text -out certdata" where certfile is - the cert you extracted from logfile. Look in certdata. - - If you want to trust the certificate, you can add it to your CA - certificate store or use it stand-alone as described. Just remember that - the security is no better than the way you obtained the certificate. - - 4. If you're using the curl command line tool, you can specify your own CA - cert path by setting the environment variable `CURL_CA_BUNDLE` to the path - of your choice. - - If you're using the curl command line tool on Windows, curl will search - for a CA cert file named "curl-ca-bundle.crt" in these directories and in - this order: - 1. application's directory - 2. current working directory - 3. Windows System directory (e.g. C:\windows\system32) - 4. Windows Directory (e.g. C:\windows) - 5. all directories along %PATH% - - 5. Get a better/different/newer CA cert bundle! One option is to extract the - one a recent Firefox browser uses by running 'make ca-bundle' in the curl - build tree root, or possibly download a version that was generated this - way for you: [CA Extract](https://curl.haxx.se/docs/caextract.html) - -Neglecting to use one of the above methods when dealing with a server using a -certificate that isn't signed by one of the certificates in the installed CA -certificate store, will cause SSL to report an error ("certificate verify -failed") during the handshake and SSL will then refuse further communication -with that server. - -Certificate Verification with NSS ---------------------------------- - -If libcurl was built with NSS support, then depending on the OS distribution, -it is probably required to take some additional steps to use the system-wide -CA cert db. RedHat ships with an additional module, libnsspem.so, which -enables NSS to read the OpenSSL PEM CA bundle. On openSUSE you can install -p11-kit-nss-trust which makes NSS use the system wide CA certificate store. NSS -also has a new [database format](https://wiki.mozilla.org/NSS_Shared_DB). - -Starting with version 7.19.7, libcurl automatically adds the 'sql:' prefix to -the certdb directory (either the hardcoded default /etc/pki/nssdb or the -directory configured with SSL_DIR environment variable). To check which certdb -format your distribution provides, examine the default certdb location: -/etc/pki/nssdb; the new certdb format can be identified by the filenames -cert9.db, key4.db, pkcs11.txt; filenames of older versions are cert8.db, -key3.db, secmod.db. - -Certificate Verification with Schannel and Secure Transport ------------------------------------------------------------ - -If libcurl was built with Schannel (Microsoft's native TLS engine) or Secure -Transport (Apple's native TLS engine) support, then libcurl will still perform -peer certificate verification, but instead of using a CA cert bundle, it will -use the certificates that are built into the OS. These are the same -certificates that appear in the Internet Options control panel (under Windows) -or Keychain Access application (under OS X). Any custom security rules for -certificates will be honored. - -Schannel will run CRL checks on certificates unless peer verification is -disabled. Secure Transport on iOS will run OCSP checks on certificates unless -peer verification is disabled. Secure Transport on OS X will run either OCSP -or CRL checks on certificates if those features are enabled, and this behavior -can be adjusted in the preferences of Keychain Access. diff --git a/docs/SSLCERTS.md b/docs/SSLCERTS.md new file mode 100644 index 000000000..7755609c4 --- /dev/null +++ b/docs/SSLCERTS.md @@ -0,0 +1,163 @@ +SSL Certificate Verification +============================ + +SSL is TLS +---------- + +SSL is the old name. It is called TLS these days. + + +Native SSL +---------- + +If libcurl was built with Schannel or Secure Transport support (the native SSL +libraries included in Windows and Mac OS X), then this does not apply to +you. Scroll down for details on how the OS-native engines handle SSL +certificates. If you're not sure, then run "curl -V" and read the results. If +the version string says "WinSSL" in it, then it was built with Schannel +support. + +It is about trust +----------------- + +This system is about trust. In your local CA certificate store you have certs +from *trusted* Certificate Authorities that you then can use to verify that the +server certificates you see are valid. They're signed by one of the CAs you +trust. + +Which CAs do you trust? You can decide to trust the same set of companies your +operating system trusts, or the set one of the known browsers trust. That's +basically trust via someone else you trust. You should just be aware that +modern operating systems and browsers are setup to trust *hundreds* of +companies and recent years several such CAs have been found untrustworthy. + +Certificate Verification +------------------------ + +libcurl performs peer SSL certificate verification by default. This is done +by using a CA certificate store that the SSL library can use to make sure the +peer's server certificate is valid. + +If you communicate with HTTPS, FTPS or other TLS-using servers using +certificates that are signed by CAs present in the store, you can be sure +that the remote server really is the one it claims to be. + +If the remote server uses a self-signed certificate, if you don't install a CA +cert store, if the server uses a certificate signed by a CA that isn't +included in the store you use or if the remote host is an impostor +impersonating your favorite site, and you want to transfer files from this +server, do one of the following: + + 1. Tell libcurl to *not* verify the peer. With libcurl you disable this with + `curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);` + + With the curl command line tool, you disable this with -k/--insecure. + + 2. Get a CA certificate that can verify the remote server and use the proper + option to point out this CA cert for verification when connecting. For + libcurl hackers: `curl_easy_setopt(curl, CURLOPT_CAPATH, capath);` + + With the curl command line tool: --cacert [file] + + 3. Add the CA cert for your server to the existing default CA certificate + store. The default CA certificate store can changed at compile time with the + following configure options: + + --with-ca-bundle=FILE: use the specified file as CA certificate store. CA + certificates need to be concatenated in PEM format into this file. + + --with-ca-path=PATH: use the specified path as CA certificate store. CA + certificates need to be stored as individual PEM files in this directory. + You may need to run c_rehash after adding files there. + + If neither of the two options is specified, configure will try to auto-detect + a setting. It's also possible to explicitly not hardcode any default store + but rely on the built in default the crypto library may provide instead. + You can achieve that by passing both --without-ca-bundle and + --without-ca-path to the configure script. + + If you use Internet Explorer, this is one way to get extract the CA cert + for a particular server: + + - View the certificate by double-clicking the padlock + - Find out where the CA certificate is kept (Certificate> + Authority Information Access>URL) + - Get a copy of the crt file using curl + - Convert it from crt to PEM using the openssl tool: + openssl x509 -inform DES -in yourdownloaded.crt \ + -out outcert.pem -text + - Add the 'outcert.pem' to the CA certificate store or use it stand-alone + as described below. + + If you use the 'openssl' tool, this is one way to get extract the CA cert + for a particular server: + + - `openssl s_client -connect xxxxx.com:443 |tee logfile` + - type "QUIT", followed by the "ENTER" key + - The certificate will have "BEGIN CERTIFICATE" and "END CERTIFICATE" + markers. + - If you want to see the data in the certificate, you can do: "openssl + x509 -inform PEM -in certfile -text -out certdata" where certfile is + the cert you extracted from logfile. Look in certdata. + - If you want to trust the certificate, you can add it to your CA + certificate store or use it stand-alone as described. Just remember that + the security is no better than the way you obtained the certificate. + + 4. If you're using the curl command line tool, you can specify your own CA + cert path by setting the environment variable `CURL_CA_BUNDLE` to the path + of your choice. + + If you're using the curl command line tool on Windows, curl will search + for a CA cert file named "curl-ca-bundle.crt" in these directories and in + this order: + 1. application's directory + 2. current working directory + 3. Windows System directory (e.g. C:\windows\system32) + 4. Windows Directory (e.g. C:\windows) + 5. all directories along %PATH% + + 5. Get a better/different/newer CA cert bundle! One option is to extract the + one a recent Firefox browser uses by running 'make ca-bundle' in the curl + build tree root, or possibly download a version that was generated this + way for you: [CA Extract](https://curl.haxx.se/docs/caextract.html) + +Neglecting to use one of the above methods when dealing with a server using a +certificate that isn't signed by one of the certificates in the installed CA +certificate store, will cause SSL to report an error ("certificate verify +failed") during the handshake and SSL will then refuse further communication +with that server. + +Certificate Verification with NSS +--------------------------------- + +If libcurl was built with NSS support, then depending on the OS distribution, +it is probably required to take some additional steps to use the system-wide +CA cert db. RedHat ships with an additional module, libnsspem.so, which +enables NSS to read the OpenSSL PEM CA bundle. On openSUSE you can install +p11-kit-nss-trust which makes NSS use the system wide CA certificate store. NSS +also has a new [database format](https://wiki.mozilla.org/NSS_Shared_DB). + +Starting with version 7.19.7, libcurl automatically adds the 'sql:' prefix to +the certdb directory (either the hardcoded default /etc/pki/nssdb or the +directory configured with SSL_DIR environment variable). To check which certdb +format your distribution provides, examine the default certdb location: +/etc/pki/nssdb; the new certdb format can be identified by the filenames +cert9.db, key4.db, pkcs11.txt; filenames of older versions are cert8.db, +key3.db, secmod.db. + +Certificate Verification with Schannel and Secure Transport +----------------------------------------------------------- + +If libcurl was built with Schannel (Microsoft's native TLS engine) or Secure +Transport (Apple's native TLS engine) support, then libcurl will still perform +peer certificate verification, but instead of using a CA cert bundle, it will +use the certificates that are built into the OS. These are the same +certificates that appear in the Internet Options control panel (under Windows) +or Keychain Access application (under OS X). Any custom security rules for +certificates will be honored. + +Schannel will run CRL checks on certificates unless peer verification is +disabled. Secure Transport on iOS will run OCSP checks on certificates unless +peer verification is disabled. Secure Transport on OS X will run either OCSP +or CRL checks on certificates if those features are enabled, and this behavior +can be adjusted in the preferences of Keychain Access. diff --git a/docs/THANKS b/docs/THANKS index a57a8262d..803818ffe 100644 --- a/docs/THANKS +++ b/docs/THANKS @@ -4,6 +4,8 @@ If you have contributed but are missing here, please let us know! +"Captain Basil" +"Spoon Man" Aaro Koskinen Aaron Oneal Aaron Orenstein @@ -18,6 +20,7 @@ Adriano Meirelles Ajit Dhumale Aki Koskinen Akos Pasztory +Alain Danteny Alan Pinstein Albert Chin-A-Young Albert Choy @@ -25,6 +28,7 @@ Ale Vesely Alejandro Alvarez Ayllon Aleksandar Milivojevic Aleksey Tulinov +Ales Novak Alessandro Ghedini Alessandro Vesely Alex Bligh @@ -44,17 +48,20 @@ Alexander Krasnostavsky Alexander Lazic Alexander Pepper Alexander Peslyak +Alexander Traud Alexander Zhuravlev Alexey Borzov Alexey Pesternikov Alexey Simak Alexey Zakhlestin Alexis Carvalho +Alexis La Goutte Alfred Gebert Allen Pulsifer Alona Rossen Amol Pattekar Amr Shahin +Anatol Belski Anatoli Tubman Anders Bakken Anders Gustafsson @@ -82,6 +89,7 @@ Andrew Francis Andrew Fuller Andrew Kurushin Andrew Moise +Andrew Robbins Andrew Wansink Andrew de los Reyes Andrey Labunets @@ -100,6 +108,7 @@ Anton Bychkov Anton Kalmykov Anton Malov Anton Yabchinskiy +Antonio Larrosa Arkadiusz Miskiewicz Armel Asselin Arnaud Compan @@ -173,6 +182,7 @@ Brian Prodoehl Brian R Duffy Brian Ulm Brock Noland +Bru Rom Bruce Mitchener Bruno Thomsen Bruno de Carvalho @@ -203,6 +213,7 @@ Chris Maltby Chris Mumford Chris Smowton Chris Young +Christian Fillion Christian Grothoff Christian Hägele Christian Krause @@ -232,6 +243,7 @@ Colin Hogben Colin Watson Colm Buckley Constantine Sapuntzakis +Cory Benfield Cory Nelson Craig A West Craig Davison @@ -246,10 +258,14 @@ D. Flinkmann Da-Yoon Chung Dag Ekengren Dagobert Michelsen +Dambaev Alexander Damian Dixon Damien Adant +Damien Vielpeau Dan Becker Dan C +Dan Cristian +Dan Donahue Dan Fandrich Dan Locks Dan Nelson @@ -259,6 +275,7 @@ Dan Zitter Daniel Black Daniel Cater Daniel Egger +Daniel Gustafsson Daniel Hwang Daniel Johnson Daniel Kahn Gillmor @@ -293,6 +310,7 @@ David Houlder David Hull David J Meyer David James +David Kalnischkies David Kierznowski David Kimdon David Lang @@ -317,6 +335,7 @@ Dennis Clarke Derek Higgins Detlef Schmier Didier Brisebourg +Diego Bes Diego Casorran Dilyan Palauzov Dima Barsky @@ -353,6 +372,7 @@ Drake Arconis Duane Cathey Duncan Mac-Vicar Prett Dustin Boswell +Dusty Mabe Dylan Ellicott Dylan Salisbury Early Ehlinger @@ -382,6 +402,7 @@ Eric Lubin Eric Melville Eric Mertens Eric Rautman +Eric Rescorla Eric Ridge Eric S. Raymond Eric Thelin @@ -397,17 +418,20 @@ Erwin Authried Ethan Glasser Camp Eugene Kotlyarov Evan Jordan +Evgeny Grin Evgeny Turnaev Eygene Ryabinkin Fabian Frank Fabian Hiernaux Fabian Keil +Fabian Ruff Fabrizio Ammollo Fedor Karpelevitch Feist Josselin Felix Yan Felix von Leitner Feng Tu +Fernando Muñoz Flavio Medeiros Florian Schoppmann Florian Weimer @@ -432,6 +456,7 @@ Gabriel Kuri Gabriel Sjoberg Garrett Holmstrom Gary Maxwell +Gaurav Malhotra Gautam Kachroo Gautam Mani Gavrie Philipson @@ -463,6 +488,7 @@ Glenn Sheridan Google Inc. Gordon Marler Gorilla Maguila +Gou Lingfeng Grant Erickson Grant Pannell Greg Hewgill @@ -498,6 +524,7 @@ Heinrich Ko Heinrich Schaefer Helwing Lutz Hendrik Visage +Henrik Gaßmann Henrik Storner Henry Ludemann Herve Amblard @@ -526,8 +553,10 @@ Inca R Ingmar Runge Ingo Ralf Blum Ingo Wilken +Irfan Adilovic Isaac Boukris Ishan SinghLevett +Ivan Avdeev Ivo Bellin Salarin Jack Zhang Jacky Lam @@ -641,6 +670,7 @@ John Marshall John McGowan John P. McCaskey John Suprock +John Wanghui John Wilkinson John-Mark Bell Johnny Luong @@ -662,6 +692,7 @@ Jonathan Cardoso Machado Machado Jonathan Hseu Jonathan Nieder Jongki Suwandi +Joonas Kuorilehto Jose Alf Jose Kahan Josef Wolf @@ -671,6 +702,7 @@ Josue Andrade Gomes Juan Barreto Juan F. Codagnone Juan Ignacio Hervás +Juan RP Judson Bishop Juergen Wilke Jukka Pihl @@ -686,10 +718,12 @@ Justin Ehlert Justin Fletcher Justin Karneges Justin Maggard +János Fekete Jörg Mueller-Tolk Jörn Hartroth K. R. Walker Kai Engert +Kai Noda Kai Sommerfeld Kai-Uwe Rommel Kalle Vahlman @@ -760,6 +794,7 @@ Linas Vepstas Lindley French Ling Thio Linus Nielsen Feltzing +Linus Nordberg Lior Kaplan Lisa Xu Liviu Chircu @@ -779,6 +814,7 @@ Lukasz Czekierda Luke Amery Luke Call Luke Dashjr +Luo Jinghua Luong Dinh Dung Lyndon Hill Maciej Karpiuk @@ -795,15 +831,17 @@ Marc Boucher Marc Deslauriers Marc Doughty Marc Hesse -Marc Hoersken +Marc Hörsken Marc Kleine-Budde Marc Renault Marcel Raad Marcel Roelofs +Marcelo Echeverria Marcelo Juchem Marcin Adamski Marcin Gryszkalis Marcin Konicki +Marco Deckel Marco G. Salvagno Marco Maggi Marcus Sundberg @@ -813,9 +851,11 @@ Mark Brand Mark Butler Mark Davies Mark Eichin +Mark Hamilton Mark Incley Mark Karpeles Mark Lentczner +Mark Nottingham Mark Salisbury Mark Snelling Mark Tully @@ -824,6 +864,7 @@ Markus Elfring Markus Koetter Markus Moeller Markus Oberhumer +Marquis de Muesli Martijn Koster Martin C. Martin Martin Drasar @@ -833,6 +874,7 @@ Martin Jansen Martin Lemke Martin Skinner Martin Storsjo +Martin Vejnár Marty Kuhrt Maruko Massimiliano Ziccardi @@ -905,12 +947,14 @@ Mike Power Mike Protts Mike Revi Miklos Nemeth +Miroslav Franc Miroslav Spousta Mitz Wark Mohamed Lrhazi Mohammad AlSaleh Mohun Biswas Mostyn Bramley-Moore +Moti Avrahami Myk Taylor Nach M. S. Nagai H @@ -951,11 +995,13 @@ Ofer Ola Mork Olaf Flebbe Olaf Stüben +Oleg Pudeyev Oliver Gondža Oliver Graute Oliver Kuckertz Oliver Schindler Olivier Berger +Olivier Brunel Orange Tsai Oren Souroujon Oren Tirosh @@ -998,8 +1044,10 @@ Pawel A. Gajda Pawel Kierski Pedro Larroy Pedro Neves +Per Malmberg Peter Bray Peter Forret +Peter Frühberger Peter Gal Peter Heuchert Peter Hjalmarsson @@ -1064,12 +1112,14 @@ Ray Dassen Ray Pekowski Ray Satiro Razvan Cojocaru +Reinhard Max Reinout van Schouwen Remi Gacogne Renato Botelho Renaud Chaillat Renaud Duhaut Renaud Guillard +Renaud Lehoux Rene Bernhardt Rene Rebe Reuven Wachtfogel @@ -1084,6 +1134,7 @@ Richard Bramante Richard Clayton Richard Cooper Richard Gorton +Richard Gray Richard Hosking Richard Michael Richard Moore @@ -1110,6 +1161,7 @@ Robin Cornelius Robin Johnson Robin Kay Robson Braga Araujo +Rod Widdowson Rodney Simmons Rodric Glaser Rodrigo Silva @@ -1118,11 +1170,13 @@ Roland Blom Roland Krikava Roland Zimmermann Rolland Dudemaine +Romain Coltel Roman Koifman Roman Mamedov Romulo A. Ceccon Ron Parker Ron Zapp +Ronnie Mose Rosimildo da Silva Roy Shan Rune Kleveland @@ -1152,6 +1206,7 @@ Sara Golemon Saran Neti Sascha Swiercy Saul good +Saurav Babu Scott Bailey Scott Barrett Scott Cantor @@ -1164,6 +1219,7 @@ Senthil Raja Velu Sergei Nikulov Sergey Tatarincev Sergio Ballestrero +Serj Kalichev Seshubabu Pasam Seth Mos Sh Diao @@ -1175,11 +1231,13 @@ Shawn Poulson Shine Fan Shmulik Regev Siddhartha Prakash Jain -Sidney San Martin +Sidney San Martín Siegfried Gyuricsko Simon Dick +Simon H. Simon Josefsson Simon Liu +Simon Warta Song Ma Sonia Subramanian Spacen Jasset @@ -1191,6 +1249,7 @@ Stanislav Ivochkin Stefan Bühler Stefan Eissing Stefan Esser +Stefan Kanthak Stefan Krause Stefan Neis Stefan Teleman @@ -1228,11 +1287,12 @@ T. Bharath T. Yamada TJ Saunders Tae Hyoung Ahn -Taneli Vahakangas +Taneli Vähäkangas Tanguy Fautre Tatsuhiro Tsujikawa Temprimus Terri Oda +Theodore Dubois Thomas Braun Thomas Glanzmann Thomas J. Moore @@ -1259,6 +1319,7 @@ Tim Stack Tim Starling Timo Sirainen Timotej Lazar +Timothy Polich Tinus van den Berg Tobias Markus Tobias Rundström @@ -1279,6 +1340,7 @@ Tom Sparrow Tom Wright Tom Zerucha Tomas Hoger +Tomas Jakobsson Tomas Mlcoch Tomas Pospisek Tomas Szepe @@ -1295,6 +1357,7 @@ Torsten Foertsch Toshio Kuratomi Toshiyuki Maezawa Traian Nicolescu +Travis Burtrum Troels Walsted Hansen Troy Engel Tupone Alfredo @@ -1329,6 +1392,7 @@ W. Mark Kubacki Waldek Kozba Walter J. Mack Ward Willats +Warp Kawada Warren Menzer Wayne Haigh Werner Koch @@ -1353,6 +1417,7 @@ Yehezkel Horowitz Yehoshua Hershberg Yi Huang Yingwei Liu +Yonggang Luo Yousuke Kimoto Yukihiro Kawada Yun SangHo @@ -1363,8 +1428,20 @@ Zdenek Pavlas Zekun Ni Zmey Petroff Zvi Har'El +asavah on github +baumanj on github +bsammon on github +dkjjr89 on github +eXeC64 on github +jveazey on github +kreshano on github +marc-groundctl on github +neex on github nk +silveja1 on github swalkaus at yahoo.com tommink[at]post.pl +vanillajonathan on github +wmsch on github Å tefan Kremeň Ðикита Дорохин diff --git a/docs/TODO b/docs/TODO index 652183868..40b8cc8ec 100644 --- a/docs/TODO +++ b/docs/TODO @@ -28,19 +28,26 @@ 1.10 Support IDNA2008 1.11 minimize dependencies with dynamicly loaded modules 1.12 have form functions use CURL handle argument - 1.13 Add CURLOPT_MAIL_CLIENT option 1.14 Typesafe curl_easy_setopt() - 1.15 TCP Fast Open + 1.15 Monitor connections in the connection pool 1.16 Try to URL encode given URL + 1.17 Add support for IRIs + 1.18 try next proxy if one doesn't work + 1.19 Timeout idle connections from the pool + 1.20 SRV and URI DNS records + 1.21 API for URL parsing/splitting + 1.23 Offer API to flush the connection pool 2. libcurl - multi interface 2.1 More non-blocking 2.2 Better support for same name resolves 2.3 Non-blocking curl_multi_remove_handle() 2.4 Split connect and authentication process + 2.5 Edge-triggered sockets should work 3. Documentation 3.1 Update date and version in man pages + 3.2 Provide cmake config-file 4. FTP 4.1 HOST @@ -55,10 +62,11 @@ 5.1 Better persistency for HTTP 1.0 5.2 support FF3 sqlite cookie files 5.3 Rearrange request header order - 5.4 SPDY + 5.4 Use huge HTTP/2 windows 5.5 auth= in URLs 5.6 Refuse "downgrade" redirects - 5.7 More compressions + 5.7 Brotli compression + 5.8 QUIC 6. TELNET 6.1 ditch stdin @@ -69,6 +77,7 @@ 7. SMTP 7.1 Pipelining 7.2 Enhanced capability support + 7.3 Add CURLOPT_MAIL_CLIENT option 8. POP3 8.1 Pipelining @@ -98,6 +107,7 @@ 13.6 Provide callback for cert verification 13.7 improve configure --with-ssl 13.8 Support DANE + 13.9 Support TLS v1.3 14. GnuTLS 14.1 SSL engine stuff @@ -111,46 +121,53 @@ 16. SASL 16.1 Other authentication mechanisms 16.2 Add QOP support to GSSAPI authentication - - 17. Command line tool - 17.1 sync - 17.2 glob posts - 17.3 prevent file overwriting - 17.4 simultaneous parallel transfers - 17.5 provide formpost headers - 17.6 warning when setting an option - 17.7 warning when sending binary output to terminal - 17.8 offer color-coded HTTP header output - 17.9 Choose the name of file in braces for complex URLs - 17.10 improve how curl works in a windows console window - 17.11 -w output to stderr - 17.12 keep running, read instructions from pipe/socket - - 18. Build - 18.1 roffit - - 19. Test suite - 19.1 SSL tunnel - 19.2 nicer lacking perl message - 19.3 more protocols supported - 19.4 more platforms supported - 19.5 Add support for concurrent connections - 19.6 Use the RFC6265 test suite - - 20. Next SONAME bump - 20.1 http-style HEAD output for FTP - 20.2 combine error codes - 20.3 extend CURLOPT_SOCKOPTFUNCTION prototype - - 21. Next major release - 21.1 cleanup return codes - 21.2 remove obsolete defines - 21.3 size_t - 21.4 remove several functions - 21.5 remove CURLOPT_FAILONERROR - 21.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE - 21.7 remove progress meter from libcurl - 21.8 remove 'curl_httppost' from public + 16.3 Support binary messages (i.e.: non-base64) + + 17. SSH protocols + 17.1 Multiplexing + 17.2 SFTP performance + + 18. Command line tool + 18.1 sync + 18.2 glob posts + 18.3 prevent file overwriting + 18.4 simultaneous parallel transfers + 18.5 provide formpost headers + 18.6 warning when setting an option + 18.7 warning when sending binary output to terminal + 18.8 offer color-coded HTTP header output + 18.9 Choose the name of file in braces for complex URLs + 18.10 improve how curl works in a windows console window + 18.11 -w output to stderr + 18.12 keep running, read instructions from pipe/socket + 18.13 support metalink in http headers + 18.14 --fail without --location should treat 3xx as a failure + + 19. Build + 19.1 roffit + + 20. Test suite + 20.1 SSL tunnel + 20.2 nicer lacking perl message + 20.3 more protocols supported + 20.4 more platforms supported + 20.5 Add support for concurrent connections + 20.6 Use the RFC6265 test suite + + 21. Next SONAME bump + 21.1 http-style HEAD output for FTP + 21.2 combine error codes + 21.3 extend CURLOPT_SOCKOPTFUNCTION prototype + + 22. Next major release + 22.1 cleanup return codes + 22.2 remove obsolete defines + 22.3 size_t + 22.4 remove several functions + 22.5 remove CURLOPT_FAILONERROR + 22.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE + 22.7 remove progress meter from libcurl + 22.8 remove 'curl_httppost' from public ============================================================================== @@ -219,11 +236,12 @@ 1.8 Allow SSL (HTTPS) to proxy To prevent local users from snooping on your traffic to the proxy. Supported - by Chrome already: + by Firefox and Chrome already: https://www.chromium.org/developers/design-documents/secure-web-proxy - ...and by Firefox soon: - https://bugzilla.mozilla.org/show_bug.cgi?id=378637 + See this stale work in progress branch: + https://github.com/curl/curl/tree/HTTPS-proxy based on this PR: + https://github.com/curl/curl/pull/305 1.9 Cache negative name resolves @@ -256,16 +274,6 @@ to use and less error-prone. Probably easiest by splitting it into several function calls. -1.13 Add CURLOPT_MAIL_CLIENT option - - Rather than use the URL to specify the mail client string to present in the - HELO and EHLO commands, libcurl should support a new CURLOPT specifically for - specifying this data as the URL is non-standard and to be honest a bit of a - hack ;-) - - Please see the following thread for more information: - https://curl.haxx.se/mail/lib-2012-05/0178.html - 1.14 Typesafe curl_easy_setopt() One of the most common problems in libcurl using applications is the lack of @@ -283,10 +291,19 @@ curl_easy_set_cb() - sets a callback PLUS its callback data -1.15 TCP Fast Open +1.15 Monitor connections in the connection pool + + libcurl's connection cache or pool holds a number of open connections for the + purpose of possible subsequent connection reuse. It may contain a few up to a + significant amount of connections. Currently, libcurl leaves all connections + as they are and first when a connection is iterated over for matching or + reuse purpose it is verified that it is still alive. - RFC 7413 defines how to include data already in the TCP SYN handshake to - reduce latency. + Those connections may get closed by the server side for idleness or they may + get a HTTP/2 ping from the peer to verify that they're still alive. By adding + monitoring of the connections while in the pool, libcurl can detect dead + connections (and close them) better and earlier, and it can handle HTTP/2 + pings to keep such ones alive even when not actively doing transfers on them. 1.16 Try to URL encode given URL @@ -297,6 +314,53 @@ https://github.com/curl/curl/issues/514 +1.17 Add support for IRIs + + IRIs (RFC 3987) allow localized, non-ascii, names in the URL. To properly + support this, curl/libcurl would need to translate/encode the given input + from the input string encoding into percent encoded output "over the wire". + + To make that work smoothly for curl users even on Windows, curl would + probably need to be able to convert from several input encodings. + +1.18 try next proxy if one doesn't work + + Allow an application to specify a list of proxies to try, and failing to + connect to the first go on and try the next instead until the list is + exhausted. Browsers support this feature at least when they specify proxies + using PACs. + + https://github.com/curl/curl/issues/896 + +1.19 Timeout idle connections from the pool + + libcurl currently keeps connections in its connection pool for an indefinite + period of time, until it either gets reused, gets noticed that it has been + closed by the server or gets pruned to make room for a new connection. + + To reduce overhead (especially for when we add monitoring of the connections + in the pool), we should introduce a timeout so that connections that have + been idle for N seconds get closed. + +1.20 SRV and URI DNS records + + Offer support for resolving SRV and URI DNS records for libcurl to know which + server to connect to for various protocols (including HTTP!). + +1.21 API for URL parsing/splitting + + libcurl has always parsed URLs internally and never exposed any API or + features to allow applications to do it. Still most or many applications + using libcurl need that ability. In polls to users, we've learned that many + libcurl users would like to see and use such an API. + +1.23 Offer API to flush the connection pool + + Sometimes applications want to flush all the existing connections kept alive. + An API could allow a forced flush or just a forced loop that would properly + close all connections that have been closed by the server already. + + 2. libcurl - multi interface 2.1 More non-blocking @@ -336,6 +400,12 @@ phase. As such any failures during authentication won't trigger the relevant QUIT or LOGOFF for protocols such as IMAP, POP3 and SMTP. +2.5 Edge-triggered sockets should work + + The multi_socket API should work with edge-triggered socket events. One of + the internal actions that need to be improved for this to work perfectly is + the 'maxloops' handling in transfer.c:readwrite_data(). + 3. Documentation 3.1 Update date and version in man pages @@ -344,6 +414,12 @@ pages at release time to use the current date and curl/libcurl version number. +3.2 Provide cmake config-file + + A config-file package is a set of files provided by us to allow applications + to write cmake scripts to find and use libcurl easier. See + https://github.com/curl/curl/issues/885 + 4. FTP 4.1 HOST @@ -415,13 +491,12 @@ This is not detailed in any FTP specification. headers use a default value so only headers that need to be moved have to be specified. -5.4 SPDY - - Chrome and Firefox already support SPDY and lots of web services do. There's - a library for us to use for this (spdylay) that has a similar API and the - same author as nghttp2. +5.4 Use huge HTTP/2 windows - spdylay: https://github.com/tatsuhiro-t/spdylay + We're currently using nghttp2's default window size which is terribly small + (64K). This becomes a bottle neck over high bandwidth networks. We should + instead make the window size to be very big (512MB?) as we really don't do + much flow control anyway. 5.5 auth= in URLs @@ -442,7 +517,7 @@ This is not detailed in any FTP specification. Consider a way to tell curl to refuse to "downgrade" protocol with a redirect and/or possibly a bit that refuses redirect to change protocol completely. -5.7 More compressions +5.7 Brotli compression Compression algorithms that perform better than gzip are being considered for use and inclusion in existing browsers. For example 'brotli'. If servers @@ -450,6 +525,16 @@ This is not detailed in any FTP specification. of this. The algorithm: https://github.com/google/brotli The Firefox bug: https://bugzilla.mozilla.org/show_bug.cgi?id=366559 +5.8 QUIC + + The standardization process of QUIC has been taken to the IETF and can be + followed on the [IETF QUIC Mailing + list](https://www.ietf.org/mailman/listinfo/quic). I'd like us to get on the + bandwagon. Ideally, this would be done with a separate library/project to + handle the binary/framing layer in a similar fashion to how HTTP/2 is + implemented. This, to allow other projects to benefit from the work and to + thus broaden the interest and chance of others to participate. + 6. TELNET @@ -486,6 +571,17 @@ to provide the data to send. Add the ability, for an application that uses libcurl, to obtain the list of capabilities returned from the EHLO command. +7.3 Add CURLOPT_MAIL_CLIENT option + + Rather than use the URL to specify the mail client string to present in the + HELO and EHLO commands, libcurl should support a new CURLOPT specifically for + specifying this data as the URL is non-standard and to be honest a bit of a + hack ;-) + + Please see the following thread for more information: + https://curl.haxx.se/mail/lib-2012-05/0178.html + + 8. POP3 8.1 Pipelining @@ -600,6 +696,18 @@ that doesn't exist on the server, just like --ftp-create-dirs. https://curl.haxx.se/mail/lib-2013-03/0103.html . libunbound may be the correct library to base this development on. + Björn Stenberg wrote a separate initial take on DANE that was never + completed. + +13.9 Support TLS v1.3 + + TLS version 1.3 is about to ship and is getting implemented by TLS libraries + as we speak. We should start to support the symbol and make sure all backends + handle it accordingly, then gradually add support as the TLS libraries add + the corresponding support. There may be a need to add some additional options + to allow libcurl to take advantage of the new features in 1.3. + + 14. GnuTLS 14.1 SSL engine stuff @@ -660,9 +768,32 @@ that doesn't exist on the server, just like --ftp-create-dirs. with integrity protection) and auth-conf (Authentication with integrity and privacy protection). -17. Command line tool +16.3 Support binary messages (i.e.: non-base64) + + Mandatory to support LDAP SASL authentication. + + +17. SSH protocols -17.1 sync +17.1 Multiplexing + + SSH is a perfectly fine multiplexed protocols which would allow libcurl to do + multiple parallel transfers from the same host using the same connection, + much in the same spirit as HTTP/2 does. libcurl however does not take + advantage of that ability but will instead always create a new connection for + new transfers even if an existing connection already exists to the host. + + To fix this, libcurl would have to detect an existing connection and "attach" + the new transfer to the existing one. + +17.2 SFTP performance + + libcurl's SFTP transfer performance is sub par and can be improved, mostly by + the approach mentioned in "1.6 Modified buffer size approach". + +18. Command line tool + +18.1 sync "curl --sync http://example.com/feed[1-100].rss" or "curl --sync http://example.net/{index,calendar,history}.html" @@ -671,12 +802,12 @@ that doesn't exist on the server, just like --ftp-create-dirs. remote file is newer than the local file. A Last-Modified HTTP date header should also be used to set the mod date on the downloaded file. -17.2 glob posts +18.2 glob posts Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'. This is easily scripted though. -17.3 prevent file overwriting +18.3 prevent file overwriting Add an option that prevents cURL from overwriting existing local files. When used, and there already is an existing file with the target file name @@ -684,14 +815,17 @@ that doesn't exist on the server, just like --ftp-create-dirs. existing). So that index.html becomes first index.html.1 and then index.html.2 etc. -17.4 simultaneous parallel transfers +18.4 simultaneous parallel transfers The client could be told to use maximum N simultaneous parallel transfers and then just make sure that happens. It should of course not make more than one connection to the same remote host. This would require the client to use the multi interface. https://curl.haxx.se/bug/feature.cgi?id=1558595 -17.5 provide formpost headers + Using the multi interface would also allow properly using parallel transfers + with HTTP/2 and supporting HTTP/2 server push from the command line. + +18.5 provide formpost headers Extending the capabilities of the multipart formposting. How about leaving the ';type=foo' syntax as it is and adding an extra tag (headers) which @@ -705,24 +839,24 @@ that doesn't exist on the server, just like --ftp-create-dirs. which should overwrite the program reasonable defaults (plain/text, 8bit...) -17.6 warning when setting an option +18.6 warning when setting an option Display a warning when libcurl returns an error when setting an option. This can be useful to tell when support for a particular feature hasn't been compiled into the library. -17.7 warning when sending binary output to terminal +18.7 warning when sending binary output to terminal Provide a way that prompts the user for confirmation before binary data is sent to the terminal, much in the style 'less' does it. -17.8 offer color-coded HTTP header output +18.8 offer color-coded HTTP header output By offering different color output on the header name and the header contents, they could be made more readable and thus help users working on HTTP services. -17.9 Choose the name of file in braces for complex URLs +18.9 Choose the name of file in braces for complex URLs When using braces to download a list of URLs and you use complicated names in the list of alternatives, it could be handy to allow curl to use other @@ -734,13 +868,13 @@ that doesn't exist on the server, just like --ftp-create-dirs. See https://github.com/curl/curl/issues/221 -17.10 improve how curl works in a windows console window +18.10 improve how curl works in a windows console window If you pull the scrollbar when transferring with curl in a Windows console window, the transfer is interrupted and can get disconnected. This can probably be improved. See https://github.com/curl/curl/issues/322 -17.11 -w output to stderr +18.11 -w output to stderr -w is quite useful, but not to those of us who use curl without -o or -O (such as for scripting through a higher level language). It would be nice to @@ -748,7 +882,7 @@ that doesn't exist on the server, just like --ftp-create-dirs. instead. Proposed name: --write-stderr. See https://github.com/curl/curl/issues/613 -17.12 keep running, read instructions from pipe/socket +18.12 keep running, read instructions from pipe/socket Provide an option that makes curl not exit after the last URL (or even work without a given URL), and then make it read instructions passed on a pipe or @@ -756,37 +890,62 @@ that doesn't exist on the server, just like --ftp-create-dirs. invoke can talk to the still running instance and ask for transfers to get done, and thus maintain its connection pool, DNS cache and more. -18. Build +18.13 support metalink in http headers + + Curl has support for downloading a metalink xml file, processing it, and then + downloading the target of the metalink. This is done via the --metalink option. + It would be nice if metalink also supported downloading via metalink + information that is stored in HTTP headers (RFC 6249). Theoretically this could + also be supported with the --metalink option. + + See https://tools.ietf.org/html/rfc6249 + + See also https://lists.gnu.org/archive/html/bug-wget/2015-06/msg00034.html for + an implematation of this in wget. + +18.14 --fail without --location should treat 3xx as a failure + + To allow a command line like this to detect a redirect and consider it a + failure: + + curl -v --fail -O https://example.com/curl-7.48.0.tar.gz + + ... --fail must treat 3xx responses as failures too. The least problematic + way to implement this is probably to add that new logic in the command line + tool only and not in the underlying CURLOPT_FAILONERROR logic. + + +19. Build -18.1 roffit +19.1 roffit Consider extending 'roffit' to produce decent ASCII output, and use that instead of (g)nroff when building src/tool_hugehelp.c -19. Test suite +20. Test suite -19.1 SSL tunnel +20.1 SSL tunnel Make our own version of stunnel for simple port forwarding to enable HTTPS and FTP-SSL tests without the stunnel dependency, and it could allow us to provide test tools built with either OpenSSL or GnuTLS -19.2 nicer lacking perl message +20.2 nicer lacking perl message If perl wasn't found by the configure script, don't attempt to run the tests but explain something nice why it doesn't. -19.3 more protocols supported +20.3 more protocols supported Extend the test suite to include more protocols. The telnet could just do FTP or http operations (for which we have test servers). -19.4 more platforms supported +20.4 more platforms supported Make the test suite work on more platforms. OpenBSD and Mac OS. Remove fork()s and it should become even more portable. -19.5 Add support for concurrent connections +20.5 Add support for concurrent connections Tests 836, 882 and 938 were designed to verify that separate connections aren't used when using different login credentials in protocols that shouldn't re-use @@ -800,7 +959,7 @@ that doesn't exist on the server, just like --ftp-create-dirs. and thus the wait for connections loop is never entered to receive the second connection. -19.6 Use the RFC6265 test suite +20.6 Use the RFC6265 test suite A test suite made for HTTP cookies (RFC 6265) by Adam Barth is available at https://github.com/abarth/http-state/tree/master/tests @@ -810,14 +969,14 @@ that doesn't exist on the server, just like --ftp-create-dirs. incorporated into our regular test suite. -20. Next SONAME bump +21. Next SONAME bump -20.1 http-style HEAD output for FTP +21.1 http-style HEAD output for FTP #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers from being output in NOBODY requests over FTP -20.2 combine error codes +21.2 combine error codes Combine some of the error codes to remove duplicates. The original numbering should not be changed, and the old identifiers would be @@ -842,29 +1001,29 @@ that doesn't exist on the server, just like --ftp-create-dirs. CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED -20.3 extend CURLOPT_SOCKOPTFUNCTION prototype +21.3 extend CURLOPT_SOCKOPTFUNCTION prototype The current prototype only provides 'purpose' that tells what the connection/socket is for, but not any protocol or similar. It makes it hard for applications to differentiate on TCP vs UDP and even HTTP vs FTP and similar. -21. Next major release +22. Next major release -21.1 cleanup return codes +22.1 cleanup return codes curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a CURLMcode. These should be changed to be the same. -21.2 remove obsolete defines +22.2 remove obsolete defines remove obsolete defines from curl/curl.h -21.3 size_t +22.3 size_t make several functions use size_t instead of int in their APIs -21.4 remove several functions +22.4 remove several functions remove the following functions from the public API: @@ -885,18 +1044,18 @@ that doesn't exist on the server, just like --ftp-create-dirs. curl_multi_socket_all -21.5 remove CURLOPT_FAILONERROR +22.5 remove CURLOPT_FAILONERROR Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird internally. Let the app judge success or not for itself. -21.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE +22.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE Remove support for a global DNS cache. Anything global is silly, and we already offer the share interface for the same functionality but done "right". -21.7 remove progress meter from libcurl +22.7 remove progress meter from libcurl The internally provided progress meter output doesn't belong in the library. Basically no application wants it (apart from curl) but instead applications @@ -906,7 +1065,7 @@ that doesn't exist on the server, just like --ftp-create-dirs. variable types passed to it instead of doubles so that big files work correctly. -21.8 remove 'curl_httppost' from public +22.8 remove 'curl_httppost' from public curl_formadd() was made to fill in a public struct, but the fact that the struct is public is never really used by application for their own advantage diff --git a/docs/curl-config.pdf b/docs/curl-config.pdf index ebbfaf8e3..4129028de 100644 Binary files a/docs/curl-config.pdf and b/docs/curl-config.pdf differ diff --git a/docs/curl.1 b/docs/curl.1 index 0b0f4d29d..7a6cbbd5a 100644 --- a/docs/curl.1 +++ b/docs/curl.1 @@ -51,16 +51,16 @@ braces as in: or you can get sequences of alphanumeric series by using [] as in: - ftp://ftp.numericals.com/file[1-100].txt + ftp://ftp.example.com/file[1-100].txt - ftp://ftp.numericals.com/file[001-100].txt (with leading zeros) + ftp://ftp.example.com/file[001-100].txt (with leading zeros) - ftp://ftp.letters.com/file[a-z].txt + ftp://ftp.example.com/file[a-z].txt Nested sequences are not supported, but you can use several ones next to each other: - http://any.org/archive[1996-1999]/vol[1-4]/part{a,b,c}.html + http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html You can specify any amount of URLs on the command line. They will be fetched in a sequential manner in the specified order. @@ -68,9 +68,9 @@ in a sequential manner in the specified order. You can specify a step counter for the ranges to get every Nth number or letter: - http://www.numericals.com/file[1-100:10].txt + http://example.com/file[1-100:10].txt - http://www.letters.com/file[a-z:2].txt + http://example.com/file[a-z:2].txt When using [] or {} sequences when invoked from a command line prompt, you probably have to put the full URL within double quotes to avoid the shell from @@ -98,7 +98,10 @@ specified on a single command line and cannot be used between separate curl invokes. .SH "PROGRESS METER" curl normally displays a progress meter during operations, indicating the -amount of transferred data, transfer speeds and estimated time left, etc. +amount of transferred data, transfer speeds and estimated time left, etc. The +progress meter displays number of bytes and the speeds are in bytes per +second. The suffixes (k, M, G, T, P) are 1024 based. For example 1k is 1024 +bytes. 1M is 1048576 bytes. curl displays this data to the terminal by default, so if you invoke curl to do an operation and it is about to write data to the terminal, it @@ -150,6 +153,14 @@ version. (Added in 7.33.0) .IP "--http2" (HTTP) Tells curl to issue its requests using HTTP 2. This requires that the underlying libcurl was built to support it. (Added in 7.33.0) +.IP "--http2-prior-knowledge" +(HTTP) Tells curl to issue its non-TLS HTTP requests using HTTP/2 without +HTTP/1.1 Upgrade. It requires prior knowledge that the server supports HTTP/2 +straight away. HTTPS requests will still do HTTP/2 the standard way with +negotiated protocol version in the TLS handshake. + +HTTP/2 support in general also requires that the underlying libcurl was built +to support it. (Added in 7.49.0) .IP "--no-npn" Disable the NPN TLS extension. NPN is enabled by default if libcurl was built with an SSL library that supports NPN. NPN is used by a libcurl that supports @@ -509,7 +520,7 @@ nickname contains ":", it needs to be preceded by "\\" so that it is not recognized as password delimiter. If the nickname contains "\\", it needs to be escaped as "\\\\" so that it is not recognized as an escape character. -(iOS and Mac OS X only) If curl is built against Secure Transport, then the +(iOS and macOS only) If curl is built against Secure Transport, then the certificate string can either be the name of a certificate/private key in the system or user keychain, or the path to a PKCS#12-encoded certificate and private key. If you want to use a file from the current directory, please @@ -558,6 +569,12 @@ Current Working Directory, or in any folder along your PATH. If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly. +(iOS and macOS only) If curl is built against Secure Transport, then this +option is supported for backward compatibility with other SSL engines, but it +should not be set. If the option is not set, then curl will use the +certificates in the system and user Keychain to verify the peer, which is the +preferred method of verifying the peer's certificate chain. + If this option is used several times, the last one will be used. .IP "--capath " (SSL) Tells curl to use the specified certificate directory to verify the @@ -581,9 +598,16 @@ indicating its identity. A public key is extracted from this certificate and if it does not exactly match the public key provided to this option, curl will abort the connection before sending or receiving any data. -Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0 for NSS and -wolfSSL/CyaSSL. sha256 support added in 7.44.0 for OpenSSL, -GnuTLS, NSS and wolfSSL/CyaSSL. Other SSL backends not supported. +PEM/DER support: + 7.39.0: OpenSSL, GnuTLS and GSKit + 7.43.0: NSS and wolfSSL/CyaSSL + 7.47.0: mbedtls + 7.49.0: PolarSSL +sha256 support: + 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL. + 7.47.0: mbedtls + 7.49.0: PolarSSL +Other SSL backends not supported. If this option is used several times, the last one will be used. .IP "--cert-status" @@ -626,11 +650,10 @@ the symbol <. The difference between @ and < is then that @ makes a file get attached in the post as a file upload, while the < makes a text field and just get the contents for that text field from a file. -Example, to send your password file to the server, where -\&'password' is the name of the form-field to which /etc/passwd will be the -input: +Example: to send an image to a server, where \&'profile' is the name of the +form-field to which portrait.jpg will be the input: -\fBcurl\fP -F password=@/etc/passwd www.mypasswords.com +\fBcurl\fP -F profile=@portrait.jpg https://example.com/upload.cgi To read content from stdin instead of a file, use - as the filename. This goes for both @ and < constructs. Unfortunately it does not support reading the @@ -640,24 +663,24 @@ transfer starts. You can also tell curl what Content-Type to use by using 'type=', in a manner similar to: -\fBcurl\fP -F "web=@index.html;type=text/html" url.com +\fBcurl\fP -F "web=@index.html;type=text/html" example.com or -\fBcurl\fP -F "name=daniel;type=text/foo" url.com +\fBcurl\fP -F "name=daniel;type=text/foo" example.com You can also explicitly change the name field of a file upload part by setting filename=, like this: -\fBcurl\fP -F "file=@localfile;filename=nameinpost" url.com +\fBcurl\fP -F "file=@localfile;filename=nameinpost" example.com If filename/path contains ',' or ';', it must be quoted by double-quotes like: -\fBcurl\fP -F "file=@\\"localfile\\";filename=\\"nameinpost\\"" url.com +\fBcurl\fP -F "file=@\\"localfile\\";filename=\\"nameinpost\\"" example.com or -\fBcurl\fP -F 'file=@"localfile";filename="nameinpost"' url.com +\fBcurl\fP -F 'file=@"localfile";filename="nameinpost"' example.com Note that if a filename/path is quoted by double-quotes, any double-quote or backslash within the filename must be escaped by backslash. @@ -741,6 +764,10 @@ waits for a reply from the server. authentication, but non-encrypted data transfers for efficiency. Fails the transfer if the server doesn't support SSL/TLS. (Added in 7.16.0) that can still be used but will be removed in a future version. +.IP "--ftp-ssl" +(FTP) This deprecated option is now known as \fI--ssl\fP. +.IP "--ftp-ssl-reqd" +(FTP) This deprecated option is now known as \fI--ssl-reqd\fP. .IP "--form-string " (HTTP) Similar to \fI--form\fP except that the value string for the named parameter is used literally. Leading \&'@' and \&'<' characters, and the @@ -788,7 +815,7 @@ intended for a proxy. Example: -\&# curl -H "X-First-Name: Joe" http://192.168.0.1/ +\&# curl -H "X-First-Name: Joe" http://example.com/ \fBWARNING\fP: headers set with this option will be set in all requests - even after redirects are followed, like when told with \fB-L, --location\fP. This @@ -821,7 +848,7 @@ time only. Perform an operation using a specified interface. You can enter interface name, IP address or host name. An example could look like: - curl --interface eth0:1 http://www.netscape.com/ + curl --interface eth0:1 https://www.example.com/ If this option is used several times, the last one will be used. .IP "-j, --junk-session-cookies" @@ -898,14 +925,14 @@ simply try to load .curlrc from the determined home dir. .nf # --- Example file --- # this is a comment -url = "curl.haxx.se" +url = "example.com" output = "curlhere.html" user-agent = "superagent/1.0" # and fetch another URL too -url = "curl.haxx.se/docs/manpage.html" +url = "example.com/docs/manpage.html" -O -referer = "http://nowhereatall.com/" +referer = "http://nowhereatall.example.com/" # --- End of example file --- .fi @@ -940,6 +967,8 @@ This option requires a library built with kerberos4 support. This is not very common. Use \fI-V, --version\fP to see if your curl supports it. If this option is used several times, the last one will be used. +.IP "--krb4 " +(FTP) This is the former name for \fI--krb\fP. Do not use. .IP "-l, --list-only" (FTP) When listing an FTP directory, this switch forces a name-only view. This is @@ -995,10 +1024,6 @@ The given speed is measured in bytes/second, unless a suffix is appended. Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G. -The given rate is the average speed counted during the entire transfer. It -means that curl might use higher transfer speeds in short bursts, but over -time it uses no more than the given rate. - If you also use the \fI-Y, --speed-limit\fP option, that option will take precedence and might cripple the rate-limiting slightly, to help keeping the speed-limit logic working. @@ -1053,7 +1078,8 @@ return with exit code 63. files this option has no effect even if the file transfer ends up being larger than this given limit. This concerns both FTP and HTTP transfers. .IP "--mail-rcpt
" -(SMTP) Specify a single address, user name or mailing list name. +(SMTP) Specify a single address, user name or mailing list name. Repeat this +option several times to send to multiple recipients. When performing a mail transfer, the recipient should specify a valid email address to send the mail to. (Added in 7.20.0) @@ -1169,6 +1195,19 @@ effectively disables the proxy. Each name in this list is matched as either a domain which contains the hostname, or the hostname itself. For example, local.com would match local.com, local.com:80, and www.local.com, but not www.notlocal.com. (Added in 7.19.4). +.IP "--connect-to " +For a request to the given "host:port" pair, connect to +"connect-to-host:connect-to-port" instead. +This is suitable to direct the request at a specific server, e.g. at a specific +cluster node in a cluster of servers. +This option is only used to establish the network connection. It does NOT +affect the hostname/port that is used for TLS/SSL (e.g. SNI, certificate +verification) or for the application protocols. +"host" and "port" may be the empty string, meaning "any host/port". +"connect-to-host" and "connect-to-port" may also be the empty string, +meaning "use the request's original host/port". +This option can be used many times to add many connect rules. +(Added in 7.49.0). .IP "--ntlm" (HTTP) Enables NTLM authentication. The NTLM authentication method was designed by Microsoft and is used by IIS web servers. It is a proprietary @@ -1184,13 +1223,17 @@ This option requires a library built with SSL support. Use \fI-V, --version\fP to see if your curl supports NTLM. If this option is used several times, only the first one is used. +.IP "--ntlm-wb" +(HTTP) Enables NTLM much in the style \fI--ntlm\fP does, but hand over the +authentication to the separate binary ntlmauth application that is executed +when needed. .IP "-o, --output " Write output to instead of stdout. If you are using {} or [] to fetch multiple documents, you can use '#' followed by a number in the specifier. That variable will be replaced with the current string for the URL being fetched. Like in: - curl http://{one,two}.site.com -o "file_#1.txt" + curl http://{one,two}.example.com -o "file_#1.txt" or use several variables like: @@ -1427,7 +1470,7 @@ If this option is used several times, the last one will be used. private key file, so passing this option is generally not required. Note that this public key extraction requires libcurl to be linked against a copy of libssh2 1.2.8 or higher that is itself linked against OpenSSL.) -.IP "-q" +.IP "-q, --disable" If used as the first parameter on the command line, the \fIcurlrc\fP config file will not be read and used. See the \fI-K, --config\fP for details on the default config file search path. @@ -1547,6 +1590,9 @@ the number used for the specific protocol the host will be used for. It means you need several entries if you want to provide address for the same host but different ports. +The provided address set by this option will be used even if \fI-4, --ipv4\fP +or \fI-6, --ipv6\fP is set to make curl use another IP version. + This option can be used many times to add many host names to resolve. (Added in 7.21.3) @@ -1607,8 +1653,7 @@ option name can still be used but will be removed in a future version. (FTP, POP3, IMAP, SMTP) Require SSL/TLS for the connection. Terminates the connection if the server doesn't support SSL/TLS. (Added in 7.20.0) -This option was formerly known as \fI--ftp-ssl-reqd\fP (added in 7.15.5). That -option name can still be used but will be removed in a future version. +This option was formerly known as \fI--ftp-ssl-reqd\fP. .IP "--ssl-allow-beast" (SSL) This option tells curl to not work around a security flaw in the SSL3 and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer @@ -1714,14 +1759,16 @@ specifies what to upload and to where. curl also supports "globbing" of the -T argument, meaning that you can upload multiple files to a single URL by using the same URL globbing style supported in the URL, like this: -curl -T "{file1,file2}" http://www.uploadtothissite.com +curl -T "{file1,file2}" http://www.example.com or even -curl -T "img[1-1000].png" ftp://ftp.picturemania.com/upload/ +curl -T "img[1-1000].png" ftp://ftp.example.com/upload/ .IP "--tcp-nodelay" Turn on the TCP_NODELAY option. See the \fIcurl_easy_setopt(3)\fP man page for details about this option. (Added in 7.11.2) +.IP "--tcp-fastopen" +Enable use of TCP Fast Open (RFC7413). (Added in 7.49.0) .IP "--tftp-blksize " (TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that curl will try to use when transferring data to or from a TFTP server. By @@ -1887,7 +1934,7 @@ The Content-Type of the requested document, if there was any. The ultimate filename that curl writes out to. This is only meaningful if curl is told to write to a file with the \fI--remote-name\fP or \fI--output\fP option. It's most useful in combination with the \fI--remote-header-name\fP -option. (Added in 7.25.1) +option. (Added in 7.26.0) .TP .B ftp_entry_path The initial path curl ended up in when logging on to the remote FTP @@ -1902,6 +1949,9 @@ same info. The numerical code that was found in the last response (from a proxy) to a curl CONNECT request. (Added in 7.12.4) .TP +.B http_version +The http version that was effectively used. (Added in 7.50.0) +.TP .B local_ip The IP address of the local end of the most recently done connection - can be either IPv4 or IPv6 (Added in 7.29.0) diff --git a/docs/curl.html b/docs/curl.html index 7395338ba..1359016e0 100644 --- a/docs/curl.html +++ b/docs/curl.html @@ -60,22 +60,22 @@ p.roffit {

You can specify multiple URLs or parts of URLs by writing part sets within braces as in:

  http://site.{one,two,three}.com

or you can get sequences of alphanumeric series by using [] as in: -

  ftp://ftp.numericals.com/file[1-100].txt -

  ftp://ftp.numericals.com/file[001-100].txt (with leading zeros) -

  ftp://ftp.letters.com/file[a-z].txt +

  ftp://ftp.example.com/file[1-100].txt +

  ftp://ftp.example.com/file[001-100].txt (with leading zeros) +

  ftp://ftp.example.com/file[a-z].txt

Nested sequences are not supported, but you can use several ones next to each other: -

  http://any.org/archive[1996-1999]/vol[1-4]/part{a,b,c}.html +

  http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html

You can specify any amount of URLs on the command line. They will be fetched in a sequential manner in the specified order.

You can specify a step counter for the ranges to get every Nth number or letter: -

  http://www.numericals.com/file[1-100:10].txt -

  http://www.letters.com/file[a-z:2].txt +

  http://example.com/file[1-100:10].txt +

  http://example.com/file[a-z:2].txt

When using [] or {} sequences when invoked from a command line prompt, you probably have to put the full URL within double quotes to avoid the shell from interfering with it. This also goes for other characters treated special, like for example '&', '?' and '*'.

Provide the IPv6 zone index in the URL with an escaped percentage sign and the interface name. Like in

  http://[fe80::3%25eth0]/

If you specify URL without protocol:// prefix, curl will attempt to guess what protocol you might want. It will then default to HTTP but try other protocols based on often-used host name prefixes. For example, for host names starting with "ftp." curl will assume you want to speak FTP.

curl will do its best to use what you pass to it as a URL. It is not trying to validate it as a syntactically correct URL by any means but is instead very liberal with what it accepts.

curl will attempt to re-use connections for multiple file transfers, so that getting many files from the same server will not do multiple connects / handshakes. This improves speed. Of course this is only done on files specified on a single command line and cannot be used between separate curl invokes.

PROGRESS METER

-

curl normally displays a progress meter during operations, indicating the amount of transferred data, transfer speeds and estimated time left, etc. +

curl normally displays a progress meter during operations, indicating the amount of transferred data, transfer speeds and estimated time left, etc. The progress meter displays number of bytes and the speeds are in bytes per second. The suffixes (k, M, G, T, P) are 1024 based. For example 1k is 1024 bytes. 1M is 1048576 bytes.

curl displays this data to the terminal by default, so if you invoke curl to do an operation and it is about to write data to the terminal, it disables the progress meter as otherwise it would mess up the output mixing progress meter and response data.

If you want a progress meter for HTTP POST or PUT requests, you need to redirect the response output to a file, using shell redirect (>), -o [file] or similar.

It is not the same case for FTP upload as that operation does not spit out any response data to the terminal. @@ -94,6 +94,9 @@ p.roffit {

(HTTP) Tells curl to use HTTP version 1.1. This is the internal default version. (Added in 7.33.0)

--http2

(HTTP) Tells curl to issue its requests using HTTP 2. This requires that the underlying libcurl was built to support it. (Added in 7.33.0) +

--http2-prior-knowledge +

(HTTP) Tells curl to issue its non-TLS HTTP requests using HTTP/2 without HTTP/1.1 Upgrade. It requires prior knowledge that the server supports HTTP/2 straight away. HTTPS requests will still do HTTP/2 the standard way with negotiated protocol version in the TLS handshake. +

HTTP/2 support in general also requires that the underlying libcurl was built to support it. (Added in 7.49.0)

--no-npn

Disable the NPN TLS extension. NPN is enabled by default if libcurl was built with an SSL library that supports NPN. NPN is used by a libcurl that supports HTTP 2 to negotiate HTTP 2 support with the server during https sessions.

(Added in 7.36.0) @@ -234,7 +237,7 @@ p.roffit {

-E, --cert <certificate[:password]>

(SSL) Tells curl to use the specified client certificate file when getting a file with HTTPS, FTPS or another SSL-based protocol. The certificate must be in PKCS#12 format if using Secure Transport, or PEM format if using any other engine. If the optional password isn't specified, it will be queried for on the terminal. Note that this option assumes a "certificate" file that is the private key and the client certificate concatenated! See --cert and --key to specify them independently.

If curl is built against the NSS SSL library then this option can tell curl the nickname of the certificate to use within the NSS database defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be loaded. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname. If the nickname contains ":", it needs to be preceded by "\" so that it is not recognized as password delimiter. If the nickname contains "\", it needs to be escaped as "\\" so that it is not recognized as an escape character. -

(iOS and Mac OS X only) If curl is built against Secure Transport, then the certificate string can either be the name of a certificate/private key in the system or user keychain, or the path to a PKCS#12-encoded certificate and private key. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname. +

(iOS and macOS only) If curl is built against Secure Transport, then the certificate string can either be the name of a certificate/private key in the system or user keychain, or the path to a PKCS#12-encoded certificate and private key. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname.

If this option is used several times, the last one will be used.

--engine <name>

Select the OpenSSL crypto engine to use for cipher operations. Use --engine list to print a list of build-time supported engines. Note that not all (or none) of the engines may be available at run-time. @@ -253,6 +256,7 @@ p.roffit {

curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is set, and uses the given path as a path to a CA cert bundle. This option overrides that variable.

The windows version of curl will automatically look for a CA certs file named ´curl-ca-bundle.crt´, either in the same directory as curl.exe, or in the Current Working Directory, or in any folder along your PATH.

If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly. +

(iOS and macOS only) If curl is built against Secure Transport, then this option is supported for backward compatibility with other SSL engines, but it should not be set. If the option is not set, then curl will use the certificates in the system and user Keychain to verify the peer, which is the preferred method of verifying the peer's certificate chain.

If this option is used several times, the last one will be used.

--capath <CA certificate directory>

(SSL) Tells curl to use the specified certificate directory to verify the peer. Multiple paths can be provided by separating them with ":" (e.g. "path1:path2:path3"). The certificates must be in PEM format, and if curl is built against OpenSSL, the directory must have been processed using the c_rehash utility supplied with OpenSSL. Using --capath can allow OpenSSL-powered curl to make SSL-connections much more efficiently than using --cacert if the --cacert file contains many CA certificates. @@ -260,7 +264,7 @@ p.roffit {

--pinnedpubkey <pinned public key (hashes)>

(SSL) Tells curl to use the specified public key file (or hashes) to verify the peer. This can be a path to a file which contains a single public key in PEM or DER format, or any number of base64 encoded sha256 hashes preceded by ´sha256//´ and separated by ´;´

When negotiating a TLS or SSL connection, the server sends a certificate indicating its identity. A public key is extracted from this certificate and if it does not exactly match the public key provided to this option, curl will abort the connection before sending or receiving any data. -

Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0 for NSS and wolfSSL/CyaSSL. sha256 support added in 7.44.0 for OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL. Other SSL backends not supported. +

PEM/DER support:   7.39.0: OpenSSL, GnuTLS and GSKit   7.43.0: NSS and wolfSSL/CyaSSL   7.47.0: mbedtls   7.49.0: PolarSSL sha256 support:   7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.   7.47.0: mbedtls   7.49.0: PolarSSL Other SSL backends not supported.

If this option is used several times, the last one will be used.

--cert-status

(SSL) Tells curl to verify the status of the server certificate by using the Certificate Status Request (aka. OCSP stapling) TLS extension. @@ -275,19 +279,19 @@ p.roffit {

This method is not fail-safe and there are occasions where non-successful response codes will slip through, especially when authentication is involved (response codes 401 and 407).

-F, --form <name=content>

(HTTP) This lets curl emulate a filled-in form in which a user has pressed the submit button. This causes curl to POST data using the Content-Type multipart/form-data according to RFC 2388. This enables uploading of binary files etc. To force the 'content' part to be a file, prefix the file name with an @ sign. To just get the content part from a file, prefix the file name with the symbol <. The difference between @ and < is then that @ makes a file get attached in the post as a file upload, while the < makes a text field and just get the contents for that text field from a file. -

Example, to send your password file to the server, where 'password' is the name of the form-field to which /etc/passwd will be the input: -

curl -F password=@/etc/passwd www.mypasswords.com +

Example: to send an image to a server, where 'profile' is the name of the form-field to which portrait.jpg will be the input: +

curl -F profile=@portrait.jpg https://example.com/upload.cgi

To read content from stdin instead of a file, use - as the filename. This goes for both @ and < constructs. Unfortunately it does not support reading the file from a named pipe or similar, as it needs the full size before the transfer starts.

You can also tell curl what Content-Type to use by using 'type=', in a manner similar to: -

curl -F "web=@index.html;type=text/html" url.com +

curl -F "web=@index.html;type=text/html" example.com

or -

curl -F "name=daniel;type=text/foo" url.com +

curl -F "name=daniel;type=text/foo" example.com

You can also explicitly change the name field of a file upload part by setting filename=, like this: -

curl -F "file=@localfile;filename=nameinpost" url.com +

curl -F "file=@localfile;filename=nameinpost" example.com

If filename/path contains ',' or ';', it must be quoted by double-quotes like: -

curl -F "file=@\"localfile\";filename=\"nameinpost\"" url.com +

curl -F "file=@\"localfile\";filename=\"nameinpost\"" example.com

or -

curl -F 'file=@"localfile";filename="nameinpost"' url.com +

curl -F 'file=@"localfile";filename="nameinpost"' example.com

Note that if a filename/path is quoted by double-quotes, any double-quote or backslash within the filename must be escaped by backslash.

See further examples and details in the MANUAL.

This option can be used multiple times. @@ -325,6 +329,10 @@ p.roffit {

(FTP) Use CCC (Clear Command Channel) Sets the CCC mode. The passive mode will not initiate the shutdown, but instead wait for the server to do it, and will not reply to the shutdown from the server. The active mode initiates the shutdown and waits for a reply from the server. (Added in 7.16.2)

--ftp-ssl-control

(FTP) Require SSL/TLS for the FTP login, clear for transfer. Allows secure authentication, but non-encrypted data transfers for efficiency. Fails the transfer if the server doesn't support SSL/TLS. (Added in 7.16.0) that can still be used but will be removed in a future version. +

--ftp-ssl +

(FTP) This deprecated option is now known as --ssl. +

--ftp-ssl-reqd +

(FTP) This deprecated option is now known as --ssl-reqd.

--form-string <name=string>

(HTTP) Similar to --form except that the value string for the named parameter is used literally. Leading '@' and '<' characters, and the ';type=' string in the value have no special meaning. Use this in preference to --form if there's any possibility that the string value may accidentally trigger the '@' or '<' features of --form.

-g, --globoff @@ -339,7 +347,7 @@ p.roffit {

See also the -A, --user-agent and -e, --referer options.

Starting in 7.37.0, you need --proxy-header to send custom headers intended for a proxy.

Example: -

# curl -H "X-First-Name: Joe" http://192.168.0.1/ +

# curl -H "X-First-Name: Joe" http://example.com/

WARNING: headers set with this option will be set in all requests - even after redirects are followed, like when told with -L, --location. This can lead to the header being sent to other hosts than the original host, so sensitive headers should be used with caution combined with following redirects.

This option can be used multiple times to add/replace/remove multiple headers.

--hostpubmd5 <md5> @@ -353,7 +361,7 @@ p.roffit {

(HTTP/FTP/FILE) Fetch the HTTP-header only! HTTP-servers feature the command HEAD which this uses to get nothing but the header of a document. When used on an FTP or FILE file, curl displays the file size and last modification time only.

--interface <name>

Perform an operation using a specified interface. You can enter interface name, IP address or host name. An example could look like: -

 curl --interface eth0:1 http://www.netscape.com/ +

 curl --interface eth0:1 https://www.example.com/

If this option is used several times, the last one will be used.

-j, --junk-session-cookies

(HTTP) When curl is told to read cookies from a given file, this option will make it discard all "session cookies". This will basically have the same effect as if a new session is started. Typical browsers always discard session cookies when they're closed down. @@ -378,14 +386,14 @@ p.roffit {

 # --- Example file ---
 # this is a comment
-url = "curl.haxx.se"
+url = "example.com"
 output = "curlhere.html"
 user-agent = "superagent/1.0"
  
 # and fetch another URL too
-url = "curl.haxx.se/docs/manpage.html"
+url = "example.com/docs/manpage.html"
 -O
-referer = "http://nowhereatall.com/"
+referer = "http://nowhereatall.example.com/"
 # --- End of example file ---
 
@@ -404,6 +412,8 @@ referer = "http://nowhereatall.com/"

(FTP) Enable Kerberos authentication and use. The level must be entered and should be one of 'clear', 'safe', 'confidential', or 'private'. Should you use a level that is not one of these, 'private' will instead be used.

This option requires a library built with kerberos4 support. This is not very common. Use -V, --version to see if your curl supports it.

If this option is used several times, the last one will be used. +

--krb4 <level> +

(FTP) This is the former name for --krb. Do not use.

-l, --list-only

(FTP) When listing an FTP directory, this switch forces a name-only view. This is especially useful if the user wants to machine-parse the contents of an FTP directory since the normal directory view doesn't use a standard look or format. When used like this, the option causes a NLST command to be sent to the server instead of LIST.

Note: Some FTP servers list only files in their response to NLST; they do not include sub-directories and symbolic links. @@ -419,7 +429,6 @@ referer = "http://nowhereatall.com/"

--limit-rate <speed>

Specify the maximum transfer rate you want curl to use - for both downloads and uploads. This feature is useful if you have a limited pipe and you'd like your transfer not to use your entire bandwidth. To make it slower than it otherwise would be.

The given speed is measured in bytes/second, unless a suffix is appended. Appending 'k' or 'K' will count the number as kilobytes, 'm' or M' makes it megabytes, while 'g' or 'G' makes it gigabytes. Examples: 200K, 3m and 1G. -

The given rate is the average speed counted during the entire transfer. It means that curl might use higher transfer speeds in short bursts, but over time it uses no more than the given rate.

If you also use the -Y, --speed-limit option, that option will take precedence and might cripple the rate-limiting slightly, to help keeping the speed-limit logic working.

If this option is used several times, the last one will be used.

--local-port <num>[-num] @@ -443,7 +452,7 @@ referer = "http://nowhereatall.com/"

Specify the maximum size (in bytes) of a file to download. If the file requested is larger than this value, the transfer will not start and curl will return with exit code 63.

NOTE: The file size is not always known prior to download, and for such files this option has no effect even if the file transfer ends up being larger than this given limit. This concerns both FTP and HTTP transfers.

--mail-rcpt <address> -

(SMTP) Specify a single address, user name or mailing list name. +

(SMTP) Specify a single address, user name or mailing list name. Repeat this option several times to send to multiple recipients.

When performing a mail transfer, the recipient should specify a valid email address to send the mail to. (Added in 7.20.0)

When performing an address verification (VRFY command), the recipient should be specified as the user name or user name and domain (as per Section 3.5 of RFC 5321). (Added in 7.34.0)

When performing a mailing list expand (EXPN command), the recipient should be specified using the mailing list name, such as "Friends" or "London-Office". (Added in 7.34.0) @@ -486,14 +495,18 @@ referer = "http://nowhereatall.com/"

Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.

--noproxy <no-proxy-list>

Comma-separated list of hosts which do not use a proxy, if one is specified. The only wildcard is a single * character, which matches all hosts, and effectively disables the proxy. Each name in this list is matched as either a domain which contains the hostname, or the hostname itself. For example, local.com would match local.com, local.com:80, and www.local.com, but not www.notlocal.com. (Added in 7.19.4). +

--connect-to <host:port:connect-to-host:connect-to-port> +

For a request to the given "host:port" pair, connect to "connect-to-host:connect-to-port" instead. This is suitable to direct the request at a specific server, e.g. at a specific cluster node in a cluster of servers. This option is only used to establish the network connection. It does NOT affect the hostname/port that is used for TLS/SSL (e.g. SNI, certificate verification) or for the application protocols. "host" and "port" may be the empty string, meaning "any host/port". "connect-to-host" and "connect-to-port" may also be the empty string, meaning "use the request's original host/port". This option can be used many times to add many connect rules. (Added in 7.49.0).

--ntlm

(HTTP) Enables NTLM authentication. The NTLM authentication method was designed by Microsoft and is used by IIS web servers. It is a proprietary protocol, reverse-engineered by clever people and implemented in curl based on their efforts. This kind of behavior should not be endorsed, you should encourage everyone who uses NTLM to switch to a public and documented authentication method instead, such as Digest.

If you want to enable NTLM for your proxy authentication, then use --proxy-ntlm.

This option requires a library built with SSL support. Use -V, --version to see if your curl supports NTLM.

If this option is used several times, only the first one is used. +

--ntlm-wb +

(HTTP) Enables NTLM much in the style --ntlm does, but hand over the authentication to the separate binary ntlmauth application that is executed when needed.

-o, --output <file>

Write output to <file> instead of stdout. If you are using {} or [] to fetch multiple documents, you can use '#' followed by a number in the <file> specifier. That variable will be replaced with the current string for the URL being fetched. Like in: -

  curl http://{one,two}.site.com -o "file_#1.txt" +

  curl http://{one,two}.example.com -o "file_#1.txt"

or use several variables like:

  curl http://{site,host}.host[1-5].com -o "#1_#2"

You may use this option as many times as the number of URLs you have. @@ -603,7 +616,7 @@ referer = "http://nowhereatall.com/"

(SSH) Public key file name. Allows you to provide your public key in this separate file.

If this option is used several times, the last one will be used.

(As of 7.39.0, curl attempts to automatically extract the public key from the private key file, so passing this option is generally not required. Note that this public key extraction requires libcurl to be linked against a copy of libssh2 1.2.8 or higher that is itself linked against OpenSSL.) -

-q +

-q, --disable

If used as the first parameter on the command line, the curlrc config file will not be read and used. See the -K, --config for details on the default config file search path.

-Q, --quote <command>

(FTP/SFTP) Send an arbitrary command to the remote FTP or SFTP server. Quote commands are sent BEFORE the transfer takes place (just after the initial PWD command in an FTP transfer, to be exact). To make commands take place after a successful transfer, prefix them with a dash '-'. To make commands be sent after curl has changed the working directory, just before the transfer command(s), prefix the command with a '+' (this is only supported for FTP). You may specify any number of commands. If the server returns failure for one of the commands, the entire operation will be aborted. You must send syntactically correct FTP commands as RFC 959 defines to FTP servers, or one of the commands listed below to SFTP servers. This option can be used multiple times. When speaking to an FTP server, prefix the command with an asterisk (*) to make curl continue even if the command fails as by default curl will stop at first failure. @@ -656,6 +669,7 @@ referer = "http://nowhereatall.com/"

This option changes the default action for all given URLs to be dealt with as if -O, --remote-name were used for each one. So if you want to disable that for a specific URL after --remote-name-all has been used, you must use "-o -" or --no-remote-name. (Added in 7.19.0)

--resolve <host:port:address>

Provide a custom address for a specific host and port pair. Using this, you can make the curl requests(s) use a specified address and prevent the otherwise normally resolved address to be used. Consider it a sort of /etc/hosts alternative provided on the command line. The port number should be the number used for the specific protocol the host will be used for. It means you need several entries if you want to provide address for the same host but different ports. +

The provided address set by this option will be used even if -4, --ipv4 or -6, --ipv6 is set to make curl use another IP version.

This option can be used many times to add many host names to resolve.

(Added in 7.21.3)

--retry <num> @@ -679,10 +693,10 @@ referer = "http://nowhereatall.com/"

When used with -s it makes curl show an error message if it fails.

--ssl

(FTP, POP3, IMAP, SMTP) Try to use SSL/TLS for the connection. Reverts to a non-secure connection if the server doesn't support SSL/TLS. See also --ftp-ssl-control and --ssl-reqd for different levels of encryption required. (Added in 7.20.0) -

This option was formerly known as --ftp-ssl (Added in 7.11.0). That option name can still be used but will be removed in a future version. +

This option was formerly known as --ftp-ssl (Added in 7.11.0). That option name can still be used but will be removed in a future version.

--ssl-reqd

(FTP, POP3, IMAP, SMTP) Require SSL/TLS for the connection. Terminates the connection if the server doesn't support SSL/TLS. (Added in 7.20.0) -

This option was formerly known as --ftp-ssl-reqd (added in 7.15.5). That option name can still be used but will be removed in a future version. +

This option was formerly known as --ftp-ssl-reqd.

--ssl-allow-beast

(SSL) This option tells curl to not work around a security flaw in the SSL3 and TLS1.0 protocols known as BEAST. If this option isn't used, the SSL layer may use workarounds known to cause interoperability problems with some older SSL implementations. WARNING: this option loosens the SSL security, and by using this flag you ask for exactly that. (Added in 7.25.0)

--ssl-no-revoke @@ -725,11 +739,13 @@ referer = "http://nowhereatall.com/"

This transfers the specified local file to the remote URL. If there is no file part in the specified URL, Curl will append the local file name. NOTE that you must use a trailing / on the last directory to really prove to Curl that there is no file name or curl will think that your last directory name is the remote file name to use. That will most likely cause the upload operation to fail. If this is used on an HTTP(S) server, the PUT command will be used.

Use the file name "-" (a single dash) to use stdin instead of a given file. Alternately, the file name "." (a single period) may be specified instead of "-" to use stdin in non-blocking mode to allow reading server output while stdin is being uploaded.

You can specify one -T for each URL on the command line. Each -T + URL pair specifies what to upload and to where. curl also supports "globbing" of the -T argument, meaning that you can upload multiple files to a single URL by using the same URL globbing style supported in the URL, like this: -

curl -T "{file1,file2}" http://www.uploadtothissite.com +

curl -T "{file1,file2}" http://www.example.com

or even -

curl -T "img[1-1000].png" ftp://ftp.picturemania.com/upload/ +

curl -T "img[1-1000].png" ftp://ftp.example.com/upload/

--tcp-nodelay

Turn on the TCP_NODELAY option. See the curl_easy_setopt(3) man page for details about this option. (Added in 7.11.2) +

--tcp-fastopen +

Enable use of TCP Fast Open (RFC7413). (Added in 7.49.0)

--tftp-blksize <value>

(TFTP) Set TFTP BLKSIZE option (must be >512). This is the block size that curl will try to use when transferring data to or from a TFTP server. By default 512 bytes will be used.

If this option is used several times, the last one will be used. @@ -796,10 +812,11 @@ referer = "http://nowhereatall.com/"

The variables available are:

content_type The Content-Type of the requested document, if there was any. -

filename_effective The ultimate filename that curl writes out to. This is only meaningful if curl is told to write to a file with the --remote-name or --output option. It's most useful in combination with the --remote-header-name option. (Added in 7.25.1) +

filename_effective The ultimate filename that curl writes out to. This is only meaningful if curl is told to write to a file with the --remote-name or --output option. It's most useful in combination with the --remote-header-name option. (Added in 7.26.0)

ftp_entry_path The initial path curl ended up in when logging on to the remote FTP server. (Added in 7.15.4)

http_code The numerical response code that was found in the last retrieved HTTP(S) or FTP(s) transfer. In 7.18.2 the alias response_code was added to show the same info.

http_connect The numerical code that was found in the last response (from a proxy) to a curl CONNECT request. (Added in 7.12.4) +

http_version The http version that was effectively used. (Added in 7.50.0)

local_ip The IP address of the local end of the most recently done connection - can be either IPv4 or IPv6 (Added in 7.29.0)

local_port The local port number of the most recently done connection (Added in 7.29.0)

num_connects Number of new connects made in the recent transfer. (Added in 7.12.3) diff --git a/docs/curl.pdf b/docs/curl.pdf index 98e4a42f4..72401010d 100644 Binary files a/docs/curl.pdf and b/docs/curl.pdf differ diff --git a/docs/examples/Makefile.am b/docs/examples/Makefile.am index dec53f528..7a56f345c 100644 --- a/docs/examples/Makefile.am +++ b/docs/examples/Makefile.am @@ -63,4 +63,4 @@ include Makefile.inc all: $(check_PROGRAMS) checksrc: - @@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(top_srcdir)/docs/examples *.c + @PERL@ $(top_srcdir)/lib/checksrc.pl $(srcdir)/*.c diff --git a/docs/examples/Makefile.in b/docs/examples/Makefile.in index bf3ec3d3a..91189d746 100644 --- a/docs/examples/Makefile.in +++ b/docs/examples/Makefile.in @@ -1684,7 +1684,7 @@ uninstall-am: all: $(check_PROGRAMS) checksrc: - @@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(top_srcdir)/docs/examples *.c + @PERL@ $(top_srcdir)/lib/checksrc.pl $(srcdir)/*.c # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c index a3a4c8d10..bba8c722e 100644 --- a/docs/examples/cacertinmem.c +++ b/docs/examples/cacertinmem.c @@ -28,7 +28,7 @@ #include #include -size_t writefunction( void *ptr, size_t size, size_t nmemb, void *stream) +size_t writefunction(void *ptr, size_t size, size_t nmemb, void *stream) { fwrite(ptr, size, nmemb, stream); return (nmemb*size); diff --git a/docs/examples/curlx.c b/docs/examples/curlx.c index 7a189905c..155da2371 100644 --- a/docs/examples/curlx.c +++ b/docs/examples/curlx.c @@ -415,7 +415,7 @@ int main(int argc, char **argv) goto err; } - if(!(p12bio = BIO_new_file(p.p12file , "rb"))) { + if(!(p12bio = BIO_new_file(p.p12file, "rb"))) { BIO_printf(p.errorbio, "Error opening P12 file %s\n", p.p12file); goto err; } @@ -505,7 +505,7 @@ int main(int argc, char **argv) { int lu; int i=0; - while((lu = BIO_read (in, &binaryptr[i], tabLength-i)) >0 ) { + while((lu = BIO_read (in, &binaryptr[i], tabLength-i)) >0) { i+=lu; if(i== tabLength) { tabLength+=100; diff --git a/docs/examples/evhiperfifo.c b/docs/examples/evhiperfifo.c index 6d7936b5c..118f152ee 100644 --- a/docs/examples/evhiperfifo.c +++ b/docs/examples/evhiperfifo.c @@ -329,7 +329,7 @@ static int prog_cb (void *p, double dltotal, double dlnow, double ult, /* Create a new easy handle, and add it to the global curl_multi */ -static void new_conn(char *url, GlobalInfo *g ) +static void new_conn(char *url, GlobalInfo *g) { ConnInfo *conn; CURLMcode rc; diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c index 8152515b6..9b144b42d 100644 --- a/docs/examples/externalsocket.c +++ b/docs/examples/externalsocket.c @@ -107,7 +107,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_URL, "http://99.99.99.99:9999"); /* Create the socket "manually" */ - if((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == CURL_SOCKET_BAD ) { + if((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == CURL_SOCKET_BAD) { printf("Error creating listening socket.\n"); return 3; } diff --git a/docs/examples/ghiper.c b/docs/examples/ghiper.c index f78a943b9..7317a63d8 100644 --- a/docs/examples/ghiper.c +++ b/docs/examples/ghiper.c @@ -247,7 +247,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp) if(!fdp) { MSG_OUT("Adding data: %s%s\n", what&CURL_POLL_IN?"READ":"", - what&CURL_POLL_OUT?"WRITE":"" ); + what&CURL_POLL_OUT?"WRITE":""); addsock(s, e, what, g); } else { @@ -279,7 +279,7 @@ static int prog_cb (void *p, double dltotal, double dlnow, double ult, } /* Create a new easy handle, and add it to the global curl_multi */ -static void new_conn(char *url, GlobalInfo *g ) +static void new_conn(char *url, GlobalInfo *g) { ConnInfo *conn; CURLMcode rc; diff --git a/docs/examples/hiperfifo.c b/docs/examples/hiperfifo.c index 9b2cfb587..98bcafe6d 100644 --- a/docs/examples/hiperfifo.c +++ b/docs/examples/hiperfifo.c @@ -191,7 +191,7 @@ static void event_cb(int fd, short kind, void *userp) mcode_or_die("event_cb: curl_multi_socket_action", rc); check_multi_info(g); - if(g->still_running <= 0 ) { + if(g->still_running <= 0) { fprintf(MSG_OUT, "last transfer done, kill timeout\n"); if(evtimer_pending(g->timer_event, NULL)) { evtimer_del(g->timer_event); @@ -312,7 +312,7 @@ static int prog_cb (void *p, double dltotal, double dlnow, double ult, /* Create a new easy handle, and add it to the global curl_multi */ -static void new_conn(char *url, GlobalInfo *g ) +static void new_conn(char *url, GlobalInfo *g) { ConnInfo *conn; CURLMcode rc; @@ -360,7 +360,7 @@ static void fifo_cb(int fd, short event, void *arg) s[0]='\0'; rv=fscanf(g->input, "%1023s%n", s, &n); s[n]='\0'; - if(n && s[0] ) { + if(n && s[0]) { new_conn(s, arg); /* if we read a URL, go get it! */ } else diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c index 01b1e68f1..687e3f346 100644 --- a/docs/examples/htmltidy.c +++ b/docs/examples/htmltidy.c @@ -37,27 +37,27 @@ uint write_cb(char *in, uint size, uint nmemb, TidyBuffer *out) { uint r; r = size * nmemb; - tidyBufAppend( out, in, r ); + tidyBufAppend(out, in, r); return r; } /* Traverse the document tree */ -void dumpNode(TidyDoc doc, TidyNode tnod, int indent ) +void dumpNode(TidyDoc doc, TidyNode tnod, int indent) { TidyNode child; for(child = tidyGetChild(tnod); child; child = tidyGetNext(child) ) { - ctmbstr name = tidyNodeGetName( child ); + ctmbstr name = tidyNodeGetName(child); if(name) { /* if it has a name, then it's an HTML tag ... */ TidyAttr attr; - printf( "%*.*s%s ", indent, indent, "<", name); + printf("%*.*s%s ", indent, indent, "<", name); /* walk the attribute list */ for(attr=tidyAttrFirst(child); attr; attr=tidyAttrNext(attr) ) { printf(tidyAttrName(attr)); tidyAttrValue(attr)?printf("=\"%s\" ", tidyAttrValue(attr)):printf(" "); } - printf( ">\n"); + printf(">\n"); } else { /* if it doesn't have a name, then it's probably text, cdata, etc... */ @@ -67,12 +67,12 @@ void dumpNode(TidyDoc doc, TidyNode tnod, int indent ) printf("%*.*s\n", indent, indent, buf.bp?(char *)buf.bp:""); tidyBufFree(&buf); } - dumpNode( doc, child, indent + 4 ); /* recursive */ + dumpNode(doc, child, indent + 4); /* recursive */ } } -int main(int argc, char **argv ) +int main(int argc, char **argv) { CURL *curl; char curl_errbuf[CURL_ERROR_SIZE]; @@ -91,7 +91,7 @@ int main(int argc, char **argv ) tdoc = tidyCreate(); tidyOptSetBool(tdoc, TidyForceOutput, yes); /* try harder */ tidyOptSetInt(tdoc, TidyWrapLen, 4096); - tidySetErrorBuffer( tdoc, &tidy_errbuf ); + tidySetErrorBuffer(tdoc, &tidy_errbuf); tidyBufInit(&docbuf); curl_easy_setopt(curl, CURLOPT_WRITEDATA, &docbuf); @@ -103,7 +103,7 @@ int main(int argc, char **argv ) if(err >= 0) { err = tidyRunDiagnostics(tdoc); /* load tidy error buffer */ if(err >= 0) { - dumpNode( tdoc, tidyGetRoot(tdoc), 0 ); /* walk the tree */ + dumpNode(tdoc, tidyGetRoot(tdoc), 0); /* walk the tree */ fprintf(stderr, "%s\n", tidy_errbuf.bp); /* show errors */ } } @@ -121,7 +121,7 @@ int main(int argc, char **argv ) } else - printf( "usage: %s \n", argv[0] ); + printf("usage: %s \n", argv[0]); return 0; } diff --git a/docs/examples/http2-serverpush.c b/docs/examples/http2-serverpush.c index af557e5bc..1a8c69b7d 100644 --- a/docs/examples/http2-serverpush.c +++ b/docs/examples/http2-serverpush.c @@ -187,7 +187,7 @@ static int server_push_callback(CURL *parent, headp = curl_pushheader_byname(headers, ":path"); if(headp) { - fprintf(stderr, "**** The PATH is %s\n", headp /* skip :path + colon */ ); + fprintf(stderr, "**** The PATH is %s\n", headp /* skip :path + colon */); } (*transfers)++; /* one more */ diff --git a/docs/examples/opensslthreadlock.c b/docs/examples/opensslthreadlock.c index 100ae4681..eebc42ee2 100644 --- a/docs/examples/opensslthreadlock.c +++ b/docs/examples/opensslthreadlock.c @@ -39,7 +39,7 @@ #define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x)) #define MUTEX_LOCK(x) pthread_mutex_lock(&(x)) #define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x)) -#define THREAD_ID pthread_self( ) +#define THREAD_ID pthread_self() void handle_error(const char *file, int lineno, const char *msg) @@ -69,10 +69,10 @@ int thread_setup(void) { int i; - mutex_buf = malloc(CRYPTO_num_locks( ) * sizeof(MUTEX_TYPE)); + mutex_buf = malloc(CRYPTO_num_locks() * sizeof(MUTEX_TYPE)); if(!mutex_buf) return 0; - for(i = 0; i < CRYPTO_num_locks( ); i++) + for(i = 0; i < CRYPTO_num_locks(); i++) MUTEX_SETUP(mutex_buf[i]); CRYPTO_set_id_callback(id_function); CRYPTO_set_locking_callback(locking_function); @@ -87,7 +87,7 @@ int thread_cleanup(void) return 0; CRYPTO_set_id_callback(NULL); CRYPTO_set_locking_callback(NULL); - for(i = 0; i < CRYPTO_num_locks( ); i++) + for(i = 0; i < CRYPTO_num_locks(); i++) MUTEX_CLEANUP(mutex_buf[i]); free(mutex_buf); mutex_buf = NULL; diff --git a/docs/examples/rtsp.c b/docs/examples/rtsp.c index 5c00c145d..63c46e151 100644 --- a/docs/examples/rtsp.c +++ b/docs/examples/rtsp.c @@ -46,12 +46,12 @@ static int _getch(void) { struct termios oldt, newt; int ch; - tcgetattr( STDIN_FILENO, &oldt ); + tcgetattr(STDIN_FILENO, &oldt); newt = oldt; - newt.c_lflag &= ~( ICANON | ECHO ); - tcsetattr( STDIN_FILENO, TCSANOW, &newt ); + newt.c_lflag &= ~( ICANON | ECHO); + tcsetattr(STDIN_FILENO, TCSANOW, &newt); ch = getchar(); - tcsetattr( STDIN_FILENO, TCSANOW, &oldt ); + tcsetattr(STDIN_FILENO, TCSANOW, &oldt); return ch; } #endif diff --git a/docs/examples/smooth-gtk-thread.c b/docs/examples/smooth-gtk-thread.c index 8756494c1..547cc0f30 100644 --- a/docs/examples/smooth-gtk-thread.c +++ b/docs/examples/smooth-gtk-thread.c @@ -81,7 +81,7 @@ void *pull_one_url(void *NaN) g_strdup_printf("xoap.weather.com/weather/local/%s?cc=*&dayf=5&unit=i\n", urls[j]); - printf( "http %s", http ); + printf("http %s", http); curl = curl_easy_init(); if(curl) { diff --git a/docs/examples/url2file.c b/docs/examples/url2file.c index 30a2ab0c0..39f84d68b 100644 --- a/docs/examples/url2file.c +++ b/docs/examples/url2file.c @@ -41,7 +41,7 @@ int main(int argc, char *argv[]) static const char *pagefilename = "page.out"; FILE *pagefile; - if(argc < 2 ) { + if(argc < 2) { printf("Usage: %s \n", argv[0]); return 1; } diff --git a/docs/libcurl/Makefile.am b/docs/libcurl/Makefile.am index 88c4f8dc7..49acd977f 100644 --- a/docs/libcurl/Makefile.am +++ b/docs/libcurl/Makefile.am @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -41,7 +41,7 @@ man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3 \ curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3 \ curl_easy_pause.3 curl_easy_recv.3 curl_easy_send.3 \ curl_multi_socket_action.3 curl_multi_wait.3 libcurl-symbols.3 \ - libcurl-thread.3 + libcurl-thread.3 curl_multi_socket_all.3 HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html \ curl_easy_init.html curl_easy_perform.html curl_easy_setopt.html \ @@ -62,7 +62,7 @@ HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html \ curl_multi_timeout.html curl_formget.html curl_multi_assign.html \ curl_easy_pause.html curl_easy_recv.html curl_easy_send.html \ curl_multi_socket_action.html curl_multi_wait.html \ - libcurl-symbols.html libcurl-thread.html + libcurl-symbols.html libcurl-thread.html curl_multi_socket_all.html PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf \ curl_easy_init.pdf curl_easy_perform.pdf curl_easy_setopt.pdf \ @@ -82,7 +82,8 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf \ curl_multi_setopt.pdf curl_multi_socket.pdf curl_multi_timeout.pdf \ curl_formget.pdf curl_multi_assign.pdf curl_easy_pause.pdf \ curl_easy_recv.pdf curl_easy_send.pdf curl_multi_socket_action.pdf \ - curl_multi_wait.pdf libcurl-symbols.pdf libcurl-thread.pdf + curl_multi_wait.pdf libcurl-symbols.pdf libcurl-thread.pdf \ + curl_multi_socket_all.pdf m4macrodir = $(datadir)/aclocal dist_m4macro_DATA = libcurl.m4 @@ -91,7 +92,7 @@ CLEANFILES = $(HTMLPAGES) $(PDFPAGES) $(TESTS) libcurl-symbols.3 EXTRA_DIST = $(man_MANS) $(HTMLPAGES) index.html $(PDFPAGES) ABI \ symbols-in-versions symbols.pl mksymbolsmanpage.pl -MAN2HTML= roffit --mandir=. < $< >$@ +MAN2HTML= roffit --mandir=. $< >$@ SUFFIXES = .3 .html diff --git a/docs/libcurl/Makefile.in b/docs/libcurl/Makefile.in index 3fd4e90d7..aafb20c6e 100644 --- a/docs/libcurl/Makefile.in +++ b/docs/libcurl/Makefile.in @@ -21,7 +21,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -638,7 +638,7 @@ man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3 \ curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3 \ curl_easy_pause.3 curl_easy_recv.3 curl_easy_send.3 \ curl_multi_socket_action.3 curl_multi_wait.3 libcurl-symbols.3 \ - libcurl-thread.3 + libcurl-thread.3 curl_multi_socket_all.3 HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html \ curl_easy_init.html curl_easy_perform.html curl_easy_setopt.html \ @@ -659,7 +659,7 @@ HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html \ curl_multi_timeout.html curl_formget.html curl_multi_assign.html \ curl_easy_pause.html curl_easy_recv.html curl_easy_send.html \ curl_multi_socket_action.html curl_multi_wait.html \ - libcurl-symbols.html libcurl-thread.html + libcurl-symbols.html libcurl-thread.html curl_multi_socket_all.html PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf \ curl_easy_init.pdf curl_easy_perform.pdf curl_easy_setopt.pdf \ @@ -679,7 +679,8 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf \ curl_multi_setopt.pdf curl_multi_socket.pdf curl_multi_timeout.pdf \ curl_formget.pdf curl_multi_assign.pdf curl_easy_pause.pdf \ curl_easy_recv.pdf curl_easy_send.pdf curl_multi_socket_action.pdf \ - curl_multi_wait.pdf libcurl-symbols.pdf libcurl-thread.pdf + curl_multi_wait.pdf libcurl-symbols.pdf libcurl-thread.pdf \ + curl_multi_socket_all.pdf m4macrodir = $(datadir)/aclocal dist_m4macro_DATA = libcurl.m4 @@ -687,7 +688,7 @@ CLEANFILES = $(HTMLPAGES) $(PDFPAGES) $(TESTS) libcurl-symbols.3 EXTRA_DIST = $(man_MANS) $(HTMLPAGES) index.html $(PDFPAGES) ABI \ symbols-in-versions symbols.pl mksymbolsmanpage.pl -MAN2HTML = roffit --mandir=. < $< >$@ +MAN2HTML = roffit --mandir=. $< >$@ SUFFIXES = .3 .html # Make sure each option man page is referenced in the main man page diff --git a/docs/libcurl/curl_easy_cleanup.pdf b/docs/libcurl/curl_easy_cleanup.pdf index f0ea88b37..0f024349a 100644 Binary files a/docs/libcurl/curl_easy_cleanup.pdf and b/docs/libcurl/curl_easy_cleanup.pdf differ diff --git a/docs/libcurl/curl_easy_duphandle.pdf b/docs/libcurl/curl_easy_duphandle.pdf index a014a985a..519497477 100644 Binary files a/docs/libcurl/curl_easy_duphandle.pdf and b/docs/libcurl/curl_easy_duphandle.pdf differ diff --git a/docs/libcurl/curl_easy_escape.pdf b/docs/libcurl/curl_easy_escape.pdf index 29db0771d..78b947977 100644 Binary files a/docs/libcurl/curl_easy_escape.pdf and b/docs/libcurl/curl_easy_escape.pdf differ diff --git a/docs/libcurl/curl_easy_getinfo.3 b/docs/libcurl/curl_easy_getinfo.3 index 6ca712f48..9ffcd14af 100644 --- a/docs/libcurl/curl_easy_getinfo.3 +++ b/docs/libcurl/curl_easy_getinfo.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -41,183 +41,145 @@ You should not free the memory returned by this function unless it is explicitly mentioned below. .SH AVAILABLE INFORMATION The following information can be extracted: - .IP CURLINFO_EFFECTIVE_URL Last used URL. See \fICURLINFO_EFFECTIVE_URL(3)\fP - .IP CURLINFO_RESPONSE_CODE Last received response code. See \fICURLINFO_RESPONSE_CODE(3)\fP - .IP CURLINFO_HTTP_CONNECTCODE Last proxy CONNECT response code. See \fICURLINFO_HTTP_CONNECTCODE(3)\fP - +.IP CURLINFO_HTTP_VERSION +The http version used in the connection. +See \fICURLINFO_HTTP_VERSION(3)\fP .IP CURLINFO_FILETIME Remote time of the retrieved document. See \fICURLINFO_FILETIME(3)\fP - .IP CURLINFO_TOTAL_TIME Total time of previous transfer. See \fICURLINFO_TOTAL_TIME(3)\fP - .IP CURLINFO_NAMELOOKUP_TIME Time from start until name resolving completed. See \fICURLINFO_NAMELOOKUP_TIME(3)\fP - .IP CURLINFO_CONNECT_TIME Time from start until remote host or proxy completed. See \fICURLINFO_CONNECT_TIME(3)\fP - .IP CURLINFO_APPCONNECT_TIME Time from start until SSL/SSH handshake completed. See \fICURLINFO_APPCONNECT_TIME(3)\fP - .IP CURLINFO_PRETRANSFER_TIME Time from start until just before the transfer begins. See \fICURLINFO_PRETRANSFER_TIME(3)\fP - .IP CURLINFO_STARTTRANSFER_TIME Time from start until just when the first byte is received. See \fICURLINFO_STARTTRANSFER_TIME(3)\fP - .IP CURLINFO_REDIRECT_TIME Time taken for all redirect steps before the final transfer. See \fICURLINFO_REDIRECT_TIME(3)\fP - .IP CURLINFO_REDIRECT_COUNT Total number of redirects that were followed. See \fICURLINFO_REDIRECT_COUNT(3)\fP - .IP CURLINFO_REDIRECT_URL URL a redirect would take you to, had you enabled redirects. See \fICURLINFO_REDIRECT_URL(3)\fP - .IP CURLINFO_SIZE_UPLOAD Number of bytes uploaded. See \fICURLINFO_SIZE_UPLOAD(3)\fP - .IP CURLINFO_SIZE_DOWNLOAD Number of bytes downloaded. See \fICURLINFO_SIZE_DOWNLOAD(3)\fP - .IP CURLINFO_SPEED_DOWNLOAD Average download speed. See \fICURLINFO_SPEED_DOWNLOAD(3)\fP - .IP CURLINFO_SPEED_UPLOAD Average upload speed. See \fICURLINFO_SPEED_UPLOAD(3)\fP - .IP CURLINFO_HEADER_SIZE Number of bytes of all headers received. See \fICURLINFO_HEADER_SIZE(3)\fP - .IP CURLINFO_REQUEST_SIZE Number of bytes sent in the issued HTTP requests. See \fICURLINFO_REQUEST_SIZE(3)\fP - .IP CURLINFO_SSL_VERIFYRESULT Certificate verification result. See \fICURLINFO_SSL_VERIFYRESULT(3)\fP - .IP CURLINFO_SSL_ENGINES A list of OpenSSL crypto engines. See \fICURLINFO_SSL_ENGINES(3)\fP - .IP CURLINFO_CONTENT_LENGTH_DOWNLOAD Content length from the Content-Length header. See \fICURLINFO_CONTENT_LENGTH_DOWNLOAD(3)\fP - .IP CURLINFO_CONTENT_LENGTH_UPLOAD Upload size. See \fICURLINFO_CONTENT_LENGTH_UPLOAD(3)\fP - .IP CURLINFO_CONTENT_TYPE Content type from the Content-Type header. See \fICURLINFO_CONTENT_TYPE(3)\fP - .IP CURLINFO_PRIVATE User's private data pointer. See \fICURLINFO_PRIVATE(3)\fP - .IP CURLINFO_HTTPAUTH_AVAIL Available HTTP authentication methods. See \fICURLINFO_HTTPAUTH_AVAIL(3)\fP - .IP CURLINFO_PROXYAUTH_AVAIL Available HTTP proxy authentication methods. See \fICURLINFO_PROXYAUTH_AVAIL(3)\fP - .IP CURLINFO_OS_ERRNO The errno from the last failure to connect. See \fICURLINFO_OS_ERRNO(3)\fP - .IP CURLINFO_NUM_CONNECTS Number of new successful connections used for previous transfer. See \fICURLINFO_NUM_CONNECTS(3)\fP - .IP CURLINFO_PRIMARY_IP IP address of the last connection. See \fICURLINFO_PRIMARY_IP(3)\fP - .IP CURLINFO_PRIMARY_PORT Port of the last connection. See \fICURLINFO_PRIMARY_PORT(3)\fP - .IP CURLINFO_LOCAL_IP Local-end IP address of last connection. See \fICURLINFO_LOCAL_IP(3)\fP - .IP CURLINFO_LOCAL_PORT Local-end port of last connection. See \fICURLINFO_LOCAL_PORT(3)\fP - .IP CURLINFO_COOKIELIST List of all known cookies. See \fICURLINFO_COOKIELIST(3)\fP - .IP CURLINFO_LASTSOCKET Last socket used. See \fICURLINFO_LASTSOCKET(3)\fP - .IP CURLINFO_ACTIVESOCKET The session's active socket. See \fICURLINFO_ACTIVESOCKET(3)\fP - .IP CURLINFO_FTP_ENTRY_PATH The entry path after logging in to an FTP server. See \fICURLINFO_FTP_ENTRY_PATH(3)\fP - .IP CURLINFO_CERTINFO Certificate chain. See \fICURLINFO_CERTINFO(3)\fP - .IP CURLINFO_TLS_SSL_PTR TLS session info that can be used for further processing. See \fICURLINFO_TLS_SSL_PTR(3)\fP - +.IP CURLINFO_TLS_SESSION +TLS session info that can be used for further processing. See +\fICURLINFO_TLS_SESSION(3)\fP. Deprecated option, use +\fICURLINFO_TLS_SSL_PTR(3)\fP instead! .IP CURLINFO_CONDITION_UNMET Whether or not a time conditional was met. See \fICURLINFO_CONDITION_UNMET(3)\fP - .IP CURLINFO_RTSP_SESSION_ID RTSP session ID. See \fICURLINFO_RTSP_SESSION_ID(3)\fP - .IP CURLINFO_RTSP_CLIENT_CSEQ RTSP CSeq that will next be used. See \fICURLINFO_RTSP_CLIENT_CSEQ(3)\fP - .IP CURLINFO_RTSP_SERVER_CSEQ RTSP CSeq that will next be expected. See \fICURLINFO_RTSP_SERVER_CSEQ(3)\fP - .IP CURLINFO_RTSP_CSEQ_RECV RTSP CSeq last received. See \fICURLINFO_RTSP_CSEQ_RECV(3)\fP - .SH TIMES .nf An overview of the six time values available from curl_easy_getinfo() diff --git a/docs/libcurl/curl_easy_getinfo.html b/docs/libcurl/curl_easy_getinfo.html index 9174ad0a2..6bfc02ea7 100644 --- a/docs/libcurl/curl_easy_getinfo.html +++ b/docs/libcurl/curl_easy_getinfo.html @@ -58,139 +58,98 @@ p.roffit {

Request internal information from the curl session with this function. The third argument MUST be a pointer to a long, a pointer to a char *, a pointer to a struct curl_slist * or a pointer to a double (as this documentation describes further down). The data pointed-to will be filled in accordingly and can be relied upon only if the function returns CURLE_OK. Use this function AFTER a performed transfer if you want to get transfer related data.

You should not free the memory returned by this function unless it is explicitly mentioned below.

AVAILABLE INFORMATION

The following information can be extracted: -

CURLINFO_EFFECTIVE_URL

Last used URL. See CURLINFO_EFFECTIVE_URL(3) -

CURLINFO_RESPONSE_CODE

Last received response code. See CURLINFO_RESPONSE_CODE(3) -

CURLINFO_HTTP_CONNECTCODE

Last proxy CONNECT response code. See CURLINFO_HTTP_CONNECTCODE(3) -

+

CURLINFO_HTTP_VERSION +

The http version used in the connection. See CURLINFO_HTTP_VERSION(3)

CURLINFO_FILETIME

Remote time of the retrieved document. See CURLINFO_FILETIME(3) -

CURLINFO_TOTAL_TIME

Total time of previous transfer. See CURLINFO_TOTAL_TIME(3) -

CURLINFO_NAMELOOKUP_TIME

Time from start until name resolving completed. See CURLINFO_NAMELOOKUP_TIME(3) -

CURLINFO_CONNECT_TIME

Time from start until remote host or proxy completed. See CURLINFO_CONNECT_TIME(3) -

CURLINFO_APPCONNECT_TIME

Time from start until SSL/SSH handshake completed. See CURLINFO_APPCONNECT_TIME(3) -

CURLINFO_PRETRANSFER_TIME

Time from start until just before the transfer begins. See CURLINFO_PRETRANSFER_TIME(3) -

CURLINFO_STARTTRANSFER_TIME

Time from start until just when the first byte is received. See CURLINFO_STARTTRANSFER_TIME(3) -

CURLINFO_REDIRECT_TIME

Time taken for all redirect steps before the final transfer. See CURLINFO_REDIRECT_TIME(3) -

CURLINFO_REDIRECT_COUNT

Total number of redirects that were followed. See CURLINFO_REDIRECT_COUNT(3) -

CURLINFO_REDIRECT_URL

URL a redirect would take you to, had you enabled redirects. See CURLINFO_REDIRECT_URL(3) -

CURLINFO_SIZE_UPLOAD

Number of bytes uploaded. See CURLINFO_SIZE_UPLOAD(3) -

CURLINFO_SIZE_DOWNLOAD

Number of bytes downloaded. See CURLINFO_SIZE_DOWNLOAD(3) -

CURLINFO_SPEED_DOWNLOAD

Average download speed. See CURLINFO_SPEED_DOWNLOAD(3) -

CURLINFO_SPEED_UPLOAD

Average upload speed. See CURLINFO_SPEED_UPLOAD(3) -

CURLINFO_HEADER_SIZE

Number of bytes of all headers received. See CURLINFO_HEADER_SIZE(3) -

CURLINFO_REQUEST_SIZE

Number of bytes sent in the issued HTTP requests. See CURLINFO_REQUEST_SIZE(3) -

CURLINFO_SSL_VERIFYRESULT

Certificate verification result. See CURLINFO_SSL_VERIFYRESULT(3) -

CURLINFO_SSL_ENGINES

A list of OpenSSL crypto engines. See CURLINFO_SSL_ENGINES(3) -

CURLINFO_CONTENT_LENGTH_DOWNLOAD

Content length from the Content-Length header. See CURLINFO_CONTENT_LENGTH_DOWNLOAD(3) -

CURLINFO_CONTENT_LENGTH_UPLOAD

Upload size. See CURLINFO_CONTENT_LENGTH_UPLOAD(3) -

CURLINFO_CONTENT_TYPE

Content type from the Content-Type header. See CURLINFO_CONTENT_TYPE(3) -

CURLINFO_PRIVATE

User's private data pointer. See CURLINFO_PRIVATE(3) -

CURLINFO_HTTPAUTH_AVAIL

Available HTTP authentication methods. See CURLINFO_HTTPAUTH_AVAIL(3) -

CURLINFO_PROXYAUTH_AVAIL

Available HTTP proxy authentication methods. See CURLINFO_PROXYAUTH_AVAIL(3) -

CURLINFO_OS_ERRNO

The errno from the last failure to connect. See CURLINFO_OS_ERRNO(3) -

CURLINFO_NUM_CONNECTS

Number of new successful connections used for previous transfer. See CURLINFO_NUM_CONNECTS(3) -

CURLINFO_PRIMARY_IP

IP address of the last connection. See CURLINFO_PRIMARY_IP(3) -

CURLINFO_PRIMARY_PORT

Port of the last connection. See CURLINFO_PRIMARY_PORT(3) -

CURLINFO_LOCAL_IP

Local-end IP address of last connection. See CURLINFO_LOCAL_IP(3) -

CURLINFO_LOCAL_PORT

Local-end port of last connection. See CURLINFO_LOCAL_PORT(3) -

CURLINFO_COOKIELIST

List of all known cookies. See CURLINFO_COOKIELIST(3) -

CURLINFO_LASTSOCKET

Last socket used. See CURLINFO_LASTSOCKET(3) -

CURLINFO_ACTIVESOCKET

The session's active socket. See CURLINFO_ACTIVESOCKET(3) -

CURLINFO_FTP_ENTRY_PATH

The entry path after logging in to an FTP server. See CURLINFO_FTP_ENTRY_PATH(3) -

CURLINFO_CERTINFO

Certificate chain. See CURLINFO_CERTINFO(3) -

CURLINFO_TLS_SSL_PTR

TLS session info that can be used for further processing. See CURLINFO_TLS_SSL_PTR(3) -

+

CURLINFO_TLS_SESSION +

TLS session info that can be used for further processing. See CURLINFO_TLS_SESSION(3). Deprecated option, use CURLINFO_TLS_SSL_PTR(3) instead!

CURLINFO_CONDITION_UNMET

Whether or not a time conditional was met. See CURLINFO_CONDITION_UNMET(3) -

CURLINFO_RTSP_SESSION_ID

RTSP session ID. See CURLINFO_RTSP_SESSION_ID(3) -

CURLINFO_RTSP_CLIENT_CSEQ

RTSP CSeq that will next be used. See CURLINFO_RTSP_CLIENT_CSEQ(3) -

CURLINFO_RTSP_SERVER_CSEQ

RTSP CSeq that will next be expected. See CURLINFO_RTSP_SERVER_CSEQ(3) -

CURLINFO_RTSP_CSEQ_RECV -

RTSP CSeq last received. See CURLINFO_RTSP_CSEQ_RECV(3) -

TIMES

+

RTSP CSeq last received. See CURLINFO_RTSP_CSEQ_RECV(3)

TIMES

 An overview of the six time values available from curl_easy_getinfo()
  
diff --git a/docs/libcurl/curl_easy_getinfo.pdf b/docs/libcurl/curl_easy_getinfo.pdf
index aa4098d00..f50ebc2f1 100644
Binary files a/docs/libcurl/curl_easy_getinfo.pdf and b/docs/libcurl/curl_easy_getinfo.pdf differ
diff --git a/docs/libcurl/curl_easy_init.pdf b/docs/libcurl/curl_easy_init.pdf
index b37f88c53..37d7817f7 100644
Binary files a/docs/libcurl/curl_easy_init.pdf and b/docs/libcurl/curl_easy_init.pdf differ
diff --git a/docs/libcurl/curl_easy_pause.3 b/docs/libcurl/curl_easy_pause.3
index cb794040f..131fa774f 100644
--- a/docs/libcurl/curl_easy_pause.3
+++ b/docs/libcurl/curl_easy_pause.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al.
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -79,7 +79,7 @@ Before libcurl 7.32.0, when a specific handle was unpaused with this function,
 there was no particular forced rechecking or similar of the socket's state,
 which made the continuation of the transfer get delayed until next
 multi-socket call invoke or even longer. Alternatively, the user could
-forcibly call for example curl_multi_socket_all(3) - with a rather hefty
+forcibly call for example \fIcurl_multi_socket_all(3)\fP - with a rather hefty
 performance penalty.
 
 Starting in libcurl 7.32.0, unpausing a transfer will schedule a timeout
diff --git a/docs/libcurl/curl_easy_pause.html b/docs/libcurl/curl_easy_pause.html
index a853b4058..704e974a2 100644
--- a/docs/libcurl/curl_easy_pause.html
+++ b/docs/libcurl/curl_easy_pause.html
@@ -72,7 +72,7 @@ p.roffit {
 

CURLE_OK (zero) means that the option was set properly, and a non-zero return code means something wrong occurred after the new state was set. See the libcurl-errors man page for the full list with descriptions.

LIMITATIONS

The pausing of transfers does not work with protocols that work without network connectivity, like FILE://. Trying to pause such a transfer, in any direction, will cause problems in the worst case or an error in the best case.

AVAILABILITY

This function was added in libcurl 7.18.0. Before this version, there was no explicit support for pausing transfers.

USAGE WITH THE MULTI-SOCKET INTERFACE

-

Before libcurl 7.32.0, when a specific handle was unpaused with this function, there was no particular forced rechecking or similar of the socket's state, which made the continuation of the transfer get delayed until next multi-socket call invoke or even longer. Alternatively, the user could forcibly call for example curl_multi_socket_all(3) - with a rather hefty performance penalty. +

Before libcurl 7.32.0, when a specific handle was unpaused with this function, there was no particular forced rechecking or similar of the socket's state, which made the continuation of the transfer get delayed until next multi-socket call invoke or even longer. Alternatively, the user could forcibly call for example curl_multi_socket_all - with a rather hefty performance penalty.

Starting in libcurl 7.32.0, unpausing a transfer will schedule a timeout trigger for that handle 1 millisecond into the future, so that a curl_multi_socket_action( ... CURL_SOCKET_TIMEOUT) can be used immediately afterwards to get the transfer going again as desired.

MEMORY USE

When pausing a read by returning the magic return code from a write callback, the read data is already in libcurl's internal buffers so it'll have to keep it in an allocated buffer until the reading is again unpaused using this function.

If the downloaded data is compressed and is asked to get uncompressed automatically on download, libcurl will continue to uncompress the entire downloaded chunk and it will cache the data uncompressed. This has the side- effect that if you download something that is compressed a lot, it can result in a very large data amount needing to be allocated to save the data during the pause. This said, you should probably consider not using paused reading if you allow libcurl to uncompress data automatically.

SEE ALSO

diff --git a/docs/libcurl/curl_easy_pause.pdf b/docs/libcurl/curl_easy_pause.pdf index b399d3983..0cdb7bd47 100644 Binary files a/docs/libcurl/curl_easy_pause.pdf and b/docs/libcurl/curl_easy_pause.pdf differ diff --git a/docs/libcurl/curl_easy_perform.3 b/docs/libcurl/curl_easy_perform.3 index e0a88cbcf..48c1f3117 100644 --- a/docs/libcurl/curl_easy_perform.3 +++ b/docs/libcurl/curl_easy_perform.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -55,7 +55,7 @@ While the \fBeasy_handle\fP is added to a multi handle, it cannot be used by .SH RETURN VALUE CURLE_OK (0) means everything was ok, non-zero means an error occurred as .I -defines - see \fIlibcurl-errors(3)\fP. If the \fBCURLOPT_ERRORBUFFER(3)\fP was +defines - see \fIlibcurl-errors(3)\fP. If the \fICURLOPT_ERRORBUFFER(3)\fP was set with \fIcurl_easy_setopt(3)\fP there will be a readable error message in the error buffer when non-zero is returned. .SH EXAMPLE diff --git a/docs/libcurl/curl_easy_perform.html b/docs/libcurl/curl_easy_perform.html index a1601e4da..0a8198d04 100644 --- a/docs/libcurl/curl_easy_perform.html +++ b/docs/libcurl/curl_easy_perform.html @@ -60,7 +60,7 @@ p.roffit {

You can do any amount of calls to curl_easy_perform while using the same easy_handle. If you intend to transfer more than one file, you are even encouraged to do so. libcurl will then attempt to re-use the same connection for the following transfers, thus making the operations faster, less CPU intense and using less network resources. Just note that you will have to use curl_easy_setopt between the invokes to set options for the following curl_easy_perform.

You must never call this function simultaneously from two places using the same easy_handle. Let the function return first before invoking it another time. If you want parallel transfers, you must use several curl easy_handles.

While the easy_handle is added to a multi handle, it cannot be used by curl_easy_perform.

RETURN VALUE

-

CURLE_OK (0) means everything was ok, non-zero means an error occurred as <curl/curl.h> defines - see libcurl-errors. If the CURLOPT_ERRORBUFFER(3) was set with curl_easy_setopt there will be a readable error message in the error buffer when non-zero is returned.

EXAMPLE

+

CURLE_OK (0) means everything was ok, non-zero means an error occurred as <curl/curl.h> defines - see libcurl-errors. If the CURLOPT_ERRORBUFFER(3) was set with curl_easy_setopt there will be a readable error message in the error buffer when non-zero is returned.

EXAMPLE

 CURL *curl = curl_easy_init();
 if(curl) {
diff --git a/docs/libcurl/curl_easy_perform.pdf b/docs/libcurl/curl_easy_perform.pdf
index 5443558bf..6897de0f4 100644
Binary files a/docs/libcurl/curl_easy_perform.pdf and b/docs/libcurl/curl_easy_perform.pdf differ
diff --git a/docs/libcurl/curl_easy_recv.3 b/docs/libcurl/curl_easy_recv.3
index aed40b951..3560cc511 100644
--- a/docs/libcurl/curl_easy_recv.3
+++ b/docs/libcurl/curl_easy_recv.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al.
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -41,7 +41,7 @@ data. \fBbuflen\fP is the maximum amount of data you can get in that
 buffer. The variable \fBn\fP points to will receive the number of received
 bytes.
 
-To establish the connection, set \fBCURLOPT_CONNECT_ONLY(3)\fP option before
+To establish the connection, set \fICURLOPT_CONNECT_ONLY(3)\fP option before
 calling \fIcurl_easy_perform(3)\fP or \fIcurl_multi_perform(3)\fP. Note that
 \fIcurl_easy_recv(3)\fP does not work on connections that were created without
 this option.
@@ -49,7 +49,7 @@ this option.
 You must ensure that the socket has data to read before calling
 \fIcurl_easy_recv(3)\fP, otherwise the call will return \fBCURLE_AGAIN\fP -
 the socket is used in non-blocking mode internally. Use
-\fIcurl_easy_getinfo(3)\fP with \fBCURLINFO_ACTIVESOCKET(3)\fP to obtain the
+\fIcurl_easy_getinfo(3)\fP with \fICURLINFO_ACTIVESOCKET(3)\fP to obtain the
 socket; use your operating system facilities like \fIselect(2)\fP to check if
 it has any data you can read.
 .SH AVAILABILITY
diff --git a/docs/libcurl/curl_easy_recv.html b/docs/libcurl/curl_easy_recv.html
index c65ca7f63..1257c2145 100644
--- a/docs/libcurl/curl_easy_recv.html
+++ b/docs/libcurl/curl_easy_recv.html
@@ -57,8 +57,8 @@ p.roffit {
 

DESCRIPTION

This function receives raw data from the established connection. You may use it together with curl_easy_send to implement custom protocols using libcurl. This functionality can be particularly useful if you use proxies and/or SSL encryption: libcurl will take care of proxy negotiation and connection set-up.

buffer is a pointer to your buffer that will get the received data. buflen is the maximum amount of data you can get in that buffer. The variable n points to will receive the number of received bytes. -

To establish the connection, set CURLOPT_CONNECT_ONLY(3) option before calling curl_easy_perform or curl_multi_perform. Note that curl_easy_recv does not work on connections that were created without this option. -

You must ensure that the socket has data to read before calling curl_easy_recv, otherwise the call will return CURLE_AGAIN - the socket is used in non-blocking mode internally. Use curl_easy_getinfo with CURLINFO_ACTIVESOCKET(3) to obtain the socket; use your operating system facilities like select(2) to check if it has any data you can read.

AVAILABILITY

+

To establish the connection, set CURLOPT_CONNECT_ONLY(3) option before calling curl_easy_perform or curl_multi_perform. Note that curl_easy_recv does not work on connections that were created without this option. +

You must ensure that the socket has data to read before calling curl_easy_recv, otherwise the call will return CURLE_AGAIN - the socket is used in non-blocking mode internally. Use curl_easy_getinfo with CURLINFO_ACTIVESOCKET(3) to obtain the socket; use your operating system facilities like select(2) to check if it has any data you can read.

AVAILABILITY

Added in 7.18.2.

RETURN VALUE

On success, returns CURLE_OK, stores the received data into buffer, and the number of bytes it actually read into *n.

On failure, returns the appropriate error code. diff --git a/docs/libcurl/curl_easy_recv.pdf b/docs/libcurl/curl_easy_recv.pdf index 1dee7c942..af76229d1 100644 Binary files a/docs/libcurl/curl_easy_recv.pdf and b/docs/libcurl/curl_easy_recv.pdf differ diff --git a/docs/libcurl/curl_easy_reset.pdf b/docs/libcurl/curl_easy_reset.pdf index 458ff34cd..8c980d69c 100644 Binary files a/docs/libcurl/curl_easy_reset.pdf and b/docs/libcurl/curl_easy_reset.pdf differ diff --git a/docs/libcurl/curl_easy_send.3 b/docs/libcurl/curl_easy_send.3 index c1c4ce4a5..2a7443985 100644 --- a/docs/libcurl/curl_easy_send.3 +++ b/docs/libcurl/curl_easy_send.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -39,7 +39,7 @@ connection set-up. \fBbuffer\fP is a pointer to the data of length \fBbuflen\fP that you want sent. The variable \fBn\fP points to will receive the number of sent bytes. -To establish the connection, set \fBCURLOPT_CONNECT_ONLY(3)\fP option before +To establish the connection, set \fICURLOPT_CONNECT_ONLY(3)\fP option before calling \fIcurl_easy_perform(3)\fP or \fIcurl_multi_perform()\fP. Note that \fIcurl_easy_send(3)\fP will not work on connections that were created without this option. @@ -47,7 +47,7 @@ this option. You must ensure that the socket is writable before calling \fIcurl_easy_send(3)\fP, otherwise the call will return \fBCURLE_AGAIN\fP - the socket is used in non-blocking mode internally. Use -\fIcurl_easy_getinfo(3)\fP with \fBCURLINFO_ACTIVESOCKET(3)\fP to obtain the +\fIcurl_easy_getinfo(3)\fP with \fICURLINFO_ACTIVESOCKET(3)\fP to obtain the socket; use your operating system facilities like \fIselect(2)\fP to check if it can be written to. .SH AVAILABILITY diff --git a/docs/libcurl/curl_easy_send.html b/docs/libcurl/curl_easy_send.html index 658c6f602..3626b2784 100644 --- a/docs/libcurl/curl_easy_send.html +++ b/docs/libcurl/curl_easy_send.html @@ -57,8 +57,8 @@ p.roffit {

DESCRIPTION

This function sends arbitrary data over the established connection. You may use it together with curl_easy_recv to implement custom protocols using libcurl. This functionality can be particularly useful if you use proxies and/or SSL encryption: libcurl will take care of proxy negotiation and connection set-up.

buffer is a pointer to the data of length buflen that you want sent. The variable n points to will receive the number of sent bytes. -

To establish the connection, set CURLOPT_CONNECT_ONLY(3) option before calling curl_easy_perform or curl_multi_perform(). Note that curl_easy_send will not work on connections that were created without this option. -

You must ensure that the socket is writable before calling curl_easy_send, otherwise the call will return CURLE_AGAIN - the socket is used in non-blocking mode internally. Use curl_easy_getinfo with CURLINFO_ACTIVESOCKET(3) to obtain the socket; use your operating system facilities like select(2) to check if it can be written to.

AVAILABILITY

+

To establish the connection, set CURLOPT_CONNECT_ONLY(3) option before calling curl_easy_perform or curl_multi_perform(). Note that curl_easy_send will not work on connections that were created without this option. +

You must ensure that the socket is writable before calling curl_easy_send, otherwise the call will return CURLE_AGAIN - the socket is used in non-blocking mode internally. Use curl_easy_getinfo with CURLINFO_ACTIVESOCKET(3) to obtain the socket; use your operating system facilities like select(2) to check if it can be written to.

AVAILABILITY

Added in 7.18.2.

RETURN VALUE

On success, returns CURLE_OK and stores the number of bytes actually sent into *n. Note that this may very well be less than the amount you wanted to send.

On failure, returns the appropriate error code. diff --git a/docs/libcurl/curl_easy_send.pdf b/docs/libcurl/curl_easy_send.pdf index 30ff055fc..bbe5042b4 100644 Binary files a/docs/libcurl/curl_easy_send.pdf and b/docs/libcurl/curl_easy_send.pdf differ diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3 index 60d549272..75f1ce46b 100644 --- a/docs/libcurl/curl_easy_setopt.3 +++ b/docs/libcurl/curl_easy_setopt.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -165,14 +165,16 @@ Proxy type. See \fICURLOPT_PROXYTYPE(3)\fP Filter out hosts from proxy use. \fICURLOPT_NOPROXY(3)\fP .IP CURLOPT_HTTPPROXYTUNNEL Tunnel through the HTTP proxy. \fICURLOPT_HTTPPROXYTUNNEL(3)\fP +.IP CURLOPT_CONNECT_TO +Connect to a specific host and port. See \fICURLOPT_CONNECT_TO(3)\fP .IP CURLOPT_SOCKS5_GSSAPI_SERVICE Socks5 GSSAPI service name. \fICURLOPT_SOCKS5_GSSAPI_SERVICE(3)\fP .IP CURLOPT_SOCKS5_GSSAPI_NEC Socks5 GSSAPI NEC mode. See \fICURLOPT_SOCKS5_GSSAPI_NEC(3)\fP .IP CURLOPT_PROXY_SERVICE_NAME -Proxy service name. \fICURLOPT_PROXY_SERVICE_NAME(3)\fP +Proxy authentication service name. \fICURLOPT_PROXY_SERVICE_NAME(3)\fP .IP CURLOPT_SERVICE_NAME -SPNEGO service name. \fICURLOPT_SERVICE_NAME(3)\fP +Authentication service name. \fICURLOPT_SERVICE_NAME(3)\fP .IP CURLOPT_INTERFACE Bind connection locally to this. See \fICURLOPT_INTERFACE(3)\fP .IP CURLOPT_LOCALPORT @@ -187,6 +189,8 @@ OBSOLETE Enable global DNS cache. See \fICURLOPT_DNS_USE_GLOBAL_CACHE(3)\fP Ask for smaller buffer size. See \fICURLOPT_BUFFERSIZE(3)\fP .IP CURLOPT_PORT Port number to connect to. See \fICURLOPT_PORT(3)\fP +.IP CURLOPT_TCP_FASTOPEN +Enable TFO, TCP Fast Open. See \fICURLOPT_TCP_FASTOPEN(3)\fP .IP CURLOPT_TCP_NODELAY Disable the Nagle algorithm. See \fICURLOPT_TCP_NODELAY(3)\fP .IP CURLOPT_ADDRESS_SCOPE diff --git a/docs/libcurl/curl_easy_setopt.html b/docs/libcurl/curl_easy_setopt.html index 14f472b47..106839e64 100644 --- a/docs/libcurl/curl_easy_setopt.html +++ b/docs/libcurl/curl_easy_setopt.html @@ -168,14 +168,16 @@ p.roffit {

Filter out hosts from proxy use. CURLOPT_NOPROXY(3)

CURLOPT_HTTPPROXYTUNNEL

Tunnel through the HTTP proxy. CURLOPT_HTTPPROXYTUNNEL(3) +

CURLOPT_CONNECT_TO +

Connect to a specific host and port. See CURLOPT_CONNECT_TO(3)

CURLOPT_SOCKS5_GSSAPI_SERVICE

Socks5 GSSAPI service name. CURLOPT_SOCKS5_GSSAPI_SERVICE(3)

CURLOPT_SOCKS5_GSSAPI_NEC

Socks5 GSSAPI NEC mode. See CURLOPT_SOCKS5_GSSAPI_NEC(3)

CURLOPT_PROXY_SERVICE_NAME -

Proxy service name. CURLOPT_PROXY_SERVICE_NAME(3) +

Proxy authentication service name. CURLOPT_PROXY_SERVICE_NAME(3)

CURLOPT_SERVICE_NAME -

SPNEGO service name. CURLOPT_SERVICE_NAME(3) +

Authentication service name. CURLOPT_SERVICE_NAME(3)

CURLOPT_INTERFACE

Bind connection locally to this. See CURLOPT_INTERFACE(3)

CURLOPT_LOCALPORT @@ -190,6 +192,8 @@ p.roffit {

Ask for smaller buffer size. See CURLOPT_BUFFERSIZE(3)

CURLOPT_PORT

Port number to connect to. See CURLOPT_PORT(3) +

CURLOPT_TCP_FASTOPEN +

Enable TFO, TCP Fast Open. See CURLOPT_TCP_FASTOPEN(3)

CURLOPT_TCP_NODELAY

Disable the Nagle algorithm. See CURLOPT_TCP_NODELAY(3)

CURLOPT_ADDRESS_SCOPE diff --git a/docs/libcurl/curl_easy_setopt.pdf b/docs/libcurl/curl_easy_setopt.pdf index 71e835604..dfee03b12 100644 Binary files a/docs/libcurl/curl_easy_setopt.pdf and b/docs/libcurl/curl_easy_setopt.pdf differ diff --git a/docs/libcurl/curl_easy_strerror.pdf b/docs/libcurl/curl_easy_strerror.pdf index 9e9c848f2..eda58c676 100644 Binary files a/docs/libcurl/curl_easy_strerror.pdf and b/docs/libcurl/curl_easy_strerror.pdf differ diff --git a/docs/libcurl/curl_easy_unescape.pdf b/docs/libcurl/curl_easy_unescape.pdf index 7861b4a6a..b9e5ded5d 100644 Binary files a/docs/libcurl/curl_easy_unescape.pdf and b/docs/libcurl/curl_easy_unescape.pdf differ diff --git a/docs/libcurl/curl_escape.pdf b/docs/libcurl/curl_escape.pdf index 29ab6b833..c831353dc 100644 Binary files a/docs/libcurl/curl_escape.pdf and b/docs/libcurl/curl_escape.pdf differ diff --git a/docs/libcurl/curl_formadd.3 b/docs/libcurl/curl_formadd.3 index 716d82bbb..6923913d4 100644 --- a/docs/libcurl/curl_formadd.3 +++ b/docs/libcurl/curl_formadd.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -32,7 +32,7 @@ curl_formadd - add a section to a multipart/formdata HTTP POST curl_formadd() is used to append sections when building a multipart/formdata HTTP POST (sometimes referred to as RFC2388-style posts). Append one section at a time until you've added all the sections you want included and then you -pass the \fIfirstitem\fP pointer as parameter to \fBCURLOPT_HTTPPOST(3)\fP. +pass the \fIfirstitem\fP pointer as parameter to \fICURLOPT_HTTPPOST(3)\fP. \fIlastitem\fP is set after each \fIcurl_formadd(3)\fP call and on repeated invokes it should be left as set to allow repeated invokes to find the end of the list faster. diff --git a/docs/libcurl/curl_formadd.html b/docs/libcurl/curl_formadd.html index 6a2aa4c0e..23ffd9214 100644 --- a/docs/libcurl/curl_formadd.html +++ b/docs/libcurl/curl_formadd.html @@ -55,7 +55,7 @@ p.roffit {

#include <curl/curl.h>

CURLFORMcode curl_formadd(struct curl_httppost ** firstitem, struct curl_httppost ** lastitem, ...);

DESCRIPTION

-

curl_formadd() is used to append sections when building a multipart/formdata HTTP POST (sometimes referred to as RFC 2388-style posts). Append one section at a time until you've added all the sections you want included and then you pass the firstitem pointer as parameter to CURLOPT_HTTPPOST(3). lastitem is set after each curl_formadd call and on repeated invokes it should be left as set to allow repeated invokes to find the end of the list faster. +

curl_formadd() is used to append sections when building a multipart/formdata HTTP POST (sometimes referred to as RFC 2388-style posts). Append one section at a time until you've added all the sections you want included and then you pass the firstitem pointer as parameter to CURLOPT_HTTPPOST(3). lastitem is set after each curl_formadd call and on repeated invokes it should be left as set to allow repeated invokes to find the end of the list faster.

After the lastitem pointer follow the real arguments.

The pointers firstitem and lastitem should both be pointing to NULL in the first call to this function. All list-data will be allocated by the function itself. You must call curl_formfree on the firstitem after the form post has been done to free the resources.

Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header. You can disable this header with CURLOPT_HTTPHEADER(3) as usual. diff --git a/docs/libcurl/curl_formadd.pdf b/docs/libcurl/curl_formadd.pdf index 5057b3658..464a412aa 100644 Binary files a/docs/libcurl/curl_formadd.pdf and b/docs/libcurl/curl_formadd.pdf differ diff --git a/docs/libcurl/curl_formfree.3 b/docs/libcurl/curl_formfree.3 index e651b8e87..a2536cd9e 100644 --- a/docs/libcurl/curl_formfree.3 +++ b/docs/libcurl/curl_formfree.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -33,7 +33,7 @@ curl_formfree() is used to clean up data previously built/appended with typically means after \fIcurl_easy_perform(3)\fP has been called. The pointer to free is the same pointer you passed to the -\fBCURLOPT_HTTPPOST(3)\fP option, which is the \fIfirstitem\fP pointer from +\fICURLOPT_HTTPPOST(3)\fP option, which is the \fIfirstitem\fP pointer from the \fIcurl_formadd(3)\fP invoke(s). \fBform\fP is the pointer as returned from a previous call to diff --git a/docs/libcurl/curl_formfree.html b/docs/libcurl/curl_formfree.html index b13fe1f90..c1f528fae 100644 --- a/docs/libcurl/curl_formfree.html +++ b/docs/libcurl/curl_formfree.html @@ -56,7 +56,7 @@ p.roffit {

void curl_formfree(struct curl_httppost * form);

DESCRIPTION

curl_formfree() is used to clean up data previously built/appended with curl_formadd. This must be called when the data has been used, which typically means after curl_easy_perform has been called. -

The pointer to free is the same pointer you passed to the CURLOPT_HTTPPOST(3) option, which is the firstitem pointer from the curl_formadd invoke(s). +

The pointer to free is the same pointer you passed to the CURLOPT_HTTPPOST(3) option, which is the firstitem pointer from the curl_formadd invoke(s).

form is the pointer as returned from a previous call to curl_formadd and may be NULL.

RETURN VALUE

None

SEE ALSO

curl_formadd

diff --git a/docs/libcurl/curl_formfree.pdf b/docs/libcurl/curl_formfree.pdf index a540b75cc..1a7d327e2 100644 Binary files a/docs/libcurl/curl_formfree.pdf and b/docs/libcurl/curl_formfree.pdf differ diff --git a/docs/libcurl/curl_formget.pdf b/docs/libcurl/curl_formget.pdf index 18cf3b760..9230d2297 100644 Binary files a/docs/libcurl/curl_formget.pdf and b/docs/libcurl/curl_formget.pdf differ diff --git a/docs/libcurl/curl_free.pdf b/docs/libcurl/curl_free.pdf index 249a82c29..e21d22886 100644 Binary files a/docs/libcurl/curl_free.pdf and b/docs/libcurl/curl_free.pdf differ diff --git a/docs/libcurl/curl_getdate.pdf b/docs/libcurl/curl_getdate.pdf index 2bf17488b..61210cd9b 100644 Binary files a/docs/libcurl/curl_getdate.pdf and b/docs/libcurl/curl_getdate.pdf differ diff --git a/docs/libcurl/curl_getenv.pdf b/docs/libcurl/curl_getenv.pdf index c4faedf06..4ae4170d6 100644 Binary files a/docs/libcurl/curl_getenv.pdf and b/docs/libcurl/curl_getenv.pdf differ diff --git a/docs/libcurl/curl_global_cleanup.3 b/docs/libcurl/curl_global_cleanup.3 index d232263e7..2e3ff0362 100644 --- a/docs/libcurl/curl_global_cleanup.3 +++ b/docs/libcurl/curl_global_cleanup.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -28,7 +28,7 @@ curl_global_cleanup - global libcurl cleanup .BI "void curl_global_cleanup(void);" .ad .SH DESCRIPTION -This function releases resources acquired by \fBcurl_global_init(3)\fP. +This function releases resources acquired by \fIcurl_global_init(3)\fP. You should call \fIcurl_global_cleanup(3)\fP once for each call you make to \fIcurl_global_init(3)\fP, after you are done using libcurl. @@ -36,11 +36,11 @@ You should call \fIcurl_global_cleanup(3)\fP once for each call you make to \fBThis function is not thread safe.\fP You must not call it when any other thread in the program (i.e. a thread sharing the same memory) is running. This doesn't just mean no other thread that is using libcurl. Because -\fBcurl_global_cleanup(3)\fP calls functions of other libraries that are +\fIcurl_global_cleanup(3)\fP calls functions of other libraries that are similarly thread unsafe, it could conflict with any other thread that uses these other libraries. -See the description in \fBlibcurl(3)\fP of global environment requirements for +See the description in \fIlibcurl(3)\fP of global environment requirements for details of how to use this function. .SH "SEE ALSO" diff --git a/docs/libcurl/curl_global_cleanup.html b/docs/libcurl/curl_global_cleanup.html index baea92c28..57d5dd092 100644 --- a/docs/libcurl/curl_global_cleanup.html +++ b/docs/libcurl/curl_global_cleanup.html @@ -55,10 +55,10 @@ p.roffit {

#include <curl/curl.h>

void curl_global_cleanup(void);

DESCRIPTION

-

This function releases resources acquired by curl_global_init. +

This function releases resources acquired by curl_global_init.

You should call curl_global_cleanup once for each call you make to curl_global_init, after you are done using libcurl. -

This function is not thread safe. You must not call it when any other thread in the program (i.e. a thread sharing the same memory) is running. This doesn't just mean no other thread that is using libcurl. Because curl_global_cleanup calls functions of other libraries that are similarly thread unsafe, it could conflict with any other thread that uses these other libraries. -

See the description in libcurl of global environment requirements for details of how to use this function. +

This function is not thread safe. You must not call it when any other thread in the program (i.e. a thread sharing the same memory) is running. This doesn't just mean no other thread that is using libcurl. Because curl_global_cleanup calls functions of other libraries that are similarly thread unsafe, it could conflict with any other thread that uses these other libraries. +

See the description in libcurl of global environment requirements for details of how to use this function.

SEE ALSO

curl_global_init, libcurl

diff --git a/docs/libcurl/curl_global_cleanup.pdf b/docs/libcurl/curl_global_cleanup.pdf index e2b93f183..a0d98de51 100644 Binary files a/docs/libcurl/curl_global_cleanup.pdf and b/docs/libcurl/curl_global_cleanup.pdf differ diff --git a/docs/libcurl/curl_global_init.3 b/docs/libcurl/curl_global_init.3 index c578414de..d2bd79ef3 100644 --- a/docs/libcurl/curl_global_init.3 +++ b/docs/libcurl/curl_global_init.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -54,29 +54,36 @@ If you are initializing libcurl from a Windows DLL you should not initialize it from DllMain or a static initializer because Windows holds the loader lock during that time and it could cause a deadlock. -See the description in \fBlibcurl(3)\fP of global environment requirements for +See the description in \fIlibcurl(3)\fP of global environment requirements for details of how to use this function. - .SH FLAGS -.TP 5 -.B CURL_GLOBAL_ALL +.IP CURL_GLOBAL_ALL Initialize everything possible. This sets all known bits except \fBCURL_GLOBAL_ACK_EINTR\fP. -.TP -.B CURL_GLOBAL_SSL -Initialize SSL -.TP -.B CURL_GLOBAL_WIN32 + +.IP CURL_GLOBAL_SSL +Initialize SSL. + +The implication here is that if this bit is not set, the initialization of the +SSL layer needs to be done by the application or at least outside of +libcurl. The exact procedure how to do SSL initializtion depends on the TLS +backend libcurl uses. + +Doing TLS based transfers without having the TLS layer initialized may lead to +unexpected behaviors. +.IP CURL_GLOBAL_WIN32 Initialize the Win32 socket libraries. -.TP -.B CURL_GLOBAL_NOTHING + +The implication here is that if this bit is not set, the initialization of +winsock has to be done by the application or you risk getting undefined +behaviors. This option exists for when the initialization is handled outside +of libcurl so there's no need for libcurl to do it again. +.IP CURL_GLOBAL_NOTHING Initialise nothing extra. This sets no bit. -.TP -.B CURL_GLOBAL_DEFAULT +.IP CURL_GLOBAL_DEFAULT A sensible default. It will init both SSL and Win32. Right now, this equals the functionality of the \fBCURL_GLOBAL_ALL\fP mask. -.TP -.B CURL_GLOBAL_ACK_EINTR +.IP CURL_GLOBAL_ACK_EINTR When this flag is set, curl will acknowledge EINTR condition when connecting or when waiting for data. Otherwise, curl waits until full timeout elapses. (Added in 7.30.0) diff --git a/docs/libcurl/curl_global_init.html b/docs/libcurl/curl_global_init.html index b2e77162b..075ab0419 100644 --- a/docs/libcurl/curl_global_init.html +++ b/docs/libcurl/curl_global_init.html @@ -60,15 +60,24 @@ p.roffit {

The flags option is a bit pattern that tells libcurl exactly what features to init, as described below. Set the desired bits by ORing the values together. In normal operation, you must specify CURL_GLOBAL_ALL. Don't use any other value unless you are familiar with it and mean to control internal operations of libcurl.

This function is not thread safe. You must not call it when any other thread in the program (i.e. a thread sharing the same memory) is running. This doesn't just mean no other thread that is using libcurl. Because curl_global_init calls functions of other libraries that are similarly thread unsafe, it could conflict with any other thread that uses these other libraries.

If you are initializing libcurl from a Windows DLL you should not initialize it from DllMain or a static initializer because Windows holds the loader lock during that time and it could cause a deadlock. -

See the description in libcurl of global environment requirements for details of how to use this function. -

FLAGS

+

See the description in libcurl of global environment requirements for details of how to use this function.

FLAGS

-

CURL_GLOBAL_ALL Initialize everything possible. This sets all known bits except CURL_GLOBAL_ACK_EINTR. -

CURL_GLOBAL_SSL Initialize SSL -

CURL_GLOBAL_WIN32 Initialize the Win32 socket libraries. -

CURL_GLOBAL_NOTHING Initialise nothing extra. This sets no bit. -

CURL_GLOBAL_DEFAULT A sensible default. It will init both SSL and Win32. Right now, this equals the functionality of the CURL_GLOBAL_ALL mask. -

CURL_GLOBAL_ACK_EINTR When this flag is set, curl will acknowledge EINTR condition when connecting or when waiting for data. Otherwise, curl waits until full timeout elapses. (Added in 7.30.0)

RETURN VALUE

+

CURL_GLOBAL_ALL +

Initialize everything possible. This sets all known bits except CURL_GLOBAL_ACK_EINTR. +

+

CURL_GLOBAL_SSL +

Initialize SSL. +

The implication here is that if this bit is not set, the initialization of the SSL layer needs to be done by the application or at least outside of libcurl. The exact procedure how to do SSL initializtion depends on the TLS backend libcurl uses. +

Doing TLS based transfers without having the TLS layer initialized may lead to unexpected behaviors. +

CURL_GLOBAL_WIN32 +

Initialize the Win32 socket libraries. +

The implication here is that if this bit is not set, the initialization of winsock has to be done by the application or you risk getting undefined behaviors. This option exists for when the initialization is handled outside of libcurl so there's no need for libcurl to do it again. +

CURL_GLOBAL_NOTHING +

Initialise nothing extra. This sets no bit. +

CURL_GLOBAL_DEFAULT +

A sensible default. It will init both SSL and Win32. Right now, this equals the functionality of the CURL_GLOBAL_ALL mask. +

CURL_GLOBAL_ACK_EINTR +

When this flag is set, curl will acknowledge EINTR condition when connecting or when waiting for data. Otherwise, curl waits until full timeout elapses. (Added in 7.30.0)

RETURN VALUE

If this function returns non-zero, something went wrong and you cannot use the other curl functions.

SEE ALSO

curl_global_init_mem, curl_global_cleanup, curl_easy_init, libcurl

This HTML page was made with roffit. diff --git a/docs/libcurl/curl_global_init.pdf b/docs/libcurl/curl_global_init.pdf index 528b505d9..73234ccba 100644 Binary files a/docs/libcurl/curl_global_init.pdf and b/docs/libcurl/curl_global_init.pdf differ diff --git a/docs/libcurl/curl_global_init_mem.pdf b/docs/libcurl/curl_global_init_mem.pdf index 545531e6a..68135ac37 100644 Binary files a/docs/libcurl/curl_global_init_mem.pdf and b/docs/libcurl/curl_global_init_mem.pdf differ diff --git a/docs/libcurl/curl_mprintf.3 b/docs/libcurl/curl_mprintf.3 index 6c986cad0..e861ed9ce 100644 --- a/docs/libcurl/curl_mprintf.3 +++ b/docs/libcurl/curl_mprintf.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -91,15 +91,9 @@ returned string must be free()ed by the receiver. Like curl_maprintf() but takes a va_list pointer argument instead of a variable amount of arguments. .RE - -To easily use all these cloned functions instead of the normal ones, #define -_MPRINTF_REPLACE before you include the file. Then all the -normal names like printf, fprintf, sprintf etc will use the curl-functions -instead. .SH AVAILABILITY -These function will be removed from the public libcurl API in a near -future. They will instead be made "available" by source code access only, and -then as curlx_-prefixed functions. See lib/README.curlx for further details. +These functions will be removed from the public libcurl API in the future. Do +not use them in any new programs or projects. .SH RETURN VALUE The \fBcurl_maprintf\fP and \fBcurl_mvaprintf\fP functions return a pointer to a newly allocated string, or NULL if it failed. diff --git a/docs/libcurl/curl_mprintf.html b/docs/libcurl/curl_mprintf.html index 017586268..64d703a0c 100644 --- a/docs/libcurl/curl_mprintf.html +++ b/docs/libcurl/curl_mprintf.html @@ -67,9 +67,8 @@ p.roffit {

curl_mvsnprintf() vsnprintf() clone. Many systems don't have this. It is just like vsprintf but with an extra argument after the buffer that specifies the length of the target buffer.

curl_maprintf() Like printf() but returns the output string as a malloc()ed string. The returned string must be free()ed by the receiver.

curl_mvaprintf() Like curl_maprintf() but takes a va_list pointer argument instead of a variable amount of arguments. -

-

To easily use all these cloned functions instead of the normal ones, #define _MPRINTF_REPLACE before you include the <curl/mprintf.h> file. Then all the normal names like printf, fprintf, sprintf etc will use the curl-functions instead.

AVAILABILITY

-

These function will be removed from the public libcurl API in a near future. They will instead be made "available" by source code access only, and then as curlx_-prefixed functions. See lib/README.curlx for further details.

RETURN VALUE

+

AVAILABILITY

+

These functions will be removed from the public libcurl API in the future. Do not use them in any new programs or projects.

RETURN VALUE

The curl_maprintf and curl_mvaprintf functions return a pointer to a newly allocated string, or NULL if it failed.

All other functions return the number of characters they actually outputted.

SEE ALSO

printf (3), sprintf (3), fprintf (3), vprintf (3)

diff --git a/docs/libcurl/curl_mprintf.pdf b/docs/libcurl/curl_mprintf.pdf index 80982a75f..dbe8d2d67 100644 Binary files a/docs/libcurl/curl_mprintf.pdf and b/docs/libcurl/curl_mprintf.pdf differ diff --git a/docs/libcurl/curl_multi_add_handle.pdf b/docs/libcurl/curl_multi_add_handle.pdf index f00d94060..4f2086126 100644 Binary files a/docs/libcurl/curl_multi_add_handle.pdf and b/docs/libcurl/curl_multi_add_handle.pdf differ diff --git a/docs/libcurl/curl_multi_assign.pdf b/docs/libcurl/curl_multi_assign.pdf index 5108ca0a8..6873ce9fd 100644 Binary files a/docs/libcurl/curl_multi_assign.pdf and b/docs/libcurl/curl_multi_assign.pdf differ diff --git a/docs/libcurl/curl_multi_cleanup.pdf b/docs/libcurl/curl_multi_cleanup.pdf index d0b497648..6a7b7c8b3 100644 Binary files a/docs/libcurl/curl_multi_cleanup.pdf and b/docs/libcurl/curl_multi_cleanup.pdf differ diff --git a/docs/libcurl/curl_multi_fdset.pdf b/docs/libcurl/curl_multi_fdset.pdf index 32491a992..85fa985b4 100644 Binary files a/docs/libcurl/curl_multi_fdset.pdf and b/docs/libcurl/curl_multi_fdset.pdf differ diff --git a/docs/libcurl/curl_multi_info_read.pdf b/docs/libcurl/curl_multi_info_read.pdf index 3146b9f8d..c5856a225 100644 Binary files a/docs/libcurl/curl_multi_info_read.pdf and b/docs/libcurl/curl_multi_info_read.pdf differ diff --git a/docs/libcurl/curl_multi_init.pdf b/docs/libcurl/curl_multi_init.pdf index 349a693bf..18782206d 100644 Binary files a/docs/libcurl/curl_multi_init.pdf and b/docs/libcurl/curl_multi_init.pdf differ diff --git a/docs/libcurl/curl_multi_perform.pdf b/docs/libcurl/curl_multi_perform.pdf index c17c0e359..4e0ab4585 100644 Binary files a/docs/libcurl/curl_multi_perform.pdf and b/docs/libcurl/curl_multi_perform.pdf differ diff --git a/docs/libcurl/curl_multi_remove_handle.pdf b/docs/libcurl/curl_multi_remove_handle.pdf index 6badb0a52..9a4e91d76 100644 Binary files a/docs/libcurl/curl_multi_remove_handle.pdf and b/docs/libcurl/curl_multi_remove_handle.pdf differ diff --git a/docs/libcurl/curl_multi_setopt.pdf b/docs/libcurl/curl_multi_setopt.pdf index 34bb65acd..a3c36fdc3 100644 Binary files a/docs/libcurl/curl_multi_setopt.pdf and b/docs/libcurl/curl_multi_setopt.pdf differ diff --git a/docs/libcurl/curl_multi_socket.3 b/docs/libcurl/curl_multi_socket.3 index 77d2a4f92..52abf1ef8 100644 --- a/docs/libcurl/curl_multi_socket.3 +++ b/docs/libcurl/curl_multi_socket.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -43,7 +43,7 @@ decreases by one, it DOES NOT necessarily mean that this exact socket/transfer is the one that completed. Use \fIcurl_multi_info_read(3)\fP to figure out which easy handle that completed. -The \fBcurl_multi_socket_action(3)\fP functions inform the application about +The \fIcurl_multi_socket_action(3)\fP functions inform the application about updates in the socket (file descriptor) status by doing none, one, or multiple calls to the socket callback function set with the CURLMOPT_SOCKETFUNCTION option to \fIcurl_multi_setopt(3)\fP. They update the status with changes @@ -52,7 +52,7 @@ since the previous time the callback was called. Get the timeout time by setting the \fICURLMOPT_TIMERFUNCTION\fP option with \fIcurl_multi_setopt(3)\fP. Your application will then get called with information on how long to wait for socket actions at most before doing the -timeout action: call the \fBcurl_multi_socket_action(3)\fP function with the +timeout action: call the \fIcurl_multi_socket_action(3)\fP function with the \fBsockfd\fP argument set to CURL_SOCKET_TIMEOUT. You can also use the \fIcurl_multi_timeout(3)\fP function to poll the value at any given time, but for an event-based system using the callback is far better than relying on @@ -63,7 +63,7 @@ equivalent to \fIcurl_multi_socket_action(3)\fP with \fBev_bitmask\fP set to 0. Force libcurl to (re-)check all its internal sockets and transfers instead of -just a single one by calling \fBcurl_multi_socket_all(3)\fP. Note that there +just a single one by calling \fIcurl_multi_socket_all(3)\fP. Note that there should not be any reason to use this function! .SH "CALLBACK DETAILS" diff --git a/docs/libcurl/curl_multi_socket.html b/docs/libcurl/curl_multi_socket.html index ed6a5e85d..e69041598 100644 --- a/docs/libcurl/curl_multi_socket.html +++ b/docs/libcurl/curl_multi_socket.html @@ -64,10 +64,10 @@ CURLMcode curl_multi_socket_all(CURLM *multi_handle,

DESCRIPTION

These functions are deprecated. Do not use! See curl_multi_socket_action instead!

At return, the integer running_handles points to will contain the number of still running easy handles within the multi handle. When this number reaches zero, all transfers are complete/done. Note that when you call curl_multi_socket_action on a specific socket and the counter decreases by one, it DOES NOT necessarily mean that this exact socket/transfer is the one that completed. Use curl_multi_info_read to figure out which easy handle that completed. -

The curl_multi_socket_action functions inform the application about updates in the socket (file descriptor) status by doing none, one, or multiple calls to the socket callback function set with the CURLMOPT_SOCKETFUNCTION option to curl_multi_setopt. They update the status with changes since the previous time the callback was called. -

Get the timeout time by setting the CURLMOPT_TIMERFUNCTION option with curl_multi_setopt. Your application will then get called with information on how long to wait for socket actions at most before doing the timeout action: call the curl_multi_socket_action function with the sockfd argument set to CURL_SOCKET_TIMEOUT. You can also use the curl_multi_timeout function to poll the value at any given time, but for an event-based system using the callback is far better than relying on polling the timeout value. +

The curl_multi_socket_action functions inform the application about updates in the socket (file descriptor) status by doing none, one, or multiple calls to the socket callback function set with the CURLMOPT_SOCKETFUNCTION option to curl_multi_setopt. They update the status with changes since the previous time the callback was called. +

Get the timeout time by setting the CURLMOPT_TIMERFUNCTION option with curl_multi_setopt. Your application will then get called with information on how long to wait for socket actions at most before doing the timeout action: call the curl_multi_socket_action function with the sockfd argument set to CURL_SOCKET_TIMEOUT. You can also use the curl_multi_timeout function to poll the value at any given time, but for an event-based system using the callback is far better than relying on polling the timeout value.

Usage of curl_multi_socket is deprecated, whereas the function is equivalent to curl_multi_socket_action with ev_bitmask set to 0. -

Force libcurl to (re-)check all its internal sockets and transfers instead of just a single one by calling curl_multi_socket_all. Note that there should not be any reason to use this function!

CALLBACK DETAILS

+

Force libcurl to (re-)check all its internal sockets and transfers instead of just a single one by calling curl_multi_socket_all. Note that there should not be any reason to use this function!

CALLBACK DETAILS

The socket callback function uses a prototype like this

  
diff --git a/docs/libcurl/curl_multi_socket.pdf b/docs/libcurl/curl_multi_socket.pdf
index 1e4dfbd26..6da2ef764 100644
Binary files a/docs/libcurl/curl_multi_socket.pdf and b/docs/libcurl/curl_multi_socket.pdf differ
diff --git a/docs/libcurl/curl_multi_socket_action.3 b/docs/libcurl/curl_multi_socket_action.3
index 6285e6f52..2b8419232 100644
--- a/docs/libcurl/curl_multi_socket_action.3
+++ b/docs/libcurl/curl_multi_socket_action.3
@@ -43,7 +43,7 @@ libcurl will test the descriptor internally. It is also permissible to pass
 CURL_SOCKET_TIMEOUT to the \fBsockfd\fP parameter in order to initiate the
 whole process or when a timeout occurs.
 
-At return, the integer \fBrunning_handles\fP points to will contain the number
+At return, \fBrunning_handles\fP points to the number
 of running easy handles within the multi handle. When this number reaches
 zero, all transfers are complete/done. When you call
 \fIcurl_multi_socket_action(3)\fP on a specific socket and the counter
@@ -51,16 +51,17 @@ decreases by one, it DOES NOT necessarily mean that this exact socket/transfer
 is the one that completed. Use \fIcurl_multi_info_read(3)\fP to figure out
 which easy handle that completed.
 
-The \fBcurl_multi_socket_action(3)\fP functions inform the application about
+The \fIcurl_multi_socket_action(3)\fP functions inform the application about
 updates in the socket (file descriptor) status by doing none, one, or multiple
-calls to the socket callback function set with the CURLMOPT_SOCKETFUNCTION
-option to \fIcurl_multi_setopt(3)\fP. They update the status with changes
-since the previous time the callback was called.
+calls to the socket callback function set with the
+\fICURLMOPT_SOCKETFUNCTION(3)\fP option to \fIcurl_multi_setopt(3)\fP. They
+update the status with changes since the previous time the callback was
+called.
 
-Get the timeout time by setting the \fICURLMOPT_TIMERFUNCTION\fP option with
-\fIcurl_multi_setopt(3)\fP. Your application will then get called with
+Get the timeout time by setting the \fICURLMOPT_TIMERFUNCTION(3)\fP option
+with \fIcurl_multi_setopt(3)\fP. Your application will then get called with
 information on how long to wait for socket actions at most before doing the
-timeout action: call the \fBcurl_multi_socket_action(3)\fP function with the
+timeout action: call the \fIcurl_multi_socket_action(3)\fP function with the
 \fBsockfd\fP argument set to CURL_SOCKET_TIMEOUT. You can also use the
 \fIcurl_multi_timeout(3)\fP function to poll the value at any given time, but
 for an event-based system using the callback is far better than relying on
@@ -77,7 +78,7 @@ The socket \fBcallback\fP function uses a prototype like this
                            void *socketp); /* private socket pointer,
                                               \fBNULL\fP if not
                                               previously assigned with
-                                              \fBcurl_multi_assign(3)\fP */
+                                              \fIcurl_multi_assign(3)\fP */
 
 .fi
 The callback MUST return 0.
diff --git a/docs/libcurl/curl_multi_socket_action.html b/docs/libcurl/curl_multi_socket_action.html
index fa88f7b9f..dc07c0d4e 100644
--- a/docs/libcurl/curl_multi_socket_action.html
+++ b/docs/libcurl/curl_multi_socket_action.html
@@ -63,9 +63,9 @@ CURLMcode curl_multi_socket_action(CURLM * multi_handle,
 
 

DESCRIPTION

When the application has detected action on a socket handled by libcurl, it should call curl_multi_socket_action with the sockfd argument set to the socket with the action. When the events on a socket are known, they can be passed as an events bitmask ev_bitmask by first setting ev_bitmask to 0, and then adding using bitwise OR (|) any combination of events to be chosen from CURL_CSELECT_IN, CURL_CSELECT_OUT or CURL_CSELECT_ERR. When the events on a socket are unknown, pass 0 instead, and libcurl will test the descriptor internally. It is also permissible to pass CURL_SOCKET_TIMEOUT to the sockfd parameter in order to initiate the whole process or when a timeout occurs. -

At return, the integer running_handles points to will contain the number of running easy handles within the multi handle. When this number reaches zero, all transfers are complete/done. When you call curl_multi_socket_action on a specific socket and the counter decreases by one, it DOES NOT necessarily mean that this exact socket/transfer is the one that completed. Use curl_multi_info_read to figure out which easy handle that completed. -

The curl_multi_socket_action functions inform the application about updates in the socket (file descriptor) status by doing none, one, or multiple calls to the socket callback function set with the CURLMOPT_SOCKETFUNCTION option to curl_multi_setopt. They update the status with changes since the previous time the callback was called. -

Get the timeout time by setting the CURLMOPT_TIMERFUNCTION option with curl_multi_setopt. Your application will then get called with information on how long to wait for socket actions at most before doing the timeout action: call the curl_multi_socket_action function with the sockfd argument set to CURL_SOCKET_TIMEOUT. You can also use the curl_multi_timeout function to poll the value at any given time, but for an event-based system using the callback is far better than relying on polling the timeout value.

CALLBACK DETAILS

+

At return, running_handles points to the number of running easy handles within the multi handle. When this number reaches zero, all transfers are complete/done. When you call curl_multi_socket_action on a specific socket and the counter decreases by one, it DOES NOT necessarily mean that this exact socket/transfer is the one that completed. Use curl_multi_info_read to figure out which easy handle that completed. +

The curl_multi_socket_action functions inform the application about updates in the socket (file descriptor) status by doing none, one, or multiple calls to the socket callback function set with the CURLMOPT_SOCKETFUNCTION(3) option to curl_multi_setopt. They update the status with changes since the previous time the callback was called. +

Get the timeout time by setting the CURLMOPT_TIMERFUNCTION(3) option with curl_multi_setopt. Your application will then get called with information on how long to wait for socket actions at most before doing the timeout action: call the curl_multi_socket_action function with the sockfd argument set to CURL_SOCKET_TIMEOUT. You can also use the curl_multi_timeout function to poll the value at any given time, but for an event-based system using the callback is far better than relying on polling the timeout value.

CALLBACK DETAILS

The socket callback function uses a prototype like this

  
@@ -76,7 +76,7 @@ CURLMcode curl_multi_socket_action(CURLM * multi_handle,
                            void *socketp); /* private socket pointer,
                                               NULL if not
                                               previously assigned with
-                                              curl_multi_assign(3) */
+                                              curl_multi_assign(3) */
  
 
diff --git a/docs/libcurl/curl_multi_socket_action.pdf b/docs/libcurl/curl_multi_socket_action.pdf index f5f3d9201..572428761 100644 Binary files a/docs/libcurl/curl_multi_socket_action.pdf and b/docs/libcurl/curl_multi_socket_action.pdf differ diff --git a/docs/libcurl/curl_multi_socket_all.3 b/docs/libcurl/curl_multi_socket_all.3 new file mode 100644 index 000000000..428dd06f9 --- /dev/null +++ b/docs/libcurl/curl_multi_socket_all.3 @@ -0,0 +1 @@ +.so man3/curl_multi_socket.3 diff --git a/docs/libcurl/curl_multi_socket_all.html b/docs/libcurl/curl_multi_socket_all.html new file mode 100644 index 000000000..5ac32950b --- /dev/null +++ b/docs/libcurl/curl_multi_socket_all.html @@ -0,0 +1,56 @@ + + +secret man page + + + +See the man3/curl_multi_socket.3 man page. + +

+ This HTML page was made with roffit. + diff --git a/docs/libcurl/curl_multi_socket_all.pdf b/docs/libcurl/curl_multi_socket_all.pdf new file mode 100644 index 000000000..fddfa849e Binary files /dev/null and b/docs/libcurl/curl_multi_socket_all.pdf differ diff --git a/docs/libcurl/curl_multi_strerror.pdf b/docs/libcurl/curl_multi_strerror.pdf index afb78a47d..c6aae72df 100644 Binary files a/docs/libcurl/curl_multi_strerror.pdf and b/docs/libcurl/curl_multi_strerror.pdf differ diff --git a/docs/libcurl/curl_multi_timeout.3 b/docs/libcurl/curl_multi_timeout.3 index 6f9e818b2..71b2b320a 100644 --- a/docs/libcurl/curl_multi_timeout.3 +++ b/docs/libcurl/curl_multi_timeout.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -29,12 +29,12 @@ CURLMcode curl_multi_timeout(CURLM *multi_handle, long *timeout); .SH DESCRIPTION An application using the libcurl multi interface should call -\fBcurl_multi_timeout(3)\fP to figure out how long it should wait for socket +\fIcurl_multi_timeout(3)\fP to figure out how long it should wait for socket actions \- at most \- before proceeding. Proceeding means either doing the socket-style timeout action: call the -\fBcurl_multi_socket_action(3)\fP function with the \fBsockfd\fP argument set -to CURL_SOCKET_TIMEOUT, or call \fBcurl_multi_perform(3)\fP if you're using +\fIcurl_multi_socket_action(3)\fP function with the \fBsockfd\fP argument set +to CURL_SOCKET_TIMEOUT, or call \fIcurl_multi_perform(3)\fP if you're using the simpler and older multi interface approach. The timeout value returned in the long \fBtimeout\fP points to, is in number @@ -68,9 +68,9 @@ select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout); .SH "RETURN VALUE" The standard CURLMcode for multi interface error codes. .SH "TYPICAL USAGE" -Call \fBcurl_multi_timeout(3)\fP, then wait for action on the sockets. You -figure out which sockets to wait for by calling \fBcurl_multi_fdset(3)\fP or -by a previous call to \fBcurl_multi_socket(3)\fP. +Call \fIcurl_multi_timeout(3)\fP, then wait for action on the sockets. You +figure out which sockets to wait for by calling \fIcurl_multi_fdset(3)\fP or +by a previous call to \fIcurl_multi_socket(3)\fP. .SH AVAILABILITY This function was added in libcurl 7.15.4. .SH "SEE ALSO" diff --git a/docs/libcurl/curl_multi_timeout.html b/docs/libcurl/curl_multi_timeout.html index 34d33d043..3f74cfdb2 100644 --- a/docs/libcurl/curl_multi_timeout.html +++ b/docs/libcurl/curl_multi_timeout.html @@ -55,8 +55,8 @@ p.roffit {

#include <curl/curl.h>

CURLMcode curl_multi_timeout(CURLM *multi_handle, long *timeout);

DESCRIPTION

-

An application using the libcurl multi interface should call curl_multi_timeout to figure out how long it should wait for socket actions - at most - before proceeding. -

Proceeding means either doing the socket-style timeout action: call the curl_multi_socket_action function with the sockfd argument set to CURL_SOCKET_TIMEOUT, or call curl_multi_perform if you're using the simpler and older multi interface approach. +

An application using the libcurl multi interface should call curl_multi_timeout to figure out how long it should wait for socket actions - at most - before proceeding. +

Proceeding means either doing the socket-style timeout action: call the curl_multi_socket_action function with the sockfd argument set to CURL_SOCKET_TIMEOUT, or call curl_multi_perform if you're using the simpler and older multi interface approach.

The timeout value returned in the long timeout points to, is in number of milliseconds at this very moment. If 0, it means you should proceed immediately without waiting for anything. If it returns -1, there's no timeout at all set.

An application that uses the multi_socket API SHOULD NOT use this function, but SHOULD instead use curl_multi_setopt and its CURLMOPT_TIMERFUNCTION option for proper and desired behavior.

Note: if libcurl returns a -1 timeout here, it just means that libcurl currently has no stored timeout value. You must not wait too long (more than a few seconds perhaps) before you call curl_multi_perform() again.

EXAMPLE

@@ -78,7 +78,7 @@ select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);

RETURN VALUE

The standard CURLMcode for multi interface error codes.

TYPICAL USAGE

-

Call curl_multi_timeout, then wait for action on the sockets. You figure out which sockets to wait for by calling curl_multi_fdset or by a previous call to curl_multi_socket.

AVAILABILITY

+

Call curl_multi_timeout, then wait for action on the sockets. You figure out which sockets to wait for by calling curl_multi_fdset or by a previous call to curl_multi_socket.

AVAILABILITY

This function was added in libcurl 7.15.4.

SEE ALSO

curl_multi_fdset, curl_multi_info_read, curl_multi_socket, curl_multi_setopt

diff --git a/docs/libcurl/curl_multi_timeout.pdf b/docs/libcurl/curl_multi_timeout.pdf index 1c0751396..70dccd912 100644 Binary files a/docs/libcurl/curl_multi_timeout.pdf and b/docs/libcurl/curl_multi_timeout.pdf differ diff --git a/docs/libcurl/curl_multi_wait.pdf b/docs/libcurl/curl_multi_wait.pdf index bf84c8d3d..e77b05dfc 100644 Binary files a/docs/libcurl/curl_multi_wait.pdf and b/docs/libcurl/curl_multi_wait.pdf differ diff --git a/docs/libcurl/curl_share_cleanup.pdf b/docs/libcurl/curl_share_cleanup.pdf index 14474d434..405b20bc3 100644 Binary files a/docs/libcurl/curl_share_cleanup.pdf and b/docs/libcurl/curl_share_cleanup.pdf differ diff --git a/docs/libcurl/curl_share_init.pdf b/docs/libcurl/curl_share_init.pdf index e263043c5..69b8e988e 100644 Binary files a/docs/libcurl/curl_share_init.pdf and b/docs/libcurl/curl_share_init.pdf differ diff --git a/docs/libcurl/curl_share_setopt.3 b/docs/libcurl/curl_share_setopt.3 index cbdbdc558..55e06f129 100644 --- a/docs/libcurl/curl_share_setopt.3 +++ b/docs/libcurl/curl_share_setopt.3 @@ -68,7 +68,8 @@ be used! SSL session IDs will be shared across the easy handles using this shared object. This will reduce the time spent in the SSL handshake when reconnecting to the same server. Note SSL session IDs are reused within the same easy handle -by default. +by default. Note this symbol was added in 7.10.3 but was not implemented until +7.23.0. .RE .IP CURLSHOPT_UNSHARE This option does the opposite of \fICURLSHOPT_SHARE\fP. It specifies that diff --git a/docs/libcurl/curl_share_setopt.html b/docs/libcurl/curl_share_setopt.html index 934122c00..9e5c44eb4 100644 --- a/docs/libcurl/curl_share_setopt.html +++ b/docs/libcurl/curl_share_setopt.html @@ -76,7 +76,7 @@ p.roffit {

CURL_LOCK_DATA_DNS

Cached DNS hosts will be shared across the easy handles using this shared object. Note that when you use the multi interface, all easy handles added to the same multi handle will share DNS cache by default without this having to be used!

CURL_LOCK_DATA_SSL_SESSION -

SSL session IDs will be shared across the easy handles using this shared object. This will reduce the time spent in the SSL handshake when reconnecting to the same server. Note SSL session IDs are reused within the same easy handle by default. +

SSL session IDs will be shared across the easy handles using this shared object. This will reduce the time spent in the SSL handshake when reconnecting to the same server. Note SSL session IDs are reused within the same easy handle by default. Note this symbol was added in 7.10.3 but was not implemented until 7.23.0.

CURLSHOPT_UNSHARE

This option does the opposite of CURLSHOPT_SHARE. It specifies that the specified parameter will no longer be shared. Valid values are the same as those for CURLSHOPT_SHARE. diff --git a/docs/libcurl/curl_share_setopt.pdf b/docs/libcurl/curl_share_setopt.pdf index 6def6c47d..6fdb7e25f 100644 Binary files a/docs/libcurl/curl_share_setopt.pdf and b/docs/libcurl/curl_share_setopt.pdf differ diff --git a/docs/libcurl/curl_share_strerror.pdf b/docs/libcurl/curl_share_strerror.pdf index 920d65089..4b9210b18 100644 Binary files a/docs/libcurl/curl_share_strerror.pdf and b/docs/libcurl/curl_share_strerror.pdf differ diff --git a/docs/libcurl/curl_slist_append.3 b/docs/libcurl/curl_slist_append.3 index 9015e0f61..fed802929 100644 --- a/docs/libcurl/curl_slist_append.3 +++ b/docs/libcurl/curl_slist_append.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -36,7 +36,7 @@ been appended when this function returns. curl_slist_append() copies the string. The list should be freed again (after usage) with -\fBcurl_slist_free_all(3)\fP. +\fIcurl_slist_free_all(3)\fP. .SH RETURN VALUE A null pointer is returned if anything went wrong, otherwise the new list pointer is returned. diff --git a/docs/libcurl/curl_slist_append.html b/docs/libcurl/curl_slist_append.html index bf3938ebb..f8674ad1d 100644 --- a/docs/libcurl/curl_slist_append.html +++ b/docs/libcurl/curl_slist_append.html @@ -56,7 +56,7 @@ p.roffit {

struct curl_slist *curl_slist_append(struct curl_slist * list, const char * string );

DESCRIPTION

curl_slist_append() appends a specified string to a linked list of strings. The existing list should be passed as the first argument while the new list is returned from this function. The specified string has been appended when this function returns. curl_slist_append() copies the string. -

The list should be freed again (after usage) with curl_slist_free_all.

RETURN VALUE

+

The list should be freed again (after usage) with curl_slist_free_all.

RETURN VALUE

A null pointer is returned if anything went wrong, otherwise the new list pointer is returned.

EXAMPLE

  CURL handle;
diff --git a/docs/libcurl/curl_slist_append.pdf b/docs/libcurl/curl_slist_append.pdf
index 1475dbee8..d4255b318 100644
Binary files a/docs/libcurl/curl_slist_append.pdf and b/docs/libcurl/curl_slist_append.pdf differ
diff --git a/docs/libcurl/curl_slist_free_all.pdf b/docs/libcurl/curl_slist_free_all.pdf
index 3c5fbfe5e..575ff62c7 100644
Binary files a/docs/libcurl/curl_slist_free_all.pdf and b/docs/libcurl/curl_slist_free_all.pdf differ
diff --git a/docs/libcurl/curl_strequal.pdf b/docs/libcurl/curl_strequal.pdf
index e49b6cc7a..7f92278d4 100644
Binary files a/docs/libcurl/curl_strequal.pdf and b/docs/libcurl/curl_strequal.pdf differ
diff --git a/docs/libcurl/curl_unescape.pdf b/docs/libcurl/curl_unescape.pdf
index 877a58643..1e955b948 100644
Binary files a/docs/libcurl/curl_unescape.pdf and b/docs/libcurl/curl_unescape.pdf differ
diff --git a/docs/libcurl/curl_version.pdf b/docs/libcurl/curl_version.pdf
index 2e453fff9..98b5b3c16 100644
Binary files a/docs/libcurl/curl_version.pdf and b/docs/libcurl/curl_version.pdf differ
diff --git a/docs/libcurl/curl_version_info.pdf b/docs/libcurl/curl_version_info.pdf
index 450558e84..4429a6494 100644
Binary files a/docs/libcurl/curl_version_info.pdf and b/docs/libcurl/curl_version_info.pdf differ
diff --git a/docs/libcurl/libcurl-easy.pdf b/docs/libcurl/libcurl-easy.pdf
index 65c629fbf..fe9c7f952 100644
Binary files a/docs/libcurl/libcurl-easy.pdf and b/docs/libcurl/libcurl-easy.pdf differ
diff --git a/docs/libcurl/libcurl-errors.3 b/docs/libcurl/libcurl-errors.3
index 5d525382a..0a21a7589 100644
--- a/docs/libcurl/libcurl-errors.3
+++ b/docs/libcurl/libcurl-errors.3
@@ -251,6 +251,8 @@ available, the session will be queued. (added in 7.30.0)
 Failed to match the pinned key specified with \fICURLOPT_PINNEDPUBLICKEY(3)\fP.
 .IP "CURLE_SSL_INVALIDCERTSTATUS (91)"
 Status returned failure when asked with \fICURLOPT_SSL_VERIFYSTATUS(3)\fP.
+.IP "CURLE_HTTP2_STREAM (92)"
+Stream error in the HTTP/2 framing layer.
 .IP "CURLE_OBSOLETE*"
 These error codes will never be returned. They were used in an old libcurl
 version and are currently unused.
diff --git a/docs/libcurl/libcurl-errors.html b/docs/libcurl/libcurl-errors.html
index 43269ad5f..c305e3fd3 100644
--- a/docs/libcurl/libcurl-errors.html
+++ b/docs/libcurl/libcurl-errors.html
@@ -221,6 +221,8 @@ p.roffit {
 

Failed to match the pinned key specified with CURLOPT_PINNEDPUBLICKEY(3).

CURLE_SSL_INVALIDCERTSTATUS (91)

Status returned failure when asked with CURLOPT_SSL_VERIFYSTATUS(3). +

CURLE_HTTP2_STREAM (92) +

Stream error in the HTTP/2 framing layer.

CURLE_OBSOLETE*

These error codes will never be returned. They were used in an old libcurl version and are currently unused.

CURLMcode

This is the generic return code used by functions in the libcurl multi interface. Also consider curl_multi_strerror. diff --git a/docs/libcurl/libcurl-errors.pdf b/docs/libcurl/libcurl-errors.pdf index 15cef53a8..8e437751c 100644 Binary files a/docs/libcurl/libcurl-errors.pdf and b/docs/libcurl/libcurl-errors.pdf differ diff --git a/docs/libcurl/libcurl-multi.3 b/docs/libcurl/libcurl-multi.3 index a7f3dbbfc..e5a589202 100644 --- a/docs/libcurl/libcurl-multi.3 +++ b/docs/libcurl/libcurl-multi.3 @@ -153,7 +153,7 @@ timeout expires, your application should call the \fIcurl_multi_socket_action(3)\fP function saying it was due to a timeout. This API is typically used with an event-driven underlying functionality (like -libevent, libev, kqueue, epoll or similar) which which the application +libevent, libev, kqueue, epoll or similar) with which the application "subscribes" on socket changes. This allows applications and libcurl to much better scale upward and beyond thousands of simultaneous transfers without losing performance. diff --git a/docs/libcurl/libcurl-multi.html b/docs/libcurl/libcurl-multi.html index 07f5a7a65..ae7a1953c 100644 --- a/docs/libcurl/libcurl-multi.html +++ b/docs/libcurl/libcurl-multi.html @@ -77,7 +77,7 @@ p.roffit {

The multi_socket API is designed to inform your application about which sockets libcurl is currently using and for what activities (read and/or write) on those sockets your application is expected to wait for.

Your application must make sure to receive all sockets informed about in the CURLMOPT_SOCKETFUNCTION callback and make sure it reacts on the given activity on them. When a socket has the given activity, you call curl_multi_socket_action specifying which socket and action there are.

The CURLMOPT_TIMERFUNCTION callback is called to set a timeout. When that timeout expires, your application should call the curl_multi_socket_action function saying it was due to a timeout. -

This API is typically used with an event-driven underlying functionality (like libevent, libev, kqueue, epoll or similar) which which the application "subscribes" on socket changes. This allows applications and libcurl to much better scale upward and beyond thousands of simultaneous transfers without losing performance. +

This API is typically used with an event-driven underlying functionality (like libevent, libev, kqueue, epoll or similar) with which the application "subscribes" on socket changes. This allows applications and libcurl to much better scale upward and beyond thousands of simultaneous transfers without losing performance.

When you've added your initial set of handles, you call curl_multi_socket_action with CURL_SOCKET_TIMEOUT set in the sockfd argument, and you'll get callbacks call that sets you up and you then continue to call curl_multi_socket_action accordingly when you get activity on the sockets you've been asked to wait on, or if the timeout timer expires.

You can poll curl_multi_info_read to see if any transfer has completed, as it then has a message saying so.

BLOCKING

A few areas in the code are still using blocking code, even when used from the multi interface. While we certainly want and intend for these to get fixed in the future, you should be aware of the following current restrictions: diff --git a/docs/libcurl/libcurl-multi.pdf b/docs/libcurl/libcurl-multi.pdf index 5a9a46892..fdd488b64 100644 Binary files a/docs/libcurl/libcurl-multi.pdf and b/docs/libcurl/libcurl-multi.pdf differ diff --git a/docs/libcurl/libcurl-share.pdf b/docs/libcurl/libcurl-share.pdf index eed560625..0236d311c 100644 Binary files a/docs/libcurl/libcurl-share.pdf and b/docs/libcurl/libcurl-share.pdf differ diff --git a/docs/libcurl/libcurl-symbols.3 b/docs/libcurl/libcurl-symbols.3 index f0398c48c..3cd563cb4 100644 --- a/docs/libcurl/libcurl-symbols.3 +++ b/docs/libcurl/libcurl-symbols.3 @@ -19,7 +19,7 @@ .\" * KIND, either express or implied. .\" * .\" ************************************************************************** -.TH libcurl-symbols 3 "mar 22, 2016" "libcurl 7.41.0" "libcurl symbols" +.TH libcurl-symbols 3 "sep 7, 2016" "libcurl 7.41.0" "libcurl symbols" .SH NAME libcurl-symbols \- libcurl symbol version information .SH "libcurl symbols" @@ -175,6 +175,8 @@ Introduced in 7.1 Introduced in 7.9.1 .IP CURLE_HTTP2 Introduced in 7.38.0 +.IP CURLE_HTTP2_STREAM +Introduced in 7.49.0 .IP CURLE_HTTP_NOT_FOUND Introduced in 7.1 .IP CURLE_HTTP_PORT_FAILED @@ -488,6 +490,8 @@ Introduced in 7.4.1 Deprecated since 7.10.8 .IP CURLINFO_HTTP_CONNECTCODE Introduced in 7.10.7 +.IP CURLINFO_HTTP_VERSION +Introduced in 7.50.0 .IP CURLINFO_LASTONE Introduced in 7.4.1 .IP CURLINFO_LASTSOCKET @@ -708,6 +712,8 @@ Introduced in 7.7 Introduced in 7.16.2 .IP CURLOPT_CONNECT_ONLY Introduced in 7.15.2 +.IP CURLOPT_CONNECT_TO +Introduced in 7.49.0 .IP CURLOPT_CONV_FROM_NETWORK_FUNCTION Introduced in 7.15.4 .IP CURLOPT_CONV_FROM_UTF8_FUNCTION @@ -1055,6 +1061,7 @@ Introduced in 7.16.0 Introduced in 7.19.4 .IP CURLOPT_SOCKS5_GSSAPI_SERVICE Introduced in 7.19.4 +Deprecated since 7.49.0 .IP CURLOPT_SOURCE_HOST Introduced in 7.12.1 .IP CURLOPT_SOURCE_PATH @@ -1143,6 +1150,8 @@ Introduced in 7.25.0 Introduced in 7.25.0 .IP CURLOPT_TCP_NODELAY Introduced in 7.11.2 +.IP CURLOPT_TCP_FASTOPEN +Introduced in 7.49.0 .IP CURLOPT_TELNETOPTIONS Introduced in 7.7 .IP CURLOPT_TFTP_BLKSIZE @@ -1335,6 +1344,8 @@ Introduced in 7.16.1 Introduced in 7.16.1 .IP CURLSSLBACKEND_AXTLS Introduced in 7.38.0 +.IP CURLSSLBACKEND_BORINGSSL +Introduced in 7.49.0 .IP CURLSSLBACKEND_CYASSL Introduced in 7.34.0 .IP CURLSSLBACKEND_DARWINSSL @@ -1343,6 +1354,8 @@ Introduced in 7.34.0 Introduced in 7.34.0 .IP CURLSSLBACKEND_GSKIT Introduced in 7.34.0 +.IP CURLSSLBACKEND_LIBRESSL +Introduced in 7.49.0 .IP CURLSSLBACKEND_MBEDTLS Introduced in 7.46.0 .IP CURLSSLBACKEND_NONE @@ -1357,6 +1370,8 @@ Introduced in 7.34.0 Introduced in 7.34.0 .IP CURLSSLBACKEND_SCHANNEL Introduced in 7.34.0 +.IP CURLSSLBACKEND_WOLFSSL +Introduced in 7.49.0 .IP CURLSSLOPT_ALLOW_BEAST Introduced in 7.25.0 .IP CURLSSLOPT_NO_REVOKE @@ -1395,6 +1410,8 @@ Introduced in 7.16.3 Introduced in 7.16.3 .IP CURL_CSELECT_OUT Introduced in 7.16.3 +.IP CURL_DID_MEMORY_FUNC_TYPEDEFS +Introduced in 7.49.0 .IP CURL_EASY_NONE Introduced in 7.14.0 .IP CURL_EASY_TIMEOUT @@ -1461,6 +1478,8 @@ Introduced in 7.43.0 Introduced in 7.33.0 .IP CURL_HTTP_VERSION_2TLS Introduced in 7.47.0 +.IP CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE +Introduced in 7.49.0 .IP CURL_HTTP_VERSION_NONE Introduced in 7.9.1 .IP CURL_IPRESOLVE_V4 @@ -1579,6 +1598,8 @@ Introduced in 7.21.5 Introduced in 7.21.5 .IP CURL_SOCKOPT_OK Introduced in 7.21.5 +.IP CURL_STRICTER +Introduced in 7.50.2 .IP CURL_SSLVERSION_DEFAULT Introduced in 7.9.2 .IP CURL_SSLVERSION_SSL diff --git a/docs/libcurl/libcurl-symbols.html b/docs/libcurl/libcurl-symbols.html index 6b01b1965..31c8ac962 100644 --- a/docs/libcurl/libcurl-symbols.html +++ b/docs/libcurl/libcurl-symbols.html @@ -182,6 +182,8 @@ p.roffit {

Introduced in 7.9.1

CURLE_HTTP2

Introduced in 7.38.0 +

CURLE_HTTP2_STREAM +

Introduced in 7.49.0

CURLE_HTTP_NOT_FOUND

Introduced in 7.1

CURLE_HTTP_PORT_FAILED @@ -476,6 +478,8 @@ p.roffit {

Introduced in 7.4.1 Deprecated since 7.10.8

CURLINFO_HTTP_CONNECTCODE

Introduced in 7.10.7 +

CURLINFO_HTTP_VERSION +

Introduced in 7.50.0

CURLINFO_LASTONE

Introduced in 7.4.1

CURLINFO_LASTSOCKET @@ -692,6 +696,8 @@ p.roffit {

Introduced in 7.16.2

CURLOPT_CONNECT_ONLY

Introduced in 7.15.2 +

CURLOPT_CONNECT_TO +

Introduced in 7.49.0

CURLOPT_CONV_FROM_NETWORK_FUNCTION

Introduced in 7.15.4

CURLOPT_CONV_FROM_UTF8_FUNCTION @@ -1017,7 +1023,7 @@ p.roffit {

CURLOPT_SOCKS5_GSSAPI_NEC

Introduced in 7.19.4

CURLOPT_SOCKS5_GSSAPI_SERVICE -

Introduced in 7.19.4 +

Introduced in 7.19.4 Deprecated since 7.49.0

CURLOPT_SOURCE_HOST

Introduced in 7.12.1

CURLOPT_SOURCE_PATH @@ -1104,6 +1110,8 @@ p.roffit {

Introduced in 7.25.0

CURLOPT_TCP_NODELAY

Introduced in 7.11.2 +

CURLOPT_TCP_FASTOPEN +

Introduced in 7.49.0

CURLOPT_TELNETOPTIONS

Introduced in 7.7

CURLOPT_TFTP_BLKSIZE @@ -1296,6 +1304,8 @@ p.roffit {

Introduced in 7.16.1

CURLSSLBACKEND_AXTLS

Introduced in 7.38.0 +

CURLSSLBACKEND_BORINGSSL +

Introduced in 7.49.0

CURLSSLBACKEND_CYASSL

Introduced in 7.34.0

CURLSSLBACKEND_DARWINSSL @@ -1304,6 +1314,8 @@ p.roffit {

Introduced in 7.34.0

CURLSSLBACKEND_GSKIT

Introduced in 7.34.0 +

CURLSSLBACKEND_LIBRESSL +

Introduced in 7.49.0

CURLSSLBACKEND_MBEDTLS

Introduced in 7.46.0

CURLSSLBACKEND_NONE @@ -1318,6 +1330,8 @@ p.roffit {

Introduced in 7.34.0

CURLSSLBACKEND_SCHANNEL

Introduced in 7.34.0 +

CURLSSLBACKEND_WOLFSSL +

Introduced in 7.49.0

CURLSSLOPT_ALLOW_BEAST

Introduced in 7.25.0

CURLSSLOPT_NO_REVOKE @@ -1356,6 +1370,8 @@ p.roffit {

Introduced in 7.16.3

CURL_CSELECT_OUT

Introduced in 7.16.3 +

CURL_DID_MEMORY_FUNC_TYPEDEFS +

Introduced in 7.49.0

CURL_EASY_NONE

Introduced in 7.14.0

CURL_EASY_TIMEOUT @@ -1422,6 +1438,8 @@ p.roffit {

Introduced in 7.33.0

CURL_HTTP_VERSION_2TLS

Introduced in 7.47.0 +

CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE +

Introduced in 7.49.0

CURL_HTTP_VERSION_NONE

Introduced in 7.9.1

CURL_IPRESOLVE_V4 @@ -1540,6 +1558,8 @@ p.roffit {

Introduced in 7.21.5

CURL_SOCKOPT_OK

Introduced in 7.21.5 +

CURL_STRICTER +

Introduced in 7.50.2

CURL_SSLVERSION_DEFAULT

Introduced in 7.9.2

CURL_SSLVERSION_SSL diff --git a/docs/libcurl/libcurl-symbols.pdf b/docs/libcurl/libcurl-symbols.pdf index 06eef63c0..48fcc3626 100644 Binary files a/docs/libcurl/libcurl-symbols.pdf and b/docs/libcurl/libcurl-symbols.pdf differ diff --git a/docs/libcurl/libcurl-thread.3 b/docs/libcurl/libcurl-thread.3 index aacc75fdf..379ca8ffa 100644 --- a/docs/libcurl/libcurl-thread.3 +++ b/docs/libcurl/libcurl-thread.3 @@ -41,9 +41,17 @@ then of course using the underlying SSL library multi-threaded and those libs might have their own requirements on this issue. You may need to provide one or two functions to allow it to function properly: .IP OpenSSL -https://www.openssl.org/docs/crypto/threads.html#DESCRIPTION +OpenSSL 1.1.0 "can be safely used in multi-threaded applications provided that +support for the underlying OS threading API is built-in." + +https://www.openssl.org/docs/manmaster/crypto/threads.html#DESCRIPTION + +OpenSSL <= 1.0.2 the user must set callbacks. + +https://www.openssl.org/docs/man1.0.2/crypto/threads.html#DESCRIPTION https://curl.haxx.se/libcurl/c/opensslthreadlock.html + .IP GnuTLS http://gnutls.org/manual/html_node/Thread-safety.html .IP NSS @@ -60,6 +68,8 @@ The engine is used by libcurl in a way that is fully thread-safe. The engine is used by libcurl in a way that is fully thread-safe. .IP wolfSSL The engine is used by libcurl in a way that is fully thread-safe. +.IP BoringSSL +The engine is used by libcurl in a way that is fully thread-safe. .SH "Other areas of caution" .IP Signals Signals are used for timing out name resolves (during DNS lookup) - when built diff --git a/docs/libcurl/libcurl-thread.html b/docs/libcurl/libcurl-thread.html index 9a0c3cd77..2e95750db 100644 --- a/docs/libcurl/libcurl-thread.html +++ b/docs/libcurl/libcurl-thread.html @@ -57,8 +57,12 @@ p.roffit {

Shared objects. You can share certain data between multiple handles by using the share interface but you must provide your own locking and set curl_share_setopt CURLSHOPT_LOCKFUNC and CURLSHOPT_UNLOCKFUNC.

TLS

If you are accessing HTTPS or FTPS URLs in a multi-threaded manner, you are then of course using the underlying SSL library multi-threaded and those libs might have their own requirements on this issue. You may need to provide one or two functions to allow it to function properly:

OpenSSL -

https://www.openssl.org/docs/crypto/threads.html#DESCRIPTION +

OpenSSL 1.1.0 "can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in." +

https://www.openssl.org/docs/manmaster/crypto/threads.html#DESCRIPTION +

OpenSSL <= 1.0.2 the user must set callbacks. +

https://www.openssl.org/docs/man1.0.2/crypto/threads.html#DESCRIPTION

https://curl.haxx.se/libcurl/c/opensslthreadlock.html +

GnuTLS

http://gnutls.org/manual/html_node/Thread-safety.html

NSS @@ -74,6 +78,8 @@ p.roffit {

WinSSL

The engine is used by libcurl in a way that is fully thread-safe.

wolfSSL +

The engine is used by libcurl in a way that is fully thread-safe. +

BoringSSL

The engine is used by libcurl in a way that is fully thread-safe.

Other areas of caution

Signals diff --git a/docs/libcurl/libcurl-thread.pdf b/docs/libcurl/libcurl-thread.pdf index 94c24c995..bbb99f4ba 100644 Binary files a/docs/libcurl/libcurl-thread.pdf and b/docs/libcurl/libcurl-thread.pdf differ diff --git a/docs/libcurl/libcurl-tutorial.pdf b/docs/libcurl/libcurl-tutorial.pdf index c1316a8a5..55d3a78c8 100644 Binary files a/docs/libcurl/libcurl-tutorial.pdf and b/docs/libcurl/libcurl-tutorial.pdf differ diff --git a/docs/libcurl/libcurl.m4 b/docs/libcurl/libcurl.m4 index a2373e8da..53d694d0a 100644 --- a/docs/libcurl/libcurl.m4 +++ b/docs/libcurl/libcurl.m4 @@ -82,7 +82,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG], AH_TEMPLATE([LIBCURL_PROTOCOL_SMTP],[Defined if libcurl supports SMTP]) AC_ARG_WITH(libcurl, - AC_HELP_STRING([--with-libcurl=PREFIX],[look for the curl library in PREFIX/lib and headers in PREFIX/include]), + AS_HELP_STRING([--with-libcurl=PREFIX],[look for the curl library in PREFIX/lib and headers in PREFIX/include]), [_libcurl_with=$withval],[_libcurl_with=ifelse([$1],,[yes],[$1])]) if test "$_libcurl_with" != "no" ; then diff --git a/docs/libcurl/libcurl.pdf b/docs/libcurl/libcurl.pdf index 4a72ec573..9b8f25f62 100644 Binary files a/docs/libcurl/libcurl.pdf and b/docs/libcurl/libcurl.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.pdf b/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.pdf index 789bf8b0d..a2b7a6187 100644 Binary files a/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.pdf and b/docs/libcurl/opts/CURLINFO_ACTIVESOCKET.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.pdf b/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.pdf index b5c235cc2..de03407ac 100644 Binary files a/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.pdf and b/docs/libcurl/opts/CURLINFO_APPCONNECT_TIME.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_CERTINFO.3 b/docs/libcurl/opts/CURLINFO_CERTINFO.3 index c76daa7a3..cb0bd8aa3 100644 --- a/docs/libcurl/opts/CURLINFO_CERTINFO.3 +++ b/docs/libcurl/opts/CURLINFO_CERTINFO.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -41,8 +41,8 @@ All TLS-based .SH EXAMPLE TODO .SH AVAILABILITY -This option is only working in libcurl built with OpenSSL, NSS or GSKit -support. +This option is only working in libcurl built with OpenSSL, NSS, schannel or +GSKit support. schannel support added in 7.50.0 Added in 7.19.1 .SH RETURN VALUE diff --git a/docs/libcurl/opts/CURLINFO_CERTINFO.html b/docs/libcurl/opts/CURLINFO_CERTINFO.html index 7f8e5eb2f..822eda29e 100644 --- a/docs/libcurl/opts/CURLINFO_CERTINFO.html +++ b/docs/libcurl/opts/CURLINFO_CERTINFO.html @@ -57,7 +57,7 @@ p.roffit {

Pass a pointer to a 'struct curl_certinfo *' and you'll get it set to point to struct that holds a number of linked lists with info about the certificate chain, assuming you had CURLOPT_CERTINFO enabled when the request was made. The struct reports how many certs it found and then you can extract info for each of those certs by following the linked lists. The info chain is provided in a series of data in the format "name:content" where the content is for the specific named data. See also the certinfo.c example.

PROTOCOLS

All TLS-based

EXAMPLE

TODO

AVAILABILITY

-

This option is only working in libcurl built with OpenSSL, NSS or GSKit support. +

This option is only working in libcurl built with OpenSSL, NSS, schannel or GSKit support. schannel support added in 7.50.0

Added in 7.19.1

RETURN VALUE

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

curl_easy_getinfo (3), curl_easy_setopt (3)

diff --git a/docs/libcurl/opts/CURLINFO_CERTINFO.pdf b/docs/libcurl/opts/CURLINFO_CERTINFO.pdf index 483f512c7..3e5a011f9 100644 Binary files a/docs/libcurl/opts/CURLINFO_CERTINFO.pdf and b/docs/libcurl/opts/CURLINFO_CERTINFO.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.pdf b/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.pdf index 0103e7b05..89e2a4c70 100644 Binary files a/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.pdf and b/docs/libcurl/opts/CURLINFO_CONDITION_UNMET.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_CONNECT_TIME.pdf b/docs/libcurl/opts/CURLINFO_CONNECT_TIME.pdf index 4733604b8..1b750dcfe 100644 Binary files a/docs/libcurl/opts/CURLINFO_CONNECT_TIME.pdf and b/docs/libcurl/opts/CURLINFO_CONNECT_TIME.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf index c2c4a4595..f51205b94 100644 Binary files a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf and b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.pdf b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.pdf index dbac46c68..d55402482 100644 Binary files a/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.pdf and b/docs/libcurl/opts/CURLINFO_CONTENT_LENGTH_UPLOAD.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.pdf b/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.pdf index aa9a86ef6..2e13ce29c 100644 Binary files a/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.pdf and b/docs/libcurl/opts/CURLINFO_CONTENT_TYPE.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_COOKIELIST.pdf b/docs/libcurl/opts/CURLINFO_COOKIELIST.pdf index 9d21536fe..e4f032288 100644 Binary files a/docs/libcurl/opts/CURLINFO_COOKIELIST.pdf and b/docs/libcurl/opts/CURLINFO_COOKIELIST.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.pdf b/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.pdf index 8ac7172dd..577d84cfe 100644 Binary files a/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.pdf and b/docs/libcurl/opts/CURLINFO_EFFECTIVE_URL.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_FILETIME.3 b/docs/libcurl/opts/CURLINFO_FILETIME.3 index 71f9d2b14..84093eb2a 100644 --- a/docs/libcurl/opts/CURLINFO_FILETIME.3 +++ b/docs/libcurl/opts/CURLINFO_FILETIME.3 @@ -38,7 +38,7 @@ Note that you must tell the server to collect this information before the transfer is made, by using the \fICURLOPT_FILETIME(3)\fP option to \fIcurl_easy_setopt(3)\fP or you will unconditionally get a -1 back. .SH PROTOCOLS -HTTP(S), FTP(S) +HTTP(S), FTP(S), SFTP .SH EXAMPLE TODO .SH AVAILABILITY diff --git a/docs/libcurl/opts/CURLINFO_FILETIME.html b/docs/libcurl/opts/CURLINFO_FILETIME.html index 26328c139..bbc3a25ee 100644 --- a/docs/libcurl/opts/CURLINFO_FILETIME.html +++ b/docs/libcurl/opts/CURLINFO_FILETIME.html @@ -56,7 +56,7 @@ p.roffit {

CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_FILETIME, long *timep);

DESCRIPTION

Pass a pointer to a long to receive the remote time of the retrieved document (in number of seconds since 1 jan 1970 in the GMT/UTC time zone). If you get -1, it can be because of many reasons (it might be unknown, the server might hide it or the server doesn't support the command that tells document time etc) and the time of the document is unknown.

Note that you must tell the server to collect this information before the transfer is made, by using the CURLOPT_FILETIME option to curl_easy_setopt(3) or you will unconditionally get a -1 back.

PROTOCOLS

-

HTTP(S), FTP(S)

EXAMPLE

+

HTTP(S), FTP(S), SFTP

EXAMPLE

TODO

AVAILABILITY

Added in 7.5

RETURN VALUE

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

diff --git a/docs/libcurl/opts/CURLINFO_FILETIME.pdf b/docs/libcurl/opts/CURLINFO_FILETIME.pdf index f1112a77d..ebf1386af 100644 Binary files a/docs/libcurl/opts/CURLINFO_FILETIME.pdf and b/docs/libcurl/opts/CURLINFO_FILETIME.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.pdf b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.pdf index a4c2a9e83..bab68b5a3 100644 Binary files a/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.pdf and b/docs/libcurl/opts/CURLINFO_FTP_ENTRY_PATH.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_HEADER_SIZE.pdf b/docs/libcurl/opts/CURLINFO_HEADER_SIZE.pdf index fcb8802a5..184b2e80d 100644 Binary files a/docs/libcurl/opts/CURLINFO_HEADER_SIZE.pdf and b/docs/libcurl/opts/CURLINFO_HEADER_SIZE.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.pdf b/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.pdf index e5fbb56c8..2796830ad 100644 Binary files a/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.pdf and b/docs/libcurl/opts/CURLINFO_HTTPAUTH_AVAIL.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.pdf b/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.pdf index 7d663e4ae..e6ef24d3d 100644 Binary files a/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.pdf and b/docs/libcurl/opts/CURLINFO_HTTP_CONNECTCODE.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_HTTP_VERSION.3 b/docs/libcurl/opts/CURLINFO_HTTP_VERSION.3 new file mode 100644 index 000000000..b0f43e549 --- /dev/null +++ b/docs/libcurl/opts/CURLINFO_HTTP_VERSION.3 @@ -0,0 +1,56 @@ +.\" ************************************************************************** +.\" * _ _ ____ _ +.\" * Project ___| | | | _ \| | +.\" * / __| | | | |_) | | +.\" * | (__| |_| | _ <| |___ +.\" * \___|\___/|_| \_\_____| +.\" * +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. +.\" * +.\" * This software is licensed as described in the file COPYING, which +.\" * you should have received as part of this distribution. The terms +.\" * are also available at https://curl.haxx.se/docs/copyright.html. +.\" * +.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell +.\" * copies of the Software, and permit persons to whom the Software is +.\" * furnished to do so, under the terms of the COPYING file. +.\" * +.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +.\" * KIND, either express or implied. +.\" * +.\" ************************************************************************** +.\" +.TH CURLINFO_HTTP_VERSION 3 "11 May 2016" "libcurl 7.50.0" "curl_easy_getinfo options" +.SH NAME +CURLINFO_HTTP_VERSION \- get the http version used in the connection +.SH SYNOPSIS +#include + +CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_HTTP_VERSION, long *p); +.SH DESCRIPTION +Pass a pointer to a long to receive the version used in the last http connection. +The returned value will be CURL_HTTP_VERSION_1_0, CURL_HTTP_VERSION_1_1, or +CURL_HTTP_VERSION_2_0, or 0 if the version can't be determined. +.SH PROTOCOLS +HTTP +.SH EXAMPLE +.nf +CURL *curl = curl_easy_init(); +if(curl) { + CURLcode res; + curl_easy_setopt(curl, CURLOPT_URL, "http://example.com"); + res = curl_easy_perform(curl); + if(res == CURLE_OK) { + long http_version; + curl_easy_getinfo(curl, CURLINFO_HTTP_VERSION, &http_version); + } + curl_easy_cleanup(curl); +} +.fi +.SH AVAILABILITY +Added in 7.50.0 +.SH RETURN VALUE +Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. +.SH "SEE ALSO" +.BR CURLINFO_RESPONSE_CODE "(3), " +.BR curl_easy_getinfo "(3), " curl_easy_setopt "(3), " diff --git a/docs/libcurl/opts/CURLINFO_LASTSOCKET.pdf b/docs/libcurl/opts/CURLINFO_LASTSOCKET.pdf index 0f3683624..43db00239 100644 Binary files a/docs/libcurl/opts/CURLINFO_LASTSOCKET.pdf and b/docs/libcurl/opts/CURLINFO_LASTSOCKET.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_LOCAL_IP.pdf b/docs/libcurl/opts/CURLINFO_LOCAL_IP.pdf index 86f100633..6f692937f 100644 Binary files a/docs/libcurl/opts/CURLINFO_LOCAL_IP.pdf and b/docs/libcurl/opts/CURLINFO_LOCAL_IP.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_LOCAL_PORT.pdf b/docs/libcurl/opts/CURLINFO_LOCAL_PORT.pdf index db553287b..b28367782 100644 Binary files a/docs/libcurl/opts/CURLINFO_LOCAL_PORT.pdf and b/docs/libcurl/opts/CURLINFO_LOCAL_PORT.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.pdf b/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.pdf index 121c17e73..ffd44c77c 100644 Binary files a/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.pdf and b/docs/libcurl/opts/CURLINFO_NAMELOOKUP_TIME.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.pdf b/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.pdf index 2768028d2..b6149c083 100644 Binary files a/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.pdf and b/docs/libcurl/opts/CURLINFO_NUM_CONNECTS.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_OS_ERRNO.pdf b/docs/libcurl/opts/CURLINFO_OS_ERRNO.pdf index 904399428..0d55a7a23 100644 Binary files a/docs/libcurl/opts/CURLINFO_OS_ERRNO.pdf and b/docs/libcurl/opts/CURLINFO_OS_ERRNO.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.pdf b/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.pdf index 4254746cd..8c3fcbe4f 100644 Binary files a/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.pdf and b/docs/libcurl/opts/CURLINFO_PRETRANSFER_TIME.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_PRIMARY_IP.pdf b/docs/libcurl/opts/CURLINFO_PRIMARY_IP.pdf index 8bcb577b6..5b1398626 100644 Binary files a/docs/libcurl/opts/CURLINFO_PRIMARY_IP.pdf and b/docs/libcurl/opts/CURLINFO_PRIMARY_IP.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.pdf b/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.pdf index 3b480abb0..2dbed115a 100644 Binary files a/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.pdf and b/docs/libcurl/opts/CURLINFO_PRIMARY_PORT.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_PRIVATE.pdf b/docs/libcurl/opts/CURLINFO_PRIVATE.pdf index adcde5340..1356aaf03 100644 Binary files a/docs/libcurl/opts/CURLINFO_PRIVATE.pdf and b/docs/libcurl/opts/CURLINFO_PRIVATE.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.pdf b/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.pdf index bbe65cac6..f5cd5934b 100644 Binary files a/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.pdf and b/docs/libcurl/opts/CURLINFO_PROXYAUTH_AVAIL.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.pdf b/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.pdf index 3b435ce85..935e843de 100644 Binary files a/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.pdf and b/docs/libcurl/opts/CURLINFO_REDIRECT_COUNT.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.pdf b/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.pdf index a2c939a48..69dbedca4 100644 Binary files a/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.pdf and b/docs/libcurl/opts/CURLINFO_REDIRECT_TIME.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_REDIRECT_URL.pdf b/docs/libcurl/opts/CURLINFO_REDIRECT_URL.pdf index d1fe0b051..4f07d426d 100644 Binary files a/docs/libcurl/opts/CURLINFO_REDIRECT_URL.pdf and b/docs/libcurl/opts/CURLINFO_REDIRECT_URL.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.pdf b/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.pdf index ad31fd9c8..7f0013aa6 100644 Binary files a/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.pdf and b/docs/libcurl/opts/CURLINFO_REQUEST_SIZE.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.pdf b/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.pdf index ed0382111..8b14028f2 100644 Binary files a/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.pdf and b/docs/libcurl/opts/CURLINFO_RESPONSE_CODE.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.pdf b/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.pdf index 977e931c9..89c5ae292 100644 Binary files a/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.pdf and b/docs/libcurl/opts/CURLINFO_RTSP_CLIENT_CSEQ.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.pdf b/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.pdf index 2d6419b72..c6f16abc2 100644 Binary files a/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.pdf and b/docs/libcurl/opts/CURLINFO_RTSP_CSEQ_RECV.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.pdf b/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.pdf index 143e688f6..b0e7b487c 100644 Binary files a/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.pdf and b/docs/libcurl/opts/CURLINFO_RTSP_SERVER_CSEQ.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.pdf b/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.pdf index 2bb241081..24f6f2ab0 100644 Binary files a/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.pdf and b/docs/libcurl/opts/CURLINFO_RTSP_SESSION_ID.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.pdf b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.pdf index 9d2f22608..8d34cb194 100644 Binary files a/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.pdf and b/docs/libcurl/opts/CURLINFO_SIZE_DOWNLOAD.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.pdf b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.pdf index 37f5d7a4e..560fe29b2 100644 Binary files a/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.pdf and b/docs/libcurl/opts/CURLINFO_SIZE_UPLOAD.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.pdf b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.pdf index d044bf051..46b561bbf 100644 Binary files a/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.pdf and b/docs/libcurl/opts/CURLINFO_SPEED_DOWNLOAD.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.pdf b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.pdf index 3585cf81c..921a19ee7 100644 Binary files a/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.pdf and b/docs/libcurl/opts/CURLINFO_SPEED_UPLOAD.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_SSL_ENGINES.pdf b/docs/libcurl/opts/CURLINFO_SSL_ENGINES.pdf index d68a68cf8..58ff8dab8 100644 Binary files a/docs/libcurl/opts/CURLINFO_SSL_ENGINES.pdf and b/docs/libcurl/opts/CURLINFO_SSL_ENGINES.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.pdf b/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.pdf index 12c006e92..2344dacd8 100644 Binary files a/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.pdf and b/docs/libcurl/opts/CURLINFO_SSL_VERIFYRESULT.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.pdf b/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.pdf index 1063cf718..269ccd8ec 100644 Binary files a/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.pdf and b/docs/libcurl/opts/CURLINFO_STARTTRANSFER_TIME.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_TLS_SESSION.3 b/docs/libcurl/opts/CURLINFO_TLS_SESSION.3 index 7c86bedfe..3cc3b655c 100644 --- a/docs/libcurl/opts/CURLINFO_TLS_SESSION.3 +++ b/docs/libcurl/opts/CURLINFO_TLS_SESSION.3 @@ -51,7 +51,8 @@ All TLS-based .SH EXAMPLE TODO .SH AVAILABILITY -Added in 7.34.0 +Added in 7.34.0, and supported OpenSSL, GnuTLS, NSS and gskit only up until +7.48.0 was released. .SH RETURN VALUE Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. .SH "SEE ALSO" diff --git a/docs/libcurl/opts/CURLINFO_TLS_SESSION.html b/docs/libcurl/opts/CURLINFO_TLS_SESSION.html index 63d4b010d..8f2f630df 100644 --- a/docs/libcurl/opts/CURLINFO_TLS_SESSION.html +++ b/docs/libcurl/opts/CURLINFO_TLS_SESSION.html @@ -66,7 +66,7 @@ CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_TLS_SESSION,

You can obtain an SSL_CTX pointer from an SSL pointer using OpenSSL function SSL_get_SSL_CTX. Therefore unless you need compatibility with older versions of libcurl use CURLINFO_TLS_SSL_PTR. Refer to that document for more information.

PROTOCOLS

All TLS-based

EXAMPLE

TODO

AVAILABILITY

-

Added in 7.34.0

RETURN VALUE

+

Added in 7.34.0, and supported OpenSSL, GnuTLS, NSS and gskit only up until 7.48.0 was released.

RETURN VALUE

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

curl_easy_getinfo (3), curl_easy_setopt (3), CURLINFO_TLS_SSL_PTR

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLINFO_TLS_SESSION.pdf b/docs/libcurl/opts/CURLINFO_TLS_SESSION.pdf index cf8b63beb..276b9d5c3 100644 Binary files a/docs/libcurl/opts/CURLINFO_TLS_SESSION.pdf and b/docs/libcurl/opts/CURLINFO_TLS_SESSION.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3 b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3 index b82faecc9..decf0fca8 100644 --- a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3 +++ b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.3 @@ -80,9 +80,9 @@ as well: .IP axTLS SSL * .IP mbedTLS -mbedtls_ssl_session * +mbedtls_ssl_context * .IP PolarSSL -ssl_session * +ssl_context * .IP "Secure Channel (WinSSL)" CtxtHandle * .IP "Secure Transport (DarwinSSL)" @@ -92,7 +92,8 @@ SSL * .RE If the \fIinternals\fP pointer is NULL then either the SSL backend is not -supported or an SSL session has not yet been established. +supported, an SSL session has not yet been established or the connection is no +longer associated with the easy handle (eg curl_easy_perform has returned). .SH LIMITATIONS \fBThis option has some limitations that could make it unsafe when it comes to the manual verification of certificates.\fP diff --git a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.html b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.html index 31c327e97..05e7bd73d 100644 --- a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.html +++ b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.html @@ -92,9 +92,9 @@ struct curl_tlssessioninfo {

axTLS

SSL *

mbedTLS -

mbedtls_ssl_session * +

mbedtls_ssl_context *

PolarSSL -

ssl_session * +

ssl_context *

Secure Channel (WinSSL)

CtxtHandle *

Secure Transport (DarwinSSL) @@ -102,7 +102,7 @@ struct curl_tlssessioninfo {

WolfSSL (formerly CyaSSL)

SSL *

-

If the internals pointer is NULL then either the SSL backend is not supported or an SSL session has not yet been established.

LIMITATIONS

+

If the internals pointer is NULL then either the SSL backend is not supported, an SSL session has not yet been established or the connection is no longer associated with the easy handle (eg curl_easy_perform has returned).

LIMITATIONS

This option has some limitations that could make it unsafe when it comes to the manual verification of certificates.

This option only retrieves the first in-use SSL session pointer for your easy handle, however your easy handle may have more than one in-use SSL session if using FTP over SSL. That is because the FTP protocol has a control channel and a data channel and one or both may be over SSL. Currently there is no way to retrieve a second in-use SSL session associated with an easy handle.

This option has not been thoroughly tested with plaintext protocols that can be upgraded/downgraded to/from SSL: FTP, SMTP, POP3, IMAP when used with CURLOPT_USE_SSL. Though you will be able to retrieve the SSL pointer, it's possible that before you can do that data (including auth) may have already been sent over a connection after it was upgraded. diff --git a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.pdf b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.pdf index 23f92901a..72c516ad2 100644 Binary files a/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.pdf and b/docs/libcurl/opts/CURLINFO_TLS_SSL_PTR.pdf differ diff --git a/docs/libcurl/opts/CURLINFO_TOTAL_TIME.pdf b/docs/libcurl/opts/CURLINFO_TOTAL_TIME.pdf index fb3d9403d..c8cb4cb85 100644 Binary files a/docs/libcurl/opts/CURLINFO_TOTAL_TIME.pdf and b/docs/libcurl/opts/CURLINFO_TOTAL_TIME.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf b/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf index 46e1f675c..4648ccd80 100644 Binary files a/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf and b/docs/libcurl/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf b/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf index fbf4d3dab..c1b30bc20 100644 Binary files a/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf and b/docs/libcurl/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.pdf b/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.pdf index e212dddf5..1f37bbf10 100644 Binary files a/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.pdf and b/docs/libcurl/opts/CURLMOPT_MAXCONNECTS.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.pdf b/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.pdf index e11bf6615..3cf0bfd93 100644 Binary files a/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.pdf and b/docs/libcurl/opts/CURLMOPT_MAX_HOST_CONNECTIONS.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.pdf b/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.pdf index 4f46ab551..e96cd70f7 100644 Binary files a/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.pdf and b/docs/libcurl/opts/CURLMOPT_MAX_PIPELINE_LENGTH.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 index 835c2bd42..ea53bffff 100644 --- a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 +++ b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -34,7 +34,7 @@ handle. For each new session, libcurl will open a new connection up to the limit set by \fICURLMOPT_MAX_TOTAL_CONNECTIONS(3)\fP. When the limit is reached, the sessions will be pending until there are available connections. If \fICURLMOPT_PIPELINING(3)\fP is enabled, libcurl will try to -pipeline if the host is capable of it. +pipeline or use multiplexing if the host is capable of it. .SH DEFAULT The default value is 0, which means that there is no limit. It is then simply controlled by the number of easy handles added. diff --git a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.html b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.html index 935beba11..6dcf0d43d 100644 --- a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.html +++ b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.html @@ -54,7 +54,7 @@ p.roffit {

CURLMOPT_MAX_TOTAL_CONNECTIONS - max simultaneously open connections

SYNOPSIS

#include <curl/curl.h>

CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_MAX_TOTAL_CONNECTIONS, long amount);

DESCRIPTION

-

Pass a long for the amount. The set number will be used as the maximum number of simultaneously open connections in total using this multi handle. For each new session, libcurl will open a new connection up to the limit set by CURLMOPT_MAX_TOTAL_CONNECTIONS. When the limit is reached, the sessions will be pending until there are available connections. If CURLMOPT_PIPELINING is enabled, libcurl will try to pipeline if the host is capable of it.

DEFAULT

+

Pass a long for the amount. The set number will be used as the maximum number of simultaneously open connections in total using this multi handle. For each new session, libcurl will open a new connection up to the limit set by CURLMOPT_MAX_TOTAL_CONNECTIONS. When the limit is reached, the sessions will be pending until there are available connections. If CURLMOPT_PIPELINING is enabled, libcurl will try to pipeline or use multiplexing if the host is capable of it.

DEFAULT

The default value is 0, which means that there is no limit. It is then simply controlled by the number of easy handles added.

PROTOCOLS

All

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf index a8d9e6a70..ec4f842c0 100644 Binary files a/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf and b/docs/libcurl/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_PIPELINING.3 b/docs/libcurl/opts/CURLMOPT_PIPELINING.3 index 4c79b1be1..1a4047659 100644 --- a/docs/libcurl/opts/CURLMOPT_PIPELINING.3 +++ b/docs/libcurl/opts/CURLMOPT_PIPELINING.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -22,24 +22,36 @@ .\" .TH CURLMOPT_PIPELINING 3 "17 Jun 2014" "libcurl 7.37.0" "curl_multi_setopt options" .SH NAME -CURLMOPT_PIPELINING \- enable/disable HTTP pipelining +CURLMOPT_PIPELINING \- enable HTTP pipelining and multiplexing .SH SYNOPSIS #include -CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING, long bits); +CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING, long bitmask); .SH DESCRIPTION -Set the \fBbits\fP parameter to 1 to make libcurl use HTTP pipelining for -HTTP/1.1 transfers done using this multi handle, as far as possible. This -means that if you add a second request that can use an already existing -connection, the second request will be \&"piped" on the same connection rather -than being executed in parallel. +Pass in the \fBbitmask\fP parameter to instruct libcurl to enable HTTP +pipelining and/or HTTP/2 multiplexing for this multi handle. -When using pipelining, there are also several other related options that are -interesting to tweak and adjust to alter how libcurl spreads out requests on -different connections or not etc. +When enabled, libcurl will attempt to use those protocol features when doing +parallel requests to the same hosts. -Starting in 7.43.0, the \fBbits\fP parameter's bit 1 also has a meaning and -libcurl is now offering symbol names for the bits: +For pipelining, this means that if you add a second request that can use an +already existing connection, the second request will be \&"piped" on the same +connection rather than being executed in parallel. + +For multiplexing, this means that follow-up requests can re-use an existing +connection and send the new request multiplexed over that at the same time as +other transfers are already using that single connection. + +There are several other related options that are interesting to tweak and +adjust to alter how libcurl spreads out requests on different connections or +not etc. + +Before 7.43.0, this option was set to 1 and 0 to enable and disable HTTP/1.1 +pipelining. + +Starting in 7.43.0, \fBbitmask\fP's second bit also has a meaning, and you can +ask for pipelining and multiplexing independently of each other by toggling +the correct bits. .IP CURLPIPE_NOTHING (0) Default, which means doing no attempts at pipelining or multiplexing. .IP CURLPIPE_HTTP1 (1) @@ -49,7 +61,7 @@ connections that are already established and in use to hosts. If this bit is set, libcurl will try to multiplex the new transfer over an existing connection if possible. This requires HTTP/2. .SH DEFAULT -0 (off) +0 (both pipeline and multiplexing are off) .SH PROTOCOLS HTTP(S) .SH EXAMPLE diff --git a/docs/libcurl/opts/CURLMOPT_PIPELINING.html b/docs/libcurl/opts/CURLMOPT_PIPELINING.html index a32885c58..8a1da62b3 100644 --- a/docs/libcurl/opts/CURLMOPT_PIPELINING.html +++ b/docs/libcurl/opts/CURLMOPT_PIPELINING.html @@ -51,19 +51,23 @@ p.roffit {

NAME

-

CURLMOPT_PIPELINING - enable/disable HTTP pipelining

SYNOPSIS

+

CURLMOPT_PIPELINING - enable HTTP pipelining and multiplexing

SYNOPSIS

#include <curl/curl.h> -

CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING, long bits);

DESCRIPTION

-

Set the bits parameter to 1 to make libcurl use HTTP pipelining for HTTP/1.1 transfers done using this multi handle, as far as possible. This means that if you add a second request that can use an already existing connection, the second request will be "piped" on the same connection rather than being executed in parallel. -

When using pipelining, there are also several other related options that are interesting to tweak and adjust to alter how libcurl spreads out requests on different connections or not etc. -

Starting in 7.43.0, the bits parameter's bit 1 also has a meaning and libcurl is now offering symbol names for the bits: +

CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_PIPELINING, long bitmask);

DESCRIPTION

+

Pass in the bitmask parameter to instruct libcurl to enable HTTP pipelining and/or HTTP/2 multiplexing for this multi handle. +

When enabled, libcurl will attempt to use those protocol features when doing parallel requests to the same hosts. +

For pipelining, this means that if you add a second request that can use an already existing connection, the second request will be "piped" on the same connection rather than being executed in parallel. +

For multiplexing, this means that follow-up requests can re-use an existing connection and send the new request multiplexed over that at the same time as other transfers are already using that single connection. +

There are several other related options that are interesting to tweak and adjust to alter how libcurl spreads out requests on different connections or not etc. +

Before 7.43.0, this option was set to 1 and 0 to enable and disable HTTP/1.1 pipelining. +

Starting in 7.43.0, bitmask's second bit also has a meaning, and you can ask for pipelining and multiplexing independently of each other by toggling the correct bits.

CURLPIPE_NOTHING (0)

Default, which means doing no attempts at pipelining or multiplexing.

CURLPIPE_HTTP1 (1)

If this bit is set, libcurl will try to pipeline HTTP/1.1 requests on connections that are already established and in use to hosts.

CURLPIPE_MULTIPLEX (2)

If this bit is set, libcurl will try to multiplex the new transfer over an existing connection if possible. This requires HTTP/2.

DEFAULT

-

0 (off)

PROTOCOLS

+

0 (both pipeline and multiplexing are off)

PROTOCOLS

HTTP(S)

EXAMPLE

TODO

AVAILABILITY

Added in 7.16.0. Multiplex support bit added in 7.43.0.

RETURN VALUE

diff --git a/docs/libcurl/opts/CURLMOPT_PIPELINING.pdf b/docs/libcurl/opts/CURLMOPT_PIPELINING.pdf index 2657b4c8b..48cf8918c 100644 Binary files a/docs/libcurl/opts/CURLMOPT_PIPELINING.pdf and b/docs/libcurl/opts/CURLMOPT_PIPELINING.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.pdf b/docs/libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.pdf index 7624c4c1f..66ffc8596 100644 Binary files a/docs/libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.pdf and b/docs/libcurl/opts/CURLMOPT_PIPELINING_SERVER_BL.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.pdf b/docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.pdf index 395a48861..91d1832b1 100644 Binary files a/docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.pdf and b/docs/libcurl/opts/CURLMOPT_PIPELINING_SITE_BL.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_PUSHDATA.pdf b/docs/libcurl/opts/CURLMOPT_PUSHDATA.pdf index f8534e5ae..16b1d072c 100644 Binary files a/docs/libcurl/opts/CURLMOPT_PUSHDATA.pdf and b/docs/libcurl/opts/CURLMOPT_PUSHDATA.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_PUSHFUNCTION.pdf b/docs/libcurl/opts/CURLMOPT_PUSHFUNCTION.pdf index f64765a6d..4cdac4637 100644 Binary files a/docs/libcurl/opts/CURLMOPT_PUSHFUNCTION.pdf and b/docs/libcurl/opts/CURLMOPT_PUSHFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_SOCKETDATA.pdf b/docs/libcurl/opts/CURLMOPT_SOCKETDATA.pdf index 8c4cbba46..404f345bc 100644 Binary files a/docs/libcurl/opts/CURLMOPT_SOCKETDATA.pdf and b/docs/libcurl/opts/CURLMOPT_SOCKETDATA.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3 b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3 index d5f2f7558..51961972b 100644 --- a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3 +++ b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -20,7 +20,7 @@ .\" * .\" ************************************************************************** .\" -.TH CURLMOPT_SOCKETFUNCTION 3 "3 Nov 2014" "libcurl 7.39.0" "curl_multi_setopt options" +.TH CURLMOPT_SOCKETFUNCTION 3 "3 Nov 2016" "libcurl 7.39.0" "curl_multi_setopt options" .SH NAME CURLMOPT_SOCKETFUNCTION \- callback informed about what to wait for .SH SYNOPSIS @@ -29,7 +29,7 @@ CURLMOPT_SOCKETFUNCTION \- callback informed about what to wait for int socket_callback(CURL *easy, /* easy handle */ curl_socket_t s, /* socket */ - int what, /* see above */ + int what, /* describes the socket */ void *userp, /* private callback pointer */ void *socketp); /* private socket pointer */ @@ -46,6 +46,18 @@ If the given callback pointer is NULL, no callback will be called. Set the callback's \fBuserp\fP argument with \fICURLMOPT_SOCKETDATA(3)\fP. See \fIcurl_multi_socket_action(3)\fP for more details on how the callback is used and should work. + +The \fBwhat\fP parameter informs the callback on the status of the given +socket. It can hold one of these values: +.IP CURL_POLL_IN +Wait for incoming data. For the socket to become readable. +.IP CURL_POLL_OUT +Wait for outgoing data. For the socket to become writable. +.IP CURL_POLL_INOUT +Wait for incoming and outgoing data. For the socket to become readable or +writable. +.IP CURL_POLL_REMOVE +The specified socket/file descriptor is no longer used by libcurl. .SH DEFAULT NULL (no callback) .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.html b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.html index b4860fe8d..5ec5e3890 100644 --- a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.html +++ b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.html @@ -57,7 +57,7 @@ p.roffit {   int socket_callback(CURL *easy, /* easy handle */   curl_socket_t s, /* socket */ -  int what, /* see above */ +  int what, /* describes the socket */   void *userp, /* private callback pointer */   void *socketp); /* private socket pointer */   @@ -65,7 +65,16 @@ CURLMcode curl_multi_setopt(CURLM *handle, CURLMOPT_SOCKETFUNCTION, socket_callb

DESCRIPTION

Pass a pointer to your callback function, which should match the prototype shown above. -

When the curl_multi_socket_action(3) function runs, it informs the application about updates in the socket (file descriptor) status by doing none, one, or multiple calls to the socket_callback. The callback gets status updates with changes since the previous time the callback was called. If the given callback pointer is NULL, no callback will be called. Set the callback's userp argument with CURLMOPT_SOCKETDATA. See curl_multi_socket_action(3) for more details on how the callback is used and should work.

DEFAULT

+

When the curl_multi_socket_action(3) function runs, it informs the application about updates in the socket (file descriptor) status by doing none, one, or multiple calls to the socket_callback. The callback gets status updates with changes since the previous time the callback was called. If the given callback pointer is NULL, no callback will be called. Set the callback's userp argument with CURLMOPT_SOCKETDATA. See curl_multi_socket_action(3) for more details on how the callback is used and should work. +

The what parameter informs the callback on the status of the given socket. It can hold one of these values: +

CURL_POLL_IN +

Wait for incoming data. For the socket to become readable. +

CURL_POLL_OUT +

Wait for outgoing data. For the socket to become writable. +

CURL_POLL_INOUT +

Wait for incoming and outgoing data. For the socket to become readable or writable. +

CURL_POLL_REMOVE +

The specified socket/file descriptor is no longer used by libcurl.

DEFAULT

NULL (no callback)

PROTOCOLS

All

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.pdf b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.pdf index 3915f3ee3..57ff6475a 100644 Binary files a/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.pdf and b/docs/libcurl/opts/CURLMOPT_SOCKETFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_TIMERDATA.pdf b/docs/libcurl/opts/CURLMOPT_TIMERDATA.pdf index 7c3e21a97..91aaeeb7a 100644 Binary files a/docs/libcurl/opts/CURLMOPT_TIMERDATA.pdf and b/docs/libcurl/opts/CURLMOPT_TIMERDATA.pdf differ diff --git a/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.pdf b/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.pdf index 314b85976..30d5b1f8b 100644 Binary files a/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.pdf and b/docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.pdf b/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.pdf index f34299f2d..46627306e 100644 Binary files a/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.pdf and b/docs/libcurl/opts/CURLOPT_ACCEPTTIMEOUT_MS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3 b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3 index de3bc746f..c31263139 100644 --- a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3 +++ b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.3 @@ -32,21 +32,32 @@ Pass a char * argument specifying what encoding you'd like. Sets the contents of the Accept-Encoding: header sent in a HTTP request, and enables decoding of a response when a Content-Encoding: header is received. -Three encodings are supported: \fIidentity\fP, which does nothing, +Three encodings are supported: \fIidentity\fP, meaning non-compressed, \fIdeflate\fP which requests the server to compress its response using the zlib algorithm, and \fIgzip\fP which requests the gzip algorithm. If a zero-length string is set like "", then an Accept-Encoding: header containing all built-in supported encodings is sent. +Set this option to NULL to explicitly disable it, which makes libcurl not send +an Accept-Encoding: header and not decompress contents automatically. + You can also opt to just include the Accept-Encoding: header in your request with \fICURLOPT_HTTPHEADER(3)\fP but then there will be no automatic decompressing when receiving data. This is a request, not an order; the server may or may not do it. This option must be set (to any non-NULL value) or else any unsolicited encoding done by -the server is ignored. See the special file lib/README.encoding for further -details. +the server is ignored. + +Servers might respond with Content-Encoding even without getting a +Accept-Encoding: in the request. Servers might respond with a different +Content-Encoding than what was asked for in the request. + +The Content-Length: servers send for a compressed response is supposed to +indicate the length of the compressed content so when auto decoding is enabled +it may not match the sum of bytes reported by the write callbacks (although, +sending the length of the non-compressed content is a common server mistake). .SH DEFAULT NULL .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.html b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.html index dd9650a58..f1faded28 100644 --- a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.html +++ b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.html @@ -55,10 +55,13 @@ p.roffit {

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_ACCEPT_ENCODING, char *enc);

DESCRIPTION

Pass a char * argument specifying what encoding you'd like. -

Sets the contents of the Accept-Encoding: header sent in a HTTP request, and enables decoding of a response when a Content-Encoding: header is received. Three encodings are supported: identity, which does nothing, deflate which requests the server to compress its response using the zlib algorithm, and gzip which requests the gzip algorithm. +

Sets the contents of the Accept-Encoding: header sent in a HTTP request, and enables decoding of a response when a Content-Encoding: header is received. Three encodings are supported: identity, meaning non-compressed, deflate which requests the server to compress its response using the zlib algorithm, and gzip which requests the gzip algorithm.

If a zero-length string is set like "", then an Accept-Encoding: header containing all built-in supported encodings is sent. +

Set this option to NULL to explicitly disable it, which makes libcurl not send an Accept-Encoding: header and not decompress contents automatically.

You can also opt to just include the Accept-Encoding: header in your request with CURLOPT_HTTPHEADER but then there will be no automatic decompressing when receiving data. -

This is a request, not an order; the server may or may not do it. This option must be set (to any non-NULL value) or else any unsolicited encoding done by the server is ignored. See the special file lib/README.encoding for further details.

DEFAULT

+

This is a request, not an order; the server may or may not do it. This option must be set (to any non-NULL value) or else any unsolicited encoding done by the server is ignored. +

Servers might respond with Content-Encoding even without getting a Accept-Encoding: in the request. Servers might respond with a different Content-Encoding than what was asked for in the request. +

The Content-Length: servers send for a compressed response is supposed to indicate the length of the compressed content so when auto decoding is enabled it may not match the sum of bytes reported by the write callbacks (although, sending the length of the non-compressed content is a common server mistake).

DEFAULT

NULL

PROTOCOLS

HTTP

EXAMPLE

diff --git a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.pdf b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.pdf
index cf2e92442..6f00dbed1 100644
Binary files a/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.pdf and b/docs/libcurl/opts/CURLOPT_ACCEPT_ENCODING.pdf differ
diff --git a/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.pdf b/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.pdf
index 36ace4e6a..c0ffbb332 100644
Binary files a/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.pdf and b/docs/libcurl/opts/CURLOPT_ADDRESS_SCOPE.pdf differ
diff --git a/docs/libcurl/opts/CURLOPT_APPEND.pdf b/docs/libcurl/opts/CURLOPT_APPEND.pdf
index 1b84c35ce..9a4727e5d 100644
Binary files a/docs/libcurl/opts/CURLOPT_APPEND.pdf and b/docs/libcurl/opts/CURLOPT_APPEND.pdf differ
diff --git a/docs/libcurl/opts/CURLOPT_AUTOREFERER.pdf b/docs/libcurl/opts/CURLOPT_AUTOREFERER.pdf
index 95e025776..5afb9cb05 100644
Binary files a/docs/libcurl/opts/CURLOPT_AUTOREFERER.pdf and b/docs/libcurl/opts/CURLOPT_AUTOREFERER.pdf differ
diff --git a/docs/libcurl/opts/CURLOPT_BUFFERSIZE.3 b/docs/libcurl/opts/CURLOPT_BUFFERSIZE.3
index 07806b7bc..113118e73 100644
--- a/docs/libcurl/opts/CURLOPT_BUFFERSIZE.3
+++ b/docs/libcurl/opts/CURLOPT_BUFFERSIZE.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al.
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -47,4 +47,4 @@ Added in 7.10
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
 .SH "SEE ALSO"
-.BR CURLOPT_MAX_RECV_SPEED "(3), " CURLOPT_WRITEFUNCTION "(3), "
+.BR CURLOPT_MAX_RECV_SPEED_LARGE "(3), " CURLOPT_WRITEFUNCTION "(3), "
diff --git a/docs/libcurl/opts/CURLOPT_BUFFERSIZE.html b/docs/libcurl/opts/CURLOPT_BUFFERSIZE.html
index a98710b73..793aa67e4 100644
--- a/docs/libcurl/opts/CURLOPT_BUFFERSIZE.html
+++ b/docs/libcurl/opts/CURLOPT_BUFFERSIZE.html
@@ -61,6 +61,6 @@ p.roffit {
 

TODO

AVAILABILITY

Added in 7.10

RETURN VALUE

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

-

CURLOPT_MAX_RECV_SPEED (3), CURLOPT_WRITEFUNCTION

+

CURLOPT_MAX_RECV_SPEED_LARGE, CURLOPT_WRITEFUNCTION

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_BUFFERSIZE.pdf b/docs/libcurl/opts/CURLOPT_BUFFERSIZE.pdf index 606425462..6e6adb89c 100644 Binary files a/docs/libcurl/opts/CURLOPT_BUFFERSIZE.pdf and b/docs/libcurl/opts/CURLOPT_BUFFERSIZE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CAINFO.3 b/docs/libcurl/opts/CURLOPT_CAINFO.3 index a05f5c0cf..7db50a8fa 100644 --- a/docs/libcurl/opts/CURLOPT_CAINFO.3 +++ b/docs/libcurl/opts/CURLOPT_CAINFO.3 @@ -40,6 +40,12 @@ is assumed to be stored, as established at build time. If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly. + +(iOS and macOS only) If curl is built against Secure Transport, then this +option is supported for backward compatibility with other SSL engines, but it +should not be set. If the option is not set, then curl will use the +certificates in the system and user Keychain to verify the peer, which is the +preferred method of verifying the peer's certificate chain. .SH DEFAULT Built-in system specific .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLOPT_CAINFO.html b/docs/libcurl/opts/CURLOPT_CAINFO.html index fac79608a..74a7d8382 100644 --- a/docs/libcurl/opts/CURLOPT_CAINFO.html +++ b/docs/libcurl/opts/CURLOPT_CAINFO.html @@ -57,7 +57,8 @@ p.roffit {

Pass a char * to a zero terminated string naming a file holding one or more certificates to verify the peer with.

If CURLOPT_SSL_VERIFYPEER is zero and you avoid verifying the server's certificate, CURLOPT_CAINFO need not even indicate an accessible file.

This option is by default set to the system path where libcurl's cacert bundle is assumed to be stored, as established at build time. -

If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly.

DEFAULT

+

If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly. +

(iOS and macOS only) If curl is built against Secure Transport, then this option is supported for backward compatibility with other SSL engines, but it should not be set. If the option is not set, then curl will use the certificates in the system and user Keychain to verify the peer, which is the preferred method of verifying the peer's certificate chain.

DEFAULT

Built-in system specific

PROTOCOLS

All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_CAINFO.pdf b/docs/libcurl/opts/CURLOPT_CAINFO.pdf index f096e9967..ae8de1133 100644 Binary files a/docs/libcurl/opts/CURLOPT_CAINFO.pdf and b/docs/libcurl/opts/CURLOPT_CAINFO.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CAPATH.pdf b/docs/libcurl/opts/CURLOPT_CAPATH.pdf index 47ce121d2..2af7bd7eb 100644 Binary files a/docs/libcurl/opts/CURLOPT_CAPATH.pdf and b/docs/libcurl/opts/CURLOPT_CAPATH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CERTINFO.pdf b/docs/libcurl/opts/CURLOPT_CERTINFO.pdf index 9be76cec1..77f448cf3 100644 Binary files a/docs/libcurl/opts/CURLOPT_CERTINFO.pdf and b/docs/libcurl/opts/CURLOPT_CERTINFO.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.pdf b/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.pdf index 4ae2f9fab..2c9ed44d6 100644 Binary files a/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_CHUNK_BGN_FUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3 b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3 index cd913f566..1ceb2cea2 100644 --- a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3 +++ b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -29,8 +29,8 @@ CURLOPT_CHUNK_DATA \- custom pointer to the FTP chunk callbacks CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CHUNK_DATA, void *pointer); .SH DESCRIPTION Pass a \fIpointer\fP that will be untouched by libcurl and passed as the ptr -argument to the \fICURL_CHUNK_BGN_FUNCTION(3)\fP and -\fICURL_CHUNK_END_FUNCTION(3)\fP. +argument to the \fICURLOPT_CHUNK_BGN_FUNCTION(3)\fP and +\fICURLOPT_CHUNK_END_FUNCTION(3)\fP. .SH DEFAULT NULL .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.html b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.html index a464def7c..f86939c82 100644 --- a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.html +++ b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.html @@ -54,7 +54,7 @@ p.roffit {

CURLOPT_CHUNK_DATA - custom pointer to the FTP chunk callbacks

SYNOPSIS

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CHUNK_DATA, void *pointer);

DESCRIPTION

-

Pass a pointer that will be untouched by libcurl and passed as the ptr argument to the CURL_CHUNK_BGN_FUNCTION(3) and CURL_CHUNK_END_FUNCTION(3).

DEFAULT

+

Pass a pointer that will be untouched by libcurl and passed as the ptr argument to the CURLOPT_CHUNK_BGN_FUNCTION and CURLOPT_CHUNK_END_FUNCTION.

DEFAULT

NULL

PROTOCOLS

FTP

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.pdf b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.pdf index 7ef683f3f..d07f0af4d 100644 Binary files a/docs/libcurl/opts/CURLOPT_CHUNK_DATA.pdf and b/docs/libcurl/opts/CURLOPT_CHUNK_DATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.pdf b/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.pdf index 9b422f642..e002a30c4 100644 Binary files a/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_CHUNK_END_FUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.pdf b/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.pdf index 0591a17b2..786a725ce 100644 Binary files a/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.pdf and b/docs/libcurl/opts/CURLOPT_CLOSESOCKETDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.pdf index 73f73c612..c9adb1015 100644 Binary files a/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_CLOSESOCKETFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT.pdf b/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT.pdf index 92ceb5be2..9dc7422b2 100644 Binary files a/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT.pdf and b/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.pdf b/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.pdf index fa495443d..d29f95bd5 100644 Binary files a/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.pdf and b/docs/libcurl/opts/CURLOPT_CONNECTTIMEOUT_MS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.pdf b/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.pdf index 0246e9980..314c63220 100644 Binary files a/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.pdf and b/docs/libcurl/opts/CURLOPT_CONNECT_ONLY.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CONNECT_TO.3 b/docs/libcurl/opts/CURLOPT_CONNECT_TO.3 new file mode 100644 index 000000000..302502143 --- /dev/null +++ b/docs/libcurl/opts/CURLOPT_CONNECT_TO.3 @@ -0,0 +1,111 @@ +.\" ************************************************************************** +.\" * _ _ ____ _ +.\" * Project ___| | | | _ \| | +.\" * / __| | | | |_) | | +.\" * | (__| |_| | _ <| |___ +.\" * \___|\___/|_| \_\_____| +.\" * +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. +.\" * +.\" * This software is licensed as described in the file COPYING, which +.\" * you should have received as part of this distribution. The terms +.\" * are also available at http://curl.haxx.se/docs/copyright.html. +.\" * +.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell +.\" * copies of the Software, and permit persons to whom the Software is +.\" * furnished to do so, under the terms of the COPYING file. +.\" * +.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +.\" * KIND, either express or implied. +.\" * +.\" ************************************************************************** +.\" +.TH CURLOPT_CONNECT_TO 3 "10 April 2016" "libcurl 7.49.0" "curl_easy_setopt options" +.SH NAME +CURLOPT_CONNECT_TO \- Connect to a specific host and port instead of the URL's host and port +.SH SYNOPSIS +.nf +#include + +CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CONNECT_TO, + struct curl_slist *connect_to); +.fi +.SH DESCRIPTION +Pass a pointer to a linked list of strings with "connect to" information to +use for establishing network connections with this handle. The linked list +should be a fully valid list of \fBstruct curl_slist\fP structs properly +filled in. Use \fIcurl_slist_append(3)\fP to create the list and +\fIcurl_slist_free_all(3)\fP to clean up an entire list. + +Each single string should be written using the format +HOST:PORT:CONNECT-TO-HOST:CONNECT-TO-PORT where HOST is the host of the +request, PORT is the port of the request, CONNECT-TO-HOST is the host name to +connect to, and CONNECT-TO-PORT is the port to connect to. + +The first string that matches the request's host and port is used. + +Dotted numerical IP addresses are supported for HOST and CONNECT-TO-HOST. +A numerical IPv6 address must be written within [brackets]. + +Any of the four values may be empty. When the HOST or PORT is empty, the host +or port will always match (the request's host or port is ignored). +When CONNECT-TO-HOST or CONNECT-TO-PORT is empty, the "connect to" feature +will be disabled for the host or port, and the request's host or port will be +used to establish the network connection. + +This option is suitable to direct the request at a specific server, e.g. at a +specific cluster node in a cluster of servers. + +The "connect to" host and port are only used to establish the network +connection. They do NOT affect the host and port that are used for TLS/SSL +(e.g. SNI, certificate verification) or for the application protocols. + +In contrast to \fICURLOPT_RESOLVE(3)\fP, the option +\fICURLOPT_CONNECT_TO(3)\fP does not pre-populate the DNS cache and therefore +it does not affect future transfers of other easy handles that have been added +to the same multi handle. + +The "connect to" host and port are ignored if they are equal to the host and +the port in the request URL, because connecting to the host and the port in +the request URL is the default behavior. + +If an HTTP proxy is used for a request having a special "connect to" host or +port, and the "connect to" host or port differs from the requests's host and +port, the HTTP proxy is automatically switched to tunnel mode for this +specific request. This is necessary because it is not possible to connect to a +specific host or port in normal (non-tunnel) mode. + +When this option is passed to \fIcurl_easy_setopt(3)\fP, libcurl will not copy +the entire list so you \fBmust\fP keep it around until you no longer use this +\fIhandle\fP for a transfer before you call \fIcurl_slist_free_all(3)\fP on +the list. + +.SH DEFAULT +NULL +.SH PROTOCOLS +All +.SH EXAMPLE +.nf +CURL *curl; +struct curl_slist *connect_to = NULL; +connect_to = curl_slist_append(NULL, "example.com::server1.example.com:"); + +curl = curl_easy_init(); +if(curl) { + curl_easy_setopt(curl, CURLOPT_CONNECT_TO, connect_to); + curl_easy_setopt(curl, CURLOPT_URL, "http://example.com"); + + curl_easy_perform(curl); + + /* always cleanup */ + curl_easy_cleanup(curl); +} + +curl_slist_free_all(connect_to); +.fi +.SH AVAILABILITY +Added in 7.49.0 +.SH RETURN VALUE +Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. +.SH "SEE ALSO" +.BR CURLOPT_URL "(3), " CURLOPT_RESOLVE "(3), " CURLOPT_FOLLOWLOCATION "(3), " CURLOPT_HTTPPROXYTUNNEL "(3), " diff --git a/docs/libcurl/opts/CURLOPT_CONNECT_TO.html b/docs/libcurl/opts/CURLOPT_CONNECT_TO.html new file mode 100644 index 000000000..eb599d17d --- /dev/null +++ b/docs/libcurl/opts/CURLOPT_CONNECT_TO.html @@ -0,0 +1,101 @@ + + +CURLOPT_CONNECT_TO man page + + + + +

NAME

+

CURLOPT_CONNECT_TO - Connect to a specific host and port instead of the URL's host and port

SYNOPSIS

+

+#include <curl/curl.h>
+ 
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CONNECT_TO,
+                          struct curl_slist *connect_to);
+
+ +

DESCRIPTION

+

Pass a pointer to a linked list of strings with "connect to" information to use for establishing network connections with this handle. The linked list should be a fully valid list of struct curl_slist structs properly filled in. Use curl_slist_append(3) to create the list and curl_slist_free_all(3) to clean up an entire list. +

Each single string should be written using the format HOST:PORT:CONNECT-TO-HOST:CONNECT-TO-PORT where HOST is the host of the request, PORT is the port of the request, CONNECT-TO-HOST is the host name to connect to, and CONNECT-TO-PORT is the port to connect to. +

The first string that matches the request's host and port is used. +

Dotted numerical IP addresses are supported for HOST and CONNECT-TO-HOST. A numerical IPv6 address must be written within [brackets]. +

Any of the four values may be empty. When the HOST or PORT is empty, the host or port will always match (the request's host or port is ignored). When CONNECT-TO-HOST or CONNECT-TO-PORT is empty, the "connect to" feature will be disabled for the host or port, and the request's host or port will be used to establish the network connection. +

This option is suitable to direct the request at a specific server, e.g. at a specific cluster node in a cluster of servers. +

The "connect to" host and port are only used to establish the network connection. They do NOT affect the host and port that are used for TLS/SSL (e.g. SNI, certificate verification) or for the application protocols. +

In contrast to CURLOPT_RESOLVE, the option CURLOPT_CONNECT_TO does not pre-populate the DNS cache and therefore it does not affect future transfers of other easy handles that have been added to the same multi handle. +

The "connect to" host and port are ignored if they are equal to the host and the port in the request URL, because connecting to the host and the port in the request URL is the default behavior. +

If an HTTP proxy is used for a request having a special "connect to" host or port, and the "connect to" host or port differs from the requests's host and port, the HTTP proxy is automatically switched to tunnel mode for this specific request. This is necessary because it is not possible to connect to a specific host or port in normal (non-tunnel) mode. +

When this option is passed to curl_easy_setopt(3), libcurl will not copy the entire list so you must keep it around until you no longer use this handle for a transfer before you call curl_slist_free_all(3) on the list. +

DEFAULT

+

NULL

PROTOCOLS

+

All

EXAMPLE

+

+CURL *curl;
+struct curl_slist *connect_to = NULL;
+connect_to = curl_slist_append(NULL, "example.com::server1.example.com:");
+ 
+curl = curl_easy_init();
+if(curl) {
+  curl_easy_setopt(curl, CURLOPT_CONNECT_TO, connect_to);
+  curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
+ 
+  curl_easy_perform(curl);
+ 
+  /* always cleanup */
+  curl_easy_cleanup(curl);
+}
+ 
+curl_slist_free_all(connect_to);
+
+ +

AVAILABILITY

+

Added in 7.49.0

RETURN VALUE

+

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

+

CURLOPT_URL, CURLOPT_RESOLVE, CURLOPT_FOLLOWLOCATION, CURLOPT_HTTPPROXYTUNNEL

+ This HTML page was made with roffit. + diff --git a/docs/libcurl/opts/CURLOPT_CONNECT_TO.pdf b/docs/libcurl/opts/CURLOPT_CONNECT_TO.pdf new file mode 100644 index 000000000..4c240e396 Binary files /dev/null and b/docs/libcurl/opts/CURLOPT_CONNECT_TO.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf b/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf index 651a95175..7e4fe6600 100644 Binary files a/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf b/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf index e6691bbc9..239776d22 100644 Binary files a/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3 b/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3 index 7d23b5340..a1d6a1aa2 100644 --- a/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3 +++ b/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -79,4 +79,4 @@ Available only if \fBCURL_DOES_CONVERSIONS\fP was defined when libcurl was built .SH RETURN VALUE Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. .SH "SEE ALSO" -.BR CURLOPT_CONV_FROM_NETWORK_FUNCTION "(3), " CURLOPT_CONV_TO_UTF8_FUNCTION "(3), " +.BR CURLOPT_CONV_FROM_NETWORK_FUNCTION "(3), " CURLOPT_CONV_FROM_UTF8_FUNCTION "(3), " diff --git a/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.html b/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.html index 2966ab77f..fc7edaafb 100644 --- a/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.html +++ b/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.html @@ -77,6 +77,6 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CONV_TO_NETWORK_FUNCTION,

TODO

AVAILABILITY

Available only if CURL_DOES_CONVERSIONS was defined when libcurl was built.

RETURN VALUE

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

-

CURLOPT_CONV_FROM_NETWORK_FUNCTION, CURLOPT_CONV_TO_UTF8_FUNCTION (3)

+

CURLOPT_CONV_FROM_NETWORK_FUNCTION, CURLOPT_CONV_FROM_UTF8_FUNCTION

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf b/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf index 3f6218692..c13bed820 100644 Binary files a/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_COOKIE.pdf b/docs/libcurl/opts/CURLOPT_COOKIE.pdf index addd127dd..9b639b76c 100644 Binary files a/docs/libcurl/opts/CURLOPT_COOKIE.pdf and b/docs/libcurl/opts/CURLOPT_COOKIE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_COOKIEFILE.pdf b/docs/libcurl/opts/CURLOPT_COOKIEFILE.pdf index 76860363c..c421d5d1b 100644 Binary files a/docs/libcurl/opts/CURLOPT_COOKIEFILE.pdf and b/docs/libcurl/opts/CURLOPT_COOKIEFILE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_COOKIEJAR.pdf b/docs/libcurl/opts/CURLOPT_COOKIEJAR.pdf index 739b2289b..40f30bd60 100644 Binary files a/docs/libcurl/opts/CURLOPT_COOKIEJAR.pdf and b/docs/libcurl/opts/CURLOPT_COOKIEJAR.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_COOKIELIST.3 b/docs/libcurl/opts/CURLOPT_COOKIELIST.3 index 088d2f768..7de4da882 100644 --- a/docs/libcurl/opts/CURLOPT_COOKIELIST.3 +++ b/docs/libcurl/opts/CURLOPT_COOKIELIST.3 @@ -100,7 +100,7 @@ were skipped on import are not exported. */ curl_easy_setopt(curl, CURLOPT_COOKIEJAR, "cookies.txt"); /* export */ -res = curl_easy_perform(curl); /* cookies imported from cookies.txt */ +curl_easy_perform(curl); /* cookies imported from cookies.txt */ curl_easy_cleanup(curl); /* cookies exported to cookies.txt */ .fi diff --git a/docs/libcurl/opts/CURLOPT_COOKIELIST.html b/docs/libcurl/opts/CURLOPT_COOKIELIST.html index 798d6add8..7f03f1efd 100644 --- a/docs/libcurl/opts/CURLOPT_COOKIELIST.html +++ b/docs/libcurl/opts/CURLOPT_COOKIELIST.html @@ -113,7 +113,7 @@ were skipped on import are not exported. */ curl_easy_setopt(curl, CURLOPT_COOKIEJAR, "cookies.txt"); /* export */   -res = curl_easy_perform(curl); /* cookies imported from cookies.txt */ +curl_easy_perform(curl); /* cookies imported from cookies.txt */   curl_easy_cleanup(curl); /* cookies exported to cookies.txt */

diff --git a/docs/libcurl/opts/CURLOPT_COOKIELIST.pdf b/docs/libcurl/opts/CURLOPT_COOKIELIST.pdf index 9d45dd04c..957c79266 100644 Binary files a/docs/libcurl/opts/CURLOPT_COOKIELIST.pdf and b/docs/libcurl/opts/CURLOPT_COOKIELIST.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_COOKIESESSION.pdf b/docs/libcurl/opts/CURLOPT_COOKIESESSION.pdf index 7cfd0a62e..b4976bac7 100644 Binary files a/docs/libcurl/opts/CURLOPT_COOKIESESSION.pdf and b/docs/libcurl/opts/CURLOPT_COOKIESESSION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.pdf b/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.pdf index 5ebe3a2f1..ef198f9fe 100644 Binary files a/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.pdf and b/docs/libcurl/opts/CURLOPT_COPYPOSTFIELDS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CRLF.pdf b/docs/libcurl/opts/CURLOPT_CRLF.pdf index 51c3910da..04138477f 100644 Binary files a/docs/libcurl/opts/CURLOPT_CRLF.pdf and b/docs/libcurl/opts/CURLOPT_CRLF.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CRLFILE.pdf b/docs/libcurl/opts/CURLOPT_CRLFILE.pdf index 9e94c20ea..4a0165a61 100644 Binary files a/docs/libcurl/opts/CURLOPT_CRLFILE.pdf and b/docs/libcurl/opts/CURLOPT_CRLFILE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3 b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3 index 8d8240272..553d40857 100644 --- a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3 +++ b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -30,7 +30,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CUSTOMREQUEST, char *request); .SH DESCRIPTION Pass a pointer to a zero terminated string as parameter. -When you change the request method by setting \fBCURLOPT_CUSTOMREQUEST(3)\fP +When you change the request method by setting \fICURLOPT_CUSTOMREQUEST(3)\fP to something, you don't actually change how libcurl behaves or acts in regards to the particular request method, it will only change the actual string sent in the request. diff --git a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.html b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.html index a0391a73f..95d706234 100644 --- a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.html +++ b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.html @@ -55,7 +55,7 @@ p.roffit {

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CUSTOMREQUEST, char *request);

DESCRIPTION

Pass a pointer to a zero terminated string as parameter. -

When you change the request method by setting CURLOPT_CUSTOMREQUEST to something, you don't actually change how libcurl behaves or acts in regards to the particular request method, it will only change the actual string sent in the request. +

When you change the request method by setting CURLOPT_CUSTOMREQUEST to something, you don't actually change how libcurl behaves or acts in regards to the particular request method, it will only change the actual string sent in the request.

Restore to the internal default by setting this to NULL.

This option can be used to specify the request:

HTTP diff --git a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.pdf b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.pdf index c0671cd8b..fd7b43bf8 100644 Binary files a/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.pdf and b/docs/libcurl/opts/CURLOPT_CUSTOMREQUEST.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DEBUGDATA.pdf b/docs/libcurl/opts/CURLOPT_DEBUGDATA.pdf index 179d4ca50..02b5cb514 100644 Binary files a/docs/libcurl/opts/CURLOPT_DEBUGDATA.pdf and b/docs/libcurl/opts/CURLOPT_DEBUGDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.pdf index 560a07be8..689280e15 100644 Binary files a/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.pdf b/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.pdf index df57f5b51..6bd74369d 100644 Binary files a/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.pdf and b/docs/libcurl/opts/CURLOPT_DEFAULT_PROTOCOL.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DIRLISTONLY.pdf b/docs/libcurl/opts/CURLOPT_DIRLISTONLY.pdf index 1ff2ef5ec..9af3cab25 100644 Binary files a/docs/libcurl/opts/CURLOPT_DIRLISTONLY.pdf and b/docs/libcurl/opts/CURLOPT_DIRLISTONLY.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.pdf b/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.pdf index 66460912b..12f61b60d 100644 Binary files a/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.pdf and b/docs/libcurl/opts/CURLOPT_DNS_CACHE_TIMEOUT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.pdf b/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.pdf index 0754204c5..495d2d6f5 100644 Binary files a/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.pdf and b/docs/libcurl/opts/CURLOPT_DNS_INTERFACE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.pdf b/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.pdf index def89e500..b4a8cfd2f 100644 Binary files a/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.pdf and b/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP4.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.pdf b/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.pdf index 1b7f55cf8..80a1646af 100644 Binary files a/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.pdf and b/docs/libcurl/opts/CURLOPT_DNS_LOCAL_IP6.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DNS_SERVERS.pdf b/docs/libcurl/opts/CURLOPT_DNS_SERVERS.pdf index 178bda107..bb47bf759 100644 Binary files a/docs/libcurl/opts/CURLOPT_DNS_SERVERS.pdf and b/docs/libcurl/opts/CURLOPT_DNS_SERVERS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.pdf b/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.pdf index e23c05d18..1f52eb7d2 100644 Binary files a/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.pdf and b/docs/libcurl/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_EGDSOCKET.pdf b/docs/libcurl/opts/CURLOPT_EGDSOCKET.pdf index 665f937a9..2a1f125f4 100644 Binary files a/docs/libcurl/opts/CURLOPT_EGDSOCKET.pdf and b/docs/libcurl/opts/CURLOPT_EGDSOCKET.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_ERRORBUFFER.pdf b/docs/libcurl/opts/CURLOPT_ERRORBUFFER.pdf index 632b5444d..772aa07de 100644 Binary files a/docs/libcurl/opts/CURLOPT_ERRORBUFFER.pdf and b/docs/libcurl/opts/CURLOPT_ERRORBUFFER.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.pdf b/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.pdf index 68a04a1dd..9bddf9f53 100644 Binary files a/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.pdf and b/docs/libcurl/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FAILONERROR.pdf b/docs/libcurl/opts/CURLOPT_FAILONERROR.pdf index 29064f9df..d3e6b3cd7 100644 Binary files a/docs/libcurl/opts/CURLOPT_FAILONERROR.pdf and b/docs/libcurl/opts/CURLOPT_FAILONERROR.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FILETIME.3 b/docs/libcurl/opts/CURLOPT_FILETIME.3 index 43a15f862..99ba7f7e9 100644 --- a/docs/libcurl/opts/CURLOPT_FILETIME.3 +++ b/docs/libcurl/opts/CURLOPT_FILETIME.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -40,7 +40,7 @@ HTTP, FTP, SFTP, FILE .SH EXAMPLE TODO .SH AVAILABILITY -Always +Always, for SFTP since 7.49.0 .SH RETURN VALUE Returns CURLE_OK .SH "SEE ALSO" diff --git a/docs/libcurl/opts/CURLOPT_FILETIME.html b/docs/libcurl/opts/CURLOPT_FILETIME.html index ae093ea49..bb5180f5c 100644 --- a/docs/libcurl/opts/CURLOPT_FILETIME.html +++ b/docs/libcurl/opts/CURLOPT_FILETIME.html @@ -58,7 +58,7 @@ p.roffit {

0

PROTOCOLS

HTTP, FTP, SFTP, FILE

EXAMPLE

TODO

AVAILABILITY

-

Always

RETURN VALUE

+

Always, for SFTP since 7.49.0

RETURN VALUE

Returns CURLE_OK

SEE ALSO

curl_easy_getinfo (3)

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_FILETIME.pdf b/docs/libcurl/opts/CURLOPT_FILETIME.pdf index 0880743f2..590719680 100644 Binary files a/docs/libcurl/opts/CURLOPT_FILETIME.pdf and b/docs/libcurl/opts/CURLOPT_FILETIME.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3 b/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3 index daf4e8ca7..236c19df5 100644 --- a/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3 +++ b/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -31,7 +31,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_FNMATCH_DATA, void *pointer); .SH DESCRIPTION Pass a pointer that will be untouched by libcurl and passed as the ptr -argument to the \fICURL_FNMATCH_FUNCTION(3)\fP. +argument to the \fICURLOPT_FNMATCH_FUNCTION(3)\fP. .SH DEFAULT NULL .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.html b/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.html index 4fce5573e..f391b5497 100644 --- a/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.html +++ b/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.html @@ -59,7 +59,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_FNMATCH_DATA,   void *pointer);

DESCRIPTION

-

Pass a pointer that will be untouched by libcurl and passed as the ptr argument to the CURL_FNMATCH_FUNCTION(3).

DEFAULT

+

Pass a pointer that will be untouched by libcurl and passed as the ptr argument to the CURLOPT_FNMATCH_FUNCTION.

DEFAULT

NULL

PROTOCOLS

FTP

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.pdf b/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.pdf index 967724d15..a185f22ea 100644 Binary files a/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.pdf and b/docs/libcurl/opts/CURLOPT_FNMATCH_DATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.pdf b/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.pdf index 678bf73ca..0922dd21a 100644 Binary files a/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_FNMATCH_FUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.pdf b/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.pdf index ac0201818..6bdb0220d 100644 Binary files a/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.pdf and b/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FORBID_REUSE.pdf b/docs/libcurl/opts/CURLOPT_FORBID_REUSE.pdf index 1fb1872c4..f971a1d5b 100644 Binary files a/docs/libcurl/opts/CURLOPT_FORBID_REUSE.pdf and b/docs/libcurl/opts/CURLOPT_FORBID_REUSE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.pdf b/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.pdf index f25cbeaa1..be2c6804d 100644 Binary files a/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.pdf and b/docs/libcurl/opts/CURLOPT_FRESH_CONNECT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTPPORT.pdf b/docs/libcurl/opts/CURLOPT_FTPPORT.pdf index 186b3f4ad..c74fb60a9 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTPPORT.pdf and b/docs/libcurl/opts/CURLOPT_FTPPORT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.pdf b/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.pdf index 6211b8f36..a3c3c1b31 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.pdf and b/docs/libcurl/opts/CURLOPT_FTPSSLAUTH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.pdf b/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.pdf index b15d8d517..155da7c3d 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.pdf and b/docs/libcurl/opts/CURLOPT_FTP_ACCOUNT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf b/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf index c50c0fe6b..6446eefd2 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf and b/docs/libcurl/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.pdf b/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.pdf index c2bc473d0..60260594d 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.pdf and b/docs/libcurl/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.pdf b/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.pdf index 5f404768f..e29bc277c 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.pdf and b/docs/libcurl/opts/CURLOPT_FTP_FILEMETHOD.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.pdf b/docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.pdf index c45c4c98d..d9c733aa1 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.pdf and b/docs/libcurl/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.pdf b/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.pdf index 804df9dc3..831eaa33a 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.pdf and b/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.pdf b/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.pdf index 59fdf45ae..db380d502 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.pdf and b/docs/libcurl/opts/CURLOPT_FTP_SSL_CCC.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_USE_EPRT.pdf b/docs/libcurl/opts/CURLOPT_FTP_USE_EPRT.pdf index 8c88eb0d0..6796a7e49 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_USE_EPRT.pdf and b/docs/libcurl/opts/CURLOPT_FTP_USE_EPRT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.pdf b/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.pdf index 85aba79b0..75ce41b8a 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.pdf and b/docs/libcurl/opts/CURLOPT_FTP_USE_EPSV.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.pdf b/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.pdf index 3be3e4e56..10bad1402 100644 Binary files a/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.pdf and b/docs/libcurl/opts/CURLOPT_FTP_USE_PRET.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.pdf b/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.pdf index 004ba0f27..0b9a5cdd5 100644 Binary files a/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.pdf and b/docs/libcurl/opts/CURLOPT_GSSAPI_DELEGATION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HEADER.pdf b/docs/libcurl/opts/CURLOPT_HEADER.pdf index 06b883cc6..b5e687fc4 100644 Binary files a/docs/libcurl/opts/CURLOPT_HEADER.pdf and b/docs/libcurl/opts/CURLOPT_HEADER.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HEADERDATA.pdf b/docs/libcurl/opts/CURLOPT_HEADERDATA.pdf index 458b2958e..0bea59648 100644 Binary files a/docs/libcurl/opts/CURLOPT_HEADERDATA.pdf and b/docs/libcurl/opts/CURLOPT_HEADERDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.pdf index a51b5da98..9b4f6b17f 100644 Binary files a/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_HEADERFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HEADEROPT.pdf b/docs/libcurl/opts/CURLOPT_HEADEROPT.pdf index bec048765..48b74f42a 100644 Binary files a/docs/libcurl/opts/CURLOPT_HEADEROPT.pdf and b/docs/libcurl/opts/CURLOPT_HEADEROPT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.pdf b/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.pdf index 2a3a067f0..79548e88f 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.pdf and b/docs/libcurl/opts/CURLOPT_HTTP200ALIASES.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTPAUTH.pdf b/docs/libcurl/opts/CURLOPT_HTTPAUTH.pdf index 6e62fd88c..867a8b1cc 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTPAUTH.pdf and b/docs/libcurl/opts/CURLOPT_HTTPAUTH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTPGET.pdf b/docs/libcurl/opts/CURLOPT_HTTPGET.pdf index 9a1b41a60..8983a0dcc 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTPGET.pdf and b/docs/libcurl/opts/CURLOPT_HTTPGET.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTPHEADER.pdf b/docs/libcurl/opts/CURLOPT_HTTPHEADER.pdf index 7451060dc..195f7fba5 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTPHEADER.pdf and b/docs/libcurl/opts/CURLOPT_HTTPHEADER.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTPPOST.3 b/docs/libcurl/opts/CURLOPT_HTTPPOST.3 index 9db641528..974f9f37a 100644 --- a/docs/libcurl/opts/CURLOPT_HTTPPOST.3 +++ b/docs/libcurl/opts/CURLOPT_HTTPPOST.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -34,8 +34,8 @@ Tells libcurl you want a multipart/formdata HTTP POST to be made and you instruct what data to pass on to the server in the \fIformpost\fP argument. Pass a pointer to a linked list of curl_httppost structs as parameter. The easiest way to create such a list, is to use \fIcurl_formadd(3)\fP as -documented. The data in this list must remain intact until you close this curl -handle again with \fIcurl_easy_cleanup(3)\fP. +documented. The data in this list must remain intact as long as the curl +transfer is alive and is using it. Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header. You can disable this header with \fICURLOPT_HTTPHEADER(3)\fP. @@ -76,3 +76,4 @@ As long as HTTP is enabled Returns CURLE_OK if HTTP is enabled, and CURLE_UNKNOWN_OPTION if not. .SH "SEE ALSO" .BR CURLOPT_POSTFIELDS "(3), " CURLOPT_POST "(3), " +.BR curl_formadd "(3), " curl_formfree "(3), " diff --git a/docs/libcurl/opts/CURLOPT_HTTPPOST.html b/docs/libcurl/opts/CURLOPT_HTTPPOST.html index aeecc717c..26ca38fa5 100644 --- a/docs/libcurl/opts/CURLOPT_HTTPPOST.html +++ b/docs/libcurl/opts/CURLOPT_HTTPPOST.html @@ -59,7 +59,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_HTTPPOST,   struct curl_httppost *formpost);

DESCRIPTION

-

Tells libcurl you want a multipart/formdata HTTP POST to be made and you instruct what data to pass on to the server in the formpost argument. Pass a pointer to a linked list of curl_httppost structs as parameter. The easiest way to create such a list, is to use curl_formadd(3) as documented. The data in this list must remain intact until you close this curl handle again with curl_easy_cleanup(3). +

Tells libcurl you want a multipart/formdata HTTP POST to be made and you instruct what data to pass on to the server in the formpost argument. Pass a pointer to a linked list of curl_httppost structs as parameter. The easiest way to create such a list, is to use curl_formadd(3) as documented. The data in this list must remain intact as long as the curl transfer is alive and is using it.

Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header. You can disable this header with CURLOPT_HTTPHEADER.

When setting CURLOPT_HTTPPOST, it will automatically set CURLOPT_NOBODY to 0.

DEFAULT

NULL

PROTOCOLS

@@ -91,6 +91,6 @@ curl_formadd(&formpost,

AVAILABILITY

As long as HTTP is enabled

RETURN VALUE

Returns CURLE_OK if HTTP is enabled, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

-

CURLOPT_POSTFIELDS, CURLOPT_POST

+

CURLOPT_POSTFIELDS, CURLOPT_POST, curl_formadd (3), curl_formfree (3)

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_HTTPPOST.pdf b/docs/libcurl/opts/CURLOPT_HTTPPOST.pdf index 70498e88d..f541ff4b0 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTPPOST.pdf and b/docs/libcurl/opts/CURLOPT_HTTPPOST.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.pdf b/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.pdf index ccbbe59c2..c8b1b6611 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.pdf and b/docs/libcurl/opts/CURLOPT_HTTPPROXYTUNNEL.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.pdf b/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.pdf index 4af677d3a..076e9b609 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.pdf and b/docs/libcurl/opts/CURLOPT_HTTP_CONTENT_DECODING.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.pdf b/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.pdf index c833a5246..d10dd1190 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.pdf and b/docs/libcurl/opts/CURLOPT_HTTP_TRANSFER_DECODING.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3 b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3 index dd57a2989..96dd4b672 100644 --- a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3 +++ b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -48,12 +48,17 @@ Enforce HTTP 1.1 requests. Attempt HTTP 2 requests. libcurl will fall back to HTTP 1.1 if HTTP 2 can't be negotiated with the server. (Added in 7.33.0) -The alias \fICURL_HTTP_VERSION_2\fI was added in 7.43.0 to better reflect the +The alias \fICURL_HTTP_VERSION_2\fP was added in 7.43.0 to better reflect the actual protocol name. .IP CURL_HTTP_VERSION_2TLS Attempt HTTP 2 over TLS (HTTPS) only. libcurl will fall back to HTTP 1.1 if HTTP 2 can't be negotiated with the HTTPS server. For clear text HTTP servers, libcurl will use 1.1. (Added in 7.47.0) +.IP CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE +Issue non-TLS HTTP requests using HTTP/2 without HTTP/1.1 Upgrade. It requires +prior knowledge that the server supports HTTP/2 straight away. HTTPS requests +will still do HTTP/2 the standard way with negotiated protocol version in the +TLS handshake. (Added in 7.49.0) .SH DEFAULT CURL_HTTP_VERSION_NONE .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.html b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.html index 6a1323c0d..2a1549b35 100644 --- a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.html +++ b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.html @@ -65,9 +65,11 @@ p.roffit {

Enforce HTTP 1.1 requests.

CURL_HTTP_VERSION_2_0

Attempt HTTP 2 requests. libcurl will fall back to HTTP 1.1 if HTTP 2 can't be negotiated with the server. (Added in 7.33.0) -

The alias CURL_HTTP_VERSION_2 was added in 7.43.0 to better reflect the actual protocol name. +

The alias CURL_HTTP_VERSION_2 was added in 7.43.0 to better reflect the actual protocol name.

CURL_HTTP_VERSION_2TLS -

Attempt HTTP 2 over TLS (HTTPS) only. libcurl will fall back to HTTP 1.1 if HTTP 2 can't be negotiated with the HTTPS server. For clear text HTTP servers, libcurl will use 1.1. (Added in 7.47.0)

DEFAULT

+

Attempt HTTP 2 over TLS (HTTPS) only. libcurl will fall back to HTTP 1.1 if HTTP 2 can't be negotiated with the HTTPS server. For clear text HTTP servers, libcurl will use 1.1. (Added in 7.47.0) +

CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE +

Issue non-TLS HTTP requests using HTTP/2 without HTTP/1.1 Upgrade. It requires prior knowledge that the server supports HTTP/2 straight away. HTTPS requests will still do HTTP/2 the standard way with negotiated protocol version in the TLS handshake. (Added in 7.49.0)

DEFAULT

CURL_HTTP_VERSION_NONE

PROTOCOLS

HTTP

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.pdf b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.pdf index a559dcaac..93fb5dab9 100644 Binary files a/docs/libcurl/opts/CURLOPT_HTTP_VERSION.pdf and b/docs/libcurl/opts/CURLOPT_HTTP_VERSION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_IGNORE_CONTENT_LENGTH.pdf b/docs/libcurl/opts/CURLOPT_IGNORE_CONTENT_LENGTH.pdf index 013b14b3a..27bb037ab 100644 Binary files a/docs/libcurl/opts/CURLOPT_IGNORE_CONTENT_LENGTH.pdf and b/docs/libcurl/opts/CURLOPT_IGNORE_CONTENT_LENGTH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_INFILESIZE.pdf b/docs/libcurl/opts/CURLOPT_INFILESIZE.pdf index 84d8e9060..15973f62c 100644 Binary files a/docs/libcurl/opts/CURLOPT_INFILESIZE.pdf and b/docs/libcurl/opts/CURLOPT_INFILESIZE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_INFILESIZE_LARGE.pdf b/docs/libcurl/opts/CURLOPT_INFILESIZE_LARGE.pdf index cd04983f5..b1adf471b 100644 Binary files a/docs/libcurl/opts/CURLOPT_INFILESIZE_LARGE.pdf and b/docs/libcurl/opts/CURLOPT_INFILESIZE_LARGE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_INTERFACE.pdf b/docs/libcurl/opts/CURLOPT_INTERFACE.pdf index a5faed801..86b3e5380 100644 Binary files a/docs/libcurl/opts/CURLOPT_INTERFACE.pdf and b/docs/libcurl/opts/CURLOPT_INTERFACE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.pdf b/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.pdf index 15305c8e4..733f81dbd 100644 Binary files a/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.pdf and b/docs/libcurl/opts/CURLOPT_INTERLEAVEDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.pdf index c86450df2..c092ef4b1 100644 Binary files a/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_INTERLEAVEFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_IOCTLDATA.pdf b/docs/libcurl/opts/CURLOPT_IOCTLDATA.pdf index a655c229e..7ddc7164a 100644 Binary files a/docs/libcurl/opts/CURLOPT_IOCTLDATA.pdf and b/docs/libcurl/opts/CURLOPT_IOCTLDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.pdf index 35cd8f801..0e5892cf4 100644 Binary files a/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_IPRESOLVE.pdf b/docs/libcurl/opts/CURLOPT_IPRESOLVE.pdf index 21e4c9534..da247c5e7 100644 Binary files a/docs/libcurl/opts/CURLOPT_IPRESOLVE.pdf and b/docs/libcurl/opts/CURLOPT_IPRESOLVE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_ISSUERCERT.pdf b/docs/libcurl/opts/CURLOPT_ISSUERCERT.pdf index c29ab0b04..d2e2ffc26 100644 Binary files a/docs/libcurl/opts/CURLOPT_ISSUERCERT.pdf and b/docs/libcurl/opts/CURLOPT_ISSUERCERT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_KEYPASSWD.pdf b/docs/libcurl/opts/CURLOPT_KEYPASSWD.pdf index 3e070efc6..4c3dee0d3 100644 Binary files a/docs/libcurl/opts/CURLOPT_KEYPASSWD.pdf and b/docs/libcurl/opts/CURLOPT_KEYPASSWD.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_KRBLEVEL.pdf b/docs/libcurl/opts/CURLOPT_KRBLEVEL.pdf index 1cc6da616..fec89d901 100644 Binary files a/docs/libcurl/opts/CURLOPT_KRBLEVEL.pdf and b/docs/libcurl/opts/CURLOPT_KRBLEVEL.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_LOCALPORT.pdf b/docs/libcurl/opts/CURLOPT_LOCALPORT.pdf index f55c8fac6..dd0a2e885 100644 Binary files a/docs/libcurl/opts/CURLOPT_LOCALPORT.pdf and b/docs/libcurl/opts/CURLOPT_LOCALPORT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.pdf b/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.pdf index 38bfc2457..09f331641 100644 Binary files a/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.pdf and b/docs/libcurl/opts/CURLOPT_LOCALPORTRANGE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3 b/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3 index 7dff9ca89..a9ca19287 100644 --- a/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3 +++ b/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -34,7 +34,7 @@ Pass a char * as parameter, which should be pointing to the zero terminated For more information about the login options please see RFC2384, RFC5092 and IETF draft draft-earhart-url-smtp-00.txt -\fBCURLOPT_LOGIN_OPTIONS(3)\fP can be used to set protocol specific login +\fICURLOPT_LOGIN_OPTIONS(3)\fP can be used to set protocol specific login options, such as the preferred authentication mechanism via "AUTH=NTLM" or "AUTH=*", and should be used in conjunction with the \fICURLOPT_USERNAME(3)\fP option. diff --git a/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.html b/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.html index c4f7bf9cc..6c8109c37 100644 --- a/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.html +++ b/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.html @@ -56,7 +56,7 @@ p.roffit {

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_LOGIN_OPTIONS, char *options);

DESCRIPTION

Pass a char * as parameter, which should be pointing to the zero terminated options string to use for the transfer.

For more information about the login options please see RFC 2384, RFC 5092 and IETF draft draft-earhart-url-smtp-00.txt -

CURLOPT_LOGIN_OPTIONS can be used to set protocol specific login options, such as the preferred authentication mechanism via "AUTH=NTLM" or "AUTH=*", and should be used in conjunction with the CURLOPT_USERNAME option.

DEFAULT

+

CURLOPT_LOGIN_OPTIONS can be used to set protocol specific login options, such as the preferred authentication mechanism via "AUTH=NTLM" or "AUTH=*", and should be used in conjunction with the CURLOPT_USERNAME option.

DEFAULT

NULL

PROTOCOLS

Only IMAP, POP3 and SMTP support login options.

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.pdf b/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.pdf index 0d6792eed..1603335cf 100644 Binary files a/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.pdf and b/docs/libcurl/opts/CURLOPT_LOGIN_OPTIONS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.pdf b/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.pdf index f26b20d54..95487b0cf 100644 Binary files a/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.pdf and b/docs/libcurl/opts/CURLOPT_LOW_SPEED_LIMIT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.pdf b/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.pdf index 4ade9e9b1..a75604a0f 100644 Binary files a/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.pdf and b/docs/libcurl/opts/CURLOPT_LOW_SPEED_TIME.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAIL_AUTH.pdf b/docs/libcurl/opts/CURLOPT_MAIL_AUTH.pdf index 8d68a73b0..62f86df89 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAIL_AUTH.pdf and b/docs/libcurl/opts/CURLOPT_MAIL_AUTH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAIL_FROM.pdf b/docs/libcurl/opts/CURLOPT_MAIL_FROM.pdf index 0676fd359..db203153d 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAIL_FROM.pdf and b/docs/libcurl/opts/CURLOPT_MAIL_FROM.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAIL_RCPT.pdf b/docs/libcurl/opts/CURLOPT_MAIL_RCPT.pdf index ba54fe43c..afa9f067e 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAIL_RCPT.pdf and b/docs/libcurl/opts/CURLOPT_MAIL_RCPT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3 b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3 index ea875fa34..8e90a9d26 100644 --- a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3 +++ b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -44,7 +44,7 @@ get closed unnecessarily. If you add this easy handle to a multi handle, this setting is not acknowledged, and you must instead use \fIcurl_multi_setopt(3)\fP and the -\fICURLMOPT_MAXCONNECTS\fP option. +\fICURLMOPT_MAXCONNECTS(3)\fP option. .SH DEFAULT 5 .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.html b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.html index 65e978cd5..16c2458d8 100644 --- a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.html +++ b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.html @@ -57,7 +57,7 @@ p.roffit {

Pass a long. The set amount will be the maximum number of simultaneously open persistent connections that libcurl may cache in the pool associated with this handle. The default is 5, and there isn't much point in changing this value unless you are perfectly aware of how this works and changes libcurl's behaviour. This concerns connections using any of the protocols that support persistent connections.

When reaching the maximum limit, curl closes the oldest one in the cache to prevent increasing the number of open connections.

If you already have performed transfers with this curl handle, setting a smaller CURLOPT_MAXCONNECTS than before may cause open connections to get closed unnecessarily. -

If you add this easy handle to a multi handle, this setting is not acknowledged, and you must instead use curl_multi_setopt(3) and the CURLMOPT_MAXCONNECTS option.

DEFAULT

+

If you add this easy handle to a multi handle, this setting is not acknowledged, and you must instead use curl_multi_setopt(3) and the CURLMOPT_MAXCONNECTS option.

DEFAULT

5

PROTOCOLS

Most

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.pdf b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.pdf index 99f637811..697335c2a 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAXCONNECTS.pdf and b/docs/libcurl/opts/CURLOPT_MAXCONNECTS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAXFILESIZE.pdf b/docs/libcurl/opts/CURLOPT_MAXFILESIZE.pdf index 3427ae4e6..e40c4ce60 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAXFILESIZE.pdf and b/docs/libcurl/opts/CURLOPT_MAXFILESIZE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.pdf b/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.pdf index 6fdca2d37..12a22fc02 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.pdf and b/docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAXREDIRS.pdf b/docs/libcurl/opts/CURLOPT_MAXREDIRS.pdf index e45f74b72..cc140bf78 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAXREDIRS.pdf and b/docs/libcurl/opts/CURLOPT_MAXREDIRS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3 b/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3 index 031f2cd39..c99ff61e3 100644 --- a/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3 +++ b/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.3 @@ -31,9 +31,8 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_MAX_RECV_SPEED_LARGE, curl_off_t speed); .SH DESCRIPTION Pass a curl_off_t as parameter. If a download exceeds this \fIspeed\fP -(counted in bytes per second) on cumulative average during the transfer, the -transfer will pause to keep the average rate less than or equal to the -parameter value. Defaults to unlimited speed. +(counted in bytes per second) the transfer will pause to keep the speed less +than or equal to the parameter value. Defaults to unlimited speed. This option doesn't affect transfer speeds done with FILE:// URLs. .SH DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.html b/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.html index 388a3e4de..180ea787c 100644 --- a/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.html +++ b/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.html @@ -59,7 +59,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_MAX_RECV_SPEED_LARGE,   curl_off_t speed);

DESCRIPTION

-

Pass a curl_off_t as parameter. If a download exceeds this speed (counted in bytes per second) on cumulative average during the transfer, the transfer will pause to keep the average rate less than or equal to the parameter value. Defaults to unlimited speed. +

Pass a curl_off_t as parameter. If a download exceeds this speed (counted in bytes per second) the transfer will pause to keep the speed less than or equal to the parameter value. Defaults to unlimited speed.

This option doesn't affect transfer speeds done with FILE:// URLs.

DEFAULT

0, disabled

PROTOCOLS

All but file://

EXAMPLE

diff --git a/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.pdf b/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.pdf index 6554b00f4..ac3b6d469 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.pdf and b/docs/libcurl/opts/CURLOPT_MAX_RECV_SPEED_LARGE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3 b/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3 index c2c6336f1..7f3efe57c 100644 --- a/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3 +++ b/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.3 @@ -31,9 +31,9 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_MAX_SEND_SPEED_LARGE, curl_off_t maxspeed); .SH DESCRIPTION Pass a curl_off_t as parameter with the \fImaxspeed\fP. If an upload exceeds -this speed (counted in bytes per second) on cumulative average during the -transfer, the transfer will pause to keep the average rate less than or equal -to the parameter value. Defaults to unlimited speed. +this speed (counted in bytes per second) the transfer will pause to keep the +speed less than or equal to the parameter value. Defaults to unlimited +speed. This option doesn't affect transfer speeds done with FILE:// URLs. .SH DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.html b/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.html index d604999db..32b8e0ca9 100644 --- a/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.html +++ b/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.html @@ -59,7 +59,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_MAX_SEND_SPEED_LARGE,   curl_off_t maxspeed);

DESCRIPTION

-

Pass a curl_off_t as parameter with the maxspeed. If an upload exceeds this speed (counted in bytes per second) on cumulative average during the transfer, the transfer will pause to keep the average rate less than or equal to the parameter value. Defaults to unlimited speed. +

Pass a curl_off_t as parameter with the maxspeed. If an upload exceeds this speed (counted in bytes per second) the transfer will pause to keep the speed less than or equal to the parameter value. Defaults to unlimited speed.

This option doesn't affect transfer speeds done with FILE:// URLs.

DEFAULT

0, disabled

PROTOCOLS

All except file://

EXAMPLE

diff --git a/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.pdf b/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.pdf index 391ac96de..08d2622a9 100644 Binary files a/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.pdf and b/docs/libcurl/opts/CURLOPT_MAX_SEND_SPEED_LARGE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_NETRC.pdf b/docs/libcurl/opts/CURLOPT_NETRC.pdf index 842a3f41d..1ef77464f 100644 Binary files a/docs/libcurl/opts/CURLOPT_NETRC.pdf and b/docs/libcurl/opts/CURLOPT_NETRC.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_NETRC_FILE.pdf b/docs/libcurl/opts/CURLOPT_NETRC_FILE.pdf index aa227361a..9eaafd5b2 100644 Binary files a/docs/libcurl/opts/CURLOPT_NETRC_FILE.pdf and b/docs/libcurl/opts/CURLOPT_NETRC_FILE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.pdf b/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.pdf index 90c2c01a5..5a9186436 100644 Binary files a/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.pdf and b/docs/libcurl/opts/CURLOPT_NEW_DIRECTORY_PERMS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.pdf b/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.pdf index b0e2ddf02..ce6c06d4f 100644 Binary files a/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.pdf and b/docs/libcurl/opts/CURLOPT_NEW_FILE_PERMS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_NOBODY.pdf b/docs/libcurl/opts/CURLOPT_NOBODY.pdf index 48e130be2..4f3efe96d 100644 Binary files a/docs/libcurl/opts/CURLOPT_NOBODY.pdf and b/docs/libcurl/opts/CURLOPT_NOBODY.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_NOPROGRESS.pdf b/docs/libcurl/opts/CURLOPT_NOPROGRESS.pdf index 2e69b2e30..cbb03c79b 100644 Binary files a/docs/libcurl/opts/CURLOPT_NOPROGRESS.pdf and b/docs/libcurl/opts/CURLOPT_NOPROGRESS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_NOPROXY.pdf b/docs/libcurl/opts/CURLOPT_NOPROXY.pdf index 09fc3e9c6..550578ea7 100644 Binary files a/docs/libcurl/opts/CURLOPT_NOPROXY.pdf and b/docs/libcurl/opts/CURLOPT_NOPROXY.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_NOSIGNAL.pdf b/docs/libcurl/opts/CURLOPT_NOSIGNAL.pdf index 576519d03..eb50832fc 100644 Binary files a/docs/libcurl/opts/CURLOPT_NOSIGNAL.pdf and b/docs/libcurl/opts/CURLOPT_NOSIGNAL.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.pdf b/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.pdf index 6fd553a47..8ae4cf811 100644 Binary files a/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.pdf and b/docs/libcurl/opts/CURLOPT_OPENSOCKETDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.pdf index 0e9d899fa..2dcf512c8 100644 Binary files a/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PASSWORD.pdf b/docs/libcurl/opts/CURLOPT_PASSWORD.pdf index 6f7036945..4ac054c72 100644 Binary files a/docs/libcurl/opts/CURLOPT_PASSWORD.pdf and b/docs/libcurl/opts/CURLOPT_PASSWORD.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PATH_AS_IS.pdf b/docs/libcurl/opts/CURLOPT_PATH_AS_IS.pdf index 03ed72a9a..294b8c722 100644 Binary files a/docs/libcurl/opts/CURLOPT_PATH_AS_IS.pdf and b/docs/libcurl/opts/CURLOPT_PATH_AS_IS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3 b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3 index ff1fe740e..4e673bd4d 100644 --- a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3 +++ b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3 @@ -90,10 +90,16 @@ footer: -----END PUBLIC KEY----- .fi .SH AVAILABILITY -Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0 for -NSS and wolfSSL/CyaSSL. Added for mbedtls in 7.47.0, sha256 support -added in 7.44.0 for OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL. Other -SSL backends not supported. +PEM/DER support: + 7.39.0: OpenSSL, GnuTLS and GSKit + 7.43.0: NSS and wolfSSL/CyaSSL + 7.47.0: mbedtls + 7.49.0: PolarSSL +sha256 support: + 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL. + 7.47.0: mbedtls + 7.49.0: PolarSSL +Other SSL backends not supported. .SH RETURN VALUE Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. diff --git a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.html b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.html index 3d21603e3..8048597e2 100644 --- a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.html +++ b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.html @@ -104,7 +104,7 @@ openssl dgst -sha256 -binary www.example.com.pubkey.der | openssl base64

AVAILABILITY

-

Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0 for NSS and wolfSSL/CyaSSL. Added for mbedtls in 7.47.0, sha256 support added in 7.44.0 for OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL. Other SSL backends not supported.

RETURN VALUE

+

PEM/DER support:   7.39.0: OpenSSL, GnuTLS and GSKit   7.43.0: NSS and wolfSSL/CyaSSL   7.47.0: mbedtls   7.49.0: PolarSSL sha256 support:   7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.   7.47.0: mbedtls   7.49.0: PolarSSL Other SSL backends not supported.

RETURN VALUE

Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

SEE ALSO

CURLOPT_SSL_VERIFYPEER, CURLOPT_SSL_VERIFYHOST, CURLOPT_CAINFO, CURLOPT_CAPATH

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.pdf b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.pdf index 207076a80..6d9fc6cb2 100644 Binary files a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.pdf and b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PIPEWAIT.3 b/docs/libcurl/opts/CURLOPT_PIPEWAIT.3 index 62f540dcc..6d0f14e79 100644 --- a/docs/libcurl/opts/CURLOPT_PIPEWAIT.3 +++ b/docs/libcurl/opts/CURLOPT_PIPEWAIT.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -36,10 +36,10 @@ libcurl will check for existing connections to re-use and pipeline on. If no such connection exists it will immediately continue and create a fresh new connection to use. -By setting this option to 1 - and having \fICURLMOPT_PIPELINE\fP enabled for -the multi handle this transfer is associated with - libcurl will instead wait -for the connection to reveal if it is possible to pipeline/multiplex on before -it continues. This enables libcurl to much better keep the number of +By setting this option to 1 - and having \fICURLMOPT_PIPELINING(3)\fP enabled +for the multi handle this transfer is associated with - libcurl will instead +wait for the connection to reveal if it is possible to pipeline/multiplex on +before it continues. This enables libcurl to much better keep the number of connections to a minimum when using pipelining or multiplexing protocols. The effect thus becomes that with this option set, libcurl prefers to wait and diff --git a/docs/libcurl/opts/CURLOPT_PIPEWAIT.html b/docs/libcurl/opts/CURLOPT_PIPEWAIT.html index 46b66d314..a0b467312 100644 --- a/docs/libcurl/opts/CURLOPT_PIPEWAIT.html +++ b/docs/libcurl/opts/CURLOPT_PIPEWAIT.html @@ -56,7 +56,7 @@ p.roffit {

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PIPEWAIT, long wait);

DESCRIPTION

Set wait to 1L to tell libcurl to prefer to wait for a connection to confirm or deny that it can do pipelining or multiplexing before continuing.

When about to perform a new transfer that allows pipelining or multiplexing, libcurl will check for existing connections to re-use and pipeline on. If no such connection exists it will immediately continue and create a fresh new connection to use. -

By setting this option to 1 - and having CURLMOPT_PIPELINE enabled for the multi handle this transfer is associated with - libcurl will instead wait for the connection to reveal if it is possible to pipeline/multiplex on before it continues. This enables libcurl to much better keep the number of connections to a minimum when using pipelining or multiplexing protocols. +

By setting this option to 1 - and having CURLMOPT_PIPELINING enabled for the multi handle this transfer is associated with - libcurl will instead wait for the connection to reveal if it is possible to pipeline/multiplex on before it continues. This enables libcurl to much better keep the number of connections to a minimum when using pipelining or multiplexing protocols.

The effect thus becomes that with this option set, libcurl prefers to wait and re-use an existing connection for pipelining rather than the opposite: prefer to open a new connection rather than waiting.

The waiting time is as long as it takes for the connection to get up and for libcurl to get the necessary response back that informs it about its protocol and support level.

DEFAULT

0 (off)

PROTOCOLS

diff --git a/docs/libcurl/opts/CURLOPT_PIPEWAIT.pdf b/docs/libcurl/opts/CURLOPT_PIPEWAIT.pdf index ca1e192ab..1346af5bc 100644 Binary files a/docs/libcurl/opts/CURLOPT_PIPEWAIT.pdf and b/docs/libcurl/opts/CURLOPT_PIPEWAIT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PORT.pdf b/docs/libcurl/opts/CURLOPT_PORT.pdf index 05a03b41a..335231640 100644 Binary files a/docs/libcurl/opts/CURLOPT_PORT.pdf and b/docs/libcurl/opts/CURLOPT_PORT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_POST.pdf b/docs/libcurl/opts/CURLOPT_POST.pdf index 937f4a3ff..2bd3dca8d 100644 Binary files a/docs/libcurl/opts/CURLOPT_POST.pdf and b/docs/libcurl/opts/CURLOPT_POST.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_POSTFIELDS.3 b/docs/libcurl/opts/CURLOPT_POSTFIELDS.3 index f9f9eadc8..17ec2d76f 100644 --- a/docs/libcurl/opts/CURLOPT_POSTFIELDS.3 +++ b/docs/libcurl/opts/CURLOPT_POSTFIELDS.3 @@ -42,16 +42,15 @@ This POST is a normal application/x-www-form-urlencoded kind (and libcurl will set that Content-Type by default when this option is used), which is commonly used by HTML forms. Change Content-Type with \fICURLOPT_HTTPHEADER(3)\fP. -Using \fICURLOPT_POSTFIELDS(3)\fP implies \fICURLOPT_POST(3)\fP. - You can use \fIcurl_easy_escape(3)\fP to url-encode your data, if necessary. It returns a pointer to an encoded string that can be passed as \fIpostdata\fP. -If you want to do a zero-byte POST, you need to set -\fICURLOPT_POSTFIELDSIZE(3)\fP explicitly to zero, as simply setting -\fICURLOPT_POSTFIELDS(3)\fP to NULL or "" just effectively disables the -sending of the specified string. libcurl will instead assume that you'll send -the POST data using the read callback! +Using \fICURLOPT_POSTFIELDS(3)\fP implies \fICURLOPT_POST(3)\fP. + +If \fICURLOPT_POSTFIELDS(3)\fP is explicitly set to NULL then libcurl will get +the POST data from the read callback. If you want to send a zero-byte POST set +\fICURLOPT_POSTFIELDS(3)\fP to an empty string, or set \fICURLOPT_POST(3)\fP to +1 and \fICURLOPT_POSTFIELDSIZE(3)\fP to 0. Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header. You can disable this header with \fICURLOPT_HTTPHEADER(3)\fP as usual. diff --git a/docs/libcurl/opts/CURLOPT_POSTFIELDS.html b/docs/libcurl/opts/CURLOPT_POSTFIELDS.html index 98dd4c2d9..08a75fa0d 100644 --- a/docs/libcurl/opts/CURLOPT_POSTFIELDS.html +++ b/docs/libcurl/opts/CURLOPT_POSTFIELDS.html @@ -57,9 +57,9 @@ p.roffit {

Pass a char * as parameter, pointing to the full data to send in a HTTP POST operation. You must make sure that the data is formatted the way you want the server to receive it. libcurl will not convert or encode it for you in any way. For example, the web server may assume that this data is url-encoded.

The data pointed to is NOT copied by the library: as a consequence, it must be preserved by the calling application until the associated transfer finishes. This behaviour can be changed (so libcurl does copy the data) by setting the CURLOPT_COPYPOSTFIELDS option.

This POST is a normal application/x-www-form-urlencoded kind (and libcurl will set that Content-Type by default when this option is used), which is commonly used by HTML forms. Change Content-Type with CURLOPT_HTTPHEADER. -

Using CURLOPT_POSTFIELDS implies CURLOPT_POST.

You can use curl_easy_escape(3) to url-encode your data, if necessary. It returns a pointer to an encoded string that can be passed as postdata. -

If you want to do a zero-byte POST, you need to set CURLOPT_POSTFIELDSIZE explicitly to zero, as simply setting CURLOPT_POSTFIELDS to NULL or "" just effectively disables the sending of the specified string. libcurl will instead assume that you'll send the POST data using the read callback! +

Using CURLOPT_POSTFIELDS implies CURLOPT_POST. +

If CURLOPT_POSTFIELDS is explicitly set to NULL then libcurl will get the POST data from the read callback. If you want to send a zero-byte POST set CURLOPT_POSTFIELDS to an empty string, or set CURLOPT_POST to 1 and CURLOPT_POSTFIELDSIZE to 0.

Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header. You can disable this header with CURLOPT_HTTPHEADER as usual.

To make multipart/formdata posts (aka RFC 2388-posts), check out the CURLOPT_HTTPPOST option combined with curl_formadd(3).

DEFAULT

NULL

PROTOCOLS

diff --git a/docs/libcurl/opts/CURLOPT_POSTFIELDS.pdf b/docs/libcurl/opts/CURLOPT_POSTFIELDS.pdf index 01e6096fb..c00779a46 100644 Binary files a/docs/libcurl/opts/CURLOPT_POSTFIELDS.pdf and b/docs/libcurl/opts/CURLOPT_POSTFIELDS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.pdf b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.pdf index 6a27c2d53..0a3112abe 100644 Binary files a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.pdf and b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.pdf b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.pdf index 21228a430..d0d2ff371 100644 Binary files a/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.pdf and b/docs/libcurl/opts/CURLOPT_POSTFIELDSIZE_LARGE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_POSTQUOTE.pdf b/docs/libcurl/opts/CURLOPT_POSTQUOTE.pdf index e646a4123..a474613ad 100644 Binary files a/docs/libcurl/opts/CURLOPT_POSTQUOTE.pdf and b/docs/libcurl/opts/CURLOPT_POSTQUOTE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_POSTREDIR.pdf b/docs/libcurl/opts/CURLOPT_POSTREDIR.pdf index aa00bdbba..ddcdcb4fc 100644 Binary files a/docs/libcurl/opts/CURLOPT_POSTREDIR.pdf and b/docs/libcurl/opts/CURLOPT_POSTREDIR.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PREQUOTE.pdf b/docs/libcurl/opts/CURLOPT_PREQUOTE.pdf index 722990b5c..92219c79c 100644 Binary files a/docs/libcurl/opts/CURLOPT_PREQUOTE.pdf and b/docs/libcurl/opts/CURLOPT_PREQUOTE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PRIVATE.pdf b/docs/libcurl/opts/CURLOPT_PRIVATE.pdf index 77b6ee677..0a20daf2a 100644 Binary files a/docs/libcurl/opts/CURLOPT_PRIVATE.pdf and b/docs/libcurl/opts/CURLOPT_PRIVATE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROGRESSDATA.pdf b/docs/libcurl/opts/CURLOPT_PROGRESSDATA.pdf index 91e72e3da..c029c2429 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROGRESSDATA.pdf and b/docs/libcurl/opts/CURLOPT_PROGRESSDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.pdf index 949a4a20a..cb0c18be8 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROTOCOLS.pdf b/docs/libcurl/opts/CURLOPT_PROTOCOLS.pdf index 96b9ffe80..6e19e7245 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROTOCOLS.pdf and b/docs/libcurl/opts/CURLOPT_PROTOCOLS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXY.3 b/docs/libcurl/opts/CURLOPT_PROXY.3 index f6975bbd7..64b74faed 100644 --- a/docs/libcurl/opts/CURLOPT_PROXY.3 +++ b/docs/libcurl/opts/CURLOPT_PROXY.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -41,8 +41,7 @@ The proxy string may be prefixed with [scheme]:// to specify which kind of proxy is used. Use socks4://, socks4a://, socks5:// or socks5h:// (the last one to enable socks5 and asking the proxy to do the resolving, also known as \fICURLPROXY_SOCKS5_HOSTNAME\fP type) to request the specific SOCKS version to -be used. No protocol specified, http:// and all others will be treated as HTTP -proxies. +be used. No scheme specified or http://, will be treated as HTTP proxies. Without a scheme prefix, \fICURLOPT_PROXYTYPE(3)\fP can be used to specify which kind of proxy the string identifies. @@ -77,6 +76,9 @@ Since 7.14.1 the proxy environment variable names can include the protocol scheme. Since 7.21.7 the proxy string supports the socks protocols as "schemes". + +Since 7.50.2, unsupported schemes in proxy strings cause libcurl to return +error. .SH RETURN VALUE Returns CURLE_OK if proxies are supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. diff --git a/docs/libcurl/opts/CURLOPT_PROXY.html b/docs/libcurl/opts/CURLOPT_PROXY.html index bf4bc91cc..491b7be0c 100644 --- a/docs/libcurl/opts/CURLOPT_PROXY.html +++ b/docs/libcurl/opts/CURLOPT_PROXY.html @@ -56,7 +56,7 @@ p.roffit {

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY, char *proxy);

DESCRIPTION

Set the proxy to use for the upcoming request. The parameter should be a char * to a zero terminated string holding the host name or dotted numerical IP address. A numerical IPv6 address must be written within [brackets].

To specify port number in this string, append :[port] to the end of the host name. The proxy's port number may optionally be specified with the separate option CURLOPT_PROXYPORT. If not specified, libcurl will default to using port 1080 for proxies. -

The proxy string may be prefixed with [scheme]:// to specify which kind of proxy is used. Use socks4://, socks4a://, socks5:// or socks5h:// (the last one to enable socks5 and asking the proxy to do the resolving, also known as CURLPROXY_SOCKS5_HOSTNAME type) to request the specific SOCKS version to be used. No protocol specified, http:// and all others will be treated as HTTP proxies. +

The proxy string may be prefixed with [scheme]:// to specify which kind of proxy is used. Use socks4://, socks4a://, socks5:// or socks5h:// (the last one to enable socks5 and asking the proxy to do the resolving, also known as CURLPROXY_SOCKS5_HOSTNAME type) to request the specific SOCKS version to be used. No scheme specified or http://, will be treated as HTTP proxies.

Without a scheme prefix, CURLOPT_PROXYTYPE can be used to specify which kind of proxy the string identifies.

When you tell the library to use a HTTP proxy, libcurl will transparently convert operations to HTTP even if you specify an FTP URL etc. This may have an impact on what other features of the library you can use, such as CURLOPT_QUOTE and similar FTP specifics that don't work unless you tunnel through the HTTP proxy. Such tunneling is activated with CURLOPT_HTTPPROXYTUNNEL.

libcurl respects the environment variables http_proxy, ftp_proxy, all_proxy etc, if any of those are set. The CURLOPT_PROXY option does however override any possibly set environment variables. @@ -67,7 +67,8 @@ p.roffit {

All except file://. Note that some protocols don't do very well over proxy.

EXAMPLE

TODO

AVAILABILITY

Since 7.14.1 the proxy environment variable names can include the protocol scheme. -

Since 7.21.7 the proxy string supports the socks protocols as "schemes".

RETURN VALUE

+

Since 7.21.7 the proxy string supports the socks protocols as "schemes". +

Since 7.50.2, unsupported schemes in proxy strings cause libcurl to return error.

RETURN VALUE

Returns CURLE_OK if proxies are supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

SEE ALSO

CURLOPT_PROXYPORT, CURLOPT_HTTPPROXYTUNNEL, CURLOPT_PROXYTYPE

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_PROXY.pdf b/docs/libcurl/opts/CURLOPT_PROXY.pdf index 550e502bf..179a75e73 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXY.pdf and b/docs/libcurl/opts/CURLOPT_PROXY.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXYAUTH.pdf b/docs/libcurl/opts/CURLOPT_PROXYAUTH.pdf index 095484618..57e996ce8 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXYAUTH.pdf and b/docs/libcurl/opts/CURLOPT_PROXYAUTH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXYHEADER.pdf b/docs/libcurl/opts/CURLOPT_PROXYHEADER.pdf index f7377ab06..d3c0aa187 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXYHEADER.pdf and b/docs/libcurl/opts/CURLOPT_PROXYHEADER.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.pdf b/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.pdf index aa8969ebd..0d585a687 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.pdf and b/docs/libcurl/opts/CURLOPT_PROXYPASSWORD.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXYPORT.pdf b/docs/libcurl/opts/CURLOPT_PROXYPORT.pdf index 1bad809bf..7f4ee3f88 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXYPORT.pdf and b/docs/libcurl/opts/CURLOPT_PROXYPORT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXYTYPE.3 b/docs/libcurl/opts/CURLOPT_PROXYTYPE.3 index 2177c7cb2..d2d924257 100644 --- a/docs/libcurl/opts/CURLOPT_PROXYTYPE.3 +++ b/docs/libcurl/opts/CURLOPT_PROXYTYPE.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -33,7 +33,7 @@ this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_HTTP_1_0\fP \fICURLPROXY_SOCKS4\fP, \fICURLPROXY_SOCKS5\fP, \fICURLPROXY_SOCKS4A\fP and \fICURLPROXY_SOCKS5_HOSTNAME\fP. The HTTP type is default. -If you set \fBCURLOPT_PROXYTYPE(3)\fP to \fICURLPROXY_HTTP_1_0\fP, it will +If you set \fICURLOPT_PROXYTYPE(3)\fP to \fICURLPROXY_HTTP_1_0\fP, it will only affect how libcurl speaks to a proxy when CONNECT is used. The HTTP version used for "regular" HTTP requests is instead controlled with \fICURLOPT_HTTP_VERSION(3)\fP. diff --git a/docs/libcurl/opts/CURLOPT_PROXYTYPE.html b/docs/libcurl/opts/CURLOPT_PROXYTYPE.html index 8483ece2e..c3edf6571 100644 --- a/docs/libcurl/opts/CURLOPT_PROXYTYPE.html +++ b/docs/libcurl/opts/CURLOPT_PROXYTYPE.html @@ -55,7 +55,7 @@ p.roffit {

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXYTYPE, long type);

DESCRIPTION

Pass a long with this option to set type of the proxy. Available options for this are CURLPROXY_HTTP, CURLPROXY_HTTP_1_0 CURLPROXY_SOCKS4, CURLPROXY_SOCKS5, CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME. The HTTP type is default. -

If you set CURLOPT_PROXYTYPE to CURLPROXY_HTTP_1_0, it will only affect how libcurl speaks to a proxy when CONNECT is used. The HTTP version used for "regular" HTTP requests is instead controlled with CURLOPT_HTTP_VERSION. +

If you set CURLOPT_PROXYTYPE to CURLPROXY_HTTP_1_0, it will only affect how libcurl speaks to a proxy when CONNECT is used. The HTTP version used for "regular" HTTP requests is instead controlled with CURLOPT_HTTP_VERSION.

Often it is more convenient to specify the proxy type with the scheme part of the CURLOPT_PROXY string.

DEFAULT

CURLPROXY_HTTP

PROTOCOLS

Most

EXAMPLE

diff --git a/docs/libcurl/opts/CURLOPT_PROXYTYPE.pdf b/docs/libcurl/opts/CURLOPT_PROXYTYPE.pdf index e74a329ab..255af3955 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXYTYPE.pdf and b/docs/libcurl/opts/CURLOPT_PROXYTYPE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3 b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3 index 592bd040e..0d7a241fb 100644 --- a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3 +++ b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -33,7 +33,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXYUSERNAME, Pass a char * as parameter, which should be pointing to the zero terminated user name to use for the transfer. -\fBCURLOPT_PROXYUSERNAME(3)\fP sets the user name to be used in protocol +\fICURLOPT_PROXYUSERNAME(3)\fP sets the user name to be used in protocol authentication with the proxy. To specify the proxy password use the \fICURLOPT_PROXYPASSWORD(3)\fP. diff --git a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.html b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.html index 21667f5c4..5c73dccfd 100644 --- a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.html +++ b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.html @@ -60,7 +60,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXYUSERNAME,

DESCRIPTION

Pass a char * as parameter, which should be pointing to the zero terminated user name to use for the transfer. -

CURLOPT_PROXYUSERNAME sets the user name to be used in protocol authentication with the proxy. +

CURLOPT_PROXYUSERNAME sets the user name to be used in protocol authentication with the proxy.

To specify the proxy password use the CURLOPT_PROXYPASSWORD.

DEFAULT

blank

PROTOCOLS

Most

EXAMPLE

diff --git a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.pdf b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.pdf index 9a8bbc5d2..1fb2d5b95 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.pdf and b/docs/libcurl/opts/CURLOPT_PROXYUSERNAME.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.pdf b/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.pdf index fdb8d9d95..3de48f5a2 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.pdf and b/docs/libcurl/opts/CURLOPT_PROXYUSERPWD.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 index b9358569a..a010382fd 100644 --- a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 +++ b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -22,22 +22,23 @@ .\" .TH CURLOPT_PROXY_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options" .SH NAME -CURLOPT_PROXY_SERVICE_NAME \- proxy service name +CURLOPT_PROXY_SERVICE_NAME \- proxy authentication service name .SH SYNOPSIS #include CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SERVICE_NAME, char *name); .SH DESCRIPTION Pass a char * as parameter to a string holding the \fIname\fP of the -service. The default service name is "HTTP". This option allows you to change it. +service. The default service name is "HTTP" for HTTP based proxies and "rcmd" +for SOCKS5. This option allows you to change it. .SH DEFAULT See above .SH PROTOCOLS -Most +All network protocols .SH EXAMPLE TODO .SH AVAILABILITY -Added in 7.43.0 +Added in 7.43.0 for HTTP proxies, 7.49.0 for SOCKS5 proxies. .SH RETURN VALUE Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.html b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.html index 3a88cecad..1b561c2ed 100644 --- a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.html +++ b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.html @@ -51,14 +51,14 @@ p.roffit {

NAME

-

CURLOPT_PROXY_SERVICE_NAME - proxy service name

SYNOPSIS

+

CURLOPT_PROXY_SERVICE_NAME - proxy authentication service name

SYNOPSIS

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SERVICE_NAME, char *name);

DESCRIPTION

-

Pass a char * as parameter to a string holding the name of the service. The default service name is "HTTP". This option allows you to change it.

DEFAULT

+

Pass a char * as parameter to a string holding the name of the service. The default service name is "HTTP" for HTTP based proxies and "rcmd" for SOCKS5. This option allows you to change it.

DEFAULT

See above

PROTOCOLS

-

Most

EXAMPLE

+

All network protocols

EXAMPLE

TODO

AVAILABILITY

-

Added in 7.43.0

RETURN VALUE

+

Added in 7.43.0 for HTTP proxies, 7.49.0 for SOCKS5 proxies.

RETURN VALUE

Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

SEE ALSO

CURLOPT_PROXY, CURLOPT_PROXYTYPE

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.pdf b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.pdf index 95731dd50..b55778c76 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.pdf and b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.pdf b/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.pdf index 06bd62f51..8778a20d4 100644 Binary files a/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.pdf and b/docs/libcurl/opts/CURLOPT_PROXY_TRANSFER_MODE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_PUT.pdf b/docs/libcurl/opts/CURLOPT_PUT.pdf index 2a4c90889..e0b8fae00 100644 Binary files a/docs/libcurl/opts/CURLOPT_PUT.pdf and b/docs/libcurl/opts/CURLOPT_PUT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_QUOTE.3 b/docs/libcurl/opts/CURLOPT_QUOTE.3 index 0b23af680..4dce76df3 100644 --- a/docs/libcurl/opts/CURLOPT_QUOTE.3 +++ b/docs/libcurl/opts/CURLOPT_QUOTE.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -69,6 +69,9 @@ The rm command removes the file specified by the file operand. .IP "rmdir directory" The rmdir command removes the directory entry specified by the directory operand, provided it is empty. +.IP "statvfs file" +The statvfs command returns statistics on the file system in which specified +file resides. (Added in 7.49.0) .IP "symlink source_file target_file" See ln. .RE diff --git a/docs/libcurl/opts/CURLOPT_QUOTE.html b/docs/libcurl/opts/CURLOPT_QUOTE.html index ee17b0d90..b1858f595 100644 --- a/docs/libcurl/opts/CURLOPT_QUOTE.html +++ b/docs/libcurl/opts/CURLOPT_QUOTE.html @@ -76,6 +76,8 @@ p.roffit {

The rm command removes the file specified by the file operand.

rmdir directory

The rmdir command removes the directory entry specified by the directory operand, provided it is empty. +

statvfs file +

The statvfs command returns statistics on the file system in which specified file resides. (Added in 7.49.0)

symlink source_file target_file

See ln.

DEFAULT

diff --git a/docs/libcurl/opts/CURLOPT_QUOTE.pdf b/docs/libcurl/opts/CURLOPT_QUOTE.pdf index 4e104e5e6..79933de1a 100644 Binary files a/docs/libcurl/opts/CURLOPT_QUOTE.pdf and b/docs/libcurl/opts/CURLOPT_QUOTE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RANDOM_FILE.pdf b/docs/libcurl/opts/CURLOPT_RANDOM_FILE.pdf index cf5916b05..e5a8b5f48 100644 Binary files a/docs/libcurl/opts/CURLOPT_RANDOM_FILE.pdf and b/docs/libcurl/opts/CURLOPT_RANDOM_FILE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RANGE.3 b/docs/libcurl/opts/CURLOPT_RANGE.3 index 6d80a21b3..375a944c6 100644 --- a/docs/libcurl/opts/CURLOPT_RANGE.3 +++ b/docs/libcurl/opts/CURLOPT_RANGE.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -36,8 +36,8 @@ HTTP transfers also support several intervals, separated with commas as in \fI"X-Y,N-M"\fP. Using this kind of multiple intervals will cause the HTTP server to send the response document in pieces (using standard MIME separation techniques). Unfortunately, the HTTP standard (RFC 7233 section 3.1) allows -servers to ignore range requests so even when you set \fICURLOPT_RANGE\fP for -a request, you may end up getting the full response sent back. +servers to ignore range requests so even when you set \fICURLOPT_RANGE(3)\fP +for a request, you may end up getting the full response sent back. For RTSP, the formatting of a range should follow RFC2326 Section 12.29. For RTSP, byte ranges are \fBnot\fP permitted. Instead, ranges should be given in diff --git a/docs/libcurl/opts/CURLOPT_RANGE.html b/docs/libcurl/opts/CURLOPT_RANGE.html index 6c0478319..c0720427c 100644 --- a/docs/libcurl/opts/CURLOPT_RANGE.html +++ b/docs/libcurl/opts/CURLOPT_RANGE.html @@ -55,7 +55,7 @@ p.roffit {

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_RANGE, char *range);

DESCRIPTION

Pass a char * as parameter, which should contain the specified range you want to retrieve. It should be in the format "X-Y", where either X or Y may be left out and X and Y are byte indexes. -

HTTP transfers also support several intervals, separated with commas as in "X-Y,N-M". Using this kind of multiple intervals will cause the HTTP server to send the response document in pieces (using standard MIME separation techniques). Unfortunately, the HTTP standard (RFC 7233 section 3.1) allows servers to ignore range requests so even when you set CURLOPT_RANGE for a request, you may end up getting the full response sent back. +

HTTP transfers also support several intervals, separated with commas as in "X-Y,N-M". Using this kind of multiple intervals will cause the HTTP server to send the response document in pieces (using standard MIME separation techniques). Unfortunately, the HTTP standard (RFC 7233 section 3.1) allows servers to ignore range requests so even when you set CURLOPT_RANGE for a request, you may end up getting the full response sent back.

For RTSP, the formatting of a range should follow RFC 2326 Section 12.29. For RTSP, byte ranges are not permitted. Instead, ranges should be given in npt, utc, or smpte formats.

Pass a NULL to this option to disable the use of ranges.

DEFAULT

NULL

PROTOCOLS

diff --git a/docs/libcurl/opts/CURLOPT_RANGE.pdf b/docs/libcurl/opts/CURLOPT_RANGE.pdf index c728ae372..1b9f084ba 100644 Binary files a/docs/libcurl/opts/CURLOPT_RANGE.pdf and b/docs/libcurl/opts/CURLOPT_RANGE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_READDATA.3 b/docs/libcurl/opts/CURLOPT_READDATA.3 index 51a0390bc..ef51264c6 100644 --- a/docs/libcurl/opts/CURLOPT_READDATA.3 +++ b/docs/libcurl/opts/CURLOPT_READDATA.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -56,8 +56,8 @@ if(curl) { } .fi .SH AVAILABILITY -This option was once known by the older name \fICURLOPT_INFILE\fP, the name -\fICURLOPT_READDATA\fP was introduced in 7.9.7. +This option was once known by the older name CURLOPT_INFILE, the name +\fICURLOPT_READDATA(3)\fP was introduced in 7.9.7. .SH RETURN VALUE This will return CURLE_OK. .SH "SEE ALSO" diff --git a/docs/libcurl/opts/CURLOPT_READDATA.html b/docs/libcurl/opts/CURLOPT_READDATA.html index 2c3438e38..3db38bfc7 100644 --- a/docs/libcurl/opts/CURLOPT_READDATA.html +++ b/docs/libcurl/opts/CURLOPT_READDATA.html @@ -74,7 +74,7 @@ if(curl) {

AVAILABILITY

-

This option was once known by the older name CURLOPT_INFILE, the name CURLOPT_READDATA was introduced in 7.9.7.

RETURN VALUE

+

This option was once known by the older name CURLOPT_INFILE, the name CURLOPT_READDATA was introduced in 7.9.7.

RETURN VALUE

This will return CURLE_OK.

SEE ALSO

CURLOPT_READFUNCTION, CURLOPT_WRITEDATA

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_READDATA.pdf b/docs/libcurl/opts/CURLOPT_READDATA.pdf index 251c5488f..f321b2876 100644 Binary files a/docs/libcurl/opts/CURLOPT_READDATA.pdf and b/docs/libcurl/opts/CURLOPT_READDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_READFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_READFUNCTION.pdf index f1b971e54..36d279284 100644 Binary files a/docs/libcurl/opts/CURLOPT_READFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_READFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.pdf b/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.pdf index 592c38020..f52200ae4 100644 Binary files a/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.pdf and b/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_REFERER.pdf b/docs/libcurl/opts/CURLOPT_REFERER.pdf index aa1f920e4..566cbb3dc 100644 Binary files a/docs/libcurl/opts/CURLOPT_REFERER.pdf and b/docs/libcurl/opts/CURLOPT_REFERER.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RESOLVE.3 b/docs/libcurl/opts/CURLOPT_RESOLVE.3 index a4da9b5a7..21027d4c0 100644 --- a/docs/libcurl/opts/CURLOPT_RESOLVE.3 +++ b/docs/libcurl/opts/CURLOPT_RESOLVE.3 @@ -45,13 +45,16 @@ ADDRESS can of course be either IPv4 or IPv6 style addressing. This option effectively pre-populates the DNS cache with entries for the host+port pair so redirects and everything that operations against the HOST+PORT will instead use your provided ADDRESS. Addresses set with -\fICURL_RESOLVE\fP will not time-out from the DNS cache like ordinary entries. +\fICURLOPT_RESOLVE(3)\fP will not time-out from the DNS cache like ordinary +entries. + +The provided ADDRESS set by this option will be used even if +\fICURLOPT_IPRESOLVE(3)\fP is set to make libcurl use another IP version. Remove names from the DNS cache again, to stop providing these fake resolves, by including a string in the linked list that uses the format \&"-HOST:PORT". The host name must be prefixed with a dash, and the host name -and port number must exactly match what was already added previously. (Added -in 7.42.0) +and port number must exactly match what was already added previously. .SH DEFAULT NULL .SH PROTOCOLS @@ -66,7 +69,8 @@ curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_RESOLVE, host); curl_easy_setopt(curl, CURLOPT_URL, "http://example.com"); - res = curl_easy_perform(curl); + + curl_easy_perform(curl); /* always cleanup */ curl_easy_cleanup(curl); @@ -79,4 +83,4 @@ Added in 7.21.3. Removal support added in 7.42.0. .SH RETURN VALUE Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. .SH "SEE ALSO" -.BR CURLOPT_IPRESOLVE "(3), " CURLOPT_DNS_CACHE_TIMEOUT "(3), " +.BR CURLOPT_IPRESOLVE "(3), " CURLOPT_DNS_CACHE_TIMEOUT "(3), " CURLOPT_CONNECT_TO "(3), " diff --git a/docs/libcurl/opts/CURLOPT_RESOLVE.html b/docs/libcurl/opts/CURLOPT_RESOLVE.html index 62451c3f7..958134f49 100644 --- a/docs/libcurl/opts/CURLOPT_RESOLVE.html +++ b/docs/libcurl/opts/CURLOPT_RESOLVE.html @@ -61,8 +61,9 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_RESOLVE,

DESCRIPTION

Pass a pointer to a linked list of strings with host name resolve information to use for requests with this handle. The linked list should be a fully valid list of struct curl_slist structs properly filled in. Use curl_slist_append(3) to create the list and curl_slist_free_all(3) to clean up an entire list.

Each single name resolve string should be written using the format HOST:PORT:ADDRESS where HOST is the name libcurl will try to resolve, PORT is the port number of the service where libcurl wants to connect to the HOST and ADDRESS is the numerical IP address. If libcurl is built to support IPv6, ADDRESS can of course be either IPv4 or IPv6 style addressing. -

This option effectively pre-populates the DNS cache with entries for the host+port pair so redirects and everything that operations against the HOST+PORT will instead use your provided ADDRESS. Addresses set with CURL_RESOLVE will not time-out from the DNS cache like ordinary entries. -

Remove names from the DNS cache again, to stop providing these fake resolves, by including a string in the linked list that uses the format "-HOST:PORT". The host name must be prefixed with a dash, and the host name and port number must exactly match what was already added previously. (Added in 7.42.0)

DEFAULT

+

This option effectively pre-populates the DNS cache with entries for the host+port pair so redirects and everything that operations against the HOST+PORT will instead use your provided ADDRESS. Addresses set with CURLOPT_RESOLVE will not time-out from the DNS cache like ordinary entries. +

The provided ADDRESS set by this option will be used even if CURLOPT_IPRESOLVE is set to make libcurl use another IP version. +

Remove names from the DNS cache again, to stop providing these fake resolves, by including a string in the linked list that uses the format "-HOST:PORT". The host name must be prefixed with a dash, and the host name and port number must exactly match what was already added previously.

DEFAULT

NULL

PROTOCOLS

All

EXAMPLE

@@ -74,7 +75,8 @@ curl = curl_easy_init();
 if(curl) {
   curl_easy_setopt(curl, CURLOPT_RESOLVE, host);
   curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
-  res = curl_easy_perform(curl);
+ 
+  curl_easy_perform(curl);
  
   /* always cleanup */
   curl_easy_cleanup(curl);
@@ -86,6 +88,6 @@ curl_slist_free_all(host);
 

AVAILABILITY

Added in 7.21.3. Removal support added in 7.42.0.

RETURN VALUE

Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

-

CURLOPT_IPRESOLVE, CURLOPT_DNS_CACHE_TIMEOUT

+

CURLOPT_IPRESOLVE, CURLOPT_DNS_CACHE_TIMEOUT, CURLOPT_CONNECT_TO

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_RESOLVE.pdf b/docs/libcurl/opts/CURLOPT_RESOLVE.pdf index 02e4a51a4..3565e35a3 100644 Binary files a/docs/libcurl/opts/CURLOPT_RESOLVE.pdf and b/docs/libcurl/opts/CURLOPT_RESOLVE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RESUME_FROM.pdf b/docs/libcurl/opts/CURLOPT_RESUME_FROM.pdf index 82c023e46..aae22b945 100644 Binary files a/docs/libcurl/opts/CURLOPT_RESUME_FROM.pdf and b/docs/libcurl/opts/CURLOPT_RESUME_FROM.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RESUME_FROM_LARGE.pdf b/docs/libcurl/opts/CURLOPT_RESUME_FROM_LARGE.pdf index 6547f35b9..d3ee2effd 100644 Binary files a/docs/libcurl/opts/CURLOPT_RESUME_FROM_LARGE.pdf and b/docs/libcurl/opts/CURLOPT_RESUME_FROM_LARGE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.pdf b/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.pdf index 63a9e6525..8107c7520 100644 Binary files a/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.pdf and b/docs/libcurl/opts/CURLOPT_RTSP_CLIENT_CSEQ.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.pdf b/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.pdf index ca171b0c3..2942e30c4 100644 Binary files a/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.pdf and b/docs/libcurl/opts/CURLOPT_RTSP_REQUEST.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.pdf b/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.pdf index 9c551466c..1d61d010b 100644 Binary files a/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.pdf and b/docs/libcurl/opts/CURLOPT_RTSP_SERVER_CSEQ.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.pdf b/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.pdf index de2d2c78d..b7eed80eb 100644 Binary files a/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.pdf and b/docs/libcurl/opts/CURLOPT_RTSP_SESSION_ID.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3 b/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3 index 8e58c7e9d..1abb61f6d 100644 --- a/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3 +++ b/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -34,10 +34,10 @@ single session may be controlling \fIrtsp://foo/twister/audio\fP and appropriate stream using this option. If unset, libcurl will default to operating on generic server options by passing '*' in the place of the RTSP Stream URI. This option is distinct from \fICURLOPT_URL(3)\fP. When working -with RTSP, the \fICURLOPT_STREAM_URI(3)\fP indicates what URL to send to the -server in the request header while the \fICURLOPT_URL(3)\fP indicates where to -make the connection to. (e.g. the \fICURLOPT_URL(3)\fP for the above examples -might be set to \fIrtsp://foo/twister\fP +with RTSP, the \fICURLOPT_RTSP_STREAM_URI(3)\fP indicates what URL to send to +the server in the request header while the \fICURLOPT_URL(3)\fP indicates +where to make the connection to. (e.g. the \fICURLOPT_URL(3)\fP for the above +examples might be set to \fIrtsp://foo/twister\fP .SH DEFAULT '*' .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.html b/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.html index 19e1d55c9..11c83a7c4 100644 --- a/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.html +++ b/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.html @@ -54,7 +54,7 @@ p.roffit {

CURLOPT_RTSP_STREAM_URI - set RTSP stream URI

SYNOPSIS

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_RTSP_STREAM_URI, char *URI);

DESCRIPTION

-

Set the stream URI to operate on by passing a char * . For example, a single session may be controlling rtsp://foo/twister/audio and rtsp://foo/twister/video and the application can switch to the appropriate stream using this option. If unset, libcurl will default to operating on generic server options by passing '*' in the place of the RTSP Stream URI. This option is distinct from CURLOPT_URL. When working with RTSP, the CURLOPT_STREAM_URI(3) indicates what URL to send to the server in the request header while the CURLOPT_URL indicates where to make the connection to. (e.g. the CURLOPT_URL for the above examples might be set to rtsp://foo/twister

DEFAULT

+

Set the stream URI to operate on by passing a char * . For example, a single session may be controlling rtsp://foo/twister/audio and rtsp://foo/twister/video and the application can switch to the appropriate stream using this option. If unset, libcurl will default to operating on generic server options by passing '*' in the place of the RTSP Stream URI. This option is distinct from CURLOPT_URL. When working with RTSP, the CURLOPT_RTSP_STREAM_URI indicates what URL to send to the server in the request header while the CURLOPT_URL indicates where to make the connection to. (e.g. the CURLOPT_URL for the above examples might be set to rtsp://foo/twister

DEFAULT

'*'

PROTOCOLS

RTSP

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.pdf b/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.pdf index 9c7dabed6..7234f7f18 100644 Binary files a/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.pdf and b/docs/libcurl/opts/CURLOPT_RTSP_STREAM_URI.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.pdf b/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.pdf index 4e8564a14..d1082a223 100644 Binary files a/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.pdf and b/docs/libcurl/opts/CURLOPT_RTSP_TRANSPORT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SASL_IR.pdf b/docs/libcurl/opts/CURLOPT_SASL_IR.pdf index f666c2a75..1cf64882d 100644 Binary files a/docs/libcurl/opts/CURLOPT_SASL_IR.pdf and b/docs/libcurl/opts/CURLOPT_SASL_IR.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SEEKDATA.pdf b/docs/libcurl/opts/CURLOPT_SEEKDATA.pdf index 97f15db87..00651421a 100644 Binary files a/docs/libcurl/opts/CURLOPT_SEEKDATA.pdf and b/docs/libcurl/opts/CURLOPT_SEEKDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.pdf index a22589e2b..c73581784 100644 Binary files a/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_SEEKFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 index d7ef500e9..b9f491b03 100644 --- a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 +++ b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -22,23 +22,24 @@ .\" .TH CURLOPT_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options" .SH NAME -CURLOPT_SERVICE_NAME \- SPNEGO service name +CURLOPT_SERVICE_NAME \- authentication service name .SH SYNOPSIS #include CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVICE_NAME, char *name); .SH DESCRIPTION -Pass a char * as parameter to a string holding the \fIname\fP of the -service. The default service name is "HTTP". This option allows you to -change it. +Pass a char * as parameter to a string holding the \fIname\fP of the service +for DIGEST-MD5, SPNEGO and Kerberos 5 authentication mechanisms. The default +service names are "ftp", "HTTP", "imap", "pop" and "smtp". This option allows +you to change them. .SH DEFAULT See above .SH PROTOCOLS -Most +HTTP, FTP, IMAP, POP and SMTP .SH EXAMPLE TODO .SH AVAILABILITY -Added in 7.43.0 +Added in 7.43.0 for HTTP, 7.49.0 for FTP, IMAP, POP3 and SMTP. .SH RETURN VALUE Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. diff --git a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.html b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.html index 3b20c9b9c..02ddcbaa2 100644 --- a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.html +++ b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.html @@ -51,14 +51,14 @@ p.roffit {

NAME

-

CURLOPT_SERVICE_NAME - SPNEGO service name

SYNOPSIS

+

CURLOPT_SERVICE_NAME - authentication service name

SYNOPSIS

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVICE_NAME, char *name);

DESCRIPTION

-

Pass a char * as parameter to a string holding the name of the service. The default service name is "HTTP". This option allows you to change it.

DEFAULT

+

Pass a char * as parameter to a string holding the name of the service for DIGEST-MD5, SPNEGO and Kerberos 5 authentication mechanisms. The default service names are "ftp", "HTTP", "imap", "pop" and "smtp". This option allows you to change them.

DEFAULT

See above

PROTOCOLS

-

Most

EXAMPLE

+

HTTP, FTP, IMAP, POP and SMTP

EXAMPLE

TODO

AVAILABILITY

-

Added in 7.43.0

RETURN VALUE

+

Added in 7.43.0 for HTTP, 7.49.0 for FTP, IMAP, POP3 and SMTP.

RETURN VALUE

Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

SEE ALSO

CURLOPT_PROXY, CURLOPT_PROXYTYPE

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.pdf b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.pdf index 95f9a0143..70962a914 100644 Binary files a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.pdf and b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SHARE.pdf b/docs/libcurl/opts/CURLOPT_SHARE.pdf index e6f3e3fb9..e984c51ca 100644 Binary files a/docs/libcurl/opts/CURLOPT_SHARE.pdf and b/docs/libcurl/opts/CURLOPT_SHARE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.pdf b/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.pdf index c1ace7ce4..04e0b6262 100644 Binary files a/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.pdf and b/docs/libcurl/opts/CURLOPT_SOCKOPTDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.pdf index f6daed55c..ec0bc583a 100644 Binary files a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.pdf b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.pdf index b6fee55b5..e4a429803 100644 Binary files a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.pdf and b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_NEC.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 index 784d16857..440f0894f 100644 --- a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 +++ b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -22,23 +22,25 @@ .\" .TH CURLOPT_SOCKS5_GSSAPI_SERVICE 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" .SH NAME -CURLOPT_SOCKS5_GSSAPI_SERVICE \- proxy socks gssapi service name +CURLOPT_SOCKS5_GSSAPI_SERVICE \- SOCKS5 proxy authentication service name .SH SYNOPSIS #include CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SOCKS5_GSSAPI_SERVICE, char *name); .SH DESCRIPTION -Pass a char * as parameter to a string holding the \fIname\fP of the -service. The default service name for a SOCKS5 server is -rcmd/server-fqdn. This option allows you to change it. +Deprecated since 7.49.0. Use \fICURLOPT_PROXY_SERVICE_NAME(3)\fP instead. + +Pass a char * as parameter to a string holding the \fIname\fP of the service. +The default service name for a SOCKS5 server is "rcmd". This option allows you +to change it. .SH DEFAULT See above .SH PROTOCOLS -Most +All network protocols .SH EXAMPLE TODO .SH AVAILABILITY -Added in 7.19.4 +Added in 7.19.4, deprecated in 7.49.0 .SH RETURN VALUE Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.html b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.html index d48a698db..a71de57fd 100644 --- a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.html +++ b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.html @@ -51,14 +51,15 @@ p.roffit {

NAME

-

CURLOPT_SOCKS5_GSSAPI_SERVICE - proxy socks gssapi service name

SYNOPSIS

+

CURLOPT_SOCKS5_GSSAPI_SERVICE - SOCKS5 proxy authentication service name

SYNOPSIS

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SOCKS5_GSSAPI_SERVICE, char *name);

DESCRIPTION

-

Pass a char * as parameter to a string holding the name of the service. The default service name for a SOCKS5 server is rcmd/server-fqdn. This option allows you to change it.

DEFAULT

+

Deprecated since 7.49.0. Use CURLOPT_PROXY_SERVICE_NAME instead. +

Pass a char * as parameter to a string holding the name of the service. The default service name for a SOCKS5 server is "rcmd". This option allows you to change it.

DEFAULT

See above

PROTOCOLS

-

Most

EXAMPLE

+

All network protocols

EXAMPLE

TODO

AVAILABILITY

-

Added in 7.19.4

RETURN VALUE

+

Added in 7.19.4, deprecated in 7.49.0

RETURN VALUE

Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

SEE ALSO

CURLOPT_PROXY, CURLOPT_PROXYTYPE

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf index 7a3184101..eae9cb009 100644 Binary files a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf and b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.pdf b/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.pdf index 41b4ba6fd..02a5476de 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.pdf and b/docs/libcurl/opts/CURLOPT_SSH_AUTH_TYPES.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf b/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf index 81e278ca2..7d0dc68a9 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf and b/docs/libcurl/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.pdf b/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.pdf index 6a996d77b..d260654b3 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.pdf and b/docs/libcurl/opts/CURLOPT_SSH_KEYDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.pdf index 4ac6f7d69..4d1e0f7c3 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.pdf b/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.pdf index 72c272d38..1f2b7778c 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.pdf and b/docs/libcurl/opts/CURLOPT_SSH_KNOWNHOSTS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.pdf b/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.pdf index 357f001f3..a709701f8 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.pdf and b/docs/libcurl/opts/CURLOPT_SSH_PRIVATE_KEYFILE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.pdf b/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.pdf index 298c669a4..dfd48e9cd 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.pdf and b/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSLCERT.pdf b/docs/libcurl/opts/CURLOPT_SSLCERT.pdf index cd2b00ac1..bfd5555b2 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSLCERT.pdf and b/docs/libcurl/opts/CURLOPT_SSLCERT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.pdf b/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.pdf index 917ac6321..de80b1bd1 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.pdf and b/docs/libcurl/opts/CURLOPT_SSLCERTTYPE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSLENGINE.pdf b/docs/libcurl/opts/CURLOPT_SSLENGINE.pdf index 0df2a7264..53c0f96c5 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSLENGINE.pdf and b/docs/libcurl/opts/CURLOPT_SSLENGINE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 index 2fe7aed10..0cd8d225a 100644 --- a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 +++ b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -31,7 +31,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLENGINE_DEFAULT, long val); Pass a long set to 1 to make the already specified crypto engine the default for (asymmetric) crypto operations. -This option has no effect unless set after \fICURLOPT_SSLENGINE\fP. +This option has no effect unless set after \fICURLOPT_SSLENGINE(3)\fP. .SH DEFAULT None .SH PROTOCOLS diff --git a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.html b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.html index 3bcdf1674..e94aa3dda 100644 --- a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.html +++ b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.html @@ -55,7 +55,7 @@ p.roffit {

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLENGINE_DEFAULT, long val);

DESCRIPTION

Pass a long set to 1 to make the already specified crypto engine the default for (asymmetric) crypto operations. -

This option has no effect unless set after CURLOPT_SSLENGINE.

DEFAULT

+

This option has no effect unless set after CURLOPT_SSLENGINE.

DEFAULT

None

PROTOCOLS

All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.pdf b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.pdf index a852e87b7..917eddbc9 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.pdf and b/docs/libcurl/opts/CURLOPT_SSLENGINE_DEFAULT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSLKEY.pdf b/docs/libcurl/opts/CURLOPT_SSLKEY.pdf index b52cdb910..9ddb615e7 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSLKEY.pdf and b/docs/libcurl/opts/CURLOPT_SSLKEY.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.pdf b/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.pdf index a9c46f0f2..35546f4e0 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.pdf and b/docs/libcurl/opts/CURLOPT_SSLKEYTYPE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSLVERSION.pdf b/docs/libcurl/opts/CURLOPT_SSLVERSION.pdf index be3755431..de9616620 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSLVERSION.pdf and b/docs/libcurl/opts/CURLOPT_SSLVERSION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.pdf b/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.pdf index ea3c453e1..5eac8bc2e 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.pdf and b/docs/libcurl/opts/CURLOPT_SSL_CIPHER_LIST.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.pdf b/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.pdf index 1b3a93264..ff7203e08 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.pdf and b/docs/libcurl/opts/CURLOPT_SSL_CTX_DATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.pdf b/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.pdf index cda97e05d..eebc0638f 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_SSL_CTX_FUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.pdf b/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.pdf index ca96c8e47..321aeb61c 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.pdf and b/docs/libcurl/opts/CURLOPT_SSL_ENABLE_ALPN.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.pdf b/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.pdf index 00752a1d3..b4d26fbdd 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.pdf and b/docs/libcurl/opts/CURLOPT_SSL_ENABLE_NPN.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.pdf b/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.pdf index 120af1412..f5c41814a 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.pdf and b/docs/libcurl/opts/CURLOPT_SSL_FALSESTART.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.pdf b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.pdf index 9f666c5ab..faf0f88f7 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.pdf and b/docs/libcurl/opts/CURLOPT_SSL_OPTIONS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.pdf b/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.pdf index f5413de8a..1e07e161f 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.pdf and b/docs/libcurl/opts/CURLOPT_SSL_SESSIONID_CACHE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.pdf b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.pdf index d546d5b37..4fe09f63e 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.pdf and b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.pdf b/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.pdf index 75c3948ed..333dd529e 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.pdf and b/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.pdf b/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.pdf index 59d4aa604..6fbb5259e 100644 Binary files a/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.pdf and b/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_STDERR.pdf b/docs/libcurl/opts/CURLOPT_STDERR.pdf index 0bcf637fe..f8d73159f 100644 Binary files a/docs/libcurl/opts/CURLOPT_STDERR.pdf and b/docs/libcurl/opts/CURLOPT_STDERR.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.pdf b/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.pdf index 901e85575..682c3fc72 100644 Binary files a/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.pdf and b/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.pdf b/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.pdf index 7f626092e..2caf05207 100644 Binary files a/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.pdf and b/docs/libcurl/opts/CURLOPT_STREAM_DEPENDS_E.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.pdf b/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.pdf index 5f3428efc..e823c441c 100644 Binary files a/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.pdf and b/docs/libcurl/opts/CURLOPT_STREAM_WEIGHT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3 b/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3 new file mode 100644 index 000000000..f8f934384 --- /dev/null +++ b/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.3 @@ -0,0 +1,47 @@ +.\" ************************************************************************** +.\" * _ _ ____ _ +.\" * Project ___| | | | _ \| | +.\" * / __| | | | |_) | | +.\" * | (__| |_| | _ <| |___ +.\" * \___|\___/|_| \_\_____| +.\" * +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. +.\" * +.\" * This software is licensed as described in the file COPYING, which +.\" * you should have received as part of this distribution. The terms +.\" * are also available at https://curl.haxx.se/docs/copyright.html. +.\" * +.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell +.\" * copies of the Software, and permit persons to whom the Software is +.\" * furnished to do so, under the terms of the COPYING file. +.\" * +.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY +.\" * KIND, either express or implied. +.\" * +.\" ************************************************************************** +.\" +.TH CURLOPT_TCP_FASTOPEN 3 "16 Feb 2016" "libcurl 7.49.0" "curl_easy_setopt options" +.SH NAME +CURLOPT_TCP_FASTOPEN \- enable TCP Fast Open +.SH SYNOPSIS +#include + +CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TCP_FASTOPEN, long enable); +.SH DESCRIPTION +Pass a long as parameter set to 1 to enable or 0 to disable. + +TCP Fast Open (RFC7413) is a mechanism that allows data to be carried in the +SYN and SYN-ACK packets and consumed by the receiving end during the initial +connection handshake, saving up to one full round-trip time (RTT). +.SH DEFAULT +0 +.SH PROTOCOLS +All +.SH EXAMPLE +TODO +.SH AVAILABILITY +Added in 7.49.0. This option is currently only supported on Linux and OS X +El Capitan. +.SH RETURN VALUE +Returns CURLE_OK if fast open is supported by the operating system, otherwise +returns CURLE_NOT_BUILT_IN. diff --git a/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.html b/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.html new file mode 100644 index 000000000..160100594 --- /dev/null +++ b/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.html @@ -0,0 +1,65 @@ + + +CURLOPT_TCP_FASTOPEN man page + + + + +

NAME

+

CURLOPT_TCP_FASTOPEN - enable TCP Fast Open

SYNOPSIS

+

#include <curl/curl.h> +

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TCP_FASTOPEN, long enable);

DESCRIPTION

+

Pass a long as parameter set to 1 to enable or 0 to disable. +

TCP Fast Open (RFC7413) is a mechanism that allows data to be carried in the SYN and SYN-ACK packets and consumed by the receiving end during the initial connection handshake, saving up to one full round-trip time (RTT).

DEFAULT

+

0

PROTOCOLS

+

All

EXAMPLE

+

TODO

AVAILABILITY

+

Added in 7.49.0. This option is currently only supported on Linux and OS X El Capitan.

RETURN VALUE

+

Returns CURLE_OK if fast open is supported by the operating system, otherwise returns CURLE_NOT_BUILT_IN.

+ This HTML page was made with roffit. + diff --git a/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.pdf b/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.pdf new file mode 100644 index 000000000..8aa26159d Binary files /dev/null and b/docs/libcurl/opts/CURLOPT_TCP_FASTOPEN.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.pdf b/docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.pdf index 9fbe7fdd1..1c1ede037 100644 Binary files a/docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.pdf and b/docs/libcurl/opts/CURLOPT_TCP_KEEPALIVE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.pdf b/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.pdf index fc0c4173b..825a2b396 100644 Binary files a/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.pdf and b/docs/libcurl/opts/CURLOPT_TCP_KEEPIDLE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.pdf b/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.pdf index 7aad4d275..9f33fdd90 100644 Binary files a/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.pdf and b/docs/libcurl/opts/CURLOPT_TCP_KEEPINTVL.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TCP_NODELAY.3 b/docs/libcurl/opts/CURLOPT_TCP_NODELAY.3 index efb258693..bd19fbaf0 100644 --- a/docs/libcurl/opts/CURLOPT_TCP_NODELAY.3 +++ b/docs/libcurl/opts/CURLOPT_TCP_NODELAY.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -20,7 +20,7 @@ .\" * .\" ************************************************************************** .\" -.TH CURLOPT_TCP_NODELAY 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" +.TH CURLOPT_TCP_NODELAY 3 "30 Jun 2016" "libcurl 7.50.0" "curl_easy_setopt options" .SH NAME CURLOPT_TCP_NODELAY \- set the TCP_NODELAY option .SH SYNOPSIS @@ -29,8 +29,8 @@ CURLOPT_TCP_NODELAY \- set the TCP_NODELAY option CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TCP_NODELAY, long nodelay); .SH DESCRIPTION Pass a long specifying whether the TCP_NODELAY option is to be set or cleared -(1 = set, 0 = clear). The option is cleared by default. This will have no -effect after the connection has been established. +(1 = set, 0 = clear). The option is set by default. This will have no effect +after the connection has been established. Setting this option will disable TCP's Nagle algorithm. The purpose of this algorithm is to try to minimize the number of small packets on the network @@ -43,13 +43,13 @@ need to be sent without delay. This is less efficient than sending larger amounts of data at a time, and can contribute to congestion on the network if overdone. .SH DEFAULT -0 +1 .SH PROTOCOLS All .SH EXAMPLE TODO .SH AVAILABILITY -Always +Always. The default was changed to 1 from 0 in 7.50.2. .SH RETURN VALUE Returns CURLE_OK .SH "SEE ALSO" diff --git a/docs/libcurl/opts/CURLOPT_TCP_NODELAY.html b/docs/libcurl/opts/CURLOPT_TCP_NODELAY.html index d2e42f500..b19ac98cd 100644 --- a/docs/libcurl/opts/CURLOPT_TCP_NODELAY.html +++ b/docs/libcurl/opts/CURLOPT_TCP_NODELAY.html @@ -54,13 +54,13 @@ p.roffit {

CURLOPT_TCP_NODELAY - set the TCP_NODELAY option

SYNOPSIS

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TCP_NODELAY, long nodelay);

DESCRIPTION

-

Pass a long specifying whether the TCP_NODELAY option is to be set or cleared (1 = set, 0 = clear). The option is cleared by default. This will have no effect after the connection has been established. +

Pass a long specifying whether the TCP_NODELAY option is to be set or cleared (1 = set, 0 = clear). The option is set by default. This will have no effect after the connection has been established.

Setting this option will disable TCP's Nagle algorithm. The purpose of this algorithm is to try to minimize the number of small packets on the network (where "small packets" means TCP segments less than the Maximum Segment Size (MSS) for the network).

Maximizing the amount of data sent per TCP segment is good because it amortizes the overhead of the send. However, in some cases small segments may need to be sent without delay. This is less efficient than sending larger amounts of data at a time, and can contribute to congestion on the network if overdone.

DEFAULT

-

0

PROTOCOLS

+

1

PROTOCOLS

All

EXAMPLE

TODO

AVAILABILITY

-

Always

RETURN VALUE

+

Always. The default was changed to 1 from 0 in 7.50.2.

RETURN VALUE

Returns CURLE_OK

SEE ALSO

CURLOPT_SOCKOPTFUNCTION, CURLOPT_TCP_KEEPALIVE

This HTML page was made with roffit. diff --git a/docs/libcurl/opts/CURLOPT_TCP_NODELAY.pdf b/docs/libcurl/opts/CURLOPT_TCP_NODELAY.pdf index c3e6cd219..eb83249c6 100644 Binary files a/docs/libcurl/opts/CURLOPT_TCP_NODELAY.pdf and b/docs/libcurl/opts/CURLOPT_TCP_NODELAY.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.pdf b/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.pdf index 588579186..84d8f2eaa 100644 Binary files a/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.pdf and b/docs/libcurl/opts/CURLOPT_TELNETOPTIONS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.pdf b/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.pdf index 7780f4b59..ed03d6b78 100644 Binary files a/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.pdf and b/docs/libcurl/opts/CURLOPT_TFTP_BLKSIZE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.3 b/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.3 index 53b1770be..97940fbb3 100644 --- a/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.3 +++ b/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.3 @@ -5,11 +5,11 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms -.\" * are also available at http://curl.haxx.se/docs/copyright.html. +.\" * are also available at https://curl.haxx.se/docs/copyright.html. .\" * .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell .\" * copies of the Software, and permit persons to whom the Software is diff --git a/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.pdf b/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.pdf index 4a783d1c6..28908ef45 100644 Binary files a/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.pdf and b/docs/libcurl/opts/CURLOPT_TFTP_NO_OPTIONS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TIMECONDITION.3 b/docs/libcurl/opts/CURLOPT_TIMECONDITION.3 index d8acd1c15..a8fcea7b1 100644 --- a/docs/libcurl/opts/CURLOPT_TIMECONDITION.3 +++ b/docs/libcurl/opts/CURLOPT_TIMECONDITION.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, 2016, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms diff --git a/docs/libcurl/opts/CURLOPT_TIMECONDITION.pdf b/docs/libcurl/opts/CURLOPT_TIMECONDITION.pdf index 893b1aad2..d54b777fe 100644 Binary files a/docs/libcurl/opts/CURLOPT_TIMECONDITION.pdf and b/docs/libcurl/opts/CURLOPT_TIMECONDITION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TIMEOUT.pdf b/docs/libcurl/opts/CURLOPT_TIMEOUT.pdf index bdbf81429..df3f23e74 100644 Binary files a/docs/libcurl/opts/CURLOPT_TIMEOUT.pdf and b/docs/libcurl/opts/CURLOPT_TIMEOUT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TIMEOUT_MS.pdf b/docs/libcurl/opts/CURLOPT_TIMEOUT_MS.pdf index 25b1cf80c..c97bcf171 100644 Binary files a/docs/libcurl/opts/CURLOPT_TIMEOUT_MS.pdf and b/docs/libcurl/opts/CURLOPT_TIMEOUT_MS.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TIMEVALUE.3 b/docs/libcurl/opts/CURLOPT_TIMEVALUE.3 index 92ca6f6b4..cd745ffa7 100644 --- a/docs/libcurl/opts/CURLOPT_TIMEVALUE.3 +++ b/docs/libcurl/opts/CURLOPT_TIMEVALUE.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, 2016, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms diff --git a/docs/libcurl/opts/CURLOPT_TIMEVALUE.pdf b/docs/libcurl/opts/CURLOPT_TIMEVALUE.pdf index 499a763b1..ebb563dcb 100644 Binary files a/docs/libcurl/opts/CURLOPT_TIMEVALUE.pdf and b/docs/libcurl/opts/CURLOPT_TIMEVALUE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.pdf b/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.pdf index 6447fbc3e..aa4a1bdea 100644 Binary files a/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.pdf and b/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.pdf b/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.pdf index 7d009e8fb..43b28593f 100644 Binary files a/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.pdf and b/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.pdf b/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.pdf index ae81c4b3e..933f1b7da 100644 Binary files a/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.pdf and b/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.pdf b/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.pdf index 894b4c90e..1bcfaf6e0 100644 Binary files a/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.pdf and b/docs/libcurl/opts/CURLOPT_TRANSFERTEXT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3 b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3 index 132b9144f..242da13f0 100644 --- a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3 +++ b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -36,7 +36,7 @@ HTTP response sent using a compressed Transfer-Encoding that will be automatically uncompressed by libcurl on reception. Transfer-Encoding differs slightly from the Content-Encoding you ask for with -\fBCURLOPT_ACCEPT_ENCODING(3)\fP in that a Transfer-Encoding is strictly meant +\fICURLOPT_ACCEPT_ENCODING(3)\fP in that a Transfer-Encoding is strictly meant to be for the transfer and thus MUST be decoded before the data arrives in the client. Traditionally, Transfer-Encoding has been much less used and supported by both HTTP clients and HTTP servers. diff --git a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.html b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.html index f9ca706fa..a8f939072 100644 --- a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.html +++ b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.html @@ -56,7 +56,7 @@ p.roffit {

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TRANSFER_ENCODING, long enable);

DESCRIPTION

Pass a long set to 1 to enable or 0 to disable.

Adds a request for compressed Transfer Encoding in the outgoing HTTP request. If the server supports this and so desires, it can respond with the HTTP response sent using a compressed Transfer-Encoding that will be automatically uncompressed by libcurl on reception. -

Transfer-Encoding differs slightly from the Content-Encoding you ask for with CURLOPT_ACCEPT_ENCODING in that a Transfer-Encoding is strictly meant to be for the transfer and thus MUST be decoded before the data arrives in the client. Traditionally, Transfer-Encoding has been much less used and supported by both HTTP clients and HTTP servers.

DEFAULT

+

Transfer-Encoding differs slightly from the Content-Encoding you ask for with CURLOPT_ACCEPT_ENCODING in that a Transfer-Encoding is strictly meant to be for the transfer and thus MUST be decoded before the data arrives in the client. Traditionally, Transfer-Encoding has been much less used and supported by both HTTP clients and HTTP servers.

DEFAULT

0

PROTOCOLS

HTTP

EXAMPLE

TODO

AVAILABILITY

diff --git a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.pdf b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.pdf index 30852d50d..5805e5103 100644 Binary files a/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.pdf and b/docs/libcurl/opts/CURLOPT_TRANSFER_ENCODING.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.pdf b/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.pdf index 123b17051..fe3748a50 100644 Binary files a/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.pdf and b/docs/libcurl/opts/CURLOPT_UNIX_SOCKET_PATH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.pdf b/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.pdf index 4e7e79bc8..a0623def0 100644 Binary files a/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.pdf and b/docs/libcurl/opts/CURLOPT_UNRESTRICTED_AUTH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_UPLOAD.pdf b/docs/libcurl/opts/CURLOPT_UPLOAD.pdf index 5aa47c6cc..cae48978c 100644 Binary files a/docs/libcurl/opts/CURLOPT_UPLOAD.pdf and b/docs/libcurl/opts/CURLOPT_UPLOAD.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_URL.pdf b/docs/libcurl/opts/CURLOPT_URL.pdf index 5350a8b0d..1e518278b 100644 Binary files a/docs/libcurl/opts/CURLOPT_URL.pdf and b/docs/libcurl/opts/CURLOPT_URL.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_USERAGENT.pdf b/docs/libcurl/opts/CURLOPT_USERAGENT.pdf index f516d222e..46fa31c74 100644 Binary files a/docs/libcurl/opts/CURLOPT_USERAGENT.pdf and b/docs/libcurl/opts/CURLOPT_USERAGENT.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_USERNAME.3 b/docs/libcurl/opts/CURLOPT_USERNAME.3 index a5ebb0e3a..ec6001078 100644 --- a/docs/libcurl/opts/CURLOPT_USERNAME.3 +++ b/docs/libcurl/opts/CURLOPT_USERNAME.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -33,7 +33,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_USERNAME, Pass a char * as parameter, which should be pointing to the zero terminated user name to use for the transfer. -\fBCURLOPT_USERNAME(3)\fP sets the user name to be used in protocol +\fICURLOPT_USERNAME(3)\fP sets the user name to be used in protocol authentication. You should not use this option together with the (older) \fICURLOPT_USERPWD(3)\fP option. diff --git a/docs/libcurl/opts/CURLOPT_USERNAME.html b/docs/libcurl/opts/CURLOPT_USERNAME.html index 963f63d2c..60e6ffaae 100644 --- a/docs/libcurl/opts/CURLOPT_USERNAME.html +++ b/docs/libcurl/opts/CURLOPT_USERNAME.html @@ -60,7 +60,7 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_USERNAME,

DESCRIPTION

Pass a char * as parameter, which should be pointing to the zero terminated user name to use for the transfer. -

CURLOPT_USERNAME sets the user name to be used in protocol authentication. You should not use this option together with the (older) CURLOPT_USERPWD option. +

CURLOPT_USERNAME sets the user name to be used in protocol authentication. You should not use this option together with the (older) CURLOPT_USERPWD option.

When using Kerberos V5 authentication with a Windows based server, you should include the domain name in order for the server to successfully obtain a Kerberos Ticket. If you don't then the initial part of the authentication handshake may fail.

When using NTLM, the user name can be specified simply as the user name without the domain name should the server be part of a single domain and forest.

To include the domain name use either Down-Level Logon Name or UPN (User Principal Name) formats. For example, EXAMPLE\user and user@example.com respectively. diff --git a/docs/libcurl/opts/CURLOPT_USERNAME.pdf b/docs/libcurl/opts/CURLOPT_USERNAME.pdf index a27f5a439..3ac6328c4 100644 Binary files a/docs/libcurl/opts/CURLOPT_USERNAME.pdf and b/docs/libcurl/opts/CURLOPT_USERNAME.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_USERPWD.pdf b/docs/libcurl/opts/CURLOPT_USERPWD.pdf index c1ba576fd..6fcd452bb 100644 Binary files a/docs/libcurl/opts/CURLOPT_USERPWD.pdf and b/docs/libcurl/opts/CURLOPT_USERPWD.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_USE_SSL.pdf b/docs/libcurl/opts/CURLOPT_USE_SSL.pdf index 069cc8b9b..8dac213dc 100644 Binary files a/docs/libcurl/opts/CURLOPT_USE_SSL.pdf and b/docs/libcurl/opts/CURLOPT_USE_SSL.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_VERBOSE.pdf b/docs/libcurl/opts/CURLOPT_VERBOSE.pdf index a1a9b5600..7ba595f96 100644 Binary files a/docs/libcurl/opts/CURLOPT_VERBOSE.pdf and b/docs/libcurl/opts/CURLOPT_VERBOSE.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.pdf b/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.pdf index fc0907a9d..e6fbe09f2 100644 Binary files a/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.pdf and b/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_WRITEDATA.pdf b/docs/libcurl/opts/CURLOPT_WRITEDATA.pdf index 2c771d207..5a7a276e3 100644 Binary files a/docs/libcurl/opts/CURLOPT_WRITEDATA.pdf and b/docs/libcurl/opts/CURLOPT_WRITEDATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.pdf index 027181396..6c013abd4 100644 Binary files a/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_XFERINFODATA.pdf b/docs/libcurl/opts/CURLOPT_XFERINFODATA.pdf index 55f1a9136..6a1f67dae 100644 Binary files a/docs/libcurl/opts/CURLOPT_XFERINFODATA.pdf and b/docs/libcurl/opts/CURLOPT_XFERINFODATA.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.pdf b/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.pdf index 2082dca93..70ae49be7 100644 Binary files a/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.pdf and b/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.pdf differ diff --git a/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.pdf b/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.pdf index fa916163a..a6585bdde 100644 Binary files a/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.pdf and b/docs/libcurl/opts/CURLOPT_XOAUTH2_BEARER.pdf differ diff --git a/docs/libcurl/opts/Makefile.am b/docs/libcurl/opts/Makefile.am index 61e564043..a3fc0647f 100644 --- a/docs/libcurl/opts/Makefile.am +++ b/docs/libcurl/opts/Makefile.am @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -22,392 +22,872 @@ AUTOMAKE_OPTIONS = foreign no-dependencies -man_MANS = CURLOPT_ACCEPT_ENCODING.3 CURLOPT_ACCEPTTIMEOUT_MS.3 \ - CURLOPT_ADDRESS_SCOPE.3 CURLOPT_APPEND.3 CURLOPT_AUTOREFERER.3 \ - CURLOPT_BUFFERSIZE.3 CURLOPT_CAINFO.3 CURLOPT_CAPATH.3 \ - CURLOPT_CERTINFO.3 CURLOPT_CHUNK_BGN_FUNCTION.3 CURLOPT_CHUNK_DATA.3 \ - CURLOPT_CHUNK_END_FUNCTION.3 CURLOPT_CLOSESOCKETDATA.3 \ - CURLOPT_CLOSESOCKETFUNCTION.3 CURLOPT_CONNECT_ONLY.3 \ - CURLOPT_CONNECTTIMEOUT.3 CURLOPT_CONNECTTIMEOUT_MS.3 \ - CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 CURLOPT_CONV_FROM_UTF8_FUNCTION.3 \ - CURLOPT_CONV_TO_NETWORK_FUNCTION.3 CURLOPT_COOKIE.3 \ - CURLOPT_COOKIEFILE.3 CURLOPT_COOKIEJAR.3 CURLOPT_COOKIELIST.3 \ - CURLOPT_COOKIESESSION.3 CURLOPT_COPYPOSTFIELDS.3 CURLOPT_CRLF.3 \ - CURLOPT_CRLFILE.3 CURLOPT_CUSTOMREQUEST.3 CURLOPT_DEBUGDATA.3 \ - CURLOPT_DEBUGFUNCTION.3 CURLOPT_DIRLISTONLY.3 \ - CURLOPT_DNS_CACHE_TIMEOUT.3 CURLOPT_DNS_INTERFACE.3 \ - CURLOPT_DNS_LOCAL_IP4.3 CURLOPT_DNS_LOCAL_IP6.3 CURLOPT_DNS_SERVERS.3 \ - CURLOPT_DNS_USE_GLOBAL_CACHE.3 CURLOPT_EGDSOCKET.3 \ - CURLOPT_ERRORBUFFER.3 CURLOPT_EXPECT_100_TIMEOUT_MS.3 \ - CURLOPT_FAILONERROR.3 CURLOPT_FILETIME.3 CURLOPT_FNMATCH_DATA.3 \ - CURLOPT_FNMATCH_FUNCTION.3 CURLOPT_FOLLOWLOCATION.3 \ - CURLOPT_FORBID_REUSE.3 CURLOPT_FRESH_CONNECT.3 CURLOPT_FTP_ACCOUNT.3 \ - CURLOPT_FTP_ALTERNATIVE_TO_USER.3 CURLOPT_FTP_CREATE_MISSING_DIRS.3 \ - CURLOPT_FTP_FILEMETHOD.3 CURLOPT_FTPPORT.3 \ - CURLOPT_FTP_RESPONSE_TIMEOUT.3 CURLOPT_FTP_SKIP_PASV_IP.3 \ - CURLOPT_FTPSSLAUTH.3 CURLOPT_FTP_SSL_CCC.3 CURLOPT_FTP_USE_EPRT.3 \ - CURLOPT_FTP_USE_EPSV.3 CURLOPT_FTP_USE_PRET.3 \ - CURLOPT_GSSAPI_DELEGATION.3 CURLOPT_HEADER.3 CURLOPT_HEADERDATA.3 \ - CURLOPT_HEADERFUNCTION.3 CURLOPT_HEADEROPT.3 CURLOPT_HTTP200ALIASES.3 \ - CURLOPT_HTTPAUTH.3 CURLOPT_HTTP_CONTENT_DECODING.3 CURLOPT_HTTPGET.3 \ - CURLOPT_HTTPHEADER.3 CURLOPT_HTTPPOST.3 CURLOPT_HTTPPROXYTUNNEL.3 \ - CURLOPT_HTTP_TRANSFER_DECODING.3 CURLOPT_HTTP_VERSION.3 \ - CURLOPT_IGNORE_CONTENT_LENGTH.3 CURLOPT_INFILESIZE.3 \ - CURLOPT_INFILESIZE_LARGE.3 CURLOPT_INTERFACE.3 \ - CURLOPT_INTERLEAVEDATA.3 CURLOPT_INTERLEAVEFUNCTION.3 \ - CURLOPT_IOCTLDATA.3 CURLOPT_IOCTLFUNCTION.3 CURLOPT_IPRESOLVE.3 \ - CURLOPT_ISSUERCERT.3 CURLOPT_KEYPASSWD.3 CURLOPT_KRBLEVEL.3 \ - CURLOPT_LOCALPORT.3 CURLOPT_LOCALPORTRANGE.3 CURLOPT_LOGIN_OPTIONS.3 \ - CURLOPT_LOW_SPEED_LIMIT.3 CURLOPT_LOW_SPEED_TIME.3 CURLOPT_MAIL_AUTH.3 \ - CURLOPT_MAIL_FROM.3 CURLOPT_MAIL_RCPT.3 CURLOPT_MAXCONNECTS.3 \ - CURLOPT_MAXFILESIZE.3 CURLOPT_MAXFILESIZE_LARGE.3 \ - CURLOPT_MAX_RECV_SPEED_LARGE.3 CURLOPT_MAXREDIRS.3 \ - CURLOPT_MAX_SEND_SPEED_LARGE.3 CURLOPT_NETRC.3 CURLOPT_NETRC_FILE.3 \ - CURLOPT_NEW_DIRECTORY_PERMS.3 CURLOPT_NEW_FILE_PERMS.3 \ - CURLOPT_NOBODY.3 CURLOPT_NOPROGRESS.3 CURLOPT_NOPROXY.3 \ - CURLOPT_NOSIGNAL.3 CURLOPT_OPENSOCKETDATA.3 \ - CURLOPT_OPENSOCKETFUNCTION.3 CURLOPT_PASSWORD.3 \ - CURLOPT_PINNEDPUBLICKEY.3 CURLOPT_PORT.3 CURLOPT_POST.3 \ - CURLOPT_POSTFIELDS.3 CURLOPT_POSTFIELDSIZE.3 \ - CURLOPT_POSTFIELDSIZE_LARGE.3 CURLOPT_POSTQUOTE.3 CURLOPT_POSTREDIR.3 \ - CURLOPT_PREQUOTE.3 CURLOPT_PRIVATE.3 CURLOPT_PROGRESSDATA.3 \ - CURLOPT_PROGRESSFUNCTION.3 CURLOPT_PROTOCOLS.3 CURLOPT_PROXY.3 \ - CURLOPT_PROXYAUTH.3 CURLOPT_PROXYHEADER.3 CURLOPT_PROXYPASSWORD.3 \ - CURLOPT_PROXYPORT.3 CURLOPT_PROXY_TRANSFER_MODE.3 CURLOPT_PROXYTYPE.3 \ - CURLOPT_PROXYUSERNAME.3 CURLOPT_PROXYUSERPWD.3 CURLOPT_PUT.3 \ - CURLOPT_QUOTE.3 CURLOPT_RANDOM_FILE.3 CURLOPT_RANGE.3 \ - CURLOPT_READDATA.3 CURLOPT_READFUNCTION.3 CURLOPT_REDIR_PROTOCOLS.3 \ - CURLOPT_REFERER.3 CURLOPT_RESOLVE.3 CURLOPT_RESUME_FROM.3 \ - CURLOPT_RESUME_FROM_LARGE.3 CURLOPT_RTSP_CLIENT_CSEQ.3 \ - CURLOPT_RTSP_REQUEST.3 CURLOPT_RTSP_SERVER_CSEQ.3 \ - CURLOPT_RTSP_SESSION_ID.3 CURLOPT_RTSP_STREAM_URI.3 \ - CURLOPT_RTSP_TRANSPORT.3 CURLOPT_SASL_IR.3 CURLOPT_SEEKDATA.3 \ - CURLOPT_SEEKFUNCTION.3 CURLOPT_SHARE.3 CURLOPT_SOCKOPTDATA.3 \ - CURLOPT_SOCKOPTFUNCTION.3 CURLOPT_SOCKS5_GSSAPI_NEC.3 \ - CURLOPT_SOCKS5_GSSAPI_SERVICE.3 CURLOPT_SSH_AUTH_TYPES.3 \ - CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 CURLOPT_SSH_KEYDATA.3 \ - CURLOPT_SSH_KEYFUNCTION.3 CURLOPT_SSH_KNOWNHOSTS.3 \ - CURLOPT_SSH_PRIVATE_KEYFILE.3 CURLOPT_SSH_PUBLIC_KEYFILE.3 \ - CURLOPT_SSLCERT.3 CURLOPT_SSLCERTTYPE.3 CURLOPT_SSL_CIPHER_LIST.3 \ - CURLOPT_SSL_CTX_DATA.3 CURLOPT_SSL_CTX_FUNCTION.3 \ - CURLOPT_SSL_ENABLE_ALPN.3 CURLOPT_SSL_ENABLE_NPN.3 CURLOPT_SSLENGINE.3 \ - CURLOPT_SSLENGINE_DEFAULT.3 CURLOPT_SSL_FALSESTART.3 CURLOPT_SSLKEY.3 \ - CURLOPT_SSLKEYTYPE.3 CURLOPT_SSL_OPTIONS.3 \ - CURLOPT_SSL_SESSIONID_CACHE.3 CURLOPT_SSL_VERIFYHOST.3 \ - CURLOPT_SSL_VERIFYPEER.3 CURLOPT_SSL_VERIFYSTATUS.3 \ - CURLOPT_SSLVERSION.3 CURLOPT_STDERR.3 CURLOPT_TCP_KEEPALIVE.3 \ - CURLOPT_TCP_KEEPIDLE.3 CURLOPT_TCP_KEEPINTVL.3 CURLOPT_TCP_NODELAY.3 \ - CURLOPT_TELNETOPTIONS.3 CURLOPT_TFTP_BLKSIZE.3 \ - CURLOPT_TFTP_NO_OPTIONS.3 CURLOPT_TIMECONDITION.3 CURLOPT_TIMEOUT.3 \ - CURLOPT_TIMEOUT_MS.3 CURLOPT_TIMEVALUE.3 CURLOPT_TLSAUTH_PASSWORD.3 \ - CURLOPT_TLSAUTH_TYPE.3 CURLOPT_TLSAUTH_USERNAME.3 \ - CURLOPT_TRANSFER_ENCODING.3 CURLOPT_TRANSFERTEXT.3 \ - CURLOPT_UNRESTRICTED_AUTH.3 CURLOPT_UPLOAD.3 \ - CURLOPT_URL.3 CURLOPT_USERAGENT.3 CURLOPT_USERNAME.3 CURLOPT_USERPWD.3 \ - CURLOPT_USE_SSL.3 CURLOPT_VERBOSE.3 CURLOPT_WILDCARDMATCH.3 \ - CURLOPT_WRITEDATA.3 CURLOPT_WRITEFUNCTION.3 CURLOPT_XFERINFODATA.3 \ - CURLOPT_XFERINFOFUNCTION.3 CURLOPT_XOAUTH2_BEARER.3 \ - CURLOPT_STREAM_DEPENDS.3 CURLOPT_STREAM_DEPENDS_E.3 \ - CURLOPT_STREAM_WEIGHT.3 CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 \ - CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 CURLMOPT_MAXCONNECTS.3 \ - CURLMOPT_MAX_HOST_CONNECTIONS.3 CURLMOPT_MAX_PIPELINE_LENGTH.3 \ - CURLMOPT_MAX_TOTAL_CONNECTIONS.3 CURLMOPT_PIPELINING.3 \ - CURLMOPT_PIPELINING_SERVER_BL.3 CURLMOPT_PIPELINING_SITE_BL.3 \ - CURLMOPT_SOCKETDATA.3 CURLMOPT_SOCKETFUNCTION.3 CURLMOPT_TIMERDATA.3 \ - CURLMOPT_TIMERFUNCTION.3 CURLOPT_UNIX_SOCKET_PATH.3 \ - CURLOPT_PATH_AS_IS.3 CURLOPT_PROXY_SERVICE_NAME.3 \ - CURLOPT_SERVICE_NAME.3 CURLOPT_PIPEWAIT.3 CURLMOPT_PUSHDATA.3 \ - CURLMOPT_PUSHFUNCTION.3 CURLOPT_DEFAULT_PROTOCOL.3 \ - CURLINFO_ACTIVESOCKET.3 CURLINFO_APPCONNECT_TIME.3 CURLINFO_CERTINFO.3 \ - CURLINFO_CONDITION_UNMET.3 CURLINFO_CONNECT_TIME.3 \ - CURLINFO_CONTENT_LENGTH_DOWNLOAD.3 CURLINFO_CONTENT_LENGTH_UPLOAD.3 \ - CURLINFO_CONTENT_TYPE.3 CURLINFO_COOKIELIST.3 CURLINFO_EFFECTIVE_URL.3 \ - CURLINFO_FILETIME.3 CURLINFO_FTP_ENTRY_PATH.3 CURLINFO_HEADER_SIZE.3 \ - CURLINFO_HTTPAUTH_AVAIL.3 CURLINFO_HTTP_CONNECTCODE.3 \ - CURLINFO_LASTSOCKET.3 CURLINFO_LOCAL_IP.3 CURLINFO_LOCAL_PORT.3 \ - CURLINFO_NAMELOOKUP_TIME.3 CURLINFO_NUM_CONNECTS.3 CURLINFO_OS_ERRNO.3 \ - CURLINFO_PRETRANSFER_TIME.3 CURLINFO_PRIMARY_IP.3 \ - CURLINFO_PRIMARY_PORT.3 CURLINFO_PRIVATE.3 CURLINFO_PROXYAUTH_AVAIL.3 \ - CURLINFO_REDIRECT_COUNT.3 CURLINFO_REDIRECT_TIME.3 \ - CURLINFO_REDIRECT_URL.3 CURLINFO_REQUEST_SIZE.3 \ - CURLINFO_RESPONSE_CODE.3 CURLINFO_RTSP_CLIENT_CSEQ.3 \ - CURLINFO_RTSP_CSEQ_RECV.3 CURLINFO_RTSP_SERVER_CSEQ.3 \ - CURLINFO_RTSP_SESSION_ID.3 CURLINFO_SIZE_DOWNLOAD.3 \ - CURLINFO_SIZE_UPLOAD.3 CURLINFO_SPEED_DOWNLOAD.3 \ - CURLINFO_SPEED_UPLOAD.3 CURLINFO_SSL_ENGINES.3 \ - CURLINFO_SSL_VERIFYRESULT.3 CURLINFO_STARTTRANSFER_TIME.3 \ - CURLINFO_TLS_SESSION.3 CURLINFO_TLS_SSL_PTR.3 \ - CURLINFO_TOTAL_TIME.3 +man_MANS = \ + CURLINFO_ACTIVESOCKET.3 \ + CURLINFO_APPCONNECT_TIME.3 \ + CURLINFO_CERTINFO.3 \ + CURLINFO_CONDITION_UNMET.3 \ + CURLINFO_CONNECT_TIME.3 \ + CURLINFO_CONTENT_LENGTH_DOWNLOAD.3 \ + CURLINFO_CONTENT_LENGTH_UPLOAD.3 \ + CURLINFO_CONTENT_TYPE.3 \ + CURLINFO_COOKIELIST.3 \ + CURLINFO_EFFECTIVE_URL.3 \ + CURLINFO_FILETIME.3 \ + CURLINFO_FTP_ENTRY_PATH.3 \ + CURLINFO_HEADER_SIZE.3 \ + CURLINFO_HTTPAUTH_AVAIL.3 \ + CURLINFO_HTTP_CONNECTCODE.3 \ + CURLINFO_HTTP_VERSION.3 \ + CURLINFO_LASTSOCKET.3 \ + CURLINFO_LOCAL_IP.3 \ + CURLINFO_LOCAL_PORT.3 \ + CURLINFO_NAMELOOKUP_TIME.3 \ + CURLINFO_NUM_CONNECTS.3 \ + CURLINFO_OS_ERRNO.3 \ + CURLINFO_PRETRANSFER_TIME.3 \ + CURLINFO_PRIMARY_IP.3 \ + CURLINFO_PRIMARY_PORT.3 \ + CURLINFO_PRIVATE.3 \ + CURLINFO_PROXYAUTH_AVAIL.3 \ + CURLINFO_REDIRECT_COUNT.3 \ + CURLINFO_REDIRECT_TIME.3 \ + CURLINFO_REDIRECT_URL.3 \ + CURLINFO_REQUEST_SIZE.3 \ + CURLINFO_RESPONSE_CODE.3 \ + CURLINFO_RTSP_CLIENT_CSEQ.3 \ + CURLINFO_RTSP_CSEQ_RECV.3 \ + CURLINFO_RTSP_SERVER_CSEQ.3 \ + CURLINFO_RTSP_SESSION_ID.3 \ + CURLINFO_SIZE_DOWNLOAD.3 \ + CURLINFO_SIZE_UPLOAD.3 \ + CURLINFO_SPEED_DOWNLOAD.3 \ + CURLINFO_SPEED_UPLOAD.3 \ + CURLINFO_SSL_ENGINES.3 \ + CURLINFO_SSL_VERIFYRESULT.3 \ + CURLINFO_STARTTRANSFER_TIME.3 \ + CURLINFO_TLS_SESSION.3 \ + CURLINFO_TLS_SSL_PTR.3 \ + CURLINFO_TOTAL_TIME.3 \ + CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 \ + CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 \ + CURLMOPT_MAXCONNECTS.3 \ + CURLMOPT_MAX_HOST_CONNECTIONS.3 \ + CURLMOPT_MAX_PIPELINE_LENGTH.3 \ + CURLMOPT_MAX_TOTAL_CONNECTIONS.3 \ + CURLMOPT_PIPELINING.3 \ + CURLMOPT_PIPELINING_SERVER_BL.3 \ + CURLMOPT_PIPELINING_SITE_BL.3 \ + CURLMOPT_PUSHDATA.3 \ + CURLMOPT_PUSHFUNCTION.3 \ + CURLMOPT_SOCKETDATA.3 \ + CURLMOPT_SOCKETFUNCTION.3 \ + CURLMOPT_TIMERDATA.3 \ + CURLMOPT_TIMERFUNCTION.3 \ + CURLOPT_ACCEPTTIMEOUT_MS.3 \ + CURLOPT_ACCEPT_ENCODING.3 \ + CURLOPT_ADDRESS_SCOPE.3 \ + CURLOPT_APPEND.3 \ + CURLOPT_AUTOREFERER.3 \ + CURLOPT_BUFFERSIZE.3 \ + CURLOPT_CAINFO.3 \ + CURLOPT_CAPATH.3 \ + CURLOPT_CERTINFO.3 \ + CURLOPT_CHUNK_BGN_FUNCTION.3 \ + CURLOPT_CHUNK_DATA.3 \ + CURLOPT_CHUNK_END_FUNCTION.3 \ + CURLOPT_CLOSESOCKETDATA.3 \ + CURLOPT_CLOSESOCKETFUNCTION.3 \ + CURLOPT_CONNECTTIMEOUT.3 \ + CURLOPT_CONNECTTIMEOUT_MS.3 \ + CURLOPT_CONNECT_ONLY.3 \ + CURLOPT_CONNECT_TO.3 \ + CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 \ + CURLOPT_CONV_FROM_UTF8_FUNCTION.3 \ + CURLOPT_CONV_TO_NETWORK_FUNCTION.3 \ + CURLOPT_COOKIE.3 \ + CURLOPT_COOKIEFILE.3 \ + CURLOPT_COOKIEJAR.3 \ + CURLOPT_COOKIELIST.3 \ + CURLOPT_COOKIESESSION.3 \ + CURLOPT_COPYPOSTFIELDS.3 \ + CURLOPT_CRLF.3 \ + CURLOPT_CRLFILE.3 \ + CURLOPT_CUSTOMREQUEST.3 \ + CURLOPT_DEBUGDATA.3 \ + CURLOPT_DEBUGFUNCTION.3 \ + CURLOPT_DEFAULT_PROTOCOL.3 \ + CURLOPT_DIRLISTONLY.3 \ + CURLOPT_DNS_CACHE_TIMEOUT.3 \ + CURLOPT_DNS_INTERFACE.3 \ + CURLOPT_DNS_LOCAL_IP4.3 \ + CURLOPT_DNS_LOCAL_IP6.3 \ + CURLOPT_DNS_SERVERS.3 \ + CURLOPT_DNS_USE_GLOBAL_CACHE.3 \ + CURLOPT_EGDSOCKET.3 \ + CURLOPT_ERRORBUFFER.3 \ + CURLOPT_EXPECT_100_TIMEOUT_MS.3 \ + CURLOPT_FAILONERROR.3 \ + CURLOPT_FILETIME.3 \ + CURLOPT_FNMATCH_DATA.3 \ + CURLOPT_FNMATCH_FUNCTION.3 \ + CURLOPT_FOLLOWLOCATION.3 \ + CURLOPT_FORBID_REUSE.3 \ + CURLOPT_FRESH_CONNECT.3 \ + CURLOPT_FTPPORT.3 \ + CURLOPT_FTPSSLAUTH.3 \ + CURLOPT_FTP_ACCOUNT.3 \ + CURLOPT_FTP_ALTERNATIVE_TO_USER.3 \ + CURLOPT_FTP_CREATE_MISSING_DIRS.3 \ + CURLOPT_FTP_FILEMETHOD.3 \ + CURLOPT_FTP_RESPONSE_TIMEOUT.3 \ + CURLOPT_FTP_SKIP_PASV_IP.3 \ + CURLOPT_FTP_SSL_CCC.3 \ + CURLOPT_FTP_USE_EPRT.3 \ + CURLOPT_FTP_USE_EPSV.3 \ + CURLOPT_FTP_USE_PRET.3 \ + CURLOPT_GSSAPI_DELEGATION.3 \ + CURLOPT_HEADER.3 \ + CURLOPT_HEADERDATA.3 \ + CURLOPT_HEADERFUNCTION.3 \ + CURLOPT_HEADEROPT.3 \ + CURLOPT_HTTP200ALIASES.3 \ + CURLOPT_HTTPAUTH.3 \ + CURLOPT_HTTPGET.3 \ + CURLOPT_HTTPHEADER.3 \ + CURLOPT_HTTPPOST.3 \ + CURLOPT_HTTPPROXYTUNNEL.3 \ + CURLOPT_HTTP_CONTENT_DECODING.3 \ + CURLOPT_HTTP_TRANSFER_DECODING.3 \ + CURLOPT_HTTP_VERSION.3 \ + CURLOPT_IGNORE_CONTENT_LENGTH.3 \ + CURLOPT_INFILESIZE.3 \ + CURLOPT_INFILESIZE_LARGE.3 \ + CURLOPT_INTERFACE.3 \ + CURLOPT_INTERLEAVEDATA.3 \ + CURLOPT_INTERLEAVEFUNCTION.3 \ + CURLOPT_IOCTLDATA.3 \ + CURLOPT_IOCTLFUNCTION.3 \ + CURLOPT_IPRESOLVE.3 \ + CURLOPT_ISSUERCERT.3 \ + CURLOPT_KEYPASSWD.3 \ + CURLOPT_KRBLEVEL.3 \ + CURLOPT_LOCALPORT.3 \ + CURLOPT_LOCALPORTRANGE.3 \ + CURLOPT_LOGIN_OPTIONS.3 \ + CURLOPT_LOW_SPEED_LIMIT.3 \ + CURLOPT_LOW_SPEED_TIME.3 \ + CURLOPT_MAIL_AUTH.3 \ + CURLOPT_MAIL_FROM.3 \ + CURLOPT_MAIL_RCPT.3 \ + CURLOPT_MAXCONNECTS.3 \ + CURLOPT_MAXFILESIZE.3 \ + CURLOPT_MAXFILESIZE_LARGE.3 \ + CURLOPT_MAXREDIRS.3 \ + CURLOPT_MAX_RECV_SPEED_LARGE.3 \ + CURLOPT_MAX_SEND_SPEED_LARGE.3 \ + CURLOPT_NETRC.3 \ + CURLOPT_NETRC_FILE.3 \ + CURLOPT_NEW_DIRECTORY_PERMS.3 \ + CURLOPT_NEW_FILE_PERMS.3 \ + CURLOPT_NOBODY.3 \ + CURLOPT_NOPROGRESS.3 \ + CURLOPT_NOPROXY.3 \ + CURLOPT_NOSIGNAL.3 \ + CURLOPT_OPENSOCKETDATA.3 \ + CURLOPT_OPENSOCKETFUNCTION.3 \ + CURLOPT_PASSWORD.3 \ + CURLOPT_PATH_AS_IS.3 \ + CURLOPT_PINNEDPUBLICKEY.3 \ + CURLOPT_PIPEWAIT.3 \ + CURLOPT_PORT.3 \ + CURLOPT_POST.3 \ + CURLOPT_POSTFIELDS.3 \ + CURLOPT_POSTFIELDSIZE.3 \ + CURLOPT_POSTFIELDSIZE_LARGE.3 \ + CURLOPT_POSTQUOTE.3 \ + CURLOPT_POSTREDIR.3 \ + CURLOPT_PREQUOTE.3 \ + CURLOPT_PRIVATE.3 \ + CURLOPT_PROGRESSDATA.3 \ + CURLOPT_PROGRESSFUNCTION.3 \ + CURLOPT_PROTOCOLS.3 \ + CURLOPT_PROXY.3 \ + CURLOPT_PROXYAUTH.3 \ + CURLOPT_PROXYHEADER.3 \ + CURLOPT_PROXYPASSWORD.3 \ + CURLOPT_PROXYPORT.3 \ + CURLOPT_PROXYTYPE.3 \ + CURLOPT_PROXYUSERNAME.3 \ + CURLOPT_PROXYUSERPWD.3 \ + CURLOPT_PROXY_SERVICE_NAME.3 \ + CURLOPT_PROXY_TRANSFER_MODE.3 \ + CURLOPT_PUT.3 \ + CURLOPT_QUOTE.3 \ + CURLOPT_RANDOM_FILE.3 \ + CURLOPT_RANGE.3 \ + CURLOPT_READDATA.3 \ + CURLOPT_READFUNCTION.3 \ + CURLOPT_REDIR_PROTOCOLS.3 \ + CURLOPT_REFERER.3 \ + CURLOPT_RESOLVE.3 \ + CURLOPT_RESUME_FROM.3 \ + CURLOPT_RESUME_FROM_LARGE.3 \ + CURLOPT_RTSP_CLIENT_CSEQ.3 \ + CURLOPT_RTSP_REQUEST.3 \ + CURLOPT_RTSP_SERVER_CSEQ.3 \ + CURLOPT_RTSP_SESSION_ID.3 \ + CURLOPT_RTSP_STREAM_URI.3 \ + CURLOPT_RTSP_TRANSPORT.3 \ + CURLOPT_SASL_IR.3 \ + CURLOPT_SEEKDATA.3 \ + CURLOPT_SEEKFUNCTION.3 \ + CURLOPT_SERVICE_NAME.3 \ + CURLOPT_SHARE.3 \ + CURLOPT_SOCKOPTDATA.3 \ + CURLOPT_SOCKOPTFUNCTION.3 \ + CURLOPT_SOCKS5_GSSAPI_NEC.3 \ + CURLOPT_SOCKS5_GSSAPI_SERVICE.3 \ + CURLOPT_SSH_AUTH_TYPES.3 \ + CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 \ + CURLOPT_SSH_KEYDATA.3 \ + CURLOPT_SSH_KEYFUNCTION.3 \ + CURLOPT_SSH_KNOWNHOSTS.3 \ + CURLOPT_SSH_PRIVATE_KEYFILE.3 \ + CURLOPT_SSH_PUBLIC_KEYFILE.3 \ + CURLOPT_SSLCERT.3 \ + CURLOPT_SSLCERTTYPE.3 \ + CURLOPT_SSLENGINE.3 \ + CURLOPT_SSLENGINE_DEFAULT.3 \ + CURLOPT_SSLKEY.3 \ + CURLOPT_SSLKEYTYPE.3 \ + CURLOPT_SSLVERSION.3 \ + CURLOPT_SSL_CIPHER_LIST.3 \ + CURLOPT_SSL_CTX_DATA.3 \ + CURLOPT_SSL_CTX_FUNCTION.3 \ + CURLOPT_SSL_ENABLE_ALPN.3 \ + CURLOPT_SSL_ENABLE_NPN.3 \ + CURLOPT_SSL_FALSESTART.3 \ + CURLOPT_SSL_OPTIONS.3 \ + CURLOPT_SSL_SESSIONID_CACHE.3 \ + CURLOPT_SSL_VERIFYHOST.3 \ + CURLOPT_SSL_VERIFYPEER.3 \ + CURLOPT_SSL_VERIFYSTATUS.3 \ + CURLOPT_STDERR.3 \ + CURLOPT_STREAM_DEPENDS.3 \ + CURLOPT_STREAM_DEPENDS_E.3 \ + CURLOPT_STREAM_WEIGHT.3 \ + CURLOPT_TCP_FASTOPEN.3 \ + CURLOPT_TCP_KEEPALIVE.3 \ + CURLOPT_TCP_KEEPIDLE.3 \ + CURLOPT_TCP_KEEPINTVL.3 \ + CURLOPT_TCP_NODELAY.3 \ + CURLOPT_TELNETOPTIONS.3 \ + CURLOPT_TFTP_BLKSIZE.3 \ + CURLOPT_TFTP_NO_OPTIONS.3 \ + CURLOPT_TIMECONDITION.3 \ + CURLOPT_TIMEOUT.3 \ + CURLOPT_TIMEOUT_MS.3 \ + CURLOPT_TIMEVALUE.3 \ + CURLOPT_TLSAUTH_PASSWORD.3 \ + CURLOPT_TLSAUTH_TYPE.3 \ + CURLOPT_TLSAUTH_USERNAME.3 \ + CURLOPT_TRANSFERTEXT.3 \ + CURLOPT_TRANSFER_ENCODING.3 \ + CURLOPT_UNIX_SOCKET_PATH.3 \ + CURLOPT_UNRESTRICTED_AUTH.3 \ + CURLOPT_UPLOAD.3 \ + CURLOPT_URL.3 \ + CURLOPT_USERAGENT.3 \ + CURLOPT_USERNAME.3 \ + CURLOPT_USERPWD.3 \ + CURLOPT_USE_SSL.3 \ + CURLOPT_VERBOSE.3 \ + CURLOPT_WILDCARDMATCH.3 \ + CURLOPT_WRITEDATA.3 \ + CURLOPT_WRITEFUNCTION.3 \ + CURLOPT_XFERINFODATA.3 \ + CURLOPT_XFERINFOFUNCTION.3 \ + CURLOPT_XOAUTH2_BEARER.3 -HTMLPAGES = CURLOPT_ACCEPT_ENCODING.html CURLOPT_ACCEPTTIMEOUT_MS.html \ - CURLOPT_ADDRESS_SCOPE.html CURLOPT_APPEND.html \ - CURLOPT_AUTOREFERER.html CURLOPT_BUFFERSIZE.html CURLOPT_CAINFO.html \ - CURLOPT_CAPATH.html CURLOPT_CERTINFO.html \ - CURLOPT_CHUNK_BGN_FUNCTION.html CURLOPT_CHUNK_DATA.html \ - CURLOPT_CHUNK_END_FUNCTION.html CURLOPT_CLOSESOCKETDATA.html \ - CURLOPT_CLOSESOCKETFUNCTION.html CURLOPT_CONNECT_ONLY.html \ - CURLOPT_CONNECTTIMEOUT.html CURLOPT_CONNECTTIMEOUT_MS.html \ - CURLOPT_CONV_FROM_NETWORK_FUNCTION.html \ - CURLOPT_CONV_FROM_UTF8_FUNCTION.html \ - CURLOPT_CONV_TO_NETWORK_FUNCTION.html CURLOPT_COOKIE.html \ - CURLOPT_COOKIEFILE.html CURLOPT_COOKIEJAR.html CURLOPT_COOKIELIST.html \ - CURLOPT_COOKIESESSION.html CURLOPT_COPYPOSTFIELDS.html \ - CURLOPT_CRLF.html CURLOPT_CRLFILE.html CURLOPT_CUSTOMREQUEST.html \ - CURLOPT_DEBUGDATA.html CURLOPT_DEBUGFUNCTION.html \ - CURLOPT_DIRLISTONLY.html CURLOPT_DNS_CACHE_TIMEOUT.html \ - CURLOPT_DNS_INTERFACE.html CURLOPT_DNS_LOCAL_IP4.html \ - CURLOPT_DNS_LOCAL_IP6.html CURLOPT_DNS_SERVERS.html \ - CURLOPT_DNS_USE_GLOBAL_CACHE.html CURLOPT_EGDSOCKET.html \ - CURLOPT_ERRORBUFFER.html CURLOPT_EXPECT_100_TIMEOUT_MS.html \ - CURLOPT_FAILONERROR.html CURLOPT_FILETIME.html \ - CURLOPT_FNMATCH_DATA.html CURLOPT_FNMATCH_FUNCTION.html \ - CURLOPT_FOLLOWLOCATION.html CURLOPT_FORBID_REUSE.html \ - CURLOPT_FRESH_CONNECT.html CURLOPT_FTP_ACCOUNT.html \ - CURLOPT_FTP_ALTERNATIVE_TO_USER.html \ - CURLOPT_FTP_CREATE_MISSING_DIRS.html CURLOPT_FTP_FILEMETHOD.html \ - CURLOPT_FTPPORT.html CURLOPT_FTP_RESPONSE_TIMEOUT.html \ - CURLOPT_FTP_SKIP_PASV_IP.html CURLOPT_FTPSSLAUTH.html \ - CURLOPT_FTP_SSL_CCC.html CURLOPT_FTP_USE_EPRT.html \ - CURLOPT_FTP_USE_EPSV.html CURLOPT_FTP_USE_PRET.html \ - CURLOPT_GSSAPI_DELEGATION.html CURLOPT_HEADER.html \ - CURLOPT_HEADERDATA.html CURLOPT_HEADERFUNCTION.html \ - CURLOPT_HEADEROPT.html CURLOPT_HTTP200ALIASES.html \ - CURLOPT_HTTPAUTH.html CURLOPT_HTTP_CONTENT_DECODING.html \ - CURLOPT_HTTPGET.html CURLOPT_HTTPHEADER.html CURLOPT_HTTPPOST.html \ - CURLOPT_HTTPPROXYTUNNEL.html CURLOPT_HTTP_TRANSFER_DECODING.html \ - CURLOPT_HTTP_VERSION.html CURLOPT_IGNORE_CONTENT_LENGTH.html \ - CURLOPT_INFILESIZE.html CURLOPT_INFILESIZE_LARGE.html \ - CURLOPT_INTERFACE.html CURLOPT_INTERLEAVEDATA.html \ - CURLOPT_INTERLEAVEFUNCTION.html CURLOPT_IOCTLDATA.html \ - CURLOPT_IOCTLFUNCTION.html CURLOPT_IPRESOLVE.html \ - CURLOPT_ISSUERCERT.html CURLOPT_KEYPASSWD.html CURLOPT_KRBLEVEL.html \ - CURLOPT_LOCALPORT.html CURLOPT_LOCALPORTRANGE.html \ - CURLOPT_LOGIN_OPTIONS.html CURLOPT_LOW_SPEED_LIMIT.html \ - CURLOPT_LOW_SPEED_TIME.html CURLOPT_MAIL_AUTH.html \ - CURLOPT_MAIL_FROM.html CURLOPT_MAIL_RCPT.html CURLOPT_MAXCONNECTS.html \ - CURLOPT_MAXFILESIZE.html CURLOPT_MAXFILESIZE_LARGE.html \ - CURLOPT_MAX_RECV_SPEED_LARGE.html CURLOPT_MAXREDIRS.html \ - CURLOPT_MAX_SEND_SPEED_LARGE.html CURLOPT_NETRC.html \ - CURLOPT_NETRC_FILE.html CURLOPT_NEW_DIRECTORY_PERMS.html \ - CURLOPT_NEW_FILE_PERMS.html CURLOPT_NOBODY.html \ - CURLOPT_NOPROGRESS.html CURLOPT_NOPROXY.html CURLOPT_NOSIGNAL.html \ - CURLOPT_OPENSOCKETDATA.html CURLOPT_OPENSOCKETFUNCTION.html \ - CURLOPT_PASSWORD.html CURLOPT_PINNEDPUBLICKEY.html CURLOPT_PORT.html \ - CURLOPT_POST.html CURLOPT_POSTFIELDS.html CURLOPT_POSTFIELDSIZE.html \ - CURLOPT_POSTFIELDSIZE_LARGE.html CURLOPT_POSTQUOTE.html \ - CURLOPT_POSTREDIR.html CURLOPT_PREQUOTE.html CURLOPT_PRIVATE.html \ - CURLOPT_PROGRESSDATA.html CURLOPT_PROGRESSFUNCTION.html \ - CURLOPT_PROTOCOLS.html CURLOPT_PROXY.html CURLOPT_PROXYAUTH.html \ - CURLOPT_PROXYHEADER.html CURLOPT_PROXYPASSWORD.html \ - CURLOPT_PROXYPORT.html CURLOPT_PROXY_TRANSFER_MODE.html \ - CURLOPT_PROXYTYPE.html CURLOPT_PROXYUSERNAME.html \ - CURLOPT_PROXYUSERPWD.html CURLOPT_PUT.html CURLOPT_QUOTE.html \ - CURLOPT_RANDOM_FILE.html CURLOPT_RANGE.html CURLOPT_READDATA.html \ - CURLOPT_READFUNCTION.html CURLOPT_REDIR_PROTOCOLS.html \ - CURLOPT_REFERER.html CURLOPT_RESOLVE.html CURLOPT_RESUME_FROM.html \ - CURLOPT_RESUME_FROM_LARGE.html CURLOPT_RTSP_CLIENT_CSEQ.html \ - CURLOPT_RTSP_REQUEST.html CURLOPT_RTSP_SERVER_CSEQ.html \ - CURLOPT_RTSP_SESSION_ID.html CURLOPT_RTSP_STREAM_URI.html \ - CURLOPT_RTSP_TRANSPORT.html CURLOPT_SASL_IR.html CURLOPT_SEEKDATA.html \ - CURLOPT_SEEKFUNCTION.html CURLOPT_SHARE.html CURLOPT_SOCKOPTDATA.html \ - CURLOPT_SOCKOPTFUNCTION.html CURLOPT_SOCKS5_GSSAPI_NEC.html \ - CURLOPT_SOCKS5_GSSAPI_SERVICE.html CURLOPT_SSH_AUTH_TYPES.html \ - CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.html CURLOPT_SSH_KEYDATA.html \ - CURLOPT_SSH_KEYFUNCTION.html CURLOPT_SSH_KNOWNHOSTS.html \ - CURLOPT_SSH_PRIVATE_KEYFILE.html CURLOPT_SSH_PUBLIC_KEYFILE.html \ - CURLOPT_SSLCERT.html CURLOPT_SSLCERTTYPE.html \ - CURLOPT_SSL_CIPHER_LIST.html CURLOPT_SSL_CTX_DATA.html \ - CURLOPT_SSL_CTX_FUNCTION.html CURLOPT_SSL_ENABLE_ALPN.html \ - CURLOPT_SSL_ENABLE_NPN.html CURLOPT_SSLENGINE.html \ - CURLOPT_SSLENGINE_DEFAULT.html CURLOPT_SSL_FALSESTART.html \ - CURLOPT_SSLKEY.html CURLOPT_SSLKEYTYPE.html CURLOPT_SSL_OPTIONS.html \ - CURLOPT_SSL_SESSIONID_CACHE.html CURLOPT_SSL_VERIFYHOST.html \ - CURLOPT_SSL_VERIFYPEER.html CURLOPT_SSL_VERIFYSTATUS.html \ - CURLOPT_SSLVERSION.html CURLOPT_STDERR.html CURLOPT_TCP_KEEPALIVE.html \ - CURLOPT_TCP_KEEPIDLE.html CURLOPT_TCP_KEEPINTVL.html \ - CURLOPT_TCP_NODELAY.html CURLOPT_TELNETOPTIONS.html \ - CURLOPT_TFTP_BLKSIZE.html CURLOPT_TFTP_NO_OPTIONS.html \ - CURLOPT_TIMECONDITION.html CURLOPT_TIMEOUT.html \ - CURLOPT_TIMEOUT_MS.html CURLOPT_TIMEVALUE.html \ - CURLOPT_TLSAUTH_PASSWORD.html CURLOPT_TLSAUTH_TYPE.html \ - CURLOPT_TLSAUTH_USERNAME.html CURLOPT_TRANSFER_ENCODING.html \ - CURLOPT_TRANSFERTEXT.html CURLOPT_UNRESTRICTED_AUTH.html \ - CURLOPT_UPLOAD.html CURLOPT_URL.html CURLOPT_USERAGENT.html \ - CURLOPT_USERNAME.html CURLOPT_USERPWD.html CURLOPT_USE_SSL.html \ - CURLOPT_VERBOSE.html CURLOPT_WILDCARDMATCH.html CURLOPT_WRITEDATA.html \ - CURLOPT_WRITEFUNCTION.html CURLOPT_XFERINFODATA.html \ - CURLOPT_XFERINFOFUNCTION.html CURLOPT_XOAUTH2_BEARER.html \ - CURLOPT_STREAM_DEPENDS.html CURLOPT_STREAM_DEPENDS_E.html \ - CURLOPT_STREAM_WEIGHT.html CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.html \ - CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.html CURLMOPT_MAXCONNECTS.html \ - CURLMOPT_MAX_HOST_CONNECTIONS.html CURLMOPT_MAX_PIPELINE_LENGTH.html \ - CURLMOPT_MAX_TOTAL_CONNECTIONS.html CURLMOPT_PIPELINING.html \ - CURLMOPT_PIPELINING_SERVER_BL.html CURLMOPT_PIPELINING_SITE_BL.html \ - CURLMOPT_SOCKETDATA.html CURLMOPT_SOCKETFUNCTION.html \ - CURLMOPT_TIMERDATA.html CURLMOPT_TIMERFUNCTION.html \ - CURLOPT_UNIX_SOCKET_PATH.html CURLOPT_PATH_AS_IS.html \ - CURLOPT_PROXY_SERVICE_NAME.html CURLOPT_SERVICE_NAME.html \ - CURLOPT_PIPEWAIT.html CURLMOPT_PUSHDATA.html \ - CURLMOPT_PUSHFUNCTION.html CURLOPT_DEFAULT_PROTOCOL.html \ - CURLINFO_ACTIVESOCKET.html CURLINFO_APPCONNECT_TIME.html \ - CURLINFO_CERTINFO.html CURLINFO_CONDITION_UNMET.html \ - CURLINFO_CONNECT_TIME.html CURLINFO_CONTENT_LENGTH_DOWNLOAD.html \ - CURLINFO_CONTENT_LENGTH_UPLOAD.html CURLINFO_CONTENT_TYPE.html \ - CURLINFO_COOKIELIST.html CURLINFO_EFFECTIVE_URL.html \ - CURLINFO_FILETIME.html CURLINFO_FTP_ENTRY_PATH.html \ - CURLINFO_HEADER_SIZE.html CURLINFO_HTTPAUTH_AVAIL.html \ - CURLINFO_HTTP_CONNECTCODE.html CURLINFO_LASTSOCKET.html \ - CURLINFO_LOCAL_IP.html CURLINFO_LOCAL_PORT.html \ - CURLINFO_NAMELOOKUP_TIME.html CURLINFO_NUM_CONNECTS.html \ - CURLINFO_OS_ERRNO.html CURLINFO_PRETRANSFER_TIME.html \ - CURLINFO_PRIMARY_IP.html CURLINFO_PRIMARY_PORT.html \ - CURLINFO_PRIVATE.html CURLINFO_PROXYAUTH_AVAIL.html \ - CURLINFO_REDIRECT_COUNT.html CURLINFO_REDIRECT_TIME.html \ - CURLINFO_REDIRECT_URL.html CURLINFO_REQUEST_SIZE.html \ - CURLINFO_RESPONSE_CODE.html CURLINFO_RTSP_CLIENT_CSEQ.html \ - CURLINFO_RTSP_CSEQ_RECV.html CURLINFO_RTSP_SERVER_CSEQ.html \ - CURLINFO_RTSP_SESSION_ID.html CURLINFO_SIZE_DOWNLOAD.html \ - CURLINFO_SIZE_UPLOAD.html CURLINFO_SPEED_DOWNLOAD.html \ - CURLINFO_SPEED_UPLOAD.html CURLINFO_SSL_ENGINES.html \ - CURLINFO_SSL_VERIFYRESULT.html CURLINFO_STARTTRANSFER_TIME.html \ - CURLINFO_TLS_SESSION.html CURLINFO_TLS_SSL_PTR.html \ - CURLINFO_TOTAL_TIME.html +HTMLPAGES = \ + CURLINFO_ACTIVESOCKET.html \ + CURLINFO_APPCONNECT_TIME.html \ + CURLINFO_CERTINFO.html \ + CURLINFO_CONDITION_UNMET.html \ + CURLINFO_CONNECT_TIME.html \ + CURLINFO_CONTENT_LENGTH_DOWNLOAD.html \ + CURLINFO_CONTENT_LENGTH_UPLOAD.html \ + CURLINFO_CONTENT_TYPE.html \ + CURLINFO_COOKIELIST.html \ + CURLINFO_EFFECTIVE_URL.html \ + CURLINFO_FILETIME.html \ + CURLINFO_FTP_ENTRY_PATH.html \ + CURLINFO_HEADER_SIZE.html \ + CURLINFO_HTTPAUTH_AVAIL.html \ + CURLINFO_HTTP_CONNECTCODE.html \ + CURLINFO_LASTSOCKET.html \ + CURLINFO_LOCAL_IP.html \ + CURLINFO_LOCAL_PORT.html \ + CURLINFO_NAMELOOKUP_TIME.html \ + CURLINFO_NUM_CONNECTS.html \ + CURLINFO_OS_ERRNO.html \ + CURLINFO_PRETRANSFER_TIME.html \ + CURLINFO_PRIMARY_IP.html \ + CURLINFO_PRIMARY_PORT.html \ + CURLINFO_PRIVATE.html \ + CURLINFO_PROXYAUTH_AVAIL.html \ + CURLINFO_REDIRECT_COUNT.html \ + CURLINFO_REDIRECT_TIME.html \ + CURLINFO_REDIRECT_URL.html \ + CURLINFO_REQUEST_SIZE.html \ + CURLINFO_RESPONSE_CODE.html \ + CURLINFO_RTSP_CLIENT_CSEQ.html \ + CURLINFO_RTSP_CSEQ_RECV.html \ + CURLINFO_RTSP_SERVER_CSEQ.html \ + CURLINFO_RTSP_SESSION_ID.html \ + CURLINFO_SIZE_DOWNLOAD.html \ + CURLINFO_SIZE_UPLOAD.html \ + CURLINFO_SPEED_DOWNLOAD.html \ + CURLINFO_SPEED_UPLOAD.html \ + CURLINFO_SSL_ENGINES.html \ + CURLINFO_SSL_VERIFYRESULT.html \ + CURLINFO_STARTTRANSFER_TIME.html \ + CURLINFO_TLS_SESSION.html \ + CURLINFO_TLS_SSL_PTR.html \ + CURLINFO_TOTAL_TIME.html \ + CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.html \ + CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.html \ + CURLMOPT_MAXCONNECTS.html \ + CURLMOPT_MAX_HOST_CONNECTIONS.html \ + CURLMOPT_MAX_PIPELINE_LENGTH.html \ + CURLMOPT_MAX_TOTAL_CONNECTIONS.html \ + CURLMOPT_PIPELINING.html \ + CURLMOPT_PIPELINING_SERVER_BL.html \ + CURLMOPT_PIPELINING_SITE_BL.html \ + CURLMOPT_PUSHDATA.html \ + CURLMOPT_PUSHFUNCTION.html \ + CURLMOPT_SOCKETDATA.html \ + CURLMOPT_SOCKETFUNCTION.html \ + CURLMOPT_TIMERDATA.html \ + CURLMOPT_TIMERFUNCTION.html \ + CURLOPT_ACCEPTTIMEOUT_MS.html \ + CURLOPT_ACCEPT_ENCODING.html \ + CURLOPT_ADDRESS_SCOPE.html \ + CURLOPT_APPEND.html \ + CURLOPT_AUTOREFERER.html \ + CURLOPT_BUFFERSIZE.html \ + CURLOPT_CAINFO.html \ + CURLOPT_CAPATH.html \ + CURLOPT_CERTINFO.html \ + CURLOPT_CHUNK_BGN_FUNCTION.html \ + CURLOPT_CHUNK_DATA.html \ + CURLOPT_CHUNK_END_FUNCTION.html \ + CURLOPT_CLOSESOCKETDATA.html \ + CURLOPT_CLOSESOCKETFUNCTION.html \ + CURLOPT_CONNECTTIMEOUT.html \ + CURLOPT_CONNECTTIMEOUT_MS.html \ + CURLOPT_CONNECT_ONLY.html \ + CURLOPT_CONNECT_TO.html \ + CURLOPT_CONV_FROM_NETWORK_FUNCTION.html \ + CURLOPT_CONV_FROM_UTF8_FUNCTION.html \ + CURLOPT_CONV_TO_NETWORK_FUNCTION.html \ + CURLOPT_COOKIE.html \ + CURLOPT_COOKIEFILE.html \ + CURLOPT_COOKIEJAR.html \ + CURLOPT_COOKIELIST.html \ + CURLOPT_COOKIESESSION.html \ + CURLOPT_COPYPOSTFIELDS.html \ + CURLOPT_CRLF.html \ + CURLOPT_CRLFILE.html \ + CURLOPT_CUSTOMREQUEST.html \ + CURLOPT_DEBUGDATA.html \ + CURLOPT_DEBUGFUNCTION.html \ + CURLOPT_DEFAULT_PROTOCOL.html \ + CURLOPT_DIRLISTONLY.html \ + CURLOPT_DNS_CACHE_TIMEOUT.html \ + CURLOPT_DNS_INTERFACE.html \ + CURLOPT_DNS_LOCAL_IP4.html \ + CURLOPT_DNS_LOCAL_IP6.html \ + CURLOPT_DNS_SERVERS.html \ + CURLOPT_DNS_USE_GLOBAL_CACHE.html \ + CURLOPT_EGDSOCKET.html \ + CURLOPT_ERRORBUFFER.html \ + CURLOPT_EXPECT_100_TIMEOUT_MS.html \ + CURLOPT_FAILONERROR.html \ + CURLOPT_FILETIME.html \ + CURLOPT_FNMATCH_DATA.html \ + CURLOPT_FNMATCH_FUNCTION.html \ + CURLOPT_FOLLOWLOCATION.html \ + CURLOPT_FORBID_REUSE.html \ + CURLOPT_FRESH_CONNECT.html \ + CURLOPT_FTPPORT.html \ + CURLOPT_FTPSSLAUTH.html \ + CURLOPT_FTP_ACCOUNT.html \ + CURLOPT_FTP_ALTERNATIVE_TO_USER.html \ + CURLOPT_FTP_CREATE_MISSING_DIRS.html \ + CURLOPT_FTP_FILEMETHOD.html \ + CURLOPT_FTP_RESPONSE_TIMEOUT.html \ + CURLOPT_FTP_SKIP_PASV_IP.html \ + CURLOPT_FTP_SSL_CCC.html \ + CURLOPT_FTP_USE_EPRT.html \ + CURLOPT_FTP_USE_EPSV.html \ + CURLOPT_FTP_USE_PRET.html \ + CURLOPT_GSSAPI_DELEGATION.html \ + CURLOPT_HEADER.html \ + CURLOPT_HEADERDATA.html \ + CURLOPT_HEADERFUNCTION.html \ + CURLOPT_HEADEROPT.html \ + CURLOPT_HTTP200ALIASES.html \ + CURLOPT_HTTPAUTH.html \ + CURLOPT_HTTPGET.html \ + CURLOPT_HTTPHEADER.html \ + CURLOPT_HTTPPOST.html \ + CURLOPT_HTTPPROXYTUNNEL.html \ + CURLOPT_HTTP_CONTENT_DECODING.html \ + CURLOPT_HTTP_TRANSFER_DECODING.html \ + CURLOPT_HTTP_VERSION.html \ + CURLOPT_IGNORE_CONTENT_LENGTH.html \ + CURLOPT_INFILESIZE.html \ + CURLOPT_INFILESIZE_LARGE.html \ + CURLOPT_INTERFACE.html \ + CURLOPT_INTERLEAVEDATA.html \ + CURLOPT_INTERLEAVEFUNCTION.html \ + CURLOPT_IOCTLDATA.html \ + CURLOPT_IOCTLFUNCTION.html \ + CURLOPT_IPRESOLVE.html \ + CURLOPT_ISSUERCERT.html \ + CURLOPT_KEYPASSWD.html \ + CURLOPT_KRBLEVEL.html \ + CURLOPT_LOCALPORT.html \ + CURLOPT_LOCALPORTRANGE.html \ + CURLOPT_LOGIN_OPTIONS.html \ + CURLOPT_LOW_SPEED_LIMIT.html \ + CURLOPT_LOW_SPEED_TIME.html \ + CURLOPT_MAIL_AUTH.html \ + CURLOPT_MAIL_FROM.html \ + CURLOPT_MAIL_RCPT.html \ + CURLOPT_MAXCONNECTS.html \ + CURLOPT_MAXFILESIZE.html \ + CURLOPT_MAXFILESIZE_LARGE.html \ + CURLOPT_MAXREDIRS.html \ + CURLOPT_MAX_RECV_SPEED_LARGE.html \ + CURLOPT_MAX_SEND_SPEED_LARGE.html \ + CURLOPT_NETRC.html \ + CURLOPT_NETRC_FILE.html \ + CURLOPT_NEW_DIRECTORY_PERMS.html \ + CURLOPT_NEW_FILE_PERMS.html \ + CURLOPT_NOBODY.html \ + CURLOPT_NOPROGRESS.html \ + CURLOPT_NOPROXY.html \ + CURLOPT_NOSIGNAL.html \ + CURLOPT_OPENSOCKETDATA.html \ + CURLOPT_OPENSOCKETFUNCTION.html \ + CURLOPT_PASSWORD.html \ + CURLOPT_PATH_AS_IS.html \ + CURLOPT_PINNEDPUBLICKEY.html \ + CURLOPT_PIPEWAIT.html \ + CURLOPT_PORT.html \ + CURLOPT_POST.html \ + CURLOPT_POSTFIELDS.html \ + CURLOPT_POSTFIELDSIZE.html \ + CURLOPT_POSTFIELDSIZE_LARGE.html \ + CURLOPT_POSTQUOTE.html \ + CURLOPT_POSTREDIR.html \ + CURLOPT_PREQUOTE.html \ + CURLOPT_PRIVATE.html \ + CURLOPT_PROGRESSDATA.html \ + CURLOPT_PROGRESSFUNCTION.html \ + CURLOPT_PROTOCOLS.html \ + CURLOPT_PROXY.html \ + CURLOPT_PROXYAUTH.html \ + CURLOPT_PROXYHEADER.html \ + CURLOPT_PROXYPASSWORD.html \ + CURLOPT_PROXYPORT.html \ + CURLOPT_PROXYTYPE.html \ + CURLOPT_PROXYUSERNAME.html \ + CURLOPT_PROXYUSERPWD.html \ + CURLOPT_PROXY_SERVICE_NAME.html \ + CURLOPT_PROXY_TRANSFER_MODE.html \ + CURLOPT_PUT.html \ + CURLOPT_QUOTE.html \ + CURLOPT_RANDOM_FILE.html \ + CURLOPT_RANGE.html \ + CURLOPT_READDATA.html \ + CURLOPT_READFUNCTION.html \ + CURLOPT_REDIR_PROTOCOLS.html \ + CURLOPT_REFERER.html \ + CURLOPT_RESOLVE.html \ + CURLOPT_RESUME_FROM.html \ + CURLOPT_RESUME_FROM_LARGE.html \ + CURLOPT_RTSP_CLIENT_CSEQ.html \ + CURLOPT_RTSP_REQUEST.html \ + CURLOPT_RTSP_SERVER_CSEQ.html \ + CURLOPT_RTSP_SESSION_ID.html \ + CURLOPT_RTSP_STREAM_URI.html \ + CURLOPT_RTSP_TRANSPORT.html \ + CURLOPT_SASL_IR.html \ + CURLOPT_SEEKDATA.html \ + CURLOPT_SEEKFUNCTION.html \ + CURLOPT_SERVICE_NAME.html \ + CURLOPT_SHARE.html \ + CURLOPT_SOCKOPTDATA.html \ + CURLOPT_SOCKOPTFUNCTION.html \ + CURLOPT_SOCKS5_GSSAPI_NEC.html \ + CURLOPT_SOCKS5_GSSAPI_SERVICE.html \ + CURLOPT_SSH_AUTH_TYPES.html \ + CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.html \ + CURLOPT_SSH_KEYDATA.html \ + CURLOPT_SSH_KEYFUNCTION.html \ + CURLOPT_SSH_KNOWNHOSTS.html \ + CURLOPT_SSH_PRIVATE_KEYFILE.html \ + CURLOPT_SSH_PUBLIC_KEYFILE.html \ + CURLOPT_SSLCERT.html \ + CURLOPT_SSLCERTTYPE.html \ + CURLOPT_SSLENGINE.html \ + CURLOPT_SSLENGINE_DEFAULT.html \ + CURLOPT_SSLKEY.html \ + CURLOPT_SSLKEYTYPE.html \ + CURLOPT_SSLVERSION.html \ + CURLOPT_SSL_CIPHER_LIST.html \ + CURLOPT_SSL_CTX_DATA.html \ + CURLOPT_SSL_CTX_FUNCTION.html \ + CURLOPT_SSL_ENABLE_ALPN.html \ + CURLOPT_SSL_ENABLE_NPN.html \ + CURLOPT_SSL_FALSESTART.html \ + CURLOPT_SSL_OPTIONS.html \ + CURLOPT_SSL_SESSIONID_CACHE.html \ + CURLOPT_SSL_VERIFYHOST.html \ + CURLOPT_SSL_VERIFYPEER.html \ + CURLOPT_SSL_VERIFYSTATUS.html \ + CURLOPT_STDERR.html \ + CURLOPT_STREAM_DEPENDS.html \ + CURLOPT_STREAM_DEPENDS_E.html \ + CURLOPT_STREAM_WEIGHT.html \ + CURLOPT_TCP_FASTOPEN.html \ + CURLOPT_TCP_KEEPALIVE.html \ + CURLOPT_TCP_KEEPIDLE.html \ + CURLOPT_TCP_KEEPINTVL.html \ + CURLOPT_TCP_NODELAY.html \ + CURLOPT_TELNETOPTIONS.html \ + CURLOPT_TFTP_BLKSIZE.html \ + CURLOPT_TFTP_NO_OPTIONS.html \ + CURLOPT_TIMECONDITION.html \ + CURLOPT_TIMEOUT.html \ + CURLOPT_TIMEOUT_MS.html \ + CURLOPT_TIMEVALUE.html \ + CURLOPT_TLSAUTH_PASSWORD.html \ + CURLOPT_TLSAUTH_TYPE.html \ + CURLOPT_TLSAUTH_USERNAME.html \ + CURLOPT_TRANSFERTEXT.html \ + CURLOPT_TRANSFER_ENCODING.html \ + CURLOPT_UNIX_SOCKET_PATH.html \ + CURLOPT_UNRESTRICTED_AUTH.html \ + CURLOPT_UPLOAD.html \ + CURLOPT_URL.html \ + CURLOPT_USERAGENT.html \ + CURLOPT_USERNAME.html \ + CURLOPT_USERPWD.html \ + CURLOPT_USE_SSL.html \ + CURLOPT_VERBOSE.html \ + CURLOPT_WILDCARDMATCH.html \ + CURLOPT_WRITEDATA.html \ + CURLOPT_WRITEFUNCTION.html \ + CURLOPT_XFERINFODATA.html \ + CURLOPT_XFERINFOFUNCTION.html \ + CURLOPT_XOAUTH2_BEARER.html -PDFPAGES = CURLOPT_ACCEPT_ENCODING.pdf CURLOPT_ACCEPTTIMEOUT_MS.pdf \ - CURLOPT_ADDRESS_SCOPE.pdf CURLOPT_APPEND.pdf CURLOPT_AUTOREFERER.pdf \ - CURLOPT_BUFFERSIZE.pdf CURLOPT_CAINFO.pdf CURLOPT_CAPATH.pdf \ - CURLOPT_CERTINFO.pdf CURLOPT_CHUNK_BGN_FUNCTION.pdf \ - CURLOPT_CHUNK_DATA.pdf CURLOPT_CHUNK_END_FUNCTION.pdf \ - CURLOPT_CLOSESOCKETDATA.pdf CURLOPT_CLOSESOCKETFUNCTION.pdf \ - CURLOPT_CONNECT_ONLY.pdf CURLOPT_CONNECTTIMEOUT.pdf \ - CURLOPT_CONNECTTIMEOUT_MS.pdf CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf \ - CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf \ - CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf CURLOPT_COOKIE.pdf \ - CURLOPT_COOKIEFILE.pdf CURLOPT_COOKIEJAR.pdf CURLOPT_COOKIELIST.pdf \ - CURLOPT_COOKIESESSION.pdf CURLOPT_COPYPOSTFIELDS.pdf CURLOPT_CRLF.pdf \ - CURLOPT_CRLFILE.pdf CURLOPT_CUSTOMREQUEST.pdf CURLOPT_DEBUGDATA.pdf \ - CURLOPT_DEBUGFUNCTION.pdf CURLOPT_DIRLISTONLY.pdf \ - CURLOPT_DNS_CACHE_TIMEOUT.pdf CURLOPT_DNS_INTERFACE.pdf \ - CURLOPT_DNS_LOCAL_IP4.pdf CURLOPT_DNS_LOCAL_IP6.pdf \ - CURLOPT_DNS_SERVERS.pdf CURLOPT_DNS_USE_GLOBAL_CACHE.pdf \ - CURLOPT_EGDSOCKET.pdf CURLOPT_ERRORBUFFER.pdf \ - CURLOPT_EXPECT_100_TIMEOUT_MS.pdf CURLOPT_FAILONERROR.pdf \ - CURLOPT_FILETIME.pdf CURLOPT_FNMATCH_DATA.pdf \ - CURLOPT_FNMATCH_FUNCTION.pdf CURLOPT_FOLLOWLOCATION.pdf \ - CURLOPT_FORBID_REUSE.pdf CURLOPT_FRESH_CONNECT.pdf \ - CURLOPT_FTP_ACCOUNT.pdf CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf \ - CURLOPT_FTP_CREATE_MISSING_DIRS.pdf CURLOPT_FTP_FILEMETHOD.pdf \ - CURLOPT_FTPPORT.pdf CURLOPT_FTP_RESPONSE_TIMEOUT.pdf \ - CURLOPT_FTP_SKIP_PASV_IP.pdf CURLOPT_FTPSSLAUTH.pdf \ - CURLOPT_FTP_SSL_CCC.pdf CURLOPT_FTP_USE_EPRT.pdf \ - CURLOPT_FTP_USE_EPSV.pdf CURLOPT_FTP_USE_PRET.pdf \ - CURLOPT_GSSAPI_DELEGATION.pdf CURLOPT_HEADER.pdf \ - CURLOPT_HEADERDATA.pdf CURLOPT_HEADERFUNCTION.pdf \ - CURLOPT_HEADEROPT.pdf CURLOPT_HTTP200ALIASES.pdf CURLOPT_HTTPAUTH.pdf \ - CURLOPT_HTTP_CONTENT_DECODING.pdf CURLOPT_HTTPGET.pdf \ - CURLOPT_HTTPHEADER.pdf CURLOPT_HTTPPOST.pdf \ - CURLOPT_HTTPPROXYTUNNEL.pdf CURLOPT_HTTP_TRANSFER_DECODING.pdf \ - CURLOPT_HTTP_VERSION.pdf CURLOPT_IGNORE_CONTENT_LENGTH.pdf \ - CURLOPT_INFILESIZE.pdf CURLOPT_INFILESIZE_LARGE.pdf \ - CURLOPT_INTERFACE.pdf CURLOPT_INTERLEAVEDATA.pdf \ - CURLOPT_INTERLEAVEFUNCTION.pdf CURLOPT_IOCTLDATA.pdf \ - CURLOPT_IOCTLFUNCTION.pdf CURLOPT_IPRESOLVE.pdf CURLOPT_ISSUERCERT.pdf \ - CURLOPT_KEYPASSWD.pdf CURLOPT_KRBLEVEL.pdf CURLOPT_LOCALPORT.pdf \ - CURLOPT_LOCALPORTRANGE.pdf CURLOPT_LOGIN_OPTIONS.pdf \ - CURLOPT_LOW_SPEED_LIMIT.pdf CURLOPT_LOW_SPEED_TIME.pdf \ - CURLOPT_MAIL_AUTH.pdf CURLOPT_MAIL_FROM.pdf CURLOPT_MAIL_RCPT.pdf \ - CURLOPT_MAXCONNECTS.pdf CURLOPT_MAXFILESIZE.pdf \ - CURLOPT_MAXFILESIZE_LARGE.pdf CURLOPT_MAX_RECV_SPEED_LARGE.pdf \ - CURLOPT_MAXREDIRS.pdf CURLOPT_MAX_SEND_SPEED_LARGE.pdf \ - CURLOPT_NETRC.pdf CURLOPT_NETRC_FILE.pdf \ - CURLOPT_NEW_DIRECTORY_PERMS.pdf CURLOPT_NEW_FILE_PERMS.pdf \ - CURLOPT_NOBODY.pdf CURLOPT_NOPROGRESS.pdf CURLOPT_NOPROXY.pdf \ - CURLOPT_NOSIGNAL.pdf CURLOPT_OPENSOCKETDATA.pdf \ - CURLOPT_OPENSOCKETFUNCTION.pdf CURLOPT_PASSWORD.pdf \ - CURLOPT_PINNEDPUBLICKEY.pdf CURLOPT_PORT.pdf CURLOPT_POST.pdf \ - CURLOPT_POSTFIELDS.pdf CURLOPT_POSTFIELDSIZE.pdf \ - CURLOPT_POSTFIELDSIZE_LARGE.pdf CURLOPT_POSTQUOTE.pdf \ - CURLOPT_POSTREDIR.pdf CURLOPT_PREQUOTE.pdf CURLOPT_PRIVATE.pdf \ - CURLOPT_PROGRESSDATA.pdf CURLOPT_PROGRESSFUNCTION.pdf \ - CURLOPT_PROTOCOLS.pdf CURLOPT_PROXY.pdf CURLOPT_PROXYAUTH.pdf \ - CURLOPT_PROXYHEADER.pdf CURLOPT_PROXYPASSWORD.pdf \ - CURLOPT_PROXYPORT.pdf CURLOPT_PROXY_TRANSFER_MODE.pdf \ - CURLOPT_PROXYTYPE.pdf CURLOPT_PROXYUSERNAME.pdf \ - CURLOPT_PROXYUSERPWD.pdf CURLOPT_PUT.pdf CURLOPT_QUOTE.pdf \ - CURLOPT_RANDOM_FILE.pdf CURLOPT_RANGE.pdf CURLOPT_READDATA.pdf \ - CURLOPT_READFUNCTION.pdf CURLOPT_REDIR_PROTOCOLS.pdf \ - CURLOPT_REFERER.pdf CURLOPT_RESOLVE.pdf CURLOPT_RESUME_FROM.pdf \ - CURLOPT_RESUME_FROM_LARGE.pdf CURLOPT_RTSP_CLIENT_CSEQ.pdf \ - CURLOPT_RTSP_REQUEST.pdf CURLOPT_RTSP_SERVER_CSEQ.pdf \ - CURLOPT_RTSP_SESSION_ID.pdf CURLOPT_RTSP_STREAM_URI.pdf \ - CURLOPT_RTSP_TRANSPORT.pdf CURLOPT_SASL_IR.pdf CURLOPT_SEEKDATA.pdf \ - CURLOPT_SEEKFUNCTION.pdf CURLOPT_SHARE.pdf CURLOPT_SOCKOPTDATA.pdf \ - CURLOPT_SOCKOPTFUNCTION.pdf CURLOPT_SOCKS5_GSSAPI_NEC.pdf \ - CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf CURLOPT_SSH_AUTH_TYPES.pdf \ - CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf CURLOPT_SSH_KEYDATA.pdf \ - CURLOPT_SSH_KEYFUNCTION.pdf CURLOPT_SSH_KNOWNHOSTS.pdf \ - CURLOPT_SSH_PRIVATE_KEYFILE.pdf CURLOPT_SSH_PUBLIC_KEYFILE.pdf \ - CURLOPT_SSLCERT.pdf CURLOPT_SSLCERTTYPE.pdf \ - CURLOPT_SSL_CIPHER_LIST.pdf CURLOPT_SSL_CTX_DATA.pdf \ - CURLOPT_SSL_CTX_FUNCTION.pdf CURLOPT_SSL_ENABLE_ALPN.pdf \ - CURLOPT_SSL_ENABLE_NPN.pdf CURLOPT_SSLENGINE.pdf \ - CURLOPT_SSLENGINE_DEFAULT.pdf CURLOPT_SSL_FALSESTART.pdf \ - CURLOPT_SSLKEY.pdf CURLOPT_SSLKEYTYPE.pdf CURLOPT_SSL_OPTIONS.pdf \ - CURLOPT_SSL_SESSIONID_CACHE.pdf CURLOPT_SSL_VERIFYHOST.pdf \ - CURLOPT_SSL_VERIFYPEER.pdf CURLOPT_SSL_VERIFYSTATUS.pdf \ - CURLOPT_SSLVERSION.pdf CURLOPT_STDERR.pdf CURLOPT_TCP_KEEPALIVE.pdf \ - CURLOPT_TCP_KEEPIDLE.pdf CURLOPT_TCP_KEEPINTVL.pdf \ - CURLOPT_TCP_NODELAY.pdf CURLOPT_TELNETOPTIONS.pdf \ - CURLOPT_TFTP_BLKSIZE.pdf CURLOPT_TFTP_NO_OPTIONS.pdf \ - CURLOPT_TIMECONDITION.pdf CURLOPT_TIMEOUT.pdf \ - CURLOPT_TIMEOUT_MS.pdf CURLOPT_TIMEVALUE.pdf \ - CURLOPT_TLSAUTH_PASSWORD.pdf CURLOPT_TLSAUTH_TYPE.pdf \ - CURLOPT_TLSAUTH_USERNAME.pdf CURLOPT_TRANSFER_ENCODING.pdf \ - CURLOPT_TRANSFERTEXT.pdf CURLOPT_UNRESTRICTED_AUTH.pdf \ - CURLOPT_UPLOAD.pdf CURLOPT_URL.pdf CURLOPT_USERAGENT.pdf \ - CURLOPT_USERNAME.pdf CURLOPT_USERPWD.pdf CURLOPT_USE_SSL.pdf \ - CURLOPT_VERBOSE.pdf CURLOPT_WILDCARDMATCH.pdf CURLOPT_WRITEDATA.pdf \ - CURLOPT_WRITEFUNCTION.pdf CURLOPT_XFERINFODATA.pdf \ - CURLOPT_XFERINFOFUNCTION.pdf CURLOPT_XOAUTH2_BEARER.pdf \ - CURLOPT_STREAM_DEPENDS.pdf CURLOPT_STREAM_DEPENDS_E.pdf \ - CURLOPT_STREAM_WEIGHT.pdf CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf \ - CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf CURLMOPT_MAXCONNECTS.pdf \ - CURLMOPT_MAX_HOST_CONNECTIONS.pdf CURLMOPT_MAX_PIPELINE_LENGTH.pdf \ - CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf CURLMOPT_PIPELINING.pdf \ - CURLMOPT_PIPELINING_SERVER_BL.pdf CURLMOPT_PIPELINING_SITE_BL.pdf \ - CURLMOPT_SOCKETDATA.pdf CURLMOPT_SOCKETFUNCTION.pdf \ - CURLMOPT_TIMERDATA.pdf CURLMOPT_TIMERFUNCTION.pdf \ - CURLOPT_UNIX_SOCKET_PATH.pdf CURLOPT_PATH_AS_IS.pdf \ - CURLOPT_PROXY_SERVICE_NAME.pdf CURLOPT_SERVICE_NAME.pdf \ - CURLOPT_PIPEWAIT.pdf CURLMOPT_PUSHDATA.pdf CURLMOPT_PUSHFUNCTION.pdf \ - CURLOPT_DEFAULT_PROTOCOL.pdf CURLINFO_ACTIVESOCKET.pdf \ - CURLINFO_APPCONNECT_TIME.pdf CURLINFO_CERTINFO.pdf \ - CURLINFO_CONDITION_UNMET.pdf CURLINFO_CONNECT_TIME.pdf \ - CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf \ - CURLINFO_CONTENT_LENGTH_UPLOAD.pdf CURLINFO_CONTENT_TYPE.pdf \ - CURLINFO_COOKIELIST.pdf CURLINFO_EFFECTIVE_URL.pdf \ - CURLINFO_FILETIME.pdf CURLINFO_FTP_ENTRY_PATH.pdf \ - CURLINFO_HEADER_SIZE.pdf CURLINFO_HTTPAUTH_AVAIL.pdf \ - CURLINFO_HTTP_CONNECTCODE.pdf CURLINFO_LASTSOCKET.pdf \ - CURLINFO_LOCAL_IP.pdf CURLINFO_LOCAL_PORT.pdf \ - CURLINFO_NAMELOOKUP_TIME.pdf CURLINFO_NUM_CONNECTS.pdf \ - CURLINFO_OS_ERRNO.pdf CURLINFO_PRETRANSFER_TIME.pdf \ - CURLINFO_PRIMARY_IP.pdf CURLINFO_PRIMARY_PORT.pdf CURLINFO_PRIVATE.pdf \ - CURLINFO_PROXYAUTH_AVAIL.pdf CURLINFO_REDIRECT_COUNT.pdf \ - CURLINFO_REDIRECT_TIME.pdf CURLINFO_REDIRECT_URL.pdf \ - CURLINFO_REQUEST_SIZE.pdf CURLINFO_RESPONSE_CODE.pdf \ - CURLINFO_RTSP_CLIENT_CSEQ.pdf CURLINFO_RTSP_CSEQ_RECV.pdf \ - CURLINFO_RTSP_SERVER_CSEQ.pdf CURLINFO_RTSP_SESSION_ID.pdf \ - CURLINFO_SIZE_DOWNLOAD.pdf CURLINFO_SIZE_UPLOAD.pdf \ - CURLINFO_SPEED_DOWNLOAD.pdf CURLINFO_SPEED_UPLOAD.pdf \ - CURLINFO_SSL_ENGINES.pdf CURLINFO_SSL_VERIFYRESULT.pdf \ - CURLINFO_STARTTRANSFER_TIME.pdf CURLINFO_TLS_SESSION.pdf \ - CURLINFO_TLS_SSL_PTR.pdf CURLINFO_TOTAL_TIME.pdf +PDFPAGES = \ + CURLINFO_ACTIVESOCKET.pdf \ + CURLINFO_APPCONNECT_TIME.pdf \ + CURLINFO_CERTINFO.pdf \ + CURLINFO_CONDITION_UNMET.pdf \ + CURLINFO_CONNECT_TIME.pdf \ + CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf \ + CURLINFO_CONTENT_LENGTH_UPLOAD.pdf \ + CURLINFO_CONTENT_TYPE.pdf \ + CURLINFO_COOKIELIST.pdf \ + CURLINFO_EFFECTIVE_URL.pdf \ + CURLINFO_FILETIME.pdf \ + CURLINFO_FTP_ENTRY_PATH.pdf \ + CURLINFO_HEADER_SIZE.pdf \ + CURLINFO_HTTPAUTH_AVAIL.pdf \ + CURLINFO_HTTP_CONNECTCODE.pdf \ + CURLINFO_LASTSOCKET.pdf \ + CURLINFO_LOCAL_IP.pdf \ + CURLINFO_LOCAL_PORT.pdf \ + CURLINFO_NAMELOOKUP_TIME.pdf \ + CURLINFO_NUM_CONNECTS.pdf \ + CURLINFO_OS_ERRNO.pdf \ + CURLINFO_PRETRANSFER_TIME.pdf \ + CURLINFO_PRIMARY_IP.pdf \ + CURLINFO_PRIMARY_PORT.pdf \ + CURLINFO_PRIVATE.pdf \ + CURLINFO_PROXYAUTH_AVAIL.pdf \ + CURLINFO_REDIRECT_COUNT.pdf \ + CURLINFO_REDIRECT_TIME.pdf \ + CURLINFO_REDIRECT_URL.pdf \ + CURLINFO_REQUEST_SIZE.pdf \ + CURLINFO_RESPONSE_CODE.pdf \ + CURLINFO_RTSP_CLIENT_CSEQ.pdf \ + CURLINFO_RTSP_CSEQ_RECV.pdf \ + CURLINFO_RTSP_SERVER_CSEQ.pdf \ + CURLINFO_RTSP_SESSION_ID.pdf \ + CURLINFO_SIZE_DOWNLOAD.pdf \ + CURLINFO_SIZE_UPLOAD.pdf \ + CURLINFO_SPEED_DOWNLOAD.pdf \ + CURLINFO_SPEED_UPLOAD.pdf \ + CURLINFO_SSL_ENGINES.pdf \ + CURLINFO_SSL_VERIFYRESULT.pdf \ + CURLINFO_STARTTRANSFER_TIME.pdf \ + CURLINFO_TLS_SESSION.pdf \ + CURLINFO_TLS_SSL_PTR.pdf \ + CURLINFO_TOTAL_TIME.pdf \ + CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf \ + CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf \ + CURLMOPT_MAXCONNECTS.pdf \ + CURLMOPT_MAX_HOST_CONNECTIONS.pdf \ + CURLMOPT_MAX_PIPELINE_LENGTH.pdf \ + CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf \ + CURLMOPT_PIPELINING.pdf \ + CURLMOPT_PIPELINING_SERVER_BL.pdf \ + CURLMOPT_PIPELINING_SITE_BL.pdf \ + CURLMOPT_PUSHDATA.pdf \ + CURLMOPT_PUSHFUNCTION.pdf \ + CURLMOPT_SOCKETDATA.pdf \ + CURLMOPT_SOCKETFUNCTION.pdf \ + CURLMOPT_TIMERDATA.pdf \ + CURLMOPT_TIMERFUNCTION.pdf \ + CURLOPT_ACCEPTTIMEOUT_MS.pdf \ + CURLOPT_ACCEPT_ENCODING.pdf \ + CURLOPT_ADDRESS_SCOPE.pdf \ + CURLOPT_APPEND.pdf \ + CURLOPT_AUTOREFERER.pdf \ + CURLOPT_BUFFERSIZE.pdf \ + CURLOPT_CAINFO.pdf \ + CURLOPT_CAPATH.pdf \ + CURLOPT_CERTINFO.pdf \ + CURLOPT_CHUNK_BGN_FUNCTION.pdf \ + CURLOPT_CHUNK_DATA.pdf \ + CURLOPT_CHUNK_END_FUNCTION.pdf \ + CURLOPT_CLOSESOCKETDATA.pdf \ + CURLOPT_CLOSESOCKETFUNCTION.pdf \ + CURLOPT_CONNECTTIMEOUT.pdf \ + CURLOPT_CONNECTTIMEOUT_MS.pdf \ + CURLOPT_CONNECT_ONLY.pdf \ + CURLOPT_CONNECT_TO.pdf \ + CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf \ + CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf \ + CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf \ + CURLOPT_COOKIE.pdf \ + CURLOPT_COOKIEFILE.pdf \ + CURLOPT_COOKIEJAR.pdf \ + CURLOPT_COOKIELIST.pdf \ + CURLOPT_COOKIESESSION.pdf \ + CURLOPT_COPYPOSTFIELDS.pdf \ + CURLOPT_CRLF.pdf \ + CURLOPT_CRLFILE.pdf \ + CURLOPT_CUSTOMREQUEST.pdf \ + CURLOPT_DEBUGDATA.pdf \ + CURLOPT_DEBUGFUNCTION.pdf \ + CURLOPT_DEFAULT_PROTOCOL.pdf \ + CURLOPT_DIRLISTONLY.pdf \ + CURLOPT_DNS_CACHE_TIMEOUT.pdf \ + CURLOPT_DNS_INTERFACE.pdf \ + CURLOPT_DNS_LOCAL_IP4.pdf \ + CURLOPT_DNS_LOCAL_IP6.pdf \ + CURLOPT_DNS_SERVERS.pdf \ + CURLOPT_DNS_USE_GLOBAL_CACHE.pdf \ + CURLOPT_EGDSOCKET.pdf \ + CURLOPT_ERRORBUFFER.pdf \ + CURLOPT_EXPECT_100_TIMEOUT_MS.pdf \ + CURLOPT_FAILONERROR.pdf \ + CURLOPT_FILETIME.pdf \ + CURLOPT_FNMATCH_DATA.pdf \ + CURLOPT_FNMATCH_FUNCTION.pdf \ + CURLOPT_FOLLOWLOCATION.pdf \ + CURLOPT_FORBID_REUSE.pdf \ + CURLOPT_FRESH_CONNECT.pdf \ + CURLOPT_FTPPORT.pdf \ + CURLOPT_FTPSSLAUTH.pdf \ + CURLOPT_FTP_ACCOUNT.pdf \ + CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf \ + CURLOPT_FTP_CREATE_MISSING_DIRS.pdf \ + CURLOPT_FTP_FILEMETHOD.pdf \ + CURLOPT_FTP_RESPONSE_TIMEOUT.pdf \ + CURLOPT_FTP_SKIP_PASV_IP.pdf \ + CURLOPT_FTP_SSL_CCC.pdf \ + CURLOPT_FTP_USE_EPRT.pdf \ + CURLOPT_FTP_USE_EPSV.pdf \ + CURLOPT_FTP_USE_PRET.pdf \ + CURLOPT_GSSAPI_DELEGATION.pdf \ + CURLOPT_HEADER.pdf \ + CURLOPT_HEADERDATA.pdf \ + CURLOPT_HEADERFUNCTION.pdf \ + CURLOPT_HEADEROPT.pdf \ + CURLOPT_HTTP200ALIASES.pdf \ + CURLOPT_HTTPAUTH.pdf \ + CURLOPT_HTTPGET.pdf \ + CURLOPT_HTTPHEADER.pdf \ + CURLOPT_HTTPPOST.pdf \ + CURLOPT_HTTPPROXYTUNNEL.pdf \ + CURLOPT_HTTP_CONTENT_DECODING.pdf \ + CURLOPT_HTTP_TRANSFER_DECODING.pdf \ + CURLOPT_HTTP_VERSION.pdf \ + CURLOPT_IGNORE_CONTENT_LENGTH.pdf \ + CURLOPT_INFILESIZE.pdf \ + CURLOPT_INFILESIZE_LARGE.pdf \ + CURLOPT_INTERFACE.pdf \ + CURLOPT_INTERLEAVEDATA.pdf \ + CURLOPT_INTERLEAVEFUNCTION.pdf \ + CURLOPT_IOCTLDATA.pdf \ + CURLOPT_IOCTLFUNCTION.pdf \ + CURLOPT_IPRESOLVE.pdf \ + CURLOPT_ISSUERCERT.pdf \ + CURLOPT_KEYPASSWD.pdf \ + CURLOPT_KRBLEVEL.pdf \ + CURLOPT_LOCALPORT.pdf \ + CURLOPT_LOCALPORTRANGE.pdf \ + CURLOPT_LOGIN_OPTIONS.pdf \ + CURLOPT_LOW_SPEED_LIMIT.pdf \ + CURLOPT_LOW_SPEED_TIME.pdf \ + CURLOPT_MAIL_AUTH.pdf \ + CURLOPT_MAIL_FROM.pdf \ + CURLOPT_MAIL_RCPT.pdf \ + CURLOPT_MAXCONNECTS.pdf \ + CURLOPT_MAXFILESIZE.pdf \ + CURLOPT_MAXFILESIZE_LARGE.pdf \ + CURLOPT_MAXREDIRS.pdf \ + CURLOPT_MAX_RECV_SPEED_LARGE.pdf \ + CURLOPT_MAX_SEND_SPEED_LARGE.pdf \ + CURLOPT_NETRC.pdf \ + CURLOPT_NETRC_FILE.pdf \ + CURLOPT_NEW_DIRECTORY_PERMS.pdf \ + CURLOPT_NEW_FILE_PERMS.pdf \ + CURLOPT_NOBODY.pdf \ + CURLOPT_NOPROGRESS.pdf \ + CURLOPT_NOPROXY.pdf \ + CURLOPT_NOSIGNAL.pdf \ + CURLOPT_OPENSOCKETDATA.pdf \ + CURLOPT_OPENSOCKETFUNCTION.pdf \ + CURLOPT_PASSWORD.pdf \ + CURLOPT_PATH_AS_IS.pdf \ + CURLOPT_PINNEDPUBLICKEY.pdf \ + CURLOPT_PIPEWAIT.pdf \ + CURLOPT_PORT.pdf \ + CURLOPT_POST.pdf \ + CURLOPT_POSTFIELDS.pdf \ + CURLOPT_POSTFIELDSIZE.pdf \ + CURLOPT_POSTFIELDSIZE_LARGE.pdf \ + CURLOPT_POSTQUOTE.pdf \ + CURLOPT_POSTREDIR.pdf \ + CURLOPT_PREQUOTE.pdf \ + CURLOPT_PRIVATE.pdf \ + CURLOPT_PROGRESSDATA.pdf \ + CURLOPT_PROGRESSFUNCTION.pdf \ + CURLOPT_PROTOCOLS.pdf \ + CURLOPT_PROXY.pdf \ + CURLOPT_PROXYAUTH.pdf \ + CURLOPT_PROXYHEADER.pdf \ + CURLOPT_PROXYPASSWORD.pdf \ + CURLOPT_PROXYPORT.pdf \ + CURLOPT_PROXYTYPE.pdf \ + CURLOPT_PROXYUSERNAME.pdf \ + CURLOPT_PROXYUSERPWD.pdf \ + CURLOPT_PROXY_SERVICE_NAME.pdf \ + CURLOPT_PROXY_TRANSFER_MODE.pdf \ + CURLOPT_PUT.pdf \ + CURLOPT_QUOTE.pdf \ + CURLOPT_RANDOM_FILE.pdf \ + CURLOPT_RANGE.pdf \ + CURLOPT_READDATA.pdf \ + CURLOPT_READFUNCTION.pdf \ + CURLOPT_REDIR_PROTOCOLS.pdf \ + CURLOPT_REFERER.pdf \ + CURLOPT_RESOLVE.pdf \ + CURLOPT_RESUME_FROM.pdf \ + CURLOPT_RESUME_FROM_LARGE.pdf \ + CURLOPT_RTSP_CLIENT_CSEQ.pdf \ + CURLOPT_RTSP_REQUEST.pdf \ + CURLOPT_RTSP_SERVER_CSEQ.pdf \ + CURLOPT_RTSP_SESSION_ID.pdf \ + CURLOPT_RTSP_STREAM_URI.pdf \ + CURLOPT_RTSP_TRANSPORT.pdf \ + CURLOPT_SASL_IR.pdf \ + CURLOPT_SEEKDATA.pdf \ + CURLOPT_SEEKFUNCTION.pdf \ + CURLOPT_SERVICE_NAME.pdf \ + CURLOPT_SHARE.pdf \ + CURLOPT_SOCKOPTDATA.pdf \ + CURLOPT_SOCKOPTFUNCTION.pdf \ + CURLOPT_SOCKS5_GSSAPI_NEC.pdf \ + CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf \ + CURLOPT_SSH_AUTH_TYPES.pdf \ + CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf \ + CURLOPT_SSH_KEYDATA.pdf \ + CURLOPT_SSH_KEYFUNCTION.pdf \ + CURLOPT_SSH_KNOWNHOSTS.pdf \ + CURLOPT_SSH_PRIVATE_KEYFILE.pdf \ + CURLOPT_SSH_PUBLIC_KEYFILE.pdf \ + CURLOPT_SSLCERT.pdf \ + CURLOPT_SSLCERTTYPE.pdf \ + CURLOPT_SSLENGINE.pdf \ + CURLOPT_SSLENGINE_DEFAULT.pdf \ + CURLOPT_SSLKEY.pdf \ + CURLOPT_SSLKEYTYPE.pdf \ + CURLOPT_SSLVERSION.pdf \ + CURLOPT_SSL_CIPHER_LIST.pdf \ + CURLOPT_SSL_CTX_DATA.pdf \ + CURLOPT_SSL_CTX_FUNCTION.pdf \ + CURLOPT_SSL_ENABLE_ALPN.pdf \ + CURLOPT_SSL_ENABLE_NPN.pdf \ + CURLOPT_SSL_FALSESTART.pdf \ + CURLOPT_SSL_OPTIONS.pdf \ + CURLOPT_SSL_SESSIONID_CACHE.pdf \ + CURLOPT_SSL_VERIFYHOST.pdf \ + CURLOPT_SSL_VERIFYPEER.pdf \ + CURLOPT_SSL_VERIFYSTATUS.pdf \ + CURLOPT_STDERR.pdf \ + CURLOPT_STREAM_DEPENDS.pdf \ + CURLOPT_STREAM_DEPENDS_E.pdf \ + CURLOPT_STREAM_WEIGHT.pdf \ + CURLOPT_TCP_FASTOPEN.pdf \ + CURLOPT_TCP_KEEPALIVE.pdf \ + CURLOPT_TCP_KEEPIDLE.pdf \ + CURLOPT_TCP_KEEPINTVL.pdf \ + CURLOPT_TCP_NODELAY.pdf \ + CURLOPT_TELNETOPTIONS.pdf \ + CURLOPT_TFTP_BLKSIZE.pdf \ + CURLOPT_TFTP_NO_OPTIONS.pdf \ + CURLOPT_TIMECONDITION.pdf \ + CURLOPT_TIMEOUT.pdf \ + CURLOPT_TIMEOUT_MS.pdf \ + CURLOPT_TIMEVALUE.pdf \ + CURLOPT_TLSAUTH_PASSWORD.pdf \ + CURLOPT_TLSAUTH_TYPE.pdf \ + CURLOPT_TLSAUTH_USERNAME.pdf \ + CURLOPT_TRANSFERTEXT.pdf \ + CURLOPT_TRANSFER_ENCODING.pdf \ + CURLOPT_UNIX_SOCKET_PATH.pdf \ + CURLOPT_UNRESTRICTED_AUTH.pdf \ + CURLOPT_UPLOAD.pdf \ + CURLOPT_URL.pdf \ + CURLOPT_USERAGENT.pdf \ + CURLOPT_USERNAME.pdf \ + CURLOPT_USERPWD.pdf \ + CURLOPT_USE_SSL.pdf \ + CURLOPT_VERBOSE.pdf \ + CURLOPT_WILDCARDMATCH.pdf \ + CURLOPT_WRITEDATA.pdf \ + CURLOPT_WRITEFUNCTION.pdf \ + CURLOPT_XFERINFODATA.pdf \ + CURLOPT_XFERINFOFUNCTION.pdf \ + CURLOPT_XOAUTH2_BEARER.pdf CLEANFILES = $(HTMLPAGES) $(PDFPAGES) EXTRA_DIST = $(man_MANS) $(HTMLPAGES) $(PDFPAGES) -MAN2HTML= roffit --mandir=. < $< >$@ +MAN2HTML= roffit --mandir=. $< >$@ SUFFIXES = .3 .html diff --git a/docs/libcurl/opts/Makefile.in b/docs/libcurl/opts/Makefile.in index eb06aefb7..ab461ed54 100644 --- a/docs/libcurl/opts/Makefile.in +++ b/docs/libcurl/opts/Makefile.in @@ -21,7 +21,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -381,391 +381,871 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = foreign no-dependencies -man_MANS = CURLOPT_ACCEPT_ENCODING.3 CURLOPT_ACCEPTTIMEOUT_MS.3 \ - CURLOPT_ADDRESS_SCOPE.3 CURLOPT_APPEND.3 CURLOPT_AUTOREFERER.3 \ - CURLOPT_BUFFERSIZE.3 CURLOPT_CAINFO.3 CURLOPT_CAPATH.3 \ - CURLOPT_CERTINFO.3 CURLOPT_CHUNK_BGN_FUNCTION.3 CURLOPT_CHUNK_DATA.3 \ - CURLOPT_CHUNK_END_FUNCTION.3 CURLOPT_CLOSESOCKETDATA.3 \ - CURLOPT_CLOSESOCKETFUNCTION.3 CURLOPT_CONNECT_ONLY.3 \ - CURLOPT_CONNECTTIMEOUT.3 CURLOPT_CONNECTTIMEOUT_MS.3 \ - CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 CURLOPT_CONV_FROM_UTF8_FUNCTION.3 \ - CURLOPT_CONV_TO_NETWORK_FUNCTION.3 CURLOPT_COOKIE.3 \ - CURLOPT_COOKIEFILE.3 CURLOPT_COOKIEJAR.3 CURLOPT_COOKIELIST.3 \ - CURLOPT_COOKIESESSION.3 CURLOPT_COPYPOSTFIELDS.3 CURLOPT_CRLF.3 \ - CURLOPT_CRLFILE.3 CURLOPT_CUSTOMREQUEST.3 CURLOPT_DEBUGDATA.3 \ - CURLOPT_DEBUGFUNCTION.3 CURLOPT_DIRLISTONLY.3 \ - CURLOPT_DNS_CACHE_TIMEOUT.3 CURLOPT_DNS_INTERFACE.3 \ - CURLOPT_DNS_LOCAL_IP4.3 CURLOPT_DNS_LOCAL_IP6.3 CURLOPT_DNS_SERVERS.3 \ - CURLOPT_DNS_USE_GLOBAL_CACHE.3 CURLOPT_EGDSOCKET.3 \ - CURLOPT_ERRORBUFFER.3 CURLOPT_EXPECT_100_TIMEOUT_MS.3 \ - CURLOPT_FAILONERROR.3 CURLOPT_FILETIME.3 CURLOPT_FNMATCH_DATA.3 \ - CURLOPT_FNMATCH_FUNCTION.3 CURLOPT_FOLLOWLOCATION.3 \ - CURLOPT_FORBID_REUSE.3 CURLOPT_FRESH_CONNECT.3 CURLOPT_FTP_ACCOUNT.3 \ - CURLOPT_FTP_ALTERNATIVE_TO_USER.3 CURLOPT_FTP_CREATE_MISSING_DIRS.3 \ - CURLOPT_FTP_FILEMETHOD.3 CURLOPT_FTPPORT.3 \ - CURLOPT_FTP_RESPONSE_TIMEOUT.3 CURLOPT_FTP_SKIP_PASV_IP.3 \ - CURLOPT_FTPSSLAUTH.3 CURLOPT_FTP_SSL_CCC.3 CURLOPT_FTP_USE_EPRT.3 \ - CURLOPT_FTP_USE_EPSV.3 CURLOPT_FTP_USE_PRET.3 \ - CURLOPT_GSSAPI_DELEGATION.3 CURLOPT_HEADER.3 CURLOPT_HEADERDATA.3 \ - CURLOPT_HEADERFUNCTION.3 CURLOPT_HEADEROPT.3 CURLOPT_HTTP200ALIASES.3 \ - CURLOPT_HTTPAUTH.3 CURLOPT_HTTP_CONTENT_DECODING.3 CURLOPT_HTTPGET.3 \ - CURLOPT_HTTPHEADER.3 CURLOPT_HTTPPOST.3 CURLOPT_HTTPPROXYTUNNEL.3 \ - CURLOPT_HTTP_TRANSFER_DECODING.3 CURLOPT_HTTP_VERSION.3 \ - CURLOPT_IGNORE_CONTENT_LENGTH.3 CURLOPT_INFILESIZE.3 \ - CURLOPT_INFILESIZE_LARGE.3 CURLOPT_INTERFACE.3 \ - CURLOPT_INTERLEAVEDATA.3 CURLOPT_INTERLEAVEFUNCTION.3 \ - CURLOPT_IOCTLDATA.3 CURLOPT_IOCTLFUNCTION.3 CURLOPT_IPRESOLVE.3 \ - CURLOPT_ISSUERCERT.3 CURLOPT_KEYPASSWD.3 CURLOPT_KRBLEVEL.3 \ - CURLOPT_LOCALPORT.3 CURLOPT_LOCALPORTRANGE.3 CURLOPT_LOGIN_OPTIONS.3 \ - CURLOPT_LOW_SPEED_LIMIT.3 CURLOPT_LOW_SPEED_TIME.3 CURLOPT_MAIL_AUTH.3 \ - CURLOPT_MAIL_FROM.3 CURLOPT_MAIL_RCPT.3 CURLOPT_MAXCONNECTS.3 \ - CURLOPT_MAXFILESIZE.3 CURLOPT_MAXFILESIZE_LARGE.3 \ - CURLOPT_MAX_RECV_SPEED_LARGE.3 CURLOPT_MAXREDIRS.3 \ - CURLOPT_MAX_SEND_SPEED_LARGE.3 CURLOPT_NETRC.3 CURLOPT_NETRC_FILE.3 \ - CURLOPT_NEW_DIRECTORY_PERMS.3 CURLOPT_NEW_FILE_PERMS.3 \ - CURLOPT_NOBODY.3 CURLOPT_NOPROGRESS.3 CURLOPT_NOPROXY.3 \ - CURLOPT_NOSIGNAL.3 CURLOPT_OPENSOCKETDATA.3 \ - CURLOPT_OPENSOCKETFUNCTION.3 CURLOPT_PASSWORD.3 \ - CURLOPT_PINNEDPUBLICKEY.3 CURLOPT_PORT.3 CURLOPT_POST.3 \ - CURLOPT_POSTFIELDS.3 CURLOPT_POSTFIELDSIZE.3 \ - CURLOPT_POSTFIELDSIZE_LARGE.3 CURLOPT_POSTQUOTE.3 CURLOPT_POSTREDIR.3 \ - CURLOPT_PREQUOTE.3 CURLOPT_PRIVATE.3 CURLOPT_PROGRESSDATA.3 \ - CURLOPT_PROGRESSFUNCTION.3 CURLOPT_PROTOCOLS.3 CURLOPT_PROXY.3 \ - CURLOPT_PROXYAUTH.3 CURLOPT_PROXYHEADER.3 CURLOPT_PROXYPASSWORD.3 \ - CURLOPT_PROXYPORT.3 CURLOPT_PROXY_TRANSFER_MODE.3 CURLOPT_PROXYTYPE.3 \ - CURLOPT_PROXYUSERNAME.3 CURLOPT_PROXYUSERPWD.3 CURLOPT_PUT.3 \ - CURLOPT_QUOTE.3 CURLOPT_RANDOM_FILE.3 CURLOPT_RANGE.3 \ - CURLOPT_READDATA.3 CURLOPT_READFUNCTION.3 CURLOPT_REDIR_PROTOCOLS.3 \ - CURLOPT_REFERER.3 CURLOPT_RESOLVE.3 CURLOPT_RESUME_FROM.3 \ - CURLOPT_RESUME_FROM_LARGE.3 CURLOPT_RTSP_CLIENT_CSEQ.3 \ - CURLOPT_RTSP_REQUEST.3 CURLOPT_RTSP_SERVER_CSEQ.3 \ - CURLOPT_RTSP_SESSION_ID.3 CURLOPT_RTSP_STREAM_URI.3 \ - CURLOPT_RTSP_TRANSPORT.3 CURLOPT_SASL_IR.3 CURLOPT_SEEKDATA.3 \ - CURLOPT_SEEKFUNCTION.3 CURLOPT_SHARE.3 CURLOPT_SOCKOPTDATA.3 \ - CURLOPT_SOCKOPTFUNCTION.3 CURLOPT_SOCKS5_GSSAPI_NEC.3 \ - CURLOPT_SOCKS5_GSSAPI_SERVICE.3 CURLOPT_SSH_AUTH_TYPES.3 \ - CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 CURLOPT_SSH_KEYDATA.3 \ - CURLOPT_SSH_KEYFUNCTION.3 CURLOPT_SSH_KNOWNHOSTS.3 \ - CURLOPT_SSH_PRIVATE_KEYFILE.3 CURLOPT_SSH_PUBLIC_KEYFILE.3 \ - CURLOPT_SSLCERT.3 CURLOPT_SSLCERTTYPE.3 CURLOPT_SSL_CIPHER_LIST.3 \ - CURLOPT_SSL_CTX_DATA.3 CURLOPT_SSL_CTX_FUNCTION.3 \ - CURLOPT_SSL_ENABLE_ALPN.3 CURLOPT_SSL_ENABLE_NPN.3 CURLOPT_SSLENGINE.3 \ - CURLOPT_SSLENGINE_DEFAULT.3 CURLOPT_SSL_FALSESTART.3 CURLOPT_SSLKEY.3 \ - CURLOPT_SSLKEYTYPE.3 CURLOPT_SSL_OPTIONS.3 \ - CURLOPT_SSL_SESSIONID_CACHE.3 CURLOPT_SSL_VERIFYHOST.3 \ - CURLOPT_SSL_VERIFYPEER.3 CURLOPT_SSL_VERIFYSTATUS.3 \ - CURLOPT_SSLVERSION.3 CURLOPT_STDERR.3 CURLOPT_TCP_KEEPALIVE.3 \ - CURLOPT_TCP_KEEPIDLE.3 CURLOPT_TCP_KEEPINTVL.3 CURLOPT_TCP_NODELAY.3 \ - CURLOPT_TELNETOPTIONS.3 CURLOPT_TFTP_BLKSIZE.3 \ - CURLOPT_TFTP_NO_OPTIONS.3 CURLOPT_TIMECONDITION.3 CURLOPT_TIMEOUT.3 \ - CURLOPT_TIMEOUT_MS.3 CURLOPT_TIMEVALUE.3 CURLOPT_TLSAUTH_PASSWORD.3 \ - CURLOPT_TLSAUTH_TYPE.3 CURLOPT_TLSAUTH_USERNAME.3 \ - CURLOPT_TRANSFER_ENCODING.3 CURLOPT_TRANSFERTEXT.3 \ - CURLOPT_UNRESTRICTED_AUTH.3 CURLOPT_UPLOAD.3 \ - CURLOPT_URL.3 CURLOPT_USERAGENT.3 CURLOPT_USERNAME.3 CURLOPT_USERPWD.3 \ - CURLOPT_USE_SSL.3 CURLOPT_VERBOSE.3 CURLOPT_WILDCARDMATCH.3 \ - CURLOPT_WRITEDATA.3 CURLOPT_WRITEFUNCTION.3 CURLOPT_XFERINFODATA.3 \ - CURLOPT_XFERINFOFUNCTION.3 CURLOPT_XOAUTH2_BEARER.3 \ - CURLOPT_STREAM_DEPENDS.3 CURLOPT_STREAM_DEPENDS_E.3 \ - CURLOPT_STREAM_WEIGHT.3 CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 \ - CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 CURLMOPT_MAXCONNECTS.3 \ - CURLMOPT_MAX_HOST_CONNECTIONS.3 CURLMOPT_MAX_PIPELINE_LENGTH.3 \ - CURLMOPT_MAX_TOTAL_CONNECTIONS.3 CURLMOPT_PIPELINING.3 \ - CURLMOPT_PIPELINING_SERVER_BL.3 CURLMOPT_PIPELINING_SITE_BL.3 \ - CURLMOPT_SOCKETDATA.3 CURLMOPT_SOCKETFUNCTION.3 CURLMOPT_TIMERDATA.3 \ - CURLMOPT_TIMERFUNCTION.3 CURLOPT_UNIX_SOCKET_PATH.3 \ - CURLOPT_PATH_AS_IS.3 CURLOPT_PROXY_SERVICE_NAME.3 \ - CURLOPT_SERVICE_NAME.3 CURLOPT_PIPEWAIT.3 CURLMOPT_PUSHDATA.3 \ - CURLMOPT_PUSHFUNCTION.3 CURLOPT_DEFAULT_PROTOCOL.3 \ - CURLINFO_ACTIVESOCKET.3 CURLINFO_APPCONNECT_TIME.3 CURLINFO_CERTINFO.3 \ - CURLINFO_CONDITION_UNMET.3 CURLINFO_CONNECT_TIME.3 \ - CURLINFO_CONTENT_LENGTH_DOWNLOAD.3 CURLINFO_CONTENT_LENGTH_UPLOAD.3 \ - CURLINFO_CONTENT_TYPE.3 CURLINFO_COOKIELIST.3 CURLINFO_EFFECTIVE_URL.3 \ - CURLINFO_FILETIME.3 CURLINFO_FTP_ENTRY_PATH.3 CURLINFO_HEADER_SIZE.3 \ - CURLINFO_HTTPAUTH_AVAIL.3 CURLINFO_HTTP_CONNECTCODE.3 \ - CURLINFO_LASTSOCKET.3 CURLINFO_LOCAL_IP.3 CURLINFO_LOCAL_PORT.3 \ - CURLINFO_NAMELOOKUP_TIME.3 CURLINFO_NUM_CONNECTS.3 CURLINFO_OS_ERRNO.3 \ - CURLINFO_PRETRANSFER_TIME.3 CURLINFO_PRIMARY_IP.3 \ - CURLINFO_PRIMARY_PORT.3 CURLINFO_PRIVATE.3 CURLINFO_PROXYAUTH_AVAIL.3 \ - CURLINFO_REDIRECT_COUNT.3 CURLINFO_REDIRECT_TIME.3 \ - CURLINFO_REDIRECT_URL.3 CURLINFO_REQUEST_SIZE.3 \ - CURLINFO_RESPONSE_CODE.3 CURLINFO_RTSP_CLIENT_CSEQ.3 \ - CURLINFO_RTSP_CSEQ_RECV.3 CURLINFO_RTSP_SERVER_CSEQ.3 \ - CURLINFO_RTSP_SESSION_ID.3 CURLINFO_SIZE_DOWNLOAD.3 \ - CURLINFO_SIZE_UPLOAD.3 CURLINFO_SPEED_DOWNLOAD.3 \ - CURLINFO_SPEED_UPLOAD.3 CURLINFO_SSL_ENGINES.3 \ - CURLINFO_SSL_VERIFYRESULT.3 CURLINFO_STARTTRANSFER_TIME.3 \ - CURLINFO_TLS_SESSION.3 CURLINFO_TLS_SSL_PTR.3 \ - CURLINFO_TOTAL_TIME.3 +man_MANS = \ + CURLINFO_ACTIVESOCKET.3 \ + CURLINFO_APPCONNECT_TIME.3 \ + CURLINFO_CERTINFO.3 \ + CURLINFO_CONDITION_UNMET.3 \ + CURLINFO_CONNECT_TIME.3 \ + CURLINFO_CONTENT_LENGTH_DOWNLOAD.3 \ + CURLINFO_CONTENT_LENGTH_UPLOAD.3 \ + CURLINFO_CONTENT_TYPE.3 \ + CURLINFO_COOKIELIST.3 \ + CURLINFO_EFFECTIVE_URL.3 \ + CURLINFO_FILETIME.3 \ + CURLINFO_FTP_ENTRY_PATH.3 \ + CURLINFO_HEADER_SIZE.3 \ + CURLINFO_HTTPAUTH_AVAIL.3 \ + CURLINFO_HTTP_CONNECTCODE.3 \ + CURLINFO_HTTP_VERSION.3 \ + CURLINFO_LASTSOCKET.3 \ + CURLINFO_LOCAL_IP.3 \ + CURLINFO_LOCAL_PORT.3 \ + CURLINFO_NAMELOOKUP_TIME.3 \ + CURLINFO_NUM_CONNECTS.3 \ + CURLINFO_OS_ERRNO.3 \ + CURLINFO_PRETRANSFER_TIME.3 \ + CURLINFO_PRIMARY_IP.3 \ + CURLINFO_PRIMARY_PORT.3 \ + CURLINFO_PRIVATE.3 \ + CURLINFO_PROXYAUTH_AVAIL.3 \ + CURLINFO_REDIRECT_COUNT.3 \ + CURLINFO_REDIRECT_TIME.3 \ + CURLINFO_REDIRECT_URL.3 \ + CURLINFO_REQUEST_SIZE.3 \ + CURLINFO_RESPONSE_CODE.3 \ + CURLINFO_RTSP_CLIENT_CSEQ.3 \ + CURLINFO_RTSP_CSEQ_RECV.3 \ + CURLINFO_RTSP_SERVER_CSEQ.3 \ + CURLINFO_RTSP_SESSION_ID.3 \ + CURLINFO_SIZE_DOWNLOAD.3 \ + CURLINFO_SIZE_UPLOAD.3 \ + CURLINFO_SPEED_DOWNLOAD.3 \ + CURLINFO_SPEED_UPLOAD.3 \ + CURLINFO_SSL_ENGINES.3 \ + CURLINFO_SSL_VERIFYRESULT.3 \ + CURLINFO_STARTTRANSFER_TIME.3 \ + CURLINFO_TLS_SESSION.3 \ + CURLINFO_TLS_SSL_PTR.3 \ + CURLINFO_TOTAL_TIME.3 \ + CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 \ + CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 \ + CURLMOPT_MAXCONNECTS.3 \ + CURLMOPT_MAX_HOST_CONNECTIONS.3 \ + CURLMOPT_MAX_PIPELINE_LENGTH.3 \ + CURLMOPT_MAX_TOTAL_CONNECTIONS.3 \ + CURLMOPT_PIPELINING.3 \ + CURLMOPT_PIPELINING_SERVER_BL.3 \ + CURLMOPT_PIPELINING_SITE_BL.3 \ + CURLMOPT_PUSHDATA.3 \ + CURLMOPT_PUSHFUNCTION.3 \ + CURLMOPT_SOCKETDATA.3 \ + CURLMOPT_SOCKETFUNCTION.3 \ + CURLMOPT_TIMERDATA.3 \ + CURLMOPT_TIMERFUNCTION.3 \ + CURLOPT_ACCEPTTIMEOUT_MS.3 \ + CURLOPT_ACCEPT_ENCODING.3 \ + CURLOPT_ADDRESS_SCOPE.3 \ + CURLOPT_APPEND.3 \ + CURLOPT_AUTOREFERER.3 \ + CURLOPT_BUFFERSIZE.3 \ + CURLOPT_CAINFO.3 \ + CURLOPT_CAPATH.3 \ + CURLOPT_CERTINFO.3 \ + CURLOPT_CHUNK_BGN_FUNCTION.3 \ + CURLOPT_CHUNK_DATA.3 \ + CURLOPT_CHUNK_END_FUNCTION.3 \ + CURLOPT_CLOSESOCKETDATA.3 \ + CURLOPT_CLOSESOCKETFUNCTION.3 \ + CURLOPT_CONNECTTIMEOUT.3 \ + CURLOPT_CONNECTTIMEOUT_MS.3 \ + CURLOPT_CONNECT_ONLY.3 \ + CURLOPT_CONNECT_TO.3 \ + CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 \ + CURLOPT_CONV_FROM_UTF8_FUNCTION.3 \ + CURLOPT_CONV_TO_NETWORK_FUNCTION.3 \ + CURLOPT_COOKIE.3 \ + CURLOPT_COOKIEFILE.3 \ + CURLOPT_COOKIEJAR.3 \ + CURLOPT_COOKIELIST.3 \ + CURLOPT_COOKIESESSION.3 \ + CURLOPT_COPYPOSTFIELDS.3 \ + CURLOPT_CRLF.3 \ + CURLOPT_CRLFILE.3 \ + CURLOPT_CUSTOMREQUEST.3 \ + CURLOPT_DEBUGDATA.3 \ + CURLOPT_DEBUGFUNCTION.3 \ + CURLOPT_DEFAULT_PROTOCOL.3 \ + CURLOPT_DIRLISTONLY.3 \ + CURLOPT_DNS_CACHE_TIMEOUT.3 \ + CURLOPT_DNS_INTERFACE.3 \ + CURLOPT_DNS_LOCAL_IP4.3 \ + CURLOPT_DNS_LOCAL_IP6.3 \ + CURLOPT_DNS_SERVERS.3 \ + CURLOPT_DNS_USE_GLOBAL_CACHE.3 \ + CURLOPT_EGDSOCKET.3 \ + CURLOPT_ERRORBUFFER.3 \ + CURLOPT_EXPECT_100_TIMEOUT_MS.3 \ + CURLOPT_FAILONERROR.3 \ + CURLOPT_FILETIME.3 \ + CURLOPT_FNMATCH_DATA.3 \ + CURLOPT_FNMATCH_FUNCTION.3 \ + CURLOPT_FOLLOWLOCATION.3 \ + CURLOPT_FORBID_REUSE.3 \ + CURLOPT_FRESH_CONNECT.3 \ + CURLOPT_FTPPORT.3 \ + CURLOPT_FTPSSLAUTH.3 \ + CURLOPT_FTP_ACCOUNT.3 \ + CURLOPT_FTP_ALTERNATIVE_TO_USER.3 \ + CURLOPT_FTP_CREATE_MISSING_DIRS.3 \ + CURLOPT_FTP_FILEMETHOD.3 \ + CURLOPT_FTP_RESPONSE_TIMEOUT.3 \ + CURLOPT_FTP_SKIP_PASV_IP.3 \ + CURLOPT_FTP_SSL_CCC.3 \ + CURLOPT_FTP_USE_EPRT.3 \ + CURLOPT_FTP_USE_EPSV.3 \ + CURLOPT_FTP_USE_PRET.3 \ + CURLOPT_GSSAPI_DELEGATION.3 \ + CURLOPT_HEADER.3 \ + CURLOPT_HEADERDATA.3 \ + CURLOPT_HEADERFUNCTION.3 \ + CURLOPT_HEADEROPT.3 \ + CURLOPT_HTTP200ALIASES.3 \ + CURLOPT_HTTPAUTH.3 \ + CURLOPT_HTTPGET.3 \ + CURLOPT_HTTPHEADER.3 \ + CURLOPT_HTTPPOST.3 \ + CURLOPT_HTTPPROXYTUNNEL.3 \ + CURLOPT_HTTP_CONTENT_DECODING.3 \ + CURLOPT_HTTP_TRANSFER_DECODING.3 \ + CURLOPT_HTTP_VERSION.3 \ + CURLOPT_IGNORE_CONTENT_LENGTH.3 \ + CURLOPT_INFILESIZE.3 \ + CURLOPT_INFILESIZE_LARGE.3 \ + CURLOPT_INTERFACE.3 \ + CURLOPT_INTERLEAVEDATA.3 \ + CURLOPT_INTERLEAVEFUNCTION.3 \ + CURLOPT_IOCTLDATA.3 \ + CURLOPT_IOCTLFUNCTION.3 \ + CURLOPT_IPRESOLVE.3 \ + CURLOPT_ISSUERCERT.3 \ + CURLOPT_KEYPASSWD.3 \ + CURLOPT_KRBLEVEL.3 \ + CURLOPT_LOCALPORT.3 \ + CURLOPT_LOCALPORTRANGE.3 \ + CURLOPT_LOGIN_OPTIONS.3 \ + CURLOPT_LOW_SPEED_LIMIT.3 \ + CURLOPT_LOW_SPEED_TIME.3 \ + CURLOPT_MAIL_AUTH.3 \ + CURLOPT_MAIL_FROM.3 \ + CURLOPT_MAIL_RCPT.3 \ + CURLOPT_MAXCONNECTS.3 \ + CURLOPT_MAXFILESIZE.3 \ + CURLOPT_MAXFILESIZE_LARGE.3 \ + CURLOPT_MAXREDIRS.3 \ + CURLOPT_MAX_RECV_SPEED_LARGE.3 \ + CURLOPT_MAX_SEND_SPEED_LARGE.3 \ + CURLOPT_NETRC.3 \ + CURLOPT_NETRC_FILE.3 \ + CURLOPT_NEW_DIRECTORY_PERMS.3 \ + CURLOPT_NEW_FILE_PERMS.3 \ + CURLOPT_NOBODY.3 \ + CURLOPT_NOPROGRESS.3 \ + CURLOPT_NOPROXY.3 \ + CURLOPT_NOSIGNAL.3 \ + CURLOPT_OPENSOCKETDATA.3 \ + CURLOPT_OPENSOCKETFUNCTION.3 \ + CURLOPT_PASSWORD.3 \ + CURLOPT_PATH_AS_IS.3 \ + CURLOPT_PINNEDPUBLICKEY.3 \ + CURLOPT_PIPEWAIT.3 \ + CURLOPT_PORT.3 \ + CURLOPT_POST.3 \ + CURLOPT_POSTFIELDS.3 \ + CURLOPT_POSTFIELDSIZE.3 \ + CURLOPT_POSTFIELDSIZE_LARGE.3 \ + CURLOPT_POSTQUOTE.3 \ + CURLOPT_POSTREDIR.3 \ + CURLOPT_PREQUOTE.3 \ + CURLOPT_PRIVATE.3 \ + CURLOPT_PROGRESSDATA.3 \ + CURLOPT_PROGRESSFUNCTION.3 \ + CURLOPT_PROTOCOLS.3 \ + CURLOPT_PROXY.3 \ + CURLOPT_PROXYAUTH.3 \ + CURLOPT_PROXYHEADER.3 \ + CURLOPT_PROXYPASSWORD.3 \ + CURLOPT_PROXYPORT.3 \ + CURLOPT_PROXYTYPE.3 \ + CURLOPT_PROXYUSERNAME.3 \ + CURLOPT_PROXYUSERPWD.3 \ + CURLOPT_PROXY_SERVICE_NAME.3 \ + CURLOPT_PROXY_TRANSFER_MODE.3 \ + CURLOPT_PUT.3 \ + CURLOPT_QUOTE.3 \ + CURLOPT_RANDOM_FILE.3 \ + CURLOPT_RANGE.3 \ + CURLOPT_READDATA.3 \ + CURLOPT_READFUNCTION.3 \ + CURLOPT_REDIR_PROTOCOLS.3 \ + CURLOPT_REFERER.3 \ + CURLOPT_RESOLVE.3 \ + CURLOPT_RESUME_FROM.3 \ + CURLOPT_RESUME_FROM_LARGE.3 \ + CURLOPT_RTSP_CLIENT_CSEQ.3 \ + CURLOPT_RTSP_REQUEST.3 \ + CURLOPT_RTSP_SERVER_CSEQ.3 \ + CURLOPT_RTSP_SESSION_ID.3 \ + CURLOPT_RTSP_STREAM_URI.3 \ + CURLOPT_RTSP_TRANSPORT.3 \ + CURLOPT_SASL_IR.3 \ + CURLOPT_SEEKDATA.3 \ + CURLOPT_SEEKFUNCTION.3 \ + CURLOPT_SERVICE_NAME.3 \ + CURLOPT_SHARE.3 \ + CURLOPT_SOCKOPTDATA.3 \ + CURLOPT_SOCKOPTFUNCTION.3 \ + CURLOPT_SOCKS5_GSSAPI_NEC.3 \ + CURLOPT_SOCKS5_GSSAPI_SERVICE.3 \ + CURLOPT_SSH_AUTH_TYPES.3 \ + CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 \ + CURLOPT_SSH_KEYDATA.3 \ + CURLOPT_SSH_KEYFUNCTION.3 \ + CURLOPT_SSH_KNOWNHOSTS.3 \ + CURLOPT_SSH_PRIVATE_KEYFILE.3 \ + CURLOPT_SSH_PUBLIC_KEYFILE.3 \ + CURLOPT_SSLCERT.3 \ + CURLOPT_SSLCERTTYPE.3 \ + CURLOPT_SSLENGINE.3 \ + CURLOPT_SSLENGINE_DEFAULT.3 \ + CURLOPT_SSLKEY.3 \ + CURLOPT_SSLKEYTYPE.3 \ + CURLOPT_SSLVERSION.3 \ + CURLOPT_SSL_CIPHER_LIST.3 \ + CURLOPT_SSL_CTX_DATA.3 \ + CURLOPT_SSL_CTX_FUNCTION.3 \ + CURLOPT_SSL_ENABLE_ALPN.3 \ + CURLOPT_SSL_ENABLE_NPN.3 \ + CURLOPT_SSL_FALSESTART.3 \ + CURLOPT_SSL_OPTIONS.3 \ + CURLOPT_SSL_SESSIONID_CACHE.3 \ + CURLOPT_SSL_VERIFYHOST.3 \ + CURLOPT_SSL_VERIFYPEER.3 \ + CURLOPT_SSL_VERIFYSTATUS.3 \ + CURLOPT_STDERR.3 \ + CURLOPT_STREAM_DEPENDS.3 \ + CURLOPT_STREAM_DEPENDS_E.3 \ + CURLOPT_STREAM_WEIGHT.3 \ + CURLOPT_TCP_FASTOPEN.3 \ + CURLOPT_TCP_KEEPALIVE.3 \ + CURLOPT_TCP_KEEPIDLE.3 \ + CURLOPT_TCP_KEEPINTVL.3 \ + CURLOPT_TCP_NODELAY.3 \ + CURLOPT_TELNETOPTIONS.3 \ + CURLOPT_TFTP_BLKSIZE.3 \ + CURLOPT_TFTP_NO_OPTIONS.3 \ + CURLOPT_TIMECONDITION.3 \ + CURLOPT_TIMEOUT.3 \ + CURLOPT_TIMEOUT_MS.3 \ + CURLOPT_TIMEVALUE.3 \ + CURLOPT_TLSAUTH_PASSWORD.3 \ + CURLOPT_TLSAUTH_TYPE.3 \ + CURLOPT_TLSAUTH_USERNAME.3 \ + CURLOPT_TRANSFERTEXT.3 \ + CURLOPT_TRANSFER_ENCODING.3 \ + CURLOPT_UNIX_SOCKET_PATH.3 \ + CURLOPT_UNRESTRICTED_AUTH.3 \ + CURLOPT_UPLOAD.3 \ + CURLOPT_URL.3 \ + CURLOPT_USERAGENT.3 \ + CURLOPT_USERNAME.3 \ + CURLOPT_USERPWD.3 \ + CURLOPT_USE_SSL.3 \ + CURLOPT_VERBOSE.3 \ + CURLOPT_WILDCARDMATCH.3 \ + CURLOPT_WRITEDATA.3 \ + CURLOPT_WRITEFUNCTION.3 \ + CURLOPT_XFERINFODATA.3 \ + CURLOPT_XFERINFOFUNCTION.3 \ + CURLOPT_XOAUTH2_BEARER.3 -HTMLPAGES = CURLOPT_ACCEPT_ENCODING.html CURLOPT_ACCEPTTIMEOUT_MS.html \ - CURLOPT_ADDRESS_SCOPE.html CURLOPT_APPEND.html \ - CURLOPT_AUTOREFERER.html CURLOPT_BUFFERSIZE.html CURLOPT_CAINFO.html \ - CURLOPT_CAPATH.html CURLOPT_CERTINFO.html \ - CURLOPT_CHUNK_BGN_FUNCTION.html CURLOPT_CHUNK_DATA.html \ - CURLOPT_CHUNK_END_FUNCTION.html CURLOPT_CLOSESOCKETDATA.html \ - CURLOPT_CLOSESOCKETFUNCTION.html CURLOPT_CONNECT_ONLY.html \ - CURLOPT_CONNECTTIMEOUT.html CURLOPT_CONNECTTIMEOUT_MS.html \ - CURLOPT_CONV_FROM_NETWORK_FUNCTION.html \ - CURLOPT_CONV_FROM_UTF8_FUNCTION.html \ - CURLOPT_CONV_TO_NETWORK_FUNCTION.html CURLOPT_COOKIE.html \ - CURLOPT_COOKIEFILE.html CURLOPT_COOKIEJAR.html CURLOPT_COOKIELIST.html \ - CURLOPT_COOKIESESSION.html CURLOPT_COPYPOSTFIELDS.html \ - CURLOPT_CRLF.html CURLOPT_CRLFILE.html CURLOPT_CUSTOMREQUEST.html \ - CURLOPT_DEBUGDATA.html CURLOPT_DEBUGFUNCTION.html \ - CURLOPT_DIRLISTONLY.html CURLOPT_DNS_CACHE_TIMEOUT.html \ - CURLOPT_DNS_INTERFACE.html CURLOPT_DNS_LOCAL_IP4.html \ - CURLOPT_DNS_LOCAL_IP6.html CURLOPT_DNS_SERVERS.html \ - CURLOPT_DNS_USE_GLOBAL_CACHE.html CURLOPT_EGDSOCKET.html \ - CURLOPT_ERRORBUFFER.html CURLOPT_EXPECT_100_TIMEOUT_MS.html \ - CURLOPT_FAILONERROR.html CURLOPT_FILETIME.html \ - CURLOPT_FNMATCH_DATA.html CURLOPT_FNMATCH_FUNCTION.html \ - CURLOPT_FOLLOWLOCATION.html CURLOPT_FORBID_REUSE.html \ - CURLOPT_FRESH_CONNECT.html CURLOPT_FTP_ACCOUNT.html \ - CURLOPT_FTP_ALTERNATIVE_TO_USER.html \ - CURLOPT_FTP_CREATE_MISSING_DIRS.html CURLOPT_FTP_FILEMETHOD.html \ - CURLOPT_FTPPORT.html CURLOPT_FTP_RESPONSE_TIMEOUT.html \ - CURLOPT_FTP_SKIP_PASV_IP.html CURLOPT_FTPSSLAUTH.html \ - CURLOPT_FTP_SSL_CCC.html CURLOPT_FTP_USE_EPRT.html \ - CURLOPT_FTP_USE_EPSV.html CURLOPT_FTP_USE_PRET.html \ - CURLOPT_GSSAPI_DELEGATION.html CURLOPT_HEADER.html \ - CURLOPT_HEADERDATA.html CURLOPT_HEADERFUNCTION.html \ - CURLOPT_HEADEROPT.html CURLOPT_HTTP200ALIASES.html \ - CURLOPT_HTTPAUTH.html CURLOPT_HTTP_CONTENT_DECODING.html \ - CURLOPT_HTTPGET.html CURLOPT_HTTPHEADER.html CURLOPT_HTTPPOST.html \ - CURLOPT_HTTPPROXYTUNNEL.html CURLOPT_HTTP_TRANSFER_DECODING.html \ - CURLOPT_HTTP_VERSION.html CURLOPT_IGNORE_CONTENT_LENGTH.html \ - CURLOPT_INFILESIZE.html CURLOPT_INFILESIZE_LARGE.html \ - CURLOPT_INTERFACE.html CURLOPT_INTERLEAVEDATA.html \ - CURLOPT_INTERLEAVEFUNCTION.html CURLOPT_IOCTLDATA.html \ - CURLOPT_IOCTLFUNCTION.html CURLOPT_IPRESOLVE.html \ - CURLOPT_ISSUERCERT.html CURLOPT_KEYPASSWD.html CURLOPT_KRBLEVEL.html \ - CURLOPT_LOCALPORT.html CURLOPT_LOCALPORTRANGE.html \ - CURLOPT_LOGIN_OPTIONS.html CURLOPT_LOW_SPEED_LIMIT.html \ - CURLOPT_LOW_SPEED_TIME.html CURLOPT_MAIL_AUTH.html \ - CURLOPT_MAIL_FROM.html CURLOPT_MAIL_RCPT.html CURLOPT_MAXCONNECTS.html \ - CURLOPT_MAXFILESIZE.html CURLOPT_MAXFILESIZE_LARGE.html \ - CURLOPT_MAX_RECV_SPEED_LARGE.html CURLOPT_MAXREDIRS.html \ - CURLOPT_MAX_SEND_SPEED_LARGE.html CURLOPT_NETRC.html \ - CURLOPT_NETRC_FILE.html CURLOPT_NEW_DIRECTORY_PERMS.html \ - CURLOPT_NEW_FILE_PERMS.html CURLOPT_NOBODY.html \ - CURLOPT_NOPROGRESS.html CURLOPT_NOPROXY.html CURLOPT_NOSIGNAL.html \ - CURLOPT_OPENSOCKETDATA.html CURLOPT_OPENSOCKETFUNCTION.html \ - CURLOPT_PASSWORD.html CURLOPT_PINNEDPUBLICKEY.html CURLOPT_PORT.html \ - CURLOPT_POST.html CURLOPT_POSTFIELDS.html CURLOPT_POSTFIELDSIZE.html \ - CURLOPT_POSTFIELDSIZE_LARGE.html CURLOPT_POSTQUOTE.html \ - CURLOPT_POSTREDIR.html CURLOPT_PREQUOTE.html CURLOPT_PRIVATE.html \ - CURLOPT_PROGRESSDATA.html CURLOPT_PROGRESSFUNCTION.html \ - CURLOPT_PROTOCOLS.html CURLOPT_PROXY.html CURLOPT_PROXYAUTH.html \ - CURLOPT_PROXYHEADER.html CURLOPT_PROXYPASSWORD.html \ - CURLOPT_PROXYPORT.html CURLOPT_PROXY_TRANSFER_MODE.html \ - CURLOPT_PROXYTYPE.html CURLOPT_PROXYUSERNAME.html \ - CURLOPT_PROXYUSERPWD.html CURLOPT_PUT.html CURLOPT_QUOTE.html \ - CURLOPT_RANDOM_FILE.html CURLOPT_RANGE.html CURLOPT_READDATA.html \ - CURLOPT_READFUNCTION.html CURLOPT_REDIR_PROTOCOLS.html \ - CURLOPT_REFERER.html CURLOPT_RESOLVE.html CURLOPT_RESUME_FROM.html \ - CURLOPT_RESUME_FROM_LARGE.html CURLOPT_RTSP_CLIENT_CSEQ.html \ - CURLOPT_RTSP_REQUEST.html CURLOPT_RTSP_SERVER_CSEQ.html \ - CURLOPT_RTSP_SESSION_ID.html CURLOPT_RTSP_STREAM_URI.html \ - CURLOPT_RTSP_TRANSPORT.html CURLOPT_SASL_IR.html CURLOPT_SEEKDATA.html \ - CURLOPT_SEEKFUNCTION.html CURLOPT_SHARE.html CURLOPT_SOCKOPTDATA.html \ - CURLOPT_SOCKOPTFUNCTION.html CURLOPT_SOCKS5_GSSAPI_NEC.html \ - CURLOPT_SOCKS5_GSSAPI_SERVICE.html CURLOPT_SSH_AUTH_TYPES.html \ - CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.html CURLOPT_SSH_KEYDATA.html \ - CURLOPT_SSH_KEYFUNCTION.html CURLOPT_SSH_KNOWNHOSTS.html \ - CURLOPT_SSH_PRIVATE_KEYFILE.html CURLOPT_SSH_PUBLIC_KEYFILE.html \ - CURLOPT_SSLCERT.html CURLOPT_SSLCERTTYPE.html \ - CURLOPT_SSL_CIPHER_LIST.html CURLOPT_SSL_CTX_DATA.html \ - CURLOPT_SSL_CTX_FUNCTION.html CURLOPT_SSL_ENABLE_ALPN.html \ - CURLOPT_SSL_ENABLE_NPN.html CURLOPT_SSLENGINE.html \ - CURLOPT_SSLENGINE_DEFAULT.html CURLOPT_SSL_FALSESTART.html \ - CURLOPT_SSLKEY.html CURLOPT_SSLKEYTYPE.html CURLOPT_SSL_OPTIONS.html \ - CURLOPT_SSL_SESSIONID_CACHE.html CURLOPT_SSL_VERIFYHOST.html \ - CURLOPT_SSL_VERIFYPEER.html CURLOPT_SSL_VERIFYSTATUS.html \ - CURLOPT_SSLVERSION.html CURLOPT_STDERR.html CURLOPT_TCP_KEEPALIVE.html \ - CURLOPT_TCP_KEEPIDLE.html CURLOPT_TCP_KEEPINTVL.html \ - CURLOPT_TCP_NODELAY.html CURLOPT_TELNETOPTIONS.html \ - CURLOPT_TFTP_BLKSIZE.html CURLOPT_TFTP_NO_OPTIONS.html \ - CURLOPT_TIMECONDITION.html CURLOPT_TIMEOUT.html \ - CURLOPT_TIMEOUT_MS.html CURLOPT_TIMEVALUE.html \ - CURLOPT_TLSAUTH_PASSWORD.html CURLOPT_TLSAUTH_TYPE.html \ - CURLOPT_TLSAUTH_USERNAME.html CURLOPT_TRANSFER_ENCODING.html \ - CURLOPT_TRANSFERTEXT.html CURLOPT_UNRESTRICTED_AUTH.html \ - CURLOPT_UPLOAD.html CURLOPT_URL.html CURLOPT_USERAGENT.html \ - CURLOPT_USERNAME.html CURLOPT_USERPWD.html CURLOPT_USE_SSL.html \ - CURLOPT_VERBOSE.html CURLOPT_WILDCARDMATCH.html CURLOPT_WRITEDATA.html \ - CURLOPT_WRITEFUNCTION.html CURLOPT_XFERINFODATA.html \ - CURLOPT_XFERINFOFUNCTION.html CURLOPT_XOAUTH2_BEARER.html \ - CURLOPT_STREAM_DEPENDS.html CURLOPT_STREAM_DEPENDS_E.html \ - CURLOPT_STREAM_WEIGHT.html CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.html \ - CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.html CURLMOPT_MAXCONNECTS.html \ - CURLMOPT_MAX_HOST_CONNECTIONS.html CURLMOPT_MAX_PIPELINE_LENGTH.html \ - CURLMOPT_MAX_TOTAL_CONNECTIONS.html CURLMOPT_PIPELINING.html \ - CURLMOPT_PIPELINING_SERVER_BL.html CURLMOPT_PIPELINING_SITE_BL.html \ - CURLMOPT_SOCKETDATA.html CURLMOPT_SOCKETFUNCTION.html \ - CURLMOPT_TIMERDATA.html CURLMOPT_TIMERFUNCTION.html \ - CURLOPT_UNIX_SOCKET_PATH.html CURLOPT_PATH_AS_IS.html \ - CURLOPT_PROXY_SERVICE_NAME.html CURLOPT_SERVICE_NAME.html \ - CURLOPT_PIPEWAIT.html CURLMOPT_PUSHDATA.html \ - CURLMOPT_PUSHFUNCTION.html CURLOPT_DEFAULT_PROTOCOL.html \ - CURLINFO_ACTIVESOCKET.html CURLINFO_APPCONNECT_TIME.html \ - CURLINFO_CERTINFO.html CURLINFO_CONDITION_UNMET.html \ - CURLINFO_CONNECT_TIME.html CURLINFO_CONTENT_LENGTH_DOWNLOAD.html \ - CURLINFO_CONTENT_LENGTH_UPLOAD.html CURLINFO_CONTENT_TYPE.html \ - CURLINFO_COOKIELIST.html CURLINFO_EFFECTIVE_URL.html \ - CURLINFO_FILETIME.html CURLINFO_FTP_ENTRY_PATH.html \ - CURLINFO_HEADER_SIZE.html CURLINFO_HTTPAUTH_AVAIL.html \ - CURLINFO_HTTP_CONNECTCODE.html CURLINFO_LASTSOCKET.html \ - CURLINFO_LOCAL_IP.html CURLINFO_LOCAL_PORT.html \ - CURLINFO_NAMELOOKUP_TIME.html CURLINFO_NUM_CONNECTS.html \ - CURLINFO_OS_ERRNO.html CURLINFO_PRETRANSFER_TIME.html \ - CURLINFO_PRIMARY_IP.html CURLINFO_PRIMARY_PORT.html \ - CURLINFO_PRIVATE.html CURLINFO_PROXYAUTH_AVAIL.html \ - CURLINFO_REDIRECT_COUNT.html CURLINFO_REDIRECT_TIME.html \ - CURLINFO_REDIRECT_URL.html CURLINFO_REQUEST_SIZE.html \ - CURLINFO_RESPONSE_CODE.html CURLINFO_RTSP_CLIENT_CSEQ.html \ - CURLINFO_RTSP_CSEQ_RECV.html CURLINFO_RTSP_SERVER_CSEQ.html \ - CURLINFO_RTSP_SESSION_ID.html CURLINFO_SIZE_DOWNLOAD.html \ - CURLINFO_SIZE_UPLOAD.html CURLINFO_SPEED_DOWNLOAD.html \ - CURLINFO_SPEED_UPLOAD.html CURLINFO_SSL_ENGINES.html \ - CURLINFO_SSL_VERIFYRESULT.html CURLINFO_STARTTRANSFER_TIME.html \ - CURLINFO_TLS_SESSION.html CURLINFO_TLS_SSL_PTR.html \ - CURLINFO_TOTAL_TIME.html +HTMLPAGES = \ + CURLINFO_ACTIVESOCKET.html \ + CURLINFO_APPCONNECT_TIME.html \ + CURLINFO_CERTINFO.html \ + CURLINFO_CONDITION_UNMET.html \ + CURLINFO_CONNECT_TIME.html \ + CURLINFO_CONTENT_LENGTH_DOWNLOAD.html \ + CURLINFO_CONTENT_LENGTH_UPLOAD.html \ + CURLINFO_CONTENT_TYPE.html \ + CURLINFO_COOKIELIST.html \ + CURLINFO_EFFECTIVE_URL.html \ + CURLINFO_FILETIME.html \ + CURLINFO_FTP_ENTRY_PATH.html \ + CURLINFO_HEADER_SIZE.html \ + CURLINFO_HTTPAUTH_AVAIL.html \ + CURLINFO_HTTP_CONNECTCODE.html \ + CURLINFO_LASTSOCKET.html \ + CURLINFO_LOCAL_IP.html \ + CURLINFO_LOCAL_PORT.html \ + CURLINFO_NAMELOOKUP_TIME.html \ + CURLINFO_NUM_CONNECTS.html \ + CURLINFO_OS_ERRNO.html \ + CURLINFO_PRETRANSFER_TIME.html \ + CURLINFO_PRIMARY_IP.html \ + CURLINFO_PRIMARY_PORT.html \ + CURLINFO_PRIVATE.html \ + CURLINFO_PROXYAUTH_AVAIL.html \ + CURLINFO_REDIRECT_COUNT.html \ + CURLINFO_REDIRECT_TIME.html \ + CURLINFO_REDIRECT_URL.html \ + CURLINFO_REQUEST_SIZE.html \ + CURLINFO_RESPONSE_CODE.html \ + CURLINFO_RTSP_CLIENT_CSEQ.html \ + CURLINFO_RTSP_CSEQ_RECV.html \ + CURLINFO_RTSP_SERVER_CSEQ.html \ + CURLINFO_RTSP_SESSION_ID.html \ + CURLINFO_SIZE_DOWNLOAD.html \ + CURLINFO_SIZE_UPLOAD.html \ + CURLINFO_SPEED_DOWNLOAD.html \ + CURLINFO_SPEED_UPLOAD.html \ + CURLINFO_SSL_ENGINES.html \ + CURLINFO_SSL_VERIFYRESULT.html \ + CURLINFO_STARTTRANSFER_TIME.html \ + CURLINFO_TLS_SESSION.html \ + CURLINFO_TLS_SSL_PTR.html \ + CURLINFO_TOTAL_TIME.html \ + CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.html \ + CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.html \ + CURLMOPT_MAXCONNECTS.html \ + CURLMOPT_MAX_HOST_CONNECTIONS.html \ + CURLMOPT_MAX_PIPELINE_LENGTH.html \ + CURLMOPT_MAX_TOTAL_CONNECTIONS.html \ + CURLMOPT_PIPELINING.html \ + CURLMOPT_PIPELINING_SERVER_BL.html \ + CURLMOPT_PIPELINING_SITE_BL.html \ + CURLMOPT_PUSHDATA.html \ + CURLMOPT_PUSHFUNCTION.html \ + CURLMOPT_SOCKETDATA.html \ + CURLMOPT_SOCKETFUNCTION.html \ + CURLMOPT_TIMERDATA.html \ + CURLMOPT_TIMERFUNCTION.html \ + CURLOPT_ACCEPTTIMEOUT_MS.html \ + CURLOPT_ACCEPT_ENCODING.html \ + CURLOPT_ADDRESS_SCOPE.html \ + CURLOPT_APPEND.html \ + CURLOPT_AUTOREFERER.html \ + CURLOPT_BUFFERSIZE.html \ + CURLOPT_CAINFO.html \ + CURLOPT_CAPATH.html \ + CURLOPT_CERTINFO.html \ + CURLOPT_CHUNK_BGN_FUNCTION.html \ + CURLOPT_CHUNK_DATA.html \ + CURLOPT_CHUNK_END_FUNCTION.html \ + CURLOPT_CLOSESOCKETDATA.html \ + CURLOPT_CLOSESOCKETFUNCTION.html \ + CURLOPT_CONNECTTIMEOUT.html \ + CURLOPT_CONNECTTIMEOUT_MS.html \ + CURLOPT_CONNECT_ONLY.html \ + CURLOPT_CONNECT_TO.html \ + CURLOPT_CONV_FROM_NETWORK_FUNCTION.html \ + CURLOPT_CONV_FROM_UTF8_FUNCTION.html \ + CURLOPT_CONV_TO_NETWORK_FUNCTION.html \ + CURLOPT_COOKIE.html \ + CURLOPT_COOKIEFILE.html \ + CURLOPT_COOKIEJAR.html \ + CURLOPT_COOKIELIST.html \ + CURLOPT_COOKIESESSION.html \ + CURLOPT_COPYPOSTFIELDS.html \ + CURLOPT_CRLF.html \ + CURLOPT_CRLFILE.html \ + CURLOPT_CUSTOMREQUEST.html \ + CURLOPT_DEBUGDATA.html \ + CURLOPT_DEBUGFUNCTION.html \ + CURLOPT_DEFAULT_PROTOCOL.html \ + CURLOPT_DIRLISTONLY.html \ + CURLOPT_DNS_CACHE_TIMEOUT.html \ + CURLOPT_DNS_INTERFACE.html \ + CURLOPT_DNS_LOCAL_IP4.html \ + CURLOPT_DNS_LOCAL_IP6.html \ + CURLOPT_DNS_SERVERS.html \ + CURLOPT_DNS_USE_GLOBAL_CACHE.html \ + CURLOPT_EGDSOCKET.html \ + CURLOPT_ERRORBUFFER.html \ + CURLOPT_EXPECT_100_TIMEOUT_MS.html \ + CURLOPT_FAILONERROR.html \ + CURLOPT_FILETIME.html \ + CURLOPT_FNMATCH_DATA.html \ + CURLOPT_FNMATCH_FUNCTION.html \ + CURLOPT_FOLLOWLOCATION.html \ + CURLOPT_FORBID_REUSE.html \ + CURLOPT_FRESH_CONNECT.html \ + CURLOPT_FTPPORT.html \ + CURLOPT_FTPSSLAUTH.html \ + CURLOPT_FTP_ACCOUNT.html \ + CURLOPT_FTP_ALTERNATIVE_TO_USER.html \ + CURLOPT_FTP_CREATE_MISSING_DIRS.html \ + CURLOPT_FTP_FILEMETHOD.html \ + CURLOPT_FTP_RESPONSE_TIMEOUT.html \ + CURLOPT_FTP_SKIP_PASV_IP.html \ + CURLOPT_FTP_SSL_CCC.html \ + CURLOPT_FTP_USE_EPRT.html \ + CURLOPT_FTP_USE_EPSV.html \ + CURLOPT_FTP_USE_PRET.html \ + CURLOPT_GSSAPI_DELEGATION.html \ + CURLOPT_HEADER.html \ + CURLOPT_HEADERDATA.html \ + CURLOPT_HEADERFUNCTION.html \ + CURLOPT_HEADEROPT.html \ + CURLOPT_HTTP200ALIASES.html \ + CURLOPT_HTTPAUTH.html \ + CURLOPT_HTTPGET.html \ + CURLOPT_HTTPHEADER.html \ + CURLOPT_HTTPPOST.html \ + CURLOPT_HTTPPROXYTUNNEL.html \ + CURLOPT_HTTP_CONTENT_DECODING.html \ + CURLOPT_HTTP_TRANSFER_DECODING.html \ + CURLOPT_HTTP_VERSION.html \ + CURLOPT_IGNORE_CONTENT_LENGTH.html \ + CURLOPT_INFILESIZE.html \ + CURLOPT_INFILESIZE_LARGE.html \ + CURLOPT_INTERFACE.html \ + CURLOPT_INTERLEAVEDATA.html \ + CURLOPT_INTERLEAVEFUNCTION.html \ + CURLOPT_IOCTLDATA.html \ + CURLOPT_IOCTLFUNCTION.html \ + CURLOPT_IPRESOLVE.html \ + CURLOPT_ISSUERCERT.html \ + CURLOPT_KEYPASSWD.html \ + CURLOPT_KRBLEVEL.html \ + CURLOPT_LOCALPORT.html \ + CURLOPT_LOCALPORTRANGE.html \ + CURLOPT_LOGIN_OPTIONS.html \ + CURLOPT_LOW_SPEED_LIMIT.html \ + CURLOPT_LOW_SPEED_TIME.html \ + CURLOPT_MAIL_AUTH.html \ + CURLOPT_MAIL_FROM.html \ + CURLOPT_MAIL_RCPT.html \ + CURLOPT_MAXCONNECTS.html \ + CURLOPT_MAXFILESIZE.html \ + CURLOPT_MAXFILESIZE_LARGE.html \ + CURLOPT_MAXREDIRS.html \ + CURLOPT_MAX_RECV_SPEED_LARGE.html \ + CURLOPT_MAX_SEND_SPEED_LARGE.html \ + CURLOPT_NETRC.html \ + CURLOPT_NETRC_FILE.html \ + CURLOPT_NEW_DIRECTORY_PERMS.html \ + CURLOPT_NEW_FILE_PERMS.html \ + CURLOPT_NOBODY.html \ + CURLOPT_NOPROGRESS.html \ + CURLOPT_NOPROXY.html \ + CURLOPT_NOSIGNAL.html \ + CURLOPT_OPENSOCKETDATA.html \ + CURLOPT_OPENSOCKETFUNCTION.html \ + CURLOPT_PASSWORD.html \ + CURLOPT_PATH_AS_IS.html \ + CURLOPT_PINNEDPUBLICKEY.html \ + CURLOPT_PIPEWAIT.html \ + CURLOPT_PORT.html \ + CURLOPT_POST.html \ + CURLOPT_POSTFIELDS.html \ + CURLOPT_POSTFIELDSIZE.html \ + CURLOPT_POSTFIELDSIZE_LARGE.html \ + CURLOPT_POSTQUOTE.html \ + CURLOPT_POSTREDIR.html \ + CURLOPT_PREQUOTE.html \ + CURLOPT_PRIVATE.html \ + CURLOPT_PROGRESSDATA.html \ + CURLOPT_PROGRESSFUNCTION.html \ + CURLOPT_PROTOCOLS.html \ + CURLOPT_PROXY.html \ + CURLOPT_PROXYAUTH.html \ + CURLOPT_PROXYHEADER.html \ + CURLOPT_PROXYPASSWORD.html \ + CURLOPT_PROXYPORT.html \ + CURLOPT_PROXYTYPE.html \ + CURLOPT_PROXYUSERNAME.html \ + CURLOPT_PROXYUSERPWD.html \ + CURLOPT_PROXY_SERVICE_NAME.html \ + CURLOPT_PROXY_TRANSFER_MODE.html \ + CURLOPT_PUT.html \ + CURLOPT_QUOTE.html \ + CURLOPT_RANDOM_FILE.html \ + CURLOPT_RANGE.html \ + CURLOPT_READDATA.html \ + CURLOPT_READFUNCTION.html \ + CURLOPT_REDIR_PROTOCOLS.html \ + CURLOPT_REFERER.html \ + CURLOPT_RESOLVE.html \ + CURLOPT_RESUME_FROM.html \ + CURLOPT_RESUME_FROM_LARGE.html \ + CURLOPT_RTSP_CLIENT_CSEQ.html \ + CURLOPT_RTSP_REQUEST.html \ + CURLOPT_RTSP_SERVER_CSEQ.html \ + CURLOPT_RTSP_SESSION_ID.html \ + CURLOPT_RTSP_STREAM_URI.html \ + CURLOPT_RTSP_TRANSPORT.html \ + CURLOPT_SASL_IR.html \ + CURLOPT_SEEKDATA.html \ + CURLOPT_SEEKFUNCTION.html \ + CURLOPT_SERVICE_NAME.html \ + CURLOPT_SHARE.html \ + CURLOPT_SOCKOPTDATA.html \ + CURLOPT_SOCKOPTFUNCTION.html \ + CURLOPT_SOCKS5_GSSAPI_NEC.html \ + CURLOPT_SOCKS5_GSSAPI_SERVICE.html \ + CURLOPT_SSH_AUTH_TYPES.html \ + CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.html \ + CURLOPT_SSH_KEYDATA.html \ + CURLOPT_SSH_KEYFUNCTION.html \ + CURLOPT_SSH_KNOWNHOSTS.html \ + CURLOPT_SSH_PRIVATE_KEYFILE.html \ + CURLOPT_SSH_PUBLIC_KEYFILE.html \ + CURLOPT_SSLCERT.html \ + CURLOPT_SSLCERTTYPE.html \ + CURLOPT_SSLENGINE.html \ + CURLOPT_SSLENGINE_DEFAULT.html \ + CURLOPT_SSLKEY.html \ + CURLOPT_SSLKEYTYPE.html \ + CURLOPT_SSLVERSION.html \ + CURLOPT_SSL_CIPHER_LIST.html \ + CURLOPT_SSL_CTX_DATA.html \ + CURLOPT_SSL_CTX_FUNCTION.html \ + CURLOPT_SSL_ENABLE_ALPN.html \ + CURLOPT_SSL_ENABLE_NPN.html \ + CURLOPT_SSL_FALSESTART.html \ + CURLOPT_SSL_OPTIONS.html \ + CURLOPT_SSL_SESSIONID_CACHE.html \ + CURLOPT_SSL_VERIFYHOST.html \ + CURLOPT_SSL_VERIFYPEER.html \ + CURLOPT_SSL_VERIFYSTATUS.html \ + CURLOPT_STDERR.html \ + CURLOPT_STREAM_DEPENDS.html \ + CURLOPT_STREAM_DEPENDS_E.html \ + CURLOPT_STREAM_WEIGHT.html \ + CURLOPT_TCP_FASTOPEN.html \ + CURLOPT_TCP_KEEPALIVE.html \ + CURLOPT_TCP_KEEPIDLE.html \ + CURLOPT_TCP_KEEPINTVL.html \ + CURLOPT_TCP_NODELAY.html \ + CURLOPT_TELNETOPTIONS.html \ + CURLOPT_TFTP_BLKSIZE.html \ + CURLOPT_TFTP_NO_OPTIONS.html \ + CURLOPT_TIMECONDITION.html \ + CURLOPT_TIMEOUT.html \ + CURLOPT_TIMEOUT_MS.html \ + CURLOPT_TIMEVALUE.html \ + CURLOPT_TLSAUTH_PASSWORD.html \ + CURLOPT_TLSAUTH_TYPE.html \ + CURLOPT_TLSAUTH_USERNAME.html \ + CURLOPT_TRANSFERTEXT.html \ + CURLOPT_TRANSFER_ENCODING.html \ + CURLOPT_UNIX_SOCKET_PATH.html \ + CURLOPT_UNRESTRICTED_AUTH.html \ + CURLOPT_UPLOAD.html \ + CURLOPT_URL.html \ + CURLOPT_USERAGENT.html \ + CURLOPT_USERNAME.html \ + CURLOPT_USERPWD.html \ + CURLOPT_USE_SSL.html \ + CURLOPT_VERBOSE.html \ + CURLOPT_WILDCARDMATCH.html \ + CURLOPT_WRITEDATA.html \ + CURLOPT_WRITEFUNCTION.html \ + CURLOPT_XFERINFODATA.html \ + CURLOPT_XFERINFOFUNCTION.html \ + CURLOPT_XOAUTH2_BEARER.html -PDFPAGES = CURLOPT_ACCEPT_ENCODING.pdf CURLOPT_ACCEPTTIMEOUT_MS.pdf \ - CURLOPT_ADDRESS_SCOPE.pdf CURLOPT_APPEND.pdf CURLOPT_AUTOREFERER.pdf \ - CURLOPT_BUFFERSIZE.pdf CURLOPT_CAINFO.pdf CURLOPT_CAPATH.pdf \ - CURLOPT_CERTINFO.pdf CURLOPT_CHUNK_BGN_FUNCTION.pdf \ - CURLOPT_CHUNK_DATA.pdf CURLOPT_CHUNK_END_FUNCTION.pdf \ - CURLOPT_CLOSESOCKETDATA.pdf CURLOPT_CLOSESOCKETFUNCTION.pdf \ - CURLOPT_CONNECT_ONLY.pdf CURLOPT_CONNECTTIMEOUT.pdf \ - CURLOPT_CONNECTTIMEOUT_MS.pdf CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf \ - CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf \ - CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf CURLOPT_COOKIE.pdf \ - CURLOPT_COOKIEFILE.pdf CURLOPT_COOKIEJAR.pdf CURLOPT_COOKIELIST.pdf \ - CURLOPT_COOKIESESSION.pdf CURLOPT_COPYPOSTFIELDS.pdf CURLOPT_CRLF.pdf \ - CURLOPT_CRLFILE.pdf CURLOPT_CUSTOMREQUEST.pdf CURLOPT_DEBUGDATA.pdf \ - CURLOPT_DEBUGFUNCTION.pdf CURLOPT_DIRLISTONLY.pdf \ - CURLOPT_DNS_CACHE_TIMEOUT.pdf CURLOPT_DNS_INTERFACE.pdf \ - CURLOPT_DNS_LOCAL_IP4.pdf CURLOPT_DNS_LOCAL_IP6.pdf \ - CURLOPT_DNS_SERVERS.pdf CURLOPT_DNS_USE_GLOBAL_CACHE.pdf \ - CURLOPT_EGDSOCKET.pdf CURLOPT_ERRORBUFFER.pdf \ - CURLOPT_EXPECT_100_TIMEOUT_MS.pdf CURLOPT_FAILONERROR.pdf \ - CURLOPT_FILETIME.pdf CURLOPT_FNMATCH_DATA.pdf \ - CURLOPT_FNMATCH_FUNCTION.pdf CURLOPT_FOLLOWLOCATION.pdf \ - CURLOPT_FORBID_REUSE.pdf CURLOPT_FRESH_CONNECT.pdf \ - CURLOPT_FTP_ACCOUNT.pdf CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf \ - CURLOPT_FTP_CREATE_MISSING_DIRS.pdf CURLOPT_FTP_FILEMETHOD.pdf \ - CURLOPT_FTPPORT.pdf CURLOPT_FTP_RESPONSE_TIMEOUT.pdf \ - CURLOPT_FTP_SKIP_PASV_IP.pdf CURLOPT_FTPSSLAUTH.pdf \ - CURLOPT_FTP_SSL_CCC.pdf CURLOPT_FTP_USE_EPRT.pdf \ - CURLOPT_FTP_USE_EPSV.pdf CURLOPT_FTP_USE_PRET.pdf \ - CURLOPT_GSSAPI_DELEGATION.pdf CURLOPT_HEADER.pdf \ - CURLOPT_HEADERDATA.pdf CURLOPT_HEADERFUNCTION.pdf \ - CURLOPT_HEADEROPT.pdf CURLOPT_HTTP200ALIASES.pdf CURLOPT_HTTPAUTH.pdf \ - CURLOPT_HTTP_CONTENT_DECODING.pdf CURLOPT_HTTPGET.pdf \ - CURLOPT_HTTPHEADER.pdf CURLOPT_HTTPPOST.pdf \ - CURLOPT_HTTPPROXYTUNNEL.pdf CURLOPT_HTTP_TRANSFER_DECODING.pdf \ - CURLOPT_HTTP_VERSION.pdf CURLOPT_IGNORE_CONTENT_LENGTH.pdf \ - CURLOPT_INFILESIZE.pdf CURLOPT_INFILESIZE_LARGE.pdf \ - CURLOPT_INTERFACE.pdf CURLOPT_INTERLEAVEDATA.pdf \ - CURLOPT_INTERLEAVEFUNCTION.pdf CURLOPT_IOCTLDATA.pdf \ - CURLOPT_IOCTLFUNCTION.pdf CURLOPT_IPRESOLVE.pdf CURLOPT_ISSUERCERT.pdf \ - CURLOPT_KEYPASSWD.pdf CURLOPT_KRBLEVEL.pdf CURLOPT_LOCALPORT.pdf \ - CURLOPT_LOCALPORTRANGE.pdf CURLOPT_LOGIN_OPTIONS.pdf \ - CURLOPT_LOW_SPEED_LIMIT.pdf CURLOPT_LOW_SPEED_TIME.pdf \ - CURLOPT_MAIL_AUTH.pdf CURLOPT_MAIL_FROM.pdf CURLOPT_MAIL_RCPT.pdf \ - CURLOPT_MAXCONNECTS.pdf CURLOPT_MAXFILESIZE.pdf \ - CURLOPT_MAXFILESIZE_LARGE.pdf CURLOPT_MAX_RECV_SPEED_LARGE.pdf \ - CURLOPT_MAXREDIRS.pdf CURLOPT_MAX_SEND_SPEED_LARGE.pdf \ - CURLOPT_NETRC.pdf CURLOPT_NETRC_FILE.pdf \ - CURLOPT_NEW_DIRECTORY_PERMS.pdf CURLOPT_NEW_FILE_PERMS.pdf \ - CURLOPT_NOBODY.pdf CURLOPT_NOPROGRESS.pdf CURLOPT_NOPROXY.pdf \ - CURLOPT_NOSIGNAL.pdf CURLOPT_OPENSOCKETDATA.pdf \ - CURLOPT_OPENSOCKETFUNCTION.pdf CURLOPT_PASSWORD.pdf \ - CURLOPT_PINNEDPUBLICKEY.pdf CURLOPT_PORT.pdf CURLOPT_POST.pdf \ - CURLOPT_POSTFIELDS.pdf CURLOPT_POSTFIELDSIZE.pdf \ - CURLOPT_POSTFIELDSIZE_LARGE.pdf CURLOPT_POSTQUOTE.pdf \ - CURLOPT_POSTREDIR.pdf CURLOPT_PREQUOTE.pdf CURLOPT_PRIVATE.pdf \ - CURLOPT_PROGRESSDATA.pdf CURLOPT_PROGRESSFUNCTION.pdf \ - CURLOPT_PROTOCOLS.pdf CURLOPT_PROXY.pdf CURLOPT_PROXYAUTH.pdf \ - CURLOPT_PROXYHEADER.pdf CURLOPT_PROXYPASSWORD.pdf \ - CURLOPT_PROXYPORT.pdf CURLOPT_PROXY_TRANSFER_MODE.pdf \ - CURLOPT_PROXYTYPE.pdf CURLOPT_PROXYUSERNAME.pdf \ - CURLOPT_PROXYUSERPWD.pdf CURLOPT_PUT.pdf CURLOPT_QUOTE.pdf \ - CURLOPT_RANDOM_FILE.pdf CURLOPT_RANGE.pdf CURLOPT_READDATA.pdf \ - CURLOPT_READFUNCTION.pdf CURLOPT_REDIR_PROTOCOLS.pdf \ - CURLOPT_REFERER.pdf CURLOPT_RESOLVE.pdf CURLOPT_RESUME_FROM.pdf \ - CURLOPT_RESUME_FROM_LARGE.pdf CURLOPT_RTSP_CLIENT_CSEQ.pdf \ - CURLOPT_RTSP_REQUEST.pdf CURLOPT_RTSP_SERVER_CSEQ.pdf \ - CURLOPT_RTSP_SESSION_ID.pdf CURLOPT_RTSP_STREAM_URI.pdf \ - CURLOPT_RTSP_TRANSPORT.pdf CURLOPT_SASL_IR.pdf CURLOPT_SEEKDATA.pdf \ - CURLOPT_SEEKFUNCTION.pdf CURLOPT_SHARE.pdf CURLOPT_SOCKOPTDATA.pdf \ - CURLOPT_SOCKOPTFUNCTION.pdf CURLOPT_SOCKS5_GSSAPI_NEC.pdf \ - CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf CURLOPT_SSH_AUTH_TYPES.pdf \ - CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf CURLOPT_SSH_KEYDATA.pdf \ - CURLOPT_SSH_KEYFUNCTION.pdf CURLOPT_SSH_KNOWNHOSTS.pdf \ - CURLOPT_SSH_PRIVATE_KEYFILE.pdf CURLOPT_SSH_PUBLIC_KEYFILE.pdf \ - CURLOPT_SSLCERT.pdf CURLOPT_SSLCERTTYPE.pdf \ - CURLOPT_SSL_CIPHER_LIST.pdf CURLOPT_SSL_CTX_DATA.pdf \ - CURLOPT_SSL_CTX_FUNCTION.pdf CURLOPT_SSL_ENABLE_ALPN.pdf \ - CURLOPT_SSL_ENABLE_NPN.pdf CURLOPT_SSLENGINE.pdf \ - CURLOPT_SSLENGINE_DEFAULT.pdf CURLOPT_SSL_FALSESTART.pdf \ - CURLOPT_SSLKEY.pdf CURLOPT_SSLKEYTYPE.pdf CURLOPT_SSL_OPTIONS.pdf \ - CURLOPT_SSL_SESSIONID_CACHE.pdf CURLOPT_SSL_VERIFYHOST.pdf \ - CURLOPT_SSL_VERIFYPEER.pdf CURLOPT_SSL_VERIFYSTATUS.pdf \ - CURLOPT_SSLVERSION.pdf CURLOPT_STDERR.pdf CURLOPT_TCP_KEEPALIVE.pdf \ - CURLOPT_TCP_KEEPIDLE.pdf CURLOPT_TCP_KEEPINTVL.pdf \ - CURLOPT_TCP_NODELAY.pdf CURLOPT_TELNETOPTIONS.pdf \ - CURLOPT_TFTP_BLKSIZE.pdf CURLOPT_TFTP_NO_OPTIONS.pdf \ - CURLOPT_TIMECONDITION.pdf CURLOPT_TIMEOUT.pdf \ - CURLOPT_TIMEOUT_MS.pdf CURLOPT_TIMEVALUE.pdf \ - CURLOPT_TLSAUTH_PASSWORD.pdf CURLOPT_TLSAUTH_TYPE.pdf \ - CURLOPT_TLSAUTH_USERNAME.pdf CURLOPT_TRANSFER_ENCODING.pdf \ - CURLOPT_TRANSFERTEXT.pdf CURLOPT_UNRESTRICTED_AUTH.pdf \ - CURLOPT_UPLOAD.pdf CURLOPT_URL.pdf CURLOPT_USERAGENT.pdf \ - CURLOPT_USERNAME.pdf CURLOPT_USERPWD.pdf CURLOPT_USE_SSL.pdf \ - CURLOPT_VERBOSE.pdf CURLOPT_WILDCARDMATCH.pdf CURLOPT_WRITEDATA.pdf \ - CURLOPT_WRITEFUNCTION.pdf CURLOPT_XFERINFODATA.pdf \ - CURLOPT_XFERINFOFUNCTION.pdf CURLOPT_XOAUTH2_BEARER.pdf \ - CURLOPT_STREAM_DEPENDS.pdf CURLOPT_STREAM_DEPENDS_E.pdf \ - CURLOPT_STREAM_WEIGHT.pdf CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf \ - CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf CURLMOPT_MAXCONNECTS.pdf \ - CURLMOPT_MAX_HOST_CONNECTIONS.pdf CURLMOPT_MAX_PIPELINE_LENGTH.pdf \ - CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf CURLMOPT_PIPELINING.pdf \ - CURLMOPT_PIPELINING_SERVER_BL.pdf CURLMOPT_PIPELINING_SITE_BL.pdf \ - CURLMOPT_SOCKETDATA.pdf CURLMOPT_SOCKETFUNCTION.pdf \ - CURLMOPT_TIMERDATA.pdf CURLMOPT_TIMERFUNCTION.pdf \ - CURLOPT_UNIX_SOCKET_PATH.pdf CURLOPT_PATH_AS_IS.pdf \ - CURLOPT_PROXY_SERVICE_NAME.pdf CURLOPT_SERVICE_NAME.pdf \ - CURLOPT_PIPEWAIT.pdf CURLMOPT_PUSHDATA.pdf CURLMOPT_PUSHFUNCTION.pdf \ - CURLOPT_DEFAULT_PROTOCOL.pdf CURLINFO_ACTIVESOCKET.pdf \ - CURLINFO_APPCONNECT_TIME.pdf CURLINFO_CERTINFO.pdf \ - CURLINFO_CONDITION_UNMET.pdf CURLINFO_CONNECT_TIME.pdf \ - CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf \ - CURLINFO_CONTENT_LENGTH_UPLOAD.pdf CURLINFO_CONTENT_TYPE.pdf \ - CURLINFO_COOKIELIST.pdf CURLINFO_EFFECTIVE_URL.pdf \ - CURLINFO_FILETIME.pdf CURLINFO_FTP_ENTRY_PATH.pdf \ - CURLINFO_HEADER_SIZE.pdf CURLINFO_HTTPAUTH_AVAIL.pdf \ - CURLINFO_HTTP_CONNECTCODE.pdf CURLINFO_LASTSOCKET.pdf \ - CURLINFO_LOCAL_IP.pdf CURLINFO_LOCAL_PORT.pdf \ - CURLINFO_NAMELOOKUP_TIME.pdf CURLINFO_NUM_CONNECTS.pdf \ - CURLINFO_OS_ERRNO.pdf CURLINFO_PRETRANSFER_TIME.pdf \ - CURLINFO_PRIMARY_IP.pdf CURLINFO_PRIMARY_PORT.pdf CURLINFO_PRIVATE.pdf \ - CURLINFO_PROXYAUTH_AVAIL.pdf CURLINFO_REDIRECT_COUNT.pdf \ - CURLINFO_REDIRECT_TIME.pdf CURLINFO_REDIRECT_URL.pdf \ - CURLINFO_REQUEST_SIZE.pdf CURLINFO_RESPONSE_CODE.pdf \ - CURLINFO_RTSP_CLIENT_CSEQ.pdf CURLINFO_RTSP_CSEQ_RECV.pdf \ - CURLINFO_RTSP_SERVER_CSEQ.pdf CURLINFO_RTSP_SESSION_ID.pdf \ - CURLINFO_SIZE_DOWNLOAD.pdf CURLINFO_SIZE_UPLOAD.pdf \ - CURLINFO_SPEED_DOWNLOAD.pdf CURLINFO_SPEED_UPLOAD.pdf \ - CURLINFO_SSL_ENGINES.pdf CURLINFO_SSL_VERIFYRESULT.pdf \ - CURLINFO_STARTTRANSFER_TIME.pdf CURLINFO_TLS_SESSION.pdf \ - CURLINFO_TLS_SSL_PTR.pdf CURLINFO_TOTAL_TIME.pdf +PDFPAGES = \ + CURLINFO_ACTIVESOCKET.pdf \ + CURLINFO_APPCONNECT_TIME.pdf \ + CURLINFO_CERTINFO.pdf \ + CURLINFO_CONDITION_UNMET.pdf \ + CURLINFO_CONNECT_TIME.pdf \ + CURLINFO_CONTENT_LENGTH_DOWNLOAD.pdf \ + CURLINFO_CONTENT_LENGTH_UPLOAD.pdf \ + CURLINFO_CONTENT_TYPE.pdf \ + CURLINFO_COOKIELIST.pdf \ + CURLINFO_EFFECTIVE_URL.pdf \ + CURLINFO_FILETIME.pdf \ + CURLINFO_FTP_ENTRY_PATH.pdf \ + CURLINFO_HEADER_SIZE.pdf \ + CURLINFO_HTTPAUTH_AVAIL.pdf \ + CURLINFO_HTTP_CONNECTCODE.pdf \ + CURLINFO_LASTSOCKET.pdf \ + CURLINFO_LOCAL_IP.pdf \ + CURLINFO_LOCAL_PORT.pdf \ + CURLINFO_NAMELOOKUP_TIME.pdf \ + CURLINFO_NUM_CONNECTS.pdf \ + CURLINFO_OS_ERRNO.pdf \ + CURLINFO_PRETRANSFER_TIME.pdf \ + CURLINFO_PRIMARY_IP.pdf \ + CURLINFO_PRIMARY_PORT.pdf \ + CURLINFO_PRIVATE.pdf \ + CURLINFO_PROXYAUTH_AVAIL.pdf \ + CURLINFO_REDIRECT_COUNT.pdf \ + CURLINFO_REDIRECT_TIME.pdf \ + CURLINFO_REDIRECT_URL.pdf \ + CURLINFO_REQUEST_SIZE.pdf \ + CURLINFO_RESPONSE_CODE.pdf \ + CURLINFO_RTSP_CLIENT_CSEQ.pdf \ + CURLINFO_RTSP_CSEQ_RECV.pdf \ + CURLINFO_RTSP_SERVER_CSEQ.pdf \ + CURLINFO_RTSP_SESSION_ID.pdf \ + CURLINFO_SIZE_DOWNLOAD.pdf \ + CURLINFO_SIZE_UPLOAD.pdf \ + CURLINFO_SPEED_DOWNLOAD.pdf \ + CURLINFO_SPEED_UPLOAD.pdf \ + CURLINFO_SSL_ENGINES.pdf \ + CURLINFO_SSL_VERIFYRESULT.pdf \ + CURLINFO_STARTTRANSFER_TIME.pdf \ + CURLINFO_TLS_SESSION.pdf \ + CURLINFO_TLS_SSL_PTR.pdf \ + CURLINFO_TOTAL_TIME.pdf \ + CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.pdf \ + CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.pdf \ + CURLMOPT_MAXCONNECTS.pdf \ + CURLMOPT_MAX_HOST_CONNECTIONS.pdf \ + CURLMOPT_MAX_PIPELINE_LENGTH.pdf \ + CURLMOPT_MAX_TOTAL_CONNECTIONS.pdf \ + CURLMOPT_PIPELINING.pdf \ + CURLMOPT_PIPELINING_SERVER_BL.pdf \ + CURLMOPT_PIPELINING_SITE_BL.pdf \ + CURLMOPT_PUSHDATA.pdf \ + CURLMOPT_PUSHFUNCTION.pdf \ + CURLMOPT_SOCKETDATA.pdf \ + CURLMOPT_SOCKETFUNCTION.pdf \ + CURLMOPT_TIMERDATA.pdf \ + CURLMOPT_TIMERFUNCTION.pdf \ + CURLOPT_ACCEPTTIMEOUT_MS.pdf \ + CURLOPT_ACCEPT_ENCODING.pdf \ + CURLOPT_ADDRESS_SCOPE.pdf \ + CURLOPT_APPEND.pdf \ + CURLOPT_AUTOREFERER.pdf \ + CURLOPT_BUFFERSIZE.pdf \ + CURLOPT_CAINFO.pdf \ + CURLOPT_CAPATH.pdf \ + CURLOPT_CERTINFO.pdf \ + CURLOPT_CHUNK_BGN_FUNCTION.pdf \ + CURLOPT_CHUNK_DATA.pdf \ + CURLOPT_CHUNK_END_FUNCTION.pdf \ + CURLOPT_CLOSESOCKETDATA.pdf \ + CURLOPT_CLOSESOCKETFUNCTION.pdf \ + CURLOPT_CONNECTTIMEOUT.pdf \ + CURLOPT_CONNECTTIMEOUT_MS.pdf \ + CURLOPT_CONNECT_ONLY.pdf \ + CURLOPT_CONNECT_TO.pdf \ + CURLOPT_CONV_FROM_NETWORK_FUNCTION.pdf \ + CURLOPT_CONV_FROM_UTF8_FUNCTION.pdf \ + CURLOPT_CONV_TO_NETWORK_FUNCTION.pdf \ + CURLOPT_COOKIE.pdf \ + CURLOPT_COOKIEFILE.pdf \ + CURLOPT_COOKIEJAR.pdf \ + CURLOPT_COOKIELIST.pdf \ + CURLOPT_COOKIESESSION.pdf \ + CURLOPT_COPYPOSTFIELDS.pdf \ + CURLOPT_CRLF.pdf \ + CURLOPT_CRLFILE.pdf \ + CURLOPT_CUSTOMREQUEST.pdf \ + CURLOPT_DEBUGDATA.pdf \ + CURLOPT_DEBUGFUNCTION.pdf \ + CURLOPT_DEFAULT_PROTOCOL.pdf \ + CURLOPT_DIRLISTONLY.pdf \ + CURLOPT_DNS_CACHE_TIMEOUT.pdf \ + CURLOPT_DNS_INTERFACE.pdf \ + CURLOPT_DNS_LOCAL_IP4.pdf \ + CURLOPT_DNS_LOCAL_IP6.pdf \ + CURLOPT_DNS_SERVERS.pdf \ + CURLOPT_DNS_USE_GLOBAL_CACHE.pdf \ + CURLOPT_EGDSOCKET.pdf \ + CURLOPT_ERRORBUFFER.pdf \ + CURLOPT_EXPECT_100_TIMEOUT_MS.pdf \ + CURLOPT_FAILONERROR.pdf \ + CURLOPT_FILETIME.pdf \ + CURLOPT_FNMATCH_DATA.pdf \ + CURLOPT_FNMATCH_FUNCTION.pdf \ + CURLOPT_FOLLOWLOCATION.pdf \ + CURLOPT_FORBID_REUSE.pdf \ + CURLOPT_FRESH_CONNECT.pdf \ + CURLOPT_FTPPORT.pdf \ + CURLOPT_FTPSSLAUTH.pdf \ + CURLOPT_FTP_ACCOUNT.pdf \ + CURLOPT_FTP_ALTERNATIVE_TO_USER.pdf \ + CURLOPT_FTP_CREATE_MISSING_DIRS.pdf \ + CURLOPT_FTP_FILEMETHOD.pdf \ + CURLOPT_FTP_RESPONSE_TIMEOUT.pdf \ + CURLOPT_FTP_SKIP_PASV_IP.pdf \ + CURLOPT_FTP_SSL_CCC.pdf \ + CURLOPT_FTP_USE_EPRT.pdf \ + CURLOPT_FTP_USE_EPSV.pdf \ + CURLOPT_FTP_USE_PRET.pdf \ + CURLOPT_GSSAPI_DELEGATION.pdf \ + CURLOPT_HEADER.pdf \ + CURLOPT_HEADERDATA.pdf \ + CURLOPT_HEADERFUNCTION.pdf \ + CURLOPT_HEADEROPT.pdf \ + CURLOPT_HTTP200ALIASES.pdf \ + CURLOPT_HTTPAUTH.pdf \ + CURLOPT_HTTPGET.pdf \ + CURLOPT_HTTPHEADER.pdf \ + CURLOPT_HTTPPOST.pdf \ + CURLOPT_HTTPPROXYTUNNEL.pdf \ + CURLOPT_HTTP_CONTENT_DECODING.pdf \ + CURLOPT_HTTP_TRANSFER_DECODING.pdf \ + CURLOPT_HTTP_VERSION.pdf \ + CURLOPT_IGNORE_CONTENT_LENGTH.pdf \ + CURLOPT_INFILESIZE.pdf \ + CURLOPT_INFILESIZE_LARGE.pdf \ + CURLOPT_INTERFACE.pdf \ + CURLOPT_INTERLEAVEDATA.pdf \ + CURLOPT_INTERLEAVEFUNCTION.pdf \ + CURLOPT_IOCTLDATA.pdf \ + CURLOPT_IOCTLFUNCTION.pdf \ + CURLOPT_IPRESOLVE.pdf \ + CURLOPT_ISSUERCERT.pdf \ + CURLOPT_KEYPASSWD.pdf \ + CURLOPT_KRBLEVEL.pdf \ + CURLOPT_LOCALPORT.pdf \ + CURLOPT_LOCALPORTRANGE.pdf \ + CURLOPT_LOGIN_OPTIONS.pdf \ + CURLOPT_LOW_SPEED_LIMIT.pdf \ + CURLOPT_LOW_SPEED_TIME.pdf \ + CURLOPT_MAIL_AUTH.pdf \ + CURLOPT_MAIL_FROM.pdf \ + CURLOPT_MAIL_RCPT.pdf \ + CURLOPT_MAXCONNECTS.pdf \ + CURLOPT_MAXFILESIZE.pdf \ + CURLOPT_MAXFILESIZE_LARGE.pdf \ + CURLOPT_MAXREDIRS.pdf \ + CURLOPT_MAX_RECV_SPEED_LARGE.pdf \ + CURLOPT_MAX_SEND_SPEED_LARGE.pdf \ + CURLOPT_NETRC.pdf \ + CURLOPT_NETRC_FILE.pdf \ + CURLOPT_NEW_DIRECTORY_PERMS.pdf \ + CURLOPT_NEW_FILE_PERMS.pdf \ + CURLOPT_NOBODY.pdf \ + CURLOPT_NOPROGRESS.pdf \ + CURLOPT_NOPROXY.pdf \ + CURLOPT_NOSIGNAL.pdf \ + CURLOPT_OPENSOCKETDATA.pdf \ + CURLOPT_OPENSOCKETFUNCTION.pdf \ + CURLOPT_PASSWORD.pdf \ + CURLOPT_PATH_AS_IS.pdf \ + CURLOPT_PINNEDPUBLICKEY.pdf \ + CURLOPT_PIPEWAIT.pdf \ + CURLOPT_PORT.pdf \ + CURLOPT_POST.pdf \ + CURLOPT_POSTFIELDS.pdf \ + CURLOPT_POSTFIELDSIZE.pdf \ + CURLOPT_POSTFIELDSIZE_LARGE.pdf \ + CURLOPT_POSTQUOTE.pdf \ + CURLOPT_POSTREDIR.pdf \ + CURLOPT_PREQUOTE.pdf \ + CURLOPT_PRIVATE.pdf \ + CURLOPT_PROGRESSDATA.pdf \ + CURLOPT_PROGRESSFUNCTION.pdf \ + CURLOPT_PROTOCOLS.pdf \ + CURLOPT_PROXY.pdf \ + CURLOPT_PROXYAUTH.pdf \ + CURLOPT_PROXYHEADER.pdf \ + CURLOPT_PROXYPASSWORD.pdf \ + CURLOPT_PROXYPORT.pdf \ + CURLOPT_PROXYTYPE.pdf \ + CURLOPT_PROXYUSERNAME.pdf \ + CURLOPT_PROXYUSERPWD.pdf \ + CURLOPT_PROXY_SERVICE_NAME.pdf \ + CURLOPT_PROXY_TRANSFER_MODE.pdf \ + CURLOPT_PUT.pdf \ + CURLOPT_QUOTE.pdf \ + CURLOPT_RANDOM_FILE.pdf \ + CURLOPT_RANGE.pdf \ + CURLOPT_READDATA.pdf \ + CURLOPT_READFUNCTION.pdf \ + CURLOPT_REDIR_PROTOCOLS.pdf \ + CURLOPT_REFERER.pdf \ + CURLOPT_RESOLVE.pdf \ + CURLOPT_RESUME_FROM.pdf \ + CURLOPT_RESUME_FROM_LARGE.pdf \ + CURLOPT_RTSP_CLIENT_CSEQ.pdf \ + CURLOPT_RTSP_REQUEST.pdf \ + CURLOPT_RTSP_SERVER_CSEQ.pdf \ + CURLOPT_RTSP_SESSION_ID.pdf \ + CURLOPT_RTSP_STREAM_URI.pdf \ + CURLOPT_RTSP_TRANSPORT.pdf \ + CURLOPT_SASL_IR.pdf \ + CURLOPT_SEEKDATA.pdf \ + CURLOPT_SEEKFUNCTION.pdf \ + CURLOPT_SERVICE_NAME.pdf \ + CURLOPT_SHARE.pdf \ + CURLOPT_SOCKOPTDATA.pdf \ + CURLOPT_SOCKOPTFUNCTION.pdf \ + CURLOPT_SOCKS5_GSSAPI_NEC.pdf \ + CURLOPT_SOCKS5_GSSAPI_SERVICE.pdf \ + CURLOPT_SSH_AUTH_TYPES.pdf \ + CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.pdf \ + CURLOPT_SSH_KEYDATA.pdf \ + CURLOPT_SSH_KEYFUNCTION.pdf \ + CURLOPT_SSH_KNOWNHOSTS.pdf \ + CURLOPT_SSH_PRIVATE_KEYFILE.pdf \ + CURLOPT_SSH_PUBLIC_KEYFILE.pdf \ + CURLOPT_SSLCERT.pdf \ + CURLOPT_SSLCERTTYPE.pdf \ + CURLOPT_SSLENGINE.pdf \ + CURLOPT_SSLENGINE_DEFAULT.pdf \ + CURLOPT_SSLKEY.pdf \ + CURLOPT_SSLKEYTYPE.pdf \ + CURLOPT_SSLVERSION.pdf \ + CURLOPT_SSL_CIPHER_LIST.pdf \ + CURLOPT_SSL_CTX_DATA.pdf \ + CURLOPT_SSL_CTX_FUNCTION.pdf \ + CURLOPT_SSL_ENABLE_ALPN.pdf \ + CURLOPT_SSL_ENABLE_NPN.pdf \ + CURLOPT_SSL_FALSESTART.pdf \ + CURLOPT_SSL_OPTIONS.pdf \ + CURLOPT_SSL_SESSIONID_CACHE.pdf \ + CURLOPT_SSL_VERIFYHOST.pdf \ + CURLOPT_SSL_VERIFYPEER.pdf \ + CURLOPT_SSL_VERIFYSTATUS.pdf \ + CURLOPT_STDERR.pdf \ + CURLOPT_STREAM_DEPENDS.pdf \ + CURLOPT_STREAM_DEPENDS_E.pdf \ + CURLOPT_STREAM_WEIGHT.pdf \ + CURLOPT_TCP_FASTOPEN.pdf \ + CURLOPT_TCP_KEEPALIVE.pdf \ + CURLOPT_TCP_KEEPIDLE.pdf \ + CURLOPT_TCP_KEEPINTVL.pdf \ + CURLOPT_TCP_NODELAY.pdf \ + CURLOPT_TELNETOPTIONS.pdf \ + CURLOPT_TFTP_BLKSIZE.pdf \ + CURLOPT_TFTP_NO_OPTIONS.pdf \ + CURLOPT_TIMECONDITION.pdf \ + CURLOPT_TIMEOUT.pdf \ + CURLOPT_TIMEOUT_MS.pdf \ + CURLOPT_TIMEVALUE.pdf \ + CURLOPT_TLSAUTH_PASSWORD.pdf \ + CURLOPT_TLSAUTH_TYPE.pdf \ + CURLOPT_TLSAUTH_USERNAME.pdf \ + CURLOPT_TRANSFERTEXT.pdf \ + CURLOPT_TRANSFER_ENCODING.pdf \ + CURLOPT_UNIX_SOCKET_PATH.pdf \ + CURLOPT_UNRESTRICTED_AUTH.pdf \ + CURLOPT_UPLOAD.pdf \ + CURLOPT_URL.pdf \ + CURLOPT_USERAGENT.pdf \ + CURLOPT_USERNAME.pdf \ + CURLOPT_USERPWD.pdf \ + CURLOPT_USE_SSL.pdf \ + CURLOPT_VERBOSE.pdf \ + CURLOPT_WILDCARDMATCH.pdf \ + CURLOPT_WRITEDATA.pdf \ + CURLOPT_WRITEFUNCTION.pdf \ + CURLOPT_XFERINFODATA.pdf \ + CURLOPT_XFERINFOFUNCTION.pdf \ + CURLOPT_XOAUTH2_BEARER.pdf CLEANFILES = $(HTMLPAGES) $(PDFPAGES) EXTRA_DIST = $(man_MANS) $(HTMLPAGES) $(PDFPAGES) -MAN2HTML = roffit --mandir=. < $< >$@ +MAN2HTML = roffit --mandir=. $< >$@ SUFFIXES = .3 .html all: all-am diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index daf1809ab..5aadef2a6 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -75,6 +75,7 @@ CURLE_FTP_WRITE_ERROR 7.1 7.17.0 CURLE_FUNCTION_NOT_FOUND 7.1 CURLE_GOT_NOTHING 7.9.1 CURLE_HTTP2 7.38.0 +CURLE_HTTP2_STREAM 7.49.0 CURLE_HTTP_NOT_FOUND 7.1 CURLE_HTTP_PORT_FAILED 7.3 7.12.0 CURLE_HTTP_POST_ERROR 7.1 @@ -222,6 +223,7 @@ CURLINFO_HEADER_SIZE 7.4.1 CURLINFO_HTTPAUTH_AVAIL 7.10.8 CURLINFO_HTTP_CODE 7.4.1 7.10.8 CURLINFO_HTTP_CONNECTCODE 7.10.7 +CURLINFO_HTTP_VERSION 7.50.0 CURLINFO_LASTONE 7.4.1 CURLINFO_LASTSOCKET 7.15.2 CURLINFO_LOCAL_IP 7.21.0 @@ -330,6 +332,7 @@ CURLOPT_CLOSESOCKETFUNCTION 7.21.7 CURLOPT_CONNECTTIMEOUT 7.7 CURLOPT_CONNECTTIMEOUT_MS 7.16.2 CURLOPT_CONNECT_ONLY 7.15.2 +CURLOPT_CONNECT_TO 7.49.0 CURLOPT_CONV_FROM_NETWORK_FUNCTION 7.15.4 CURLOPT_CONV_FROM_UTF8_FUNCTION 7.15.4 CURLOPT_CONV_TO_NETWORK_FUNCTION 7.15.4 @@ -492,7 +495,7 @@ CURLOPT_SHARE 7.10 CURLOPT_SOCKOPTDATA 7.16.0 CURLOPT_SOCKOPTFUNCTION 7.16.0 CURLOPT_SOCKS5_GSSAPI_NEC 7.19.4 -CURLOPT_SOCKS5_GSSAPI_SERVICE 7.19.4 +CURLOPT_SOCKS5_GSSAPI_SERVICE 7.19.4 7.49.0 CURLOPT_SOURCE_HOST 7.12.1 - 7.15.5 CURLOPT_SOURCE_PATH 7.12.1 - 7.15.5 CURLOPT_SOURCE_PORT 7.12.1 - 7.15.5 @@ -536,6 +539,7 @@ CURLOPT_TCP_KEEPALIVE 7.25.0 CURLOPT_TCP_KEEPIDLE 7.25.0 CURLOPT_TCP_KEEPINTVL 7.25.0 CURLOPT_TCP_NODELAY 7.11.2 +CURLOPT_TCP_FASTOPEN 7.49.0 CURLOPT_TELNETOPTIONS 7.7 CURLOPT_TFTP_BLKSIZE 7.19.4 CURLOPT_TFTP_NO_OPTIONS 7.48.0 @@ -632,10 +636,12 @@ CURLSSH_AUTH_NONE 7.16.1 CURLSSH_AUTH_PASSWORD 7.16.1 CURLSSH_AUTH_PUBLICKEY 7.16.1 CURLSSLBACKEND_AXTLS 7.38.0 +CURLSSLBACKEND_BORINGSSL 7.49.0 CURLSSLBACKEND_CYASSL 7.34.0 CURLSSLBACKEND_DARWINSSL 7.34.0 CURLSSLBACKEND_GNUTLS 7.34.0 CURLSSLBACKEND_GSKIT 7.34.0 +CURLSSLBACKEND_LIBRESSL 7.49.0 CURLSSLBACKEND_MBEDTLS 7.46.0 CURLSSLBACKEND_NONE 7.34.0 CURLSSLBACKEND_NSS 7.34.0 @@ -643,6 +649,7 @@ CURLSSLBACKEND_OPENSSL 7.34.0 CURLSSLBACKEND_POLARSSL 7.34.0 CURLSSLBACKEND_QSOSSL 7.34.0 - 7.38.1 CURLSSLBACKEND_SCHANNEL 7.34.0 +CURLSSLBACKEND_WOLFSSL 7.49.0 CURLSSLOPT_ALLOW_BEAST 7.25.0 CURLSSLOPT_NO_REVOKE 7.44.0 CURLUSESSL_ALL 7.17.0 @@ -662,6 +669,7 @@ CURL_CHUNK_END_FUNC_OK 7.21.0 CURL_CSELECT_ERR 7.16.3 CURL_CSELECT_IN 7.16.3 CURL_CSELECT_OUT 7.16.3 +CURL_DID_MEMORY_FUNC_TYPEDEFS 7.49.0 CURL_EASY_NONE 7.14.0 - 7.15.4 CURL_EASY_TIMEOUT 7.14.0 - 7.15.4 CURL_ERROR_SIZE 7.1 @@ -695,6 +703,7 @@ CURL_HTTP_VERSION_1_1 7.9.1 CURL_HTTP_VERSION_2 7.43.0 CURL_HTTP_VERSION_2_0 7.33.0 CURL_HTTP_VERSION_2TLS 7.47.0 +CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE 7.49.0 CURL_HTTP_VERSION_NONE 7.9.1 CURL_IPRESOLVE_V4 7.10.8 CURL_IPRESOLVE_V6 7.10.8 @@ -754,6 +763,7 @@ CURL_SOCKET_TIMEOUT 7.14.0 CURL_SOCKOPT_ALREADY_CONNECTED 7.21.5 CURL_SOCKOPT_ERROR 7.21.5 CURL_SOCKOPT_OK 7.21.5 +CURL_STRICTER 7.50.2 CURL_SSLVERSION_DEFAULT 7.9.2 CURL_SSLVERSION_SSLv2 7.9.2 CURL_SSLVERSION_SSLv3 7.9.2 diff --git a/docs/mk-ca-bundle.html b/docs/mk-ca-bundle.html index e600125b8..f0ed07a2e 100644 --- a/docs/mk-ca-bundle.html +++ b/docs/mk-ca-bundle.html @@ -67,6 +67,8 @@ p.roffit {

print version info about used modules

-l

print license info about certdata.txt +

-m +

(Added in 1.26) Include meta data comments in the output. The meta data is specific information about each certificate that is stored in the original file as comments and using this option will make those comments get passed on to the output file. The meta data is not parsed in any way by mk-ca-bundle.

-n

no download of certdata.txt (to use existing)

-p [purposes]:[levels] diff --git a/docs/mk-ca-bundle.pdf b/docs/mk-ca-bundle.pdf index d10965ba1..df410df9b 100644 Binary files a/docs/mk-ca-bundle.pdf and b/docs/mk-ca-bundle.pdf differ diff --git a/include/curl/curl.h b/include/curl/curl.h index e0d5c0f4e..bba1e6d3b 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -30,6 +30,10 @@ * https://cool.haxx.se/mailman/listinfo/curl-library/ */ +#ifdef CURL_NO_OLDIES +#define CURL_STRICTER +#endif + #include "curlver.h" /* libcurl version defines */ #include "curlbuild.h" /* libcurl build definitions */ #include "curlrules.h" /* libcurl rules enforcement */ @@ -91,7 +95,13 @@ extern "C" { #endif +#if defined(BUILDING_LIBCURL) || defined(CURL_STRICTER) +typedef struct Curl_easy CURL; +typedef struct Curl_share CURLSH; +#else typedef void CURL; +typedef void CURLSH; +#endif /* * libcurl external API function linkage decorations. @@ -373,6 +383,7 @@ typedef curlioerr (*curl_ioctl_callback)(CURL *handle, int cmd, void *clientp); +#ifndef CURL_DID_MEMORY_FUNC_TYPEDEFS /* * The following typedef's are signatures of malloc, free, realloc, strdup and * calloc respectively. Function pointers of these types can be passed to the @@ -385,6 +396,9 @@ typedef void *(*curl_realloc_callback)(void *ptr, size_t size); typedef char *(*curl_strdup_callback)(const char *str); typedef void *(*curl_calloc_callback)(size_t nmemb, size_t size); +#define CURL_DID_MEMORY_FUNC_TYPEDEFS +#endif + /* the kind of data that is passed to information_callback*/ typedef enum { CURLINFO_TEXT = 0, @@ -471,9 +485,9 @@ typedef enum { CURLE_OBSOLETE44, /* 44 - NOT USED */ CURLE_INTERFACE_FAILED, /* 45 - CURLOPT_INTERFACE failed */ CURLE_OBSOLETE46, /* 46 - NOT USED */ - CURLE_TOO_MANY_REDIRECTS , /* 47 - catch endless re-direct loops */ + CURLE_TOO_MANY_REDIRECTS, /* 47 - catch endless re-direct loops */ CURLE_UNKNOWN_OPTION, /* 48 - User specified an unknown option */ - CURLE_TELNET_OPTION_SYNTAX , /* 49 - Malformed telnet option */ + CURLE_TELNET_OPTION_SYNTAX, /* 49 - Malformed telnet option */ CURLE_OBSOLETE50, /* 50 - NOT USED */ CURLE_PEER_FAILED_VERIFICATION, /* 51 - peer's certificate or fingerprint wasn't verified fine */ @@ -535,6 +549,8 @@ typedef enum { CURLE_SSL_PINNEDPUBKEYNOTMATCH, /* 90 - specified pinned public key did not match */ CURLE_SSL_INVALIDCERTSTATUS, /* 91 - invalid certificate status */ + CURLE_HTTP2_STREAM, /* 92 - stream error in HTTP/2 framing layer + */ CURL_LAST /* never use! */ } CURLcode; @@ -1460,7 +1476,7 @@ typedef enum { CINIT(TFTP_BLKSIZE, LONG, 178), /* Socks Service */ - CINIT(SOCKS5_GSSAPI_SERVICE, STRINGPOINT, 179), + CINIT(SOCKS5_GSSAPI_SERVICE, STRINGPOINT, 179), /* DEPRECATED, do not use! */ /* Socks Service */ CINIT(SOCKS5_GSSAPI_NEC, LONG, 180), @@ -1676,6 +1692,13 @@ typedef enum { /* Do not send any tftp option requests to the server */ CINIT(TFTP_NO_OPTIONS, LONG, 242), + /* Linked-list of host:port:connect-to-host:connect-to-port, + overrides the URL's host:port (only for the network layer) */ + CINIT(CONNECT_TO, OBJECTPOINT, 243), + + /* Set TCP Fast Open */ + CINIT(TCP_FASTOPEN, LONG, 244), + CURLOPT_LASTENTRY /* the last unused */ } CURLoption; @@ -1727,6 +1750,8 @@ enum { CURL_HTTP_VERSION_1_1, /* please use HTTP 1.1 in the request */ CURL_HTTP_VERSION_2_0, /* please use HTTP 2 in the request */ CURL_HTTP_VERSION_2TLS, /* use version 2 for HTTPS, version 1.1 for HTTP */ + CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE, /* please use HTTP 2 without HTTP/1.1 + Upgrade */ CURL_HTTP_VERSION_LAST /* *ILLEGAL* http version */ }; @@ -2110,6 +2135,11 @@ typedef enum { CURLSSLBACKEND_MBEDTLS = 11 } curl_sslbackend; +/* aliases for library clones and renames */ +#define CURLSSLBACKEND_LIBRESSL 1 +#define CURLSSLBACKEND_BORINGSSL 1 +#define CURLSSLBACKEND_WOLFSSL 6 + /* Information about the SSL library used and the respective internal SSL handle, which can be used to obtain further information regarding the connection. Asked for with CURLINFO_TLS_SSL_PTR or CURLINFO_TLS_SESSION. */ @@ -2173,9 +2203,10 @@ typedef enum { CURLINFO_TLS_SESSION = CURLINFO_SLIST + 43, CURLINFO_ACTIVESOCKET = CURLINFO_SOCKET + 44, CURLINFO_TLS_SSL_PTR = CURLINFO_SLIST + 45, + CURLINFO_HTTP_VERSION = CURLINFO_LONG + 46, /* Fill in new entries below here! */ - CURLINFO_LASTONE = 45 + CURLINFO_LASTONE = 46 } CURLINFO; /* CURLINFO_RESPONSE_CODE is the new name for the option previously known as @@ -2237,7 +2268,6 @@ typedef void (*curl_unlock_function)(CURL *handle, curl_lock_data data, void *userptr); -typedef void CURLSH; typedef enum { CURLSHE_OK, /* all is fine */ diff --git a/include/curl/curlbuild.h b/include/curl/curlbuild.h index 58323d064..ae95095fa 100644 --- a/include/curl/curlbuild.h +++ b/include/curl/curlbuild.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2013, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -527,9 +527,9 @@ /* ===================================== */ #elif defined(__GNUC__) -# if defined(__ILP32__) || \ +# if !defined(__LP64__) && (defined(__ILP32__) || \ defined(__i386__) || defined(__ppc__) || defined(__arm__) || \ - defined(__sparc__) || defined(__mips__) || defined(__sh__) + defined(__sparc__) || defined(__mips__) || defined(__sh__)) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" diff --git a/include/curl/curlver.h b/include/curl/curlver.h index 18c10fe1e..995b5010b 100644 --- a/include/curl/curlver.h +++ b/include/curl/curlver.h @@ -30,13 +30,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "7.48.0" +#define LIBCURL_VERSION "7.50.2" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 7 -#define LIBCURL_VERSION_MINOR 48 -#define LIBCURL_VERSION_PATCH 0 +#define LIBCURL_VERSION_MINOR 50 +#define LIBCURL_VERSION_PATCH 2 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparions by programs. The LIBCURL_VERSION_NUM define will @@ -57,7 +57,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x073000 +#define LIBCURL_VERSION_NUM 0x073202 /* * This is the date and time when the full source package was created. The @@ -68,7 +68,7 @@ * * "Mon Feb 12 11:35:33 UTC 2007" */ -#define LIBCURL_TIMESTAMP "Wed Mar 23 06:57:50 UTC 2016" +#define LIBCURL_TIMESTAMP "Wed Sep 7 05:48:28 UTC 2016" #define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|z) #define CURL_AT_LEAST_VERSION(x,y,z) \ diff --git a/include/curl/mprintf.h b/include/curl/mprintf.h index de8c96248..e20f546e1 100644 --- a/include/curl/mprintf.h +++ b/include/curl/mprintf.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -24,8 +24,7 @@ #include #include /* needed for FILE */ - -#include "curl.h" +#include "curl.h" /* for CURL_EXTERN */ #ifdef __cplusplus extern "C" { @@ -44,29 +43,6 @@ CURL_EXTERN int curl_mvsnprintf(char *buffer, size_t maxlength, CURL_EXTERN char *curl_maprintf(const char *format, ...); CURL_EXTERN char *curl_mvaprintf(const char *format, va_list args); -#ifdef _MPRINTF_REPLACE -# undef printf -# undef fprintf -# undef sprintf -# undef vsprintf -# undef snprintf -# undef vprintf -# undef vfprintf -# undef vsnprintf -# undef aprintf -# undef vaprintf -# define printf curl_mprintf -# define fprintf curl_mfprintf -# define sprintf curl_msprintf -# define vsprintf curl_mvsprintf -# define snprintf curl_msnprintf -# define vprintf curl_mvprintf -# define vfprintf curl_mvfprintf -# define vsnprintf curl_mvsnprintf -# define aprintf curl_maprintf -# define vaprintf curl_mvaprintf -#endif - #ifdef __cplusplus } #endif diff --git a/include/curl/multi.h b/include/curl/multi.h index 0fbbd96f0..d1e00cc5d 100644 --- a/include/curl/multi.h +++ b/include/curl/multi.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -52,7 +52,11 @@ extern "C" { #endif +#if defined(BUILDING_LIBCURL) || defined(CURL_STRICTER) +typedef struct Curl_multi CURLM; +#else typedef void CURLM; +#endif typedef enum { CURLM_CALL_MULTI_PERFORM = -1, /* please call curl_multi_perform() or diff --git a/lib/Makefile.Watcom b/lib/Makefile.Watcom index b5928b842..cbc54cfc7 100644 --- a/lib/Makefile.Watcom +++ b/lib/Makefile.Watcom @@ -187,16 +187,17 @@ LIB_ARG = $(OBJ_STAT)/wlib.arg OBJS1 = ./$(CSOURCES:.c=.obj) OBJS2 = $(OBJS1:vtls/=) -OBJS3 = $(OBJS2: = ./) -OBJS_STAT = $(OBJS3:./=$(OBJ_STAT)/) -OBJS_DYN = $(OBJS3:./=$(OBJ_DYN)/) +OBJS3 = $(OBJS2:vauth/=) +OBJS4 = $(OBJS3: = ./) +OBJS_STAT = $(OBJS4:./=$(OBJ_STAT)/) +OBJS_DYN = $(OBJS4:./=$(OBJ_DYN)/) CURLBUILDH = ../include/curl/curlbuild.h RESOURCE = $(OBJ_DYN)/libcurl.res DIRS = $(OBJ_BASE) $(OBJ_BASE)/stat $(OBJ_BASE)/dyn -.c : vtls +.c : vauth vtls all: $(CURLBUILDH) $(DIRS) $(TARGETS) .SYMBOLIC @echo Welcome to libcurl diff --git a/lib/Makefile.am b/lib/Makefile.am index 6f5317a64..12aaf6147 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -30,7 +30,7 @@ EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 config-win32.h \ config-os400.h setup-os400.h config-symbian.h Makefile.Watcom \ config-tpf.h mk-ca-bundle.pl mk-ca-bundle.vbs $(CMAKE_DIST) \ firefox-db2pem.sh config-vxworks.h Makefile.vxworks checksrc.pl \ - objnames-test08.sh objnames-test10.sh objnames.inc checksrc.whitelist + objnames-test08.sh objnames-test10.sh objnames.inc lib_LTLIBRARIES = libcurl.la @@ -146,7 +146,8 @@ libcurl_la_SOURCES = $(CSOURCES) $(HHEADERS) libcurlu_la_SOURCES = $(CSOURCES) $(HHEADERS) checksrc: - @@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(top_srcdir)/lib $(CSOURCES) $(HHEADERS) + @PERL@ $(srcdir)/checksrc.pl -D$(srcdir) -W$(srcdir)/curl_config.h \ + $(srcdir)/*.[ch] $(srcdir)/vauth/*.[ch] $(srcdir)/vtls/*.[ch] if CURLDEBUG # for debug builds, we scan the sources on all regular make invokes diff --git a/lib/Makefile.b32 b/lib/Makefile.b32 index 1914a9410..481386157 100644 --- a/lib/Makefile.b32 +++ b/lib/Makefile.b32 @@ -69,7 +69,7 @@ CC_FLAGS = -5 -O2 -tWM -w -w-aus -w-ccc -w-dup -w-prc -w-pro -w-rch -w-sig -w-sp LIBFLAGS = /C /P32 LDFLAGS = -q -lq -laa -tWD -SRCDIR = .;.\vtls +SRCDIR = .;.\vauth;.\vtls OBJDIR = .\BCC_objs INCDIRS = -I.;.\lib;..\include LINKLIB = $(BCCDIR)\lib\cw32mt.lib $(BCCDIR)\lib\ws2_32.lib @@ -115,10 +115,11 @@ LINKLIB = $(LINKLIB) $(OPENSSL_PATH)\out32\ssleay32.lib $(OPENSSL_PATH)\out32\l # using explicit compilation build rules instead of implicit ones. NOHYPHEN1 = $(CSOURCES:-=_) -NOHYPHEN2 = $(NOHYPHEN1:vtls/=) +NOHYPHEN2 = $(NOHYPHEN1:vauth/=) +NOHYPHEN3 = $(NOHYPHEN2:vtls/=) -OBJECTS = $(NOHYPHEN2:.c=.obj) -PREPROCESSED = $(NOHYPHEN2:.c=.int) +OBJECTS = $(NOHYPHEN3:.c=.obj) +PREPROCESSED = $(NOHYPHEN3:.c=.int) # Borland's command line compiler (BCC32) version 5.5.1 integrated # preprocessor has a bug which results in silently generating wrong diff --git a/lib/Makefile.in b/lib/Makefile.in index 2c21bfa44..bbaebaecc 100644 --- a/lib/Makefile.in +++ b/lib/Makefile.in @@ -21,7 +21,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -212,30 +212,36 @@ am__objects_1 = libcurl_la-file.lo libcurl_la-timeval.lo \ libcurl_la-warnless.lo libcurl_la-hmac.lo \ libcurl_la-curl_rtmp.lo libcurl_la-openldap.lo \ libcurl_la-curl_gethostname.lo libcurl_la-gopher.lo \ - libcurl_la-idn_win32.lo libcurl_la-http_negotiate_sspi.lo \ - libcurl_la-http_proxy.lo libcurl_la-non-ascii.lo \ - libcurl_la-asyn-ares.lo libcurl_la-asyn-thread.lo \ - libcurl_la-curl_gssapi.lo libcurl_la-curl_ntlm.lo \ - libcurl_la-curl_ntlm_wb.lo libcurl_la-curl_ntlm_core.lo \ - libcurl_la-curl_ntlm_msgs.lo libcurl_la-curl_sasl.lo \ + libcurl_la-idn_win32.lo libcurl_la-http_proxy.lo \ + libcurl_la-non-ascii.lo libcurl_la-asyn-ares.lo \ + libcurl_la-asyn-thread.lo libcurl_la-curl_gssapi.lo \ + libcurl_la-http_ntlm.lo libcurl_la-curl_ntlm_wb.lo \ + libcurl_la-curl_ntlm_core.lo libcurl_la-curl_sasl.lo \ libcurl_la-curl_multibyte.lo libcurl_la-hostcheck.lo \ libcurl_la-conncache.lo libcurl_la-pipeline.lo \ libcurl_la-dotdot.lo libcurl_la-x509asn1.lo \ - libcurl_la-http2.lo libcurl_la-curl_sasl_sspi.lo \ - libcurl_la-smb.lo libcurl_la-curl_sasl_gssapi.lo \ - libcurl_la-curl_endian.lo libcurl_la-curl_des.lo + libcurl_la-http2.lo libcurl_la-smb.lo \ + libcurl_la-curl_endian.lo libcurl_la-curl_des.lo \ + libcurl_la-system_win32.lo am__dirstamp = $(am__leading_dot)dirstamp -am__objects_2 = vtls/libcurl_la-openssl.lo vtls/libcurl_la-gtls.lo \ +am__objects_2 = vauth/libcurl_la-vauth.lo \ + vauth/libcurl_la-cleartext.lo vauth/libcurl_la-cram.lo \ + vauth/libcurl_la-digest.lo vauth/libcurl_la-digest_sspi.lo \ + vauth/libcurl_la-krb5_gssapi.lo vauth/libcurl_la-krb5_sspi.lo \ + vauth/libcurl_la-ntlm.lo vauth/libcurl_la-ntlm_sspi.lo \ + vauth/libcurl_la-oauth2.lo vauth/libcurl_la-spnego_gssapi.lo \ + vauth/libcurl_la-spnego_sspi.lo +am__objects_3 = vtls/libcurl_la-openssl.lo vtls/libcurl_la-gtls.lo \ vtls/libcurl_la-vtls.lo vtls/libcurl_la-nss.lo \ vtls/libcurl_la-polarssl.lo \ vtls/libcurl_la-polarssl_threadlock.lo \ vtls/libcurl_la-axtls.lo vtls/libcurl_la-cyassl.lo \ vtls/libcurl_la-schannel.lo vtls/libcurl_la-darwinssl.lo \ vtls/libcurl_la-gskit.lo vtls/libcurl_la-mbedtls.lo -am__objects_3 = $(am__objects_1) $(am__objects_2) -am__objects_4 = -am__objects_5 = $(am__objects_4) $(am__objects_4) -am_libcurl_la_OBJECTS = $(am__objects_3) $(am__objects_5) +am__objects_4 = $(am__objects_1) $(am__objects_2) $(am__objects_3) +am__objects_5 = +am__objects_6 = $(am__objects_5) $(am__objects_5) $(am__objects_5) +am_libcurl_la_OBJECTS = $(am__objects_4) $(am__objects_6) libcurl_la_OBJECTS = $(am_libcurl_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) @@ -245,7 +251,7 @@ libcurl_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(libcurl_la_CFLAGS) \ $(CFLAGS) $(libcurl_la_LDFLAGS) $(LDFLAGS) -o $@ libcurlu_la_LIBADD = -am__objects_6 = libcurlu_la-file.lo libcurlu_la-timeval.lo \ +am__objects_7 = libcurlu_la-file.lo libcurlu_la-timeval.lo \ libcurlu_la-base64.lo libcurlu_la-hostip.lo \ libcurlu_la-progress.lo libcurlu_la-formdata.lo \ libcurlu_la-cookie.lo libcurlu_la-http.lo libcurlu_la-sendf.lo \ @@ -283,27 +289,33 @@ am__objects_6 = libcurlu_la-file.lo libcurlu_la-timeval.lo \ libcurlu_la-hmac.lo libcurlu_la-curl_rtmp.lo \ libcurlu_la-openldap.lo libcurlu_la-curl_gethostname.lo \ libcurlu_la-gopher.lo libcurlu_la-idn_win32.lo \ - libcurlu_la-http_negotiate_sspi.lo libcurlu_la-http_proxy.lo \ - libcurlu_la-non-ascii.lo libcurlu_la-asyn-ares.lo \ - libcurlu_la-asyn-thread.lo libcurlu_la-curl_gssapi.lo \ - libcurlu_la-curl_ntlm.lo libcurlu_la-curl_ntlm_wb.lo \ - libcurlu_la-curl_ntlm_core.lo libcurlu_la-curl_ntlm_msgs.lo \ + libcurlu_la-http_proxy.lo libcurlu_la-non-ascii.lo \ + libcurlu_la-asyn-ares.lo libcurlu_la-asyn-thread.lo \ + libcurlu_la-curl_gssapi.lo libcurlu_la-http_ntlm.lo \ + libcurlu_la-curl_ntlm_wb.lo libcurlu_la-curl_ntlm_core.lo \ libcurlu_la-curl_sasl.lo libcurlu_la-curl_multibyte.lo \ libcurlu_la-hostcheck.lo libcurlu_la-conncache.lo \ libcurlu_la-pipeline.lo libcurlu_la-dotdot.lo \ libcurlu_la-x509asn1.lo libcurlu_la-http2.lo \ - libcurlu_la-curl_sasl_sspi.lo libcurlu_la-smb.lo \ - libcurlu_la-curl_sasl_gssapi.lo libcurlu_la-curl_endian.lo \ - libcurlu_la-curl_des.lo -am__objects_7 = vtls/libcurlu_la-openssl.lo vtls/libcurlu_la-gtls.lo \ + libcurlu_la-smb.lo libcurlu_la-curl_endian.lo \ + libcurlu_la-curl_des.lo libcurlu_la-system_win32.lo +am__objects_8 = vauth/libcurlu_la-vauth.lo \ + vauth/libcurlu_la-cleartext.lo vauth/libcurlu_la-cram.lo \ + vauth/libcurlu_la-digest.lo vauth/libcurlu_la-digest_sspi.lo \ + vauth/libcurlu_la-krb5_gssapi.lo \ + vauth/libcurlu_la-krb5_sspi.lo vauth/libcurlu_la-ntlm.lo \ + vauth/libcurlu_la-ntlm_sspi.lo vauth/libcurlu_la-oauth2.lo \ + vauth/libcurlu_la-spnego_gssapi.lo \ + vauth/libcurlu_la-spnego_sspi.lo +am__objects_9 = vtls/libcurlu_la-openssl.lo vtls/libcurlu_la-gtls.lo \ vtls/libcurlu_la-vtls.lo vtls/libcurlu_la-nss.lo \ vtls/libcurlu_la-polarssl.lo \ vtls/libcurlu_la-polarssl_threadlock.lo \ vtls/libcurlu_la-axtls.lo vtls/libcurlu_la-cyassl.lo \ vtls/libcurlu_la-schannel.lo vtls/libcurlu_la-darwinssl.lo \ vtls/libcurlu_la-gskit.lo vtls/libcurlu_la-mbedtls.lo -am__objects_8 = $(am__objects_6) $(am__objects_7) -am_libcurlu_la_OBJECTS = $(am__objects_8) $(am__objects_5) +am__objects_10 = $(am__objects_7) $(am__objects_8) $(am__objects_9) +am_libcurlu_la_OBJECTS = $(am__objects_10) $(am__objects_6) libcurlu_la_OBJECTS = $(am_libcurlu_la_OBJECTS) libcurlu_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(libcurlu_la_CFLAGS) \ @@ -576,7 +588,7 @@ top_srcdir = @top_srcdir@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -599,7 +611,7 @@ EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 config-win32.h \ config-os400.h setup-os400.h config-symbian.h Makefile.Watcom \ config-tpf.h mk-ca-bundle.pl mk-ca-bundle.vbs $(CMAKE_DIST) \ firefox-db2pem.sh config-vxworks.h Makefile.vxworks checksrc.pl \ - objnames-test08.sh objnames-test10.sh objnames.inc checksrc.whitelist + objnames-test08.sh objnames-test10.sh objnames.inc lib_LTLIBRARIES = libcurl.la @BUILD_UNITTESTS_FALSE@noinst_LTLIBRARIES = @@ -657,6 +669,12 @@ libcurl_la_CFLAGS = $(AM_CFLAGS) $(libcurl_la_CFLAGS_EXTRA) libcurlu_la_CPPFLAGS = $(AM_CPPFLAGS) -DCURL_STATICLIB -DUNITTESTS libcurlu_la_LDFLAGS = $(AM_LDFLAGS) -static $(LIBCURL_LIBS) libcurlu_la_CFLAGS = $(AM_CFLAGS) +LIB_VAUTH_CFILES = vauth/vauth.c vauth/cleartext.c vauth/cram.c \ + vauth/digest.c vauth/digest_sspi.c vauth/krb5_gssapi.c \ + vauth/krb5_sspi.c vauth/ntlm.c vauth/ntlm_sspi.c vauth/oauth2.c \ + vauth/spnego_gssapi.c vauth/spnego_sspi.c + +LIB_VAUTH_HFILES = vauth/vauth.h vauth/digest.h vauth/ntlm.h LIB_VTLS_CFILES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c \ vtls/polarssl.c vtls/polarssl_threadlock.c vtls/axtls.c \ vtls/cyassl.c vtls/schannel.c vtls/darwinssl.c vtls/gskit.c \ @@ -680,12 +698,10 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \ pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c \ openldap.c curl_gethostname.c gopher.c idn_win32.c \ - http_negotiate_sspi.c http_proxy.c non-ascii.c asyn-ares.c \ - asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \ - curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_multibyte.c \ - hostcheck.c conncache.c pipeline.c dotdot.c x509asn1.c \ - http2.c curl_sasl_sspi.c smb.c curl_sasl_gssapi.c curl_endian.c \ - curl_des.c + http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \ + http_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c \ + curl_multibyte.c hostcheck.c conncache.c pipeline.c dotdot.c \ + x509asn1.c http2.c smb.c curl_endian.c curl_des.c system_win32.c LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h \ @@ -700,15 +716,15 @@ LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ slist.h nonblock.h curl_memrchr.h imap.h pop3.h smtp.h pingpong.h \ rtsp.h curl_threads.h warnless.h curl_hmac.h curl_rtmp.h \ curl_gethostname.h gopher.h http_proxy.h non-ascii.h asyn.h \ - curl_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h \ - curl_ntlm_msgs.h curl_sasl.h curl_multibyte.h hostcheck.h \ - conncache.h curl_setup_once.h multihandle.h setup-vms.h pipeline.h \ - dotdot.h x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \ - curl_printf.h + http_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h \ + curl_sasl.h curl_multibyte.h hostcheck.h conncache.h \ + curl_setup_once.h multihandle.h setup-vms.h pipeline.h dotdot.h \ + x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \ + curl_printf.h system_win32.h LIB_RCFILES = libcurl.rc -CSOURCES = $(LIB_CFILES) $(LIB_VTLS_CFILES) -HHEADERS = $(LIB_HFILES) $(LIB_VTLS_HFILES) +CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) +HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) # Makefile.inc provides the CSOURCES and HHEADERS defines libcurl_la_SOURCES = $(CSOURCES) $(HHEADERS) @@ -811,6 +827,36 @@ clean-noinstLTLIBRARIES: echo rm -f $${locs}; \ rm -f $${locs}; \ } +vauth/$(am__dirstamp): + @$(MKDIR_P) vauth + @: > vauth/$(am__dirstamp) +vauth/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) vauth/$(DEPDIR) + @: > vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-vauth.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-cleartext.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-cram.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-digest.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-digest_sspi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-krb5_gssapi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-krb5_sspi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-ntlm.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-ntlm_sspi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-oauth2.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-spnego_gssapi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurl_la-spnego_sspi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) vtls/$(am__dirstamp): @$(MKDIR_P) vtls @: > vtls/$(am__dirstamp) @@ -844,6 +890,30 @@ vtls/libcurl_la-mbedtls.lo: vtls/$(am__dirstamp) \ libcurl.la: $(libcurl_la_OBJECTS) $(libcurl_la_DEPENDENCIES) $(EXTRA_libcurl_la_DEPENDENCIES) $(AM_V_CCLD)$(libcurl_la_LINK) -rpath $(libdir) $(libcurl_la_OBJECTS) $(libcurl_la_LIBADD) $(LIBS) +vauth/libcurlu_la-vauth.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-cleartext.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-cram.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-digest.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-digest_sspi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-krb5_gssapi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-krb5_sspi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-ntlm.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-ntlm_sspi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-oauth2.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-spnego_gssapi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) +vauth/libcurlu_la-spnego_sspi.lo: vauth/$(am__dirstamp) \ + vauth/$(DEPDIR)/$(am__dirstamp) vtls/libcurlu_la-openssl.lo: vtls/$(am__dirstamp) \ vtls/$(DEPDIR)/$(am__dirstamp) vtls/libcurlu_la-gtls.lo: vtls/$(am__dirstamp) \ @@ -874,6 +944,8 @@ libcurlu.la: $(libcurlu_la_OBJECTS) $(libcurlu_la_DEPENDENCIES) $(EXTRA_libcurlu mostlyclean-compile: -rm -f *.$(OBJEXT) + -rm -f vauth/*.$(OBJEXT) + -rm -f vauth/*.lo -rm -f vtls/*.$(OBJEXT) -rm -f vtls/*.lo @@ -896,14 +968,10 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_gssapi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_memrchr.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_multibyte.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_ntlm.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_ntlm_core.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_ntlm_msgs.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_ntlm_wb.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_rtmp.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_sasl.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_sasl_gssapi.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_sasl_sspi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_sspi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-curl_threads.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-dict.Plo@am__quote@ @@ -931,7 +999,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-http_chunks.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-http_digest.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-http_negotiate.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-http_negotiate_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-http_ntlm.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-http_proxy.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-idn_win32.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-if2ip.Plo@am__quote@ @@ -975,6 +1043,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-strerror.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-strtok.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-strtoofft.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-system_win32.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-telnet.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-tftp.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurl_la-timeval.Plo@am__quote@ @@ -1000,14 +1069,10 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_gssapi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_memrchr.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_multibyte.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_ntlm.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_ntlm_core.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_ntlm_msgs.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_ntlm_wb.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_rtmp.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_sasl.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_sasl_gssapi.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_sasl_sspi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_sspi.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-curl_threads.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-dict.Plo@am__quote@ @@ -1035,7 +1100,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-http_chunks.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-http_digest.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-http_negotiate.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-http_negotiate_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-http_ntlm.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-http_proxy.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-idn_win32.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-if2ip.Plo@am__quote@ @@ -1079,6 +1144,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-strerror.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-strtok.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-strtoofft.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-system_win32.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-telnet.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-tftp.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-timeval.Plo@am__quote@ @@ -1088,6 +1154,30 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-warnless.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-wildcard.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcurlu_la-x509asn1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-cleartext.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-cram.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-digest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-digest_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-krb5_gssapi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-krb5_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-ntlm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-ntlm_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-oauth2.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-spnego_gssapi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-spnego_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurl_la-vauth.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-cleartext.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-cram.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-digest.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-digest_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-krb5_gssapi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-krb5_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-ntlm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-ntlm_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-oauth2.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@vauth/$(DEPDIR)/libcurlu_la-vauth.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-axtls.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-cyassl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@vtls/$(DEPDIR)/libcurl_la-darwinssl.Plo@am__quote@ @@ -1704,13 +1794,6 @@ libcurl_la-idn_win32.lo: idn_win32.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-idn_win32.lo `test -f 'idn_win32.c' || echo '$(srcdir)/'`idn_win32.c -libcurl_la-http_negotiate_sspi.lo: http_negotiate_sspi.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-http_negotiate_sspi.lo -MD -MP -MF $(DEPDIR)/libcurl_la-http_negotiate_sspi.Tpo -c -o libcurl_la-http_negotiate_sspi.lo `test -f 'http_negotiate_sspi.c' || echo '$(srcdir)/'`http_negotiate_sspi.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-http_negotiate_sspi.Tpo $(DEPDIR)/libcurl_la-http_negotiate_sspi.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http_negotiate_sspi.c' object='libcurl_la-http_negotiate_sspi.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-http_negotiate_sspi.lo `test -f 'http_negotiate_sspi.c' || echo '$(srcdir)/'`http_negotiate_sspi.c - libcurl_la-http_proxy.lo: http_proxy.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-http_proxy.lo -MD -MP -MF $(DEPDIR)/libcurl_la-http_proxy.Tpo -c -o libcurl_la-http_proxy.lo `test -f 'http_proxy.c' || echo '$(srcdir)/'`http_proxy.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-http_proxy.Tpo $(DEPDIR)/libcurl_la-http_proxy.Plo @@ -1746,12 +1829,12 @@ libcurl_la-curl_gssapi.lo: curl_gssapi.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-curl_gssapi.lo `test -f 'curl_gssapi.c' || echo '$(srcdir)/'`curl_gssapi.c -libcurl_la-curl_ntlm.lo: curl_ntlm.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-curl_ntlm.lo -MD -MP -MF $(DEPDIR)/libcurl_la-curl_ntlm.Tpo -c -o libcurl_la-curl_ntlm.lo `test -f 'curl_ntlm.c' || echo '$(srcdir)/'`curl_ntlm.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-curl_ntlm.Tpo $(DEPDIR)/libcurl_la-curl_ntlm.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curl_ntlm.c' object='libcurl_la-curl_ntlm.lo' libtool=yes @AMDEPBACKSLASH@ +libcurl_la-http_ntlm.lo: http_ntlm.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-http_ntlm.lo -MD -MP -MF $(DEPDIR)/libcurl_la-http_ntlm.Tpo -c -o libcurl_la-http_ntlm.lo `test -f 'http_ntlm.c' || echo '$(srcdir)/'`http_ntlm.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-http_ntlm.Tpo $(DEPDIR)/libcurl_la-http_ntlm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http_ntlm.c' object='libcurl_la-http_ntlm.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-curl_ntlm.lo `test -f 'curl_ntlm.c' || echo '$(srcdir)/'`curl_ntlm.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-http_ntlm.lo `test -f 'http_ntlm.c' || echo '$(srcdir)/'`http_ntlm.c libcurl_la-curl_ntlm_wb.lo: curl_ntlm_wb.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-curl_ntlm_wb.lo -MD -MP -MF $(DEPDIR)/libcurl_la-curl_ntlm_wb.Tpo -c -o libcurl_la-curl_ntlm_wb.lo `test -f 'curl_ntlm_wb.c' || echo '$(srcdir)/'`curl_ntlm_wb.c @@ -1767,13 +1850,6 @@ libcurl_la-curl_ntlm_core.lo: curl_ntlm_core.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-curl_ntlm_core.lo `test -f 'curl_ntlm_core.c' || echo '$(srcdir)/'`curl_ntlm_core.c -libcurl_la-curl_ntlm_msgs.lo: curl_ntlm_msgs.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-curl_ntlm_msgs.lo -MD -MP -MF $(DEPDIR)/libcurl_la-curl_ntlm_msgs.Tpo -c -o libcurl_la-curl_ntlm_msgs.lo `test -f 'curl_ntlm_msgs.c' || echo '$(srcdir)/'`curl_ntlm_msgs.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-curl_ntlm_msgs.Tpo $(DEPDIR)/libcurl_la-curl_ntlm_msgs.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curl_ntlm_msgs.c' object='libcurl_la-curl_ntlm_msgs.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-curl_ntlm_msgs.lo `test -f 'curl_ntlm_msgs.c' || echo '$(srcdir)/'`curl_ntlm_msgs.c - libcurl_la-curl_sasl.lo: curl_sasl.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-curl_sasl.lo -MD -MP -MF $(DEPDIR)/libcurl_la-curl_sasl.Tpo -c -o libcurl_la-curl_sasl.lo `test -f 'curl_sasl.c' || echo '$(srcdir)/'`curl_sasl.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-curl_sasl.Tpo $(DEPDIR)/libcurl_la-curl_sasl.Plo @@ -1830,13 +1906,6 @@ libcurl_la-http2.lo: http2.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-http2.lo `test -f 'http2.c' || echo '$(srcdir)/'`http2.c -libcurl_la-curl_sasl_sspi.lo: curl_sasl_sspi.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-curl_sasl_sspi.lo -MD -MP -MF $(DEPDIR)/libcurl_la-curl_sasl_sspi.Tpo -c -o libcurl_la-curl_sasl_sspi.lo `test -f 'curl_sasl_sspi.c' || echo '$(srcdir)/'`curl_sasl_sspi.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-curl_sasl_sspi.Tpo $(DEPDIR)/libcurl_la-curl_sasl_sspi.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curl_sasl_sspi.c' object='libcurl_la-curl_sasl_sspi.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-curl_sasl_sspi.lo `test -f 'curl_sasl_sspi.c' || echo '$(srcdir)/'`curl_sasl_sspi.c - libcurl_la-smb.lo: smb.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-smb.lo -MD -MP -MF $(DEPDIR)/libcurl_la-smb.Tpo -c -o libcurl_la-smb.lo `test -f 'smb.c' || echo '$(srcdir)/'`smb.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-smb.Tpo $(DEPDIR)/libcurl_la-smb.Plo @@ -1844,13 +1913,6 @@ libcurl_la-smb.lo: smb.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-smb.lo `test -f 'smb.c' || echo '$(srcdir)/'`smb.c -libcurl_la-curl_sasl_gssapi.lo: curl_sasl_gssapi.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-curl_sasl_gssapi.lo -MD -MP -MF $(DEPDIR)/libcurl_la-curl_sasl_gssapi.Tpo -c -o libcurl_la-curl_sasl_gssapi.lo `test -f 'curl_sasl_gssapi.c' || echo '$(srcdir)/'`curl_sasl_gssapi.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-curl_sasl_gssapi.Tpo $(DEPDIR)/libcurl_la-curl_sasl_gssapi.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curl_sasl_gssapi.c' object='libcurl_la-curl_sasl_gssapi.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-curl_sasl_gssapi.lo `test -f 'curl_sasl_gssapi.c' || echo '$(srcdir)/'`curl_sasl_gssapi.c - libcurl_la-curl_endian.lo: curl_endian.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-curl_endian.lo -MD -MP -MF $(DEPDIR)/libcurl_la-curl_endian.Tpo -c -o libcurl_la-curl_endian.lo `test -f 'curl_endian.c' || echo '$(srcdir)/'`curl_endian.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-curl_endian.Tpo $(DEPDIR)/libcurl_la-curl_endian.Plo @@ -1865,6 +1927,97 @@ libcurl_la-curl_des.lo: curl_des.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-curl_des.lo `test -f 'curl_des.c' || echo '$(srcdir)/'`curl_des.c +libcurl_la-system_win32.lo: system_win32.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-system_win32.lo -MD -MP -MF $(DEPDIR)/libcurl_la-system_win32.Tpo -c -o libcurl_la-system_win32.lo `test -f 'system_win32.c' || echo '$(srcdir)/'`system_win32.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-system_win32.Tpo $(DEPDIR)/libcurl_la-system_win32.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='system_win32.c' object='libcurl_la-system_win32.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-system_win32.lo `test -f 'system_win32.c' || echo '$(srcdir)/'`system_win32.c + +vauth/libcurl_la-vauth.lo: vauth/vauth.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-vauth.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-vauth.Tpo -c -o vauth/libcurl_la-vauth.lo `test -f 'vauth/vauth.c' || echo '$(srcdir)/'`vauth/vauth.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-vauth.Tpo vauth/$(DEPDIR)/libcurl_la-vauth.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/vauth.c' object='vauth/libcurl_la-vauth.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-vauth.lo `test -f 'vauth/vauth.c' || echo '$(srcdir)/'`vauth/vauth.c + +vauth/libcurl_la-cleartext.lo: vauth/cleartext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-cleartext.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-cleartext.Tpo -c -o vauth/libcurl_la-cleartext.lo `test -f 'vauth/cleartext.c' || echo '$(srcdir)/'`vauth/cleartext.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-cleartext.Tpo vauth/$(DEPDIR)/libcurl_la-cleartext.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/cleartext.c' object='vauth/libcurl_la-cleartext.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-cleartext.lo `test -f 'vauth/cleartext.c' || echo '$(srcdir)/'`vauth/cleartext.c + +vauth/libcurl_la-cram.lo: vauth/cram.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-cram.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-cram.Tpo -c -o vauth/libcurl_la-cram.lo `test -f 'vauth/cram.c' || echo '$(srcdir)/'`vauth/cram.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-cram.Tpo vauth/$(DEPDIR)/libcurl_la-cram.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/cram.c' object='vauth/libcurl_la-cram.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-cram.lo `test -f 'vauth/cram.c' || echo '$(srcdir)/'`vauth/cram.c + +vauth/libcurl_la-digest.lo: vauth/digest.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-digest.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-digest.Tpo -c -o vauth/libcurl_la-digest.lo `test -f 'vauth/digest.c' || echo '$(srcdir)/'`vauth/digest.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-digest.Tpo vauth/$(DEPDIR)/libcurl_la-digest.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/digest.c' object='vauth/libcurl_la-digest.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-digest.lo `test -f 'vauth/digest.c' || echo '$(srcdir)/'`vauth/digest.c + +vauth/libcurl_la-digest_sspi.lo: vauth/digest_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-digest_sspi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-digest_sspi.Tpo -c -o vauth/libcurl_la-digest_sspi.lo `test -f 'vauth/digest_sspi.c' || echo '$(srcdir)/'`vauth/digest_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-digest_sspi.Tpo vauth/$(DEPDIR)/libcurl_la-digest_sspi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/digest_sspi.c' object='vauth/libcurl_la-digest_sspi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-digest_sspi.lo `test -f 'vauth/digest_sspi.c' || echo '$(srcdir)/'`vauth/digest_sspi.c + +vauth/libcurl_la-krb5_gssapi.lo: vauth/krb5_gssapi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-krb5_gssapi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-krb5_gssapi.Tpo -c -o vauth/libcurl_la-krb5_gssapi.lo `test -f 'vauth/krb5_gssapi.c' || echo '$(srcdir)/'`vauth/krb5_gssapi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-krb5_gssapi.Tpo vauth/$(DEPDIR)/libcurl_la-krb5_gssapi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/krb5_gssapi.c' object='vauth/libcurl_la-krb5_gssapi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-krb5_gssapi.lo `test -f 'vauth/krb5_gssapi.c' || echo '$(srcdir)/'`vauth/krb5_gssapi.c + +vauth/libcurl_la-krb5_sspi.lo: vauth/krb5_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-krb5_sspi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-krb5_sspi.Tpo -c -o vauth/libcurl_la-krb5_sspi.lo `test -f 'vauth/krb5_sspi.c' || echo '$(srcdir)/'`vauth/krb5_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-krb5_sspi.Tpo vauth/$(DEPDIR)/libcurl_la-krb5_sspi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/krb5_sspi.c' object='vauth/libcurl_la-krb5_sspi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-krb5_sspi.lo `test -f 'vauth/krb5_sspi.c' || echo '$(srcdir)/'`vauth/krb5_sspi.c + +vauth/libcurl_la-ntlm.lo: vauth/ntlm.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-ntlm.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-ntlm.Tpo -c -o vauth/libcurl_la-ntlm.lo `test -f 'vauth/ntlm.c' || echo '$(srcdir)/'`vauth/ntlm.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-ntlm.Tpo vauth/$(DEPDIR)/libcurl_la-ntlm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/ntlm.c' object='vauth/libcurl_la-ntlm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-ntlm.lo `test -f 'vauth/ntlm.c' || echo '$(srcdir)/'`vauth/ntlm.c + +vauth/libcurl_la-ntlm_sspi.lo: vauth/ntlm_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-ntlm_sspi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-ntlm_sspi.Tpo -c -o vauth/libcurl_la-ntlm_sspi.lo `test -f 'vauth/ntlm_sspi.c' || echo '$(srcdir)/'`vauth/ntlm_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-ntlm_sspi.Tpo vauth/$(DEPDIR)/libcurl_la-ntlm_sspi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/ntlm_sspi.c' object='vauth/libcurl_la-ntlm_sspi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-ntlm_sspi.lo `test -f 'vauth/ntlm_sspi.c' || echo '$(srcdir)/'`vauth/ntlm_sspi.c + +vauth/libcurl_la-oauth2.lo: vauth/oauth2.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-oauth2.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-oauth2.Tpo -c -o vauth/libcurl_la-oauth2.lo `test -f 'vauth/oauth2.c' || echo '$(srcdir)/'`vauth/oauth2.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-oauth2.Tpo vauth/$(DEPDIR)/libcurl_la-oauth2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/oauth2.c' object='vauth/libcurl_la-oauth2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-oauth2.lo `test -f 'vauth/oauth2.c' || echo '$(srcdir)/'`vauth/oauth2.c + +vauth/libcurl_la-spnego_gssapi.lo: vauth/spnego_gssapi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-spnego_gssapi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-spnego_gssapi.Tpo -c -o vauth/libcurl_la-spnego_gssapi.lo `test -f 'vauth/spnego_gssapi.c' || echo '$(srcdir)/'`vauth/spnego_gssapi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-spnego_gssapi.Tpo vauth/$(DEPDIR)/libcurl_la-spnego_gssapi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/spnego_gssapi.c' object='vauth/libcurl_la-spnego_gssapi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-spnego_gssapi.lo `test -f 'vauth/spnego_gssapi.c' || echo '$(srcdir)/'`vauth/spnego_gssapi.c + +vauth/libcurl_la-spnego_sspi.lo: vauth/spnego_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vauth/libcurl_la-spnego_sspi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurl_la-spnego_sspi.Tpo -c -o vauth/libcurl_la-spnego_sspi.lo `test -f 'vauth/spnego_sspi.c' || echo '$(srcdir)/'`vauth/spnego_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurl_la-spnego_sspi.Tpo vauth/$(DEPDIR)/libcurl_la-spnego_sspi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/spnego_sspi.c' object='vauth/libcurl_la-spnego_sspi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurl_la-spnego_sspi.lo `test -f 'vauth/spnego_sspi.c' || echo '$(srcdir)/'`vauth/spnego_sspi.c + vtls/libcurl_la-openssl.lo: vtls/openssl.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT vtls/libcurl_la-openssl.lo -MD -MP -MF vtls/$(DEPDIR)/libcurl_la-openssl.Tpo -c -o vtls/libcurl_la-openssl.lo `test -f 'vtls/openssl.c' || echo '$(srcdir)/'`vtls/openssl.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vtls/$(DEPDIR)/libcurl_la-openssl.Tpo vtls/$(DEPDIR)/libcurl_la-openssl.Plo @@ -2516,13 +2669,6 @@ libcurlu_la-idn_win32.lo: idn_win32.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-idn_win32.lo `test -f 'idn_win32.c' || echo '$(srcdir)/'`idn_win32.c -libcurlu_la-http_negotiate_sspi.lo: http_negotiate_sspi.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-http_negotiate_sspi.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-http_negotiate_sspi.Tpo -c -o libcurlu_la-http_negotiate_sspi.lo `test -f 'http_negotiate_sspi.c' || echo '$(srcdir)/'`http_negotiate_sspi.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-http_negotiate_sspi.Tpo $(DEPDIR)/libcurlu_la-http_negotiate_sspi.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http_negotiate_sspi.c' object='libcurlu_la-http_negotiate_sspi.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-http_negotiate_sspi.lo `test -f 'http_negotiate_sspi.c' || echo '$(srcdir)/'`http_negotiate_sspi.c - libcurlu_la-http_proxy.lo: http_proxy.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-http_proxy.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-http_proxy.Tpo -c -o libcurlu_la-http_proxy.lo `test -f 'http_proxy.c' || echo '$(srcdir)/'`http_proxy.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-http_proxy.Tpo $(DEPDIR)/libcurlu_la-http_proxy.Plo @@ -2558,12 +2704,12 @@ libcurlu_la-curl_gssapi.lo: curl_gssapi.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-curl_gssapi.lo `test -f 'curl_gssapi.c' || echo '$(srcdir)/'`curl_gssapi.c -libcurlu_la-curl_ntlm.lo: curl_ntlm.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-curl_ntlm.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-curl_ntlm.Tpo -c -o libcurlu_la-curl_ntlm.lo `test -f 'curl_ntlm.c' || echo '$(srcdir)/'`curl_ntlm.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-curl_ntlm.Tpo $(DEPDIR)/libcurlu_la-curl_ntlm.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curl_ntlm.c' object='libcurlu_la-curl_ntlm.lo' libtool=yes @AMDEPBACKSLASH@ +libcurlu_la-http_ntlm.lo: http_ntlm.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-http_ntlm.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-http_ntlm.Tpo -c -o libcurlu_la-http_ntlm.lo `test -f 'http_ntlm.c' || echo '$(srcdir)/'`http_ntlm.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-http_ntlm.Tpo $(DEPDIR)/libcurlu_la-http_ntlm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http_ntlm.c' object='libcurlu_la-http_ntlm.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-curl_ntlm.lo `test -f 'curl_ntlm.c' || echo '$(srcdir)/'`curl_ntlm.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-http_ntlm.lo `test -f 'http_ntlm.c' || echo '$(srcdir)/'`http_ntlm.c libcurlu_la-curl_ntlm_wb.lo: curl_ntlm_wb.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-curl_ntlm_wb.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-curl_ntlm_wb.Tpo -c -o libcurlu_la-curl_ntlm_wb.lo `test -f 'curl_ntlm_wb.c' || echo '$(srcdir)/'`curl_ntlm_wb.c @@ -2579,13 +2725,6 @@ libcurlu_la-curl_ntlm_core.lo: curl_ntlm_core.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-curl_ntlm_core.lo `test -f 'curl_ntlm_core.c' || echo '$(srcdir)/'`curl_ntlm_core.c -libcurlu_la-curl_ntlm_msgs.lo: curl_ntlm_msgs.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-curl_ntlm_msgs.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-curl_ntlm_msgs.Tpo -c -o libcurlu_la-curl_ntlm_msgs.lo `test -f 'curl_ntlm_msgs.c' || echo '$(srcdir)/'`curl_ntlm_msgs.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-curl_ntlm_msgs.Tpo $(DEPDIR)/libcurlu_la-curl_ntlm_msgs.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curl_ntlm_msgs.c' object='libcurlu_la-curl_ntlm_msgs.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-curl_ntlm_msgs.lo `test -f 'curl_ntlm_msgs.c' || echo '$(srcdir)/'`curl_ntlm_msgs.c - libcurlu_la-curl_sasl.lo: curl_sasl.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-curl_sasl.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-curl_sasl.Tpo -c -o libcurlu_la-curl_sasl.lo `test -f 'curl_sasl.c' || echo '$(srcdir)/'`curl_sasl.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-curl_sasl.Tpo $(DEPDIR)/libcurlu_la-curl_sasl.Plo @@ -2642,13 +2781,6 @@ libcurlu_la-http2.lo: http2.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-http2.lo `test -f 'http2.c' || echo '$(srcdir)/'`http2.c -libcurlu_la-curl_sasl_sspi.lo: curl_sasl_sspi.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-curl_sasl_sspi.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-curl_sasl_sspi.Tpo -c -o libcurlu_la-curl_sasl_sspi.lo `test -f 'curl_sasl_sspi.c' || echo '$(srcdir)/'`curl_sasl_sspi.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-curl_sasl_sspi.Tpo $(DEPDIR)/libcurlu_la-curl_sasl_sspi.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curl_sasl_sspi.c' object='libcurlu_la-curl_sasl_sspi.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-curl_sasl_sspi.lo `test -f 'curl_sasl_sspi.c' || echo '$(srcdir)/'`curl_sasl_sspi.c - libcurlu_la-smb.lo: smb.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-smb.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-smb.Tpo -c -o libcurlu_la-smb.lo `test -f 'smb.c' || echo '$(srcdir)/'`smb.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-smb.Tpo $(DEPDIR)/libcurlu_la-smb.Plo @@ -2656,13 +2788,6 @@ libcurlu_la-smb.lo: smb.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-smb.lo `test -f 'smb.c' || echo '$(srcdir)/'`smb.c -libcurlu_la-curl_sasl_gssapi.lo: curl_sasl_gssapi.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-curl_sasl_gssapi.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-curl_sasl_gssapi.Tpo -c -o libcurlu_la-curl_sasl_gssapi.lo `test -f 'curl_sasl_gssapi.c' || echo '$(srcdir)/'`curl_sasl_gssapi.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-curl_sasl_gssapi.Tpo $(DEPDIR)/libcurlu_la-curl_sasl_gssapi.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curl_sasl_gssapi.c' object='libcurlu_la-curl_sasl_gssapi.lo' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-curl_sasl_gssapi.lo `test -f 'curl_sasl_gssapi.c' || echo '$(srcdir)/'`curl_sasl_gssapi.c - libcurlu_la-curl_endian.lo: curl_endian.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-curl_endian.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-curl_endian.Tpo -c -o libcurlu_la-curl_endian.lo `test -f 'curl_endian.c' || echo '$(srcdir)/'`curl_endian.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-curl_endian.Tpo $(DEPDIR)/libcurlu_la-curl_endian.Plo @@ -2677,6 +2802,97 @@ libcurlu_la-curl_des.lo: curl_des.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-curl_des.lo `test -f 'curl_des.c' || echo '$(srcdir)/'`curl_des.c +libcurlu_la-system_win32.lo: system_win32.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-system_win32.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-system_win32.Tpo -c -o libcurlu_la-system_win32.lo `test -f 'system_win32.c' || echo '$(srcdir)/'`system_win32.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-system_win32.Tpo $(DEPDIR)/libcurlu_la-system_win32.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='system_win32.c' object='libcurlu_la-system_win32.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-system_win32.lo `test -f 'system_win32.c' || echo '$(srcdir)/'`system_win32.c + +vauth/libcurlu_la-vauth.lo: vauth/vauth.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-vauth.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-vauth.Tpo -c -o vauth/libcurlu_la-vauth.lo `test -f 'vauth/vauth.c' || echo '$(srcdir)/'`vauth/vauth.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-vauth.Tpo vauth/$(DEPDIR)/libcurlu_la-vauth.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/vauth.c' object='vauth/libcurlu_la-vauth.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-vauth.lo `test -f 'vauth/vauth.c' || echo '$(srcdir)/'`vauth/vauth.c + +vauth/libcurlu_la-cleartext.lo: vauth/cleartext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-cleartext.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-cleartext.Tpo -c -o vauth/libcurlu_la-cleartext.lo `test -f 'vauth/cleartext.c' || echo '$(srcdir)/'`vauth/cleartext.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-cleartext.Tpo vauth/$(DEPDIR)/libcurlu_la-cleartext.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/cleartext.c' object='vauth/libcurlu_la-cleartext.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-cleartext.lo `test -f 'vauth/cleartext.c' || echo '$(srcdir)/'`vauth/cleartext.c + +vauth/libcurlu_la-cram.lo: vauth/cram.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-cram.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-cram.Tpo -c -o vauth/libcurlu_la-cram.lo `test -f 'vauth/cram.c' || echo '$(srcdir)/'`vauth/cram.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-cram.Tpo vauth/$(DEPDIR)/libcurlu_la-cram.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/cram.c' object='vauth/libcurlu_la-cram.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-cram.lo `test -f 'vauth/cram.c' || echo '$(srcdir)/'`vauth/cram.c + +vauth/libcurlu_la-digest.lo: vauth/digest.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-digest.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-digest.Tpo -c -o vauth/libcurlu_la-digest.lo `test -f 'vauth/digest.c' || echo '$(srcdir)/'`vauth/digest.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-digest.Tpo vauth/$(DEPDIR)/libcurlu_la-digest.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/digest.c' object='vauth/libcurlu_la-digest.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-digest.lo `test -f 'vauth/digest.c' || echo '$(srcdir)/'`vauth/digest.c + +vauth/libcurlu_la-digest_sspi.lo: vauth/digest_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-digest_sspi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-digest_sspi.Tpo -c -o vauth/libcurlu_la-digest_sspi.lo `test -f 'vauth/digest_sspi.c' || echo '$(srcdir)/'`vauth/digest_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-digest_sspi.Tpo vauth/$(DEPDIR)/libcurlu_la-digest_sspi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/digest_sspi.c' object='vauth/libcurlu_la-digest_sspi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-digest_sspi.lo `test -f 'vauth/digest_sspi.c' || echo '$(srcdir)/'`vauth/digest_sspi.c + +vauth/libcurlu_la-krb5_gssapi.lo: vauth/krb5_gssapi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-krb5_gssapi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-krb5_gssapi.Tpo -c -o vauth/libcurlu_la-krb5_gssapi.lo `test -f 'vauth/krb5_gssapi.c' || echo '$(srcdir)/'`vauth/krb5_gssapi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-krb5_gssapi.Tpo vauth/$(DEPDIR)/libcurlu_la-krb5_gssapi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/krb5_gssapi.c' object='vauth/libcurlu_la-krb5_gssapi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-krb5_gssapi.lo `test -f 'vauth/krb5_gssapi.c' || echo '$(srcdir)/'`vauth/krb5_gssapi.c + +vauth/libcurlu_la-krb5_sspi.lo: vauth/krb5_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-krb5_sspi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-krb5_sspi.Tpo -c -o vauth/libcurlu_la-krb5_sspi.lo `test -f 'vauth/krb5_sspi.c' || echo '$(srcdir)/'`vauth/krb5_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-krb5_sspi.Tpo vauth/$(DEPDIR)/libcurlu_la-krb5_sspi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/krb5_sspi.c' object='vauth/libcurlu_la-krb5_sspi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-krb5_sspi.lo `test -f 'vauth/krb5_sspi.c' || echo '$(srcdir)/'`vauth/krb5_sspi.c + +vauth/libcurlu_la-ntlm.lo: vauth/ntlm.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-ntlm.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-ntlm.Tpo -c -o vauth/libcurlu_la-ntlm.lo `test -f 'vauth/ntlm.c' || echo '$(srcdir)/'`vauth/ntlm.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-ntlm.Tpo vauth/$(DEPDIR)/libcurlu_la-ntlm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/ntlm.c' object='vauth/libcurlu_la-ntlm.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-ntlm.lo `test -f 'vauth/ntlm.c' || echo '$(srcdir)/'`vauth/ntlm.c + +vauth/libcurlu_la-ntlm_sspi.lo: vauth/ntlm_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-ntlm_sspi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-ntlm_sspi.Tpo -c -o vauth/libcurlu_la-ntlm_sspi.lo `test -f 'vauth/ntlm_sspi.c' || echo '$(srcdir)/'`vauth/ntlm_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-ntlm_sspi.Tpo vauth/$(DEPDIR)/libcurlu_la-ntlm_sspi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/ntlm_sspi.c' object='vauth/libcurlu_la-ntlm_sspi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-ntlm_sspi.lo `test -f 'vauth/ntlm_sspi.c' || echo '$(srcdir)/'`vauth/ntlm_sspi.c + +vauth/libcurlu_la-oauth2.lo: vauth/oauth2.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-oauth2.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-oauth2.Tpo -c -o vauth/libcurlu_la-oauth2.lo `test -f 'vauth/oauth2.c' || echo '$(srcdir)/'`vauth/oauth2.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-oauth2.Tpo vauth/$(DEPDIR)/libcurlu_la-oauth2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/oauth2.c' object='vauth/libcurlu_la-oauth2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-oauth2.lo `test -f 'vauth/oauth2.c' || echo '$(srcdir)/'`vauth/oauth2.c + +vauth/libcurlu_la-spnego_gssapi.lo: vauth/spnego_gssapi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-spnego_gssapi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Tpo -c -o vauth/libcurlu_la-spnego_gssapi.lo `test -f 'vauth/spnego_gssapi.c' || echo '$(srcdir)/'`vauth/spnego_gssapi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Tpo vauth/$(DEPDIR)/libcurlu_la-spnego_gssapi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/spnego_gssapi.c' object='vauth/libcurlu_la-spnego_gssapi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-spnego_gssapi.lo `test -f 'vauth/spnego_gssapi.c' || echo '$(srcdir)/'`vauth/spnego_gssapi.c + +vauth/libcurlu_la-spnego_sspi.lo: vauth/spnego_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vauth/libcurlu_la-spnego_sspi.lo -MD -MP -MF vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Tpo -c -o vauth/libcurlu_la-spnego_sspi.lo `test -f 'vauth/spnego_sspi.c' || echo '$(srcdir)/'`vauth/spnego_sspi.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Tpo vauth/$(DEPDIR)/libcurlu_la-spnego_sspi.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='vauth/spnego_sspi.c' object='vauth/libcurlu_la-spnego_sspi.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o vauth/libcurlu_la-spnego_sspi.lo `test -f 'vauth/spnego_sspi.c' || echo '$(srcdir)/'`vauth/spnego_sspi.c + vtls/libcurlu_la-openssl.lo: vtls/openssl.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT vtls/libcurlu_la-openssl.lo -MD -MP -MF vtls/$(DEPDIR)/libcurlu_la-openssl.Tpo -c -o vtls/libcurlu_la-openssl.lo `test -f 'vtls/openssl.c' || echo '$(srcdir)/'`vtls/openssl.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) vtls/$(DEPDIR)/libcurlu_la-openssl.Tpo vtls/$(DEPDIR)/libcurlu_la-openssl.Plo @@ -2766,6 +2982,7 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs + -rm -rf vauth/.libs vauth/_libs -rm -rf vtls/.libs vtls/_libs ID: $(am__tagged_files) @@ -2884,6 +3101,8 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + -rm -f vauth/$(DEPDIR)/$(am__dirstamp) + -rm -f vauth/$(am__dirstamp) -rm -f vtls/$(DEPDIR)/$(am__dirstamp) -rm -f vtls/$(am__dirstamp) @@ -2896,7 +3115,7 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ clean-noinstLTLIBRARIES mostlyclean-am distclean: distclean-am - -rm -rf ./$(DEPDIR) vtls/$(DEPDIR) + -rm -rf ./$(DEPDIR) vauth/$(DEPDIR) vtls/$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-hdr distclean-tags @@ -2942,7 +3161,7 @@ install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) vtls/$(DEPDIR) + -rm -rf ./$(DEPDIR) vauth/$(DEPDIR) vtls/$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -2982,7 +3201,8 @@ uninstall-am: uninstall-libLTLIBRARIES checksrc: - @@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(top_srcdir)/lib $(CSOURCES) $(HHEADERS) + @PERL@ $(srcdir)/checksrc.pl -D$(srcdir) -W$(srcdir)/curl_config.h \ + $(srcdir)/*.[ch] $(srcdir)/vauth/*.[ch] $(srcdir)/vtls/*.[ch] # for debug builds, we scan the sources on all regular make invokes @CURLDEBUG_TRUE@all-local: checksrc diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 39884d0b1..0ed998c13 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -20,6 +20,13 @@ # ########################################################################### +LIB_VAUTH_CFILES = vauth/vauth.c vauth/cleartext.c vauth/cram.c \ + vauth/digest.c vauth/digest_sspi.c vauth/krb5_gssapi.c \ + vauth/krb5_sspi.c vauth/ntlm.c vauth/ntlm_sspi.c vauth/oauth2.c \ + vauth/spnego_gssapi.c vauth/spnego_sspi.c + +LIB_VAUTH_HFILES = vauth/vauth.h vauth/digest.h vauth/ntlm.h + LIB_VTLS_CFILES = vtls/openssl.c vtls/gtls.c vtls/vtls.c vtls/nss.c \ vtls/polarssl.c vtls/polarssl_threadlock.c vtls/axtls.c \ vtls/cyassl.c vtls/schannel.c vtls/darwinssl.c vtls/gskit.c \ @@ -43,12 +50,10 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \ pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c \ openldap.c curl_gethostname.c gopher.c idn_win32.c \ - http_negotiate_sspi.c http_proxy.c non-ascii.c asyn-ares.c \ - asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \ - curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_multibyte.c \ - hostcheck.c conncache.c pipeline.c dotdot.c x509asn1.c \ - http2.c curl_sasl_sspi.c smb.c curl_sasl_gssapi.c curl_endian.c \ - curl_des.c + http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \ + http_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c \ + curl_multibyte.c hostcheck.c conncache.c pipeline.c dotdot.c \ + x509asn1.c http2.c smb.c curl_endian.c curl_des.c system_win32.c LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h \ @@ -63,13 +68,13 @@ LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ slist.h nonblock.h curl_memrchr.h imap.h pop3.h smtp.h pingpong.h \ rtsp.h curl_threads.h warnless.h curl_hmac.h curl_rtmp.h \ curl_gethostname.h gopher.h http_proxy.h non-ascii.h asyn.h \ - curl_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h \ - curl_ntlm_msgs.h curl_sasl.h curl_multibyte.h hostcheck.h \ - conncache.h curl_setup_once.h multihandle.h setup-vms.h pipeline.h \ - dotdot.h x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \ - curl_printf.h + http_ntlm.h curl_gssapi.h curl_ntlm_wb.h curl_ntlm_core.h \ + curl_sasl.h curl_multibyte.h hostcheck.h conncache.h \ + curl_setup_once.h multihandle.h setup-vms.h pipeline.h dotdot.h \ + x509asn1.h http2.h sigpipe.h smb.h curl_endian.h curl_des.h \ + curl_printf.h system_win32.h LIB_RCFILES = libcurl.rc -CSOURCES = $(LIB_CFILES) $(LIB_VTLS_CFILES) -HHEADERS = $(LIB_HFILES) $(LIB_VTLS_HFILES) +CSOURCES = $(LIB_CFILES) $(LIB_VAUTH_CFILES) $(LIB_VTLS_CFILES) +HHEADERS = $(LIB_HFILES) $(LIB_VAUTH_HFILES) $(LIB_VTLS_HFILES) diff --git a/lib/Makefile.m32 b/lib/Makefile.m32 index 2142bfc42..522dbd1df 100644 --- a/lib/Makefile.m32 +++ b/lib/Makefile.m32 @@ -258,6 +258,10 @@ ifdef SSL CFLAGS += -DHAVE_OPENSSL_SRP -DUSE_TLS_SRP endif endif +else +ifdef WINSSL + DLL_LIBS += -lcrypt32 +endif endif ifdef ZLIB INCLUDES += -I"$(ZLIB_PATH)" diff --git a/lib/Makefile.netware b/lib/Makefile.netware index 789670fb4..ee7e87ce7 100644 --- a/lib/Makefile.netware +++ b/lib/Makefile.netware @@ -351,7 +351,7 @@ OBJS := $(patsubst %.c,$(OBJDIR)/%.o,$(strip $(notdir $(CSOURCES)))) $(OBJDIR)/n OBJL = $(OBJS) $(OBJDIR)/nwlib.o $(LDLIBS) -vpath %.c . vtls +vpath %.c . vauth vtls all: lib nlm diff --git a/lib/Makefile.vc10 b/lib/Makefile.vc10 index 6d1de4882..61de19846 100644 --- a/lib/Makefile.vc10 +++ b/lib/Makefile.vc10 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -115,6 +115,7 @@ LNKDLL = link.exe /DLL LNKLIB = link.exe /lib LFLAGS = /nologo /machine:$(MACHINE) SSLLIBS = libeay32.lib ssleay32.lib +WINSSLLIBS = crypt32.lib ZLIBLIBSDLL = zdll.lib ZLIBLIBS = zlib.lib WINLIBS = ws2_32.lib wldap32.lib advapi32.lib @@ -176,7 +177,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -213,7 +214,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -540,14 +541,10 @@ X_OBJS= \ $(DIROBJ)\curl_gssapi.obj \ $(DIROBJ)\curl_memrchr.obj \ $(DIROBJ)\curl_multibyte.obj \ - $(DIROBJ)\curl_ntlm.obj \ $(DIROBJ)\curl_ntlm_core.obj \ - $(DIROBJ)\curl_ntlm_msgs.obj \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ - $(DIROBJ)\curl_sasl_gssapi.obj \ - $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_sspi.obj \ $(DIROBJ)\curl_threads.obj \ $(DIROBJ)\cyassl.obj \ @@ -577,7 +574,7 @@ X_OBJS= \ $(DIROBJ)\http_chunks.obj \ $(DIROBJ)\http_digest.obj \ $(DIROBJ)\http_negotiate.obj \ - $(DIROBJ)\http_negotiate_sspi.obj \ + $(DIROBJ)\http_ntlm.obj \ $(DIROBJ)\http_proxy.obj \ $(DIROBJ)\idn_win32.obj \ $(DIROBJ)\if2ip.obj \ @@ -620,6 +617,19 @@ X_OBJS= \ $(DIROBJ)\speedcheck.obj \ $(DIROBJ)\splay.obj \ $(DIROBJ)\ssh.obj \ + $(DIROBJ)\system_win32.obj \ + $(DIROBJ)\vauth.obj \ + $(DIROBJ)\cleartext.obj \ + $(DIROBJ)\cram.obj \ + $(DIROBJ)\digest.obj \ + $(DIROBJ)\digest_sspi.obj \ + $(DIROBJ)\krb5_gssapi.obj \ + $(DIROBJ)\krb5_sspi.obj \ + $(DIROBJ)\ntlm.obj \ + $(DIROBJ)\ntlm_sspi.obj \ + $(DIROBJ)\oauth2.obj \ + $(DIROBJ)\spnego_gssapi.obj \ + $(DIROBJ)\spnego_sspi.obj \ $(DIROBJ)\vtls.obj \ $(DIROBJ)\openssl.obj \ $(DIROBJ)\strdup.obj \ @@ -635,6 +645,7 @@ X_OBJS= \ $(DIROBJ)\version.obj \ $(DIROBJ)\warnless.obj \ $(DIROBJ)\wildcard.obj \ + $(DIROBJ)\x509asn1.obj \ $(RESOURCE) all : $(TARGET) @@ -660,6 +671,9 @@ $(DIROBJ): {.\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< +{.\vauth\}.c{$(DIROBJ)\}.obj: + $(CC) $(CFLAGS) /Fo"$@" $< + {.\vtls\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< diff --git a/lib/Makefile.vc11 b/lib/Makefile.vc11 index 5e093491f..b610f5e94 100644 --- a/lib/Makefile.vc11 +++ b/lib/Makefile.vc11 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -115,6 +115,7 @@ LNKDLL = link.exe /DLL LNKLIB = link.exe /lib LFLAGS = /nologo /machine:$(MACHINE) SSLLIBS = libeay32.lib ssleay32.lib +WINSSLLIBS = crypt32.lib ZLIBLIBSDLL = zdll.lib ZLIBLIBS = zlib.lib WINLIBS = ws2_32.lib wldap32.lib advapi32.lib @@ -176,7 +177,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -213,7 +214,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -540,14 +541,10 @@ X_OBJS= \ $(DIROBJ)\curl_gssapi.obj \ $(DIROBJ)\curl_memrchr.obj \ $(DIROBJ)\curl_multibyte.obj \ - $(DIROBJ)\curl_ntlm.obj \ $(DIROBJ)\curl_ntlm_core.obj \ - $(DIROBJ)\curl_ntlm_msgs.obj \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ - $(DIROBJ)\curl_sasl_gssapi.obj \ - $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_sspi.obj \ $(DIROBJ)\curl_threads.obj \ $(DIROBJ)\cyassl.obj \ @@ -577,7 +574,7 @@ X_OBJS= \ $(DIROBJ)\http_chunks.obj \ $(DIROBJ)\http_digest.obj \ $(DIROBJ)\http_negotiate.obj \ - $(DIROBJ)\http_negotiate_sspi.obj \ + $(DIROBJ)\http_ntlm.obj \ $(DIROBJ)\http_proxy.obj \ $(DIROBJ)\idn_win32.obj \ $(DIROBJ)\if2ip.obj \ @@ -620,6 +617,19 @@ X_OBJS= \ $(DIROBJ)\speedcheck.obj \ $(DIROBJ)\splay.obj \ $(DIROBJ)\ssh.obj \ + $(DIROBJ)\system_win32.obj \ + $(DIROBJ)\vauth.obj \ + $(DIROBJ)\cleartext.obj \ + $(DIROBJ)\cram.obj \ + $(DIROBJ)\digest.obj \ + $(DIROBJ)\digest_sspi.obj \ + $(DIROBJ)\krb5_gssapi.obj \ + $(DIROBJ)\krb5_sspi.obj \ + $(DIROBJ)\ntlm.obj \ + $(DIROBJ)\ntlm_sspi.obj \ + $(DIROBJ)\oauth2.obj \ + $(DIROBJ)\spnego_gssapi.obj \ + $(DIROBJ)\spnego_sspi.obj \ $(DIROBJ)\vtls.obj \ $(DIROBJ)\openssl.obj \ $(DIROBJ)\strdup.obj \ @@ -635,6 +645,7 @@ X_OBJS= \ $(DIROBJ)\version.obj \ $(DIROBJ)\warnless.obj \ $(DIROBJ)\wildcard.obj \ + $(DIROBJ)\x509asn1.obj \ $(RESOURCE) all : $(TARGET) @@ -660,6 +671,9 @@ $(DIROBJ): {.\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< +{.\vauth\}.c{$(DIROBJ)\}.obj: + $(CC) $(CFLAGS) /Fo"$@" $< + {.\vtls\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< diff --git a/lib/Makefile.vc12 b/lib/Makefile.vc12 index 45b9d7267..e2f6fc8b2 100644 --- a/lib/Makefile.vc12 +++ b/lib/Makefile.vc12 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -115,6 +115,7 @@ LNKDLL = link.exe /DLL LNKLIB = link.exe /lib LFLAGS = /nologo /machine:$(MACHINE) SSLLIBS = libeay32.lib ssleay32.lib +WINSSLLIBS = crypt32.lib ZLIBLIBSDLL = zdll.lib ZLIBLIBS = zlib.lib WINLIBS = ws2_32.lib wldap32.lib advapi32.lib @@ -176,7 +177,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -213,7 +214,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -540,14 +541,10 @@ X_OBJS= \ $(DIROBJ)\curl_gssapi.obj \ $(DIROBJ)\curl_memrchr.obj \ $(DIROBJ)\curl_multibyte.obj \ - $(DIROBJ)\curl_ntlm.obj \ $(DIROBJ)\curl_ntlm_core.obj \ - $(DIROBJ)\curl_ntlm_msgs.obj \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ - $(DIROBJ)\curl_sasl_gssapi.obj \ - $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_sspi.obj \ $(DIROBJ)\curl_threads.obj \ $(DIROBJ)\cyassl.obj \ @@ -577,7 +574,7 @@ X_OBJS= \ $(DIROBJ)\http_chunks.obj \ $(DIROBJ)\http_digest.obj \ $(DIROBJ)\http_negotiate.obj \ - $(DIROBJ)\http_negotiate_sspi.obj \ + $(DIROBJ)\http_ntlm.obj \ $(DIROBJ)\http_proxy.obj \ $(DIROBJ)\idn_win32.obj \ $(DIROBJ)\if2ip.obj \ @@ -620,6 +617,19 @@ X_OBJS= \ $(DIROBJ)\speedcheck.obj \ $(DIROBJ)\splay.obj \ $(DIROBJ)\ssh.obj \ + $(DIROBJ)\system_win32.obj \ + $(DIROBJ)\vauth.obj \ + $(DIROBJ)\cleartext.obj \ + $(DIROBJ)\cram.obj \ + $(DIROBJ)\digest.obj \ + $(DIROBJ)\digest_sspi.obj \ + $(DIROBJ)\krb5_gssapi.obj \ + $(DIROBJ)\krb5_sspi.obj \ + $(DIROBJ)\ntlm.obj \ + $(DIROBJ)\ntlm_sspi.obj \ + $(DIROBJ)\oauth2.obj \ + $(DIROBJ)\spnego_gssapi.obj \ + $(DIROBJ)\spnego_sspi.obj \ $(DIROBJ)\vtls.obj \ $(DIROBJ)\openssl.obj \ $(DIROBJ)\strdup.obj \ @@ -635,6 +645,7 @@ X_OBJS= \ $(DIROBJ)\version.obj \ $(DIROBJ)\warnless.obj \ $(DIROBJ)\wildcard.obj \ + $(DIROBJ)\x509asn1.obj \ $(RESOURCE) all : $(TARGET) @@ -660,6 +671,9 @@ $(DIROBJ): {.\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< +{.\vauth\}.c{$(DIROBJ)\}.obj: + $(CC) $(CFLAGS) /Fo"$@" $< + {.\vtls\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< diff --git a/lib/Makefile.vc14 b/lib/Makefile.vc14 index 0714af369..e8bec2f59 100644 --- a/lib/Makefile.vc14 +++ b/lib/Makefile.vc14 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -115,6 +115,7 @@ LNKDLL = link.exe /DLL LNKLIB = link.exe /lib LFLAGS = /nologo /machine:$(MACHINE) SSLLIBS = libeay32.lib ssleay32.lib +WINSSLLIBS = crypt32.lib ZLIBLIBSDLL = zdll.lib ZLIBLIBS = zlib.lib WINLIBS = ws2_32.lib wldap32.lib advapi32.lib @@ -176,7 +177,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -213,7 +214,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -540,14 +541,10 @@ X_OBJS= \ $(DIROBJ)\curl_gssapi.obj \ $(DIROBJ)\curl_memrchr.obj \ $(DIROBJ)\curl_multibyte.obj \ - $(DIROBJ)\curl_ntlm.obj \ $(DIROBJ)\curl_ntlm_core.obj \ - $(DIROBJ)\curl_ntlm_msgs.obj \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ - $(DIROBJ)\curl_sasl_gssapi.obj \ - $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_sspi.obj \ $(DIROBJ)\curl_threads.obj \ $(DIROBJ)\cyassl.obj \ @@ -577,7 +574,7 @@ X_OBJS= \ $(DIROBJ)\http_chunks.obj \ $(DIROBJ)\http_digest.obj \ $(DIROBJ)\http_negotiate.obj \ - $(DIROBJ)\http_negotiate_sspi.obj \ + $(DIROBJ)\http_ntlm.obj \ $(DIROBJ)\http_proxy.obj \ $(DIROBJ)\idn_win32.obj \ $(DIROBJ)\if2ip.obj \ @@ -620,6 +617,19 @@ X_OBJS= \ $(DIROBJ)\speedcheck.obj \ $(DIROBJ)\splay.obj \ $(DIROBJ)\ssh.obj \ + $(DIROBJ)\system_win32.obj \ + $(DIROBJ)\vauth.obj \ + $(DIROBJ)\cleartext.obj \ + $(DIROBJ)\cram.obj \ + $(DIROBJ)\digest.obj \ + $(DIROBJ)\digest_sspi.obj \ + $(DIROBJ)\krb5_gssapi.obj \ + $(DIROBJ)\krb5_sspi.obj \ + $(DIROBJ)\ntlm.obj \ + $(DIROBJ)\ntlm_sspi.obj \ + $(DIROBJ)\oauth2.obj \ + $(DIROBJ)\spnego_gssapi.obj \ + $(DIROBJ)\spnego_sspi.obj \ $(DIROBJ)\vtls.obj \ $(DIROBJ)\openssl.obj \ $(DIROBJ)\strdup.obj \ @@ -635,6 +645,7 @@ X_OBJS= \ $(DIROBJ)\version.obj \ $(DIROBJ)\warnless.obj \ $(DIROBJ)\wildcard.obj \ + $(DIROBJ)\x509asn1.obj \ $(RESOURCE) all : $(TARGET) @@ -660,6 +671,9 @@ $(DIROBJ): {.\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< +{.\vauth\}.c{$(DIROBJ)\}.obj: + $(CC) $(CFLAGS) /Fo"$@" $< + {.\vtls\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< diff --git a/lib/Makefile.vc6 b/lib/Makefile.vc6 index ba903c9db..e783e3ae2 100644 --- a/lib/Makefile.vc6 +++ b/lib/Makefile.vc6 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -115,6 +115,7 @@ LNKDLL = link.exe /DLL LNKLIB = link.exe /lib LFLAGS = /nologo /machine:$(MACHINE) SSLLIBS = libeay32.lib ssleay32.lib +WINSSLLIBS = crypt32.lib ZLIBLIBSDLL = zdll.lib ZLIBLIBS = zlib.lib WINLIBS = ws2_32.lib wldap32.lib advapi32.lib @@ -176,7 +177,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -213,7 +214,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -540,14 +541,10 @@ X_OBJS= \ $(DIROBJ)\curl_gssapi.obj \ $(DIROBJ)\curl_memrchr.obj \ $(DIROBJ)\curl_multibyte.obj \ - $(DIROBJ)\curl_ntlm.obj \ $(DIROBJ)\curl_ntlm_core.obj \ - $(DIROBJ)\curl_ntlm_msgs.obj \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ - $(DIROBJ)\curl_sasl_gssapi.obj \ - $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_sspi.obj \ $(DIROBJ)\curl_threads.obj \ $(DIROBJ)\cyassl.obj \ @@ -577,7 +574,7 @@ X_OBJS= \ $(DIROBJ)\http_chunks.obj \ $(DIROBJ)\http_digest.obj \ $(DIROBJ)\http_negotiate.obj \ - $(DIROBJ)\http_negotiate_sspi.obj \ + $(DIROBJ)\http_ntlm.obj \ $(DIROBJ)\http_proxy.obj \ $(DIROBJ)\idn_win32.obj \ $(DIROBJ)\if2ip.obj \ @@ -620,6 +617,19 @@ X_OBJS= \ $(DIROBJ)\speedcheck.obj \ $(DIROBJ)\splay.obj \ $(DIROBJ)\ssh.obj \ + $(DIROBJ)\system_win32.obj \ + $(DIROBJ)\vauth.obj \ + $(DIROBJ)\cleartext.obj \ + $(DIROBJ)\cram.obj \ + $(DIROBJ)\digest.obj \ + $(DIROBJ)\digest_sspi.obj \ + $(DIROBJ)\krb5_gssapi.obj \ + $(DIROBJ)\krb5_sspi.obj \ + $(DIROBJ)\ntlm.obj \ + $(DIROBJ)\ntlm_sspi.obj \ + $(DIROBJ)\oauth2.obj \ + $(DIROBJ)\spnego_gssapi.obj \ + $(DIROBJ)\spnego_sspi.obj \ $(DIROBJ)\vtls.obj \ $(DIROBJ)\openssl.obj \ $(DIROBJ)\strdup.obj \ @@ -635,6 +645,7 @@ X_OBJS= \ $(DIROBJ)\version.obj \ $(DIROBJ)\warnless.obj \ $(DIROBJ)\wildcard.obj \ + $(DIROBJ)\x509asn1.obj \ $(RESOURCE) all : $(TARGET) @@ -660,6 +671,9 @@ $(DIROBJ): {.\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< +{.\vauth\}.c{$(DIROBJ)\}.obj: + $(CC) $(CFLAGS) /Fo"$@" $< + {.\vtls\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< diff --git a/lib/Makefile.vc7 b/lib/Makefile.vc7 index 76daae33f..7244b46be 100644 --- a/lib/Makefile.vc7 +++ b/lib/Makefile.vc7 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -115,6 +115,7 @@ LNKDLL = link.exe /DLL LNKLIB = link.exe /lib LFLAGS = /nologo /machine:$(MACHINE) SSLLIBS = libeay32.lib ssleay32.lib +WINSSLLIBS = crypt32.lib ZLIBLIBSDLL = zdll.lib ZLIBLIBS = zlib.lib WINLIBS = ws2_32.lib wldap32.lib advapi32.lib @@ -176,7 +177,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -213,7 +214,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -540,14 +541,10 @@ X_OBJS= \ $(DIROBJ)\curl_gssapi.obj \ $(DIROBJ)\curl_memrchr.obj \ $(DIROBJ)\curl_multibyte.obj \ - $(DIROBJ)\curl_ntlm.obj \ $(DIROBJ)\curl_ntlm_core.obj \ - $(DIROBJ)\curl_ntlm_msgs.obj \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ - $(DIROBJ)\curl_sasl_gssapi.obj \ - $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_sspi.obj \ $(DIROBJ)\curl_threads.obj \ $(DIROBJ)\cyassl.obj \ @@ -577,7 +574,7 @@ X_OBJS= \ $(DIROBJ)\http_chunks.obj \ $(DIROBJ)\http_digest.obj \ $(DIROBJ)\http_negotiate.obj \ - $(DIROBJ)\http_negotiate_sspi.obj \ + $(DIROBJ)\http_ntlm.obj \ $(DIROBJ)\http_proxy.obj \ $(DIROBJ)\idn_win32.obj \ $(DIROBJ)\if2ip.obj \ @@ -620,6 +617,19 @@ X_OBJS= \ $(DIROBJ)\speedcheck.obj \ $(DIROBJ)\splay.obj \ $(DIROBJ)\ssh.obj \ + $(DIROBJ)\system_win32.obj \ + $(DIROBJ)\vauth.obj \ + $(DIROBJ)\cleartext.obj \ + $(DIROBJ)\cram.obj \ + $(DIROBJ)\digest.obj \ + $(DIROBJ)\digest_sspi.obj \ + $(DIROBJ)\krb5_gssapi.obj \ + $(DIROBJ)\krb5_sspi.obj \ + $(DIROBJ)\ntlm.obj \ + $(DIROBJ)\ntlm_sspi.obj \ + $(DIROBJ)\oauth2.obj \ + $(DIROBJ)\spnego_gssapi.obj \ + $(DIROBJ)\spnego_sspi.obj \ $(DIROBJ)\vtls.obj \ $(DIROBJ)\openssl.obj \ $(DIROBJ)\strdup.obj \ @@ -635,6 +645,7 @@ X_OBJS= \ $(DIROBJ)\version.obj \ $(DIROBJ)\warnless.obj \ $(DIROBJ)\wildcard.obj \ + $(DIROBJ)\x509asn1.obj \ $(RESOURCE) all : $(TARGET) @@ -660,6 +671,9 @@ $(DIROBJ): {.\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< +{.\vauth\}.c{$(DIROBJ)\}.obj: + $(CC) $(CFLAGS) /Fo"$@" $< + {.\vtls\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< diff --git a/lib/Makefile.vc8 b/lib/Makefile.vc8 index a3f8b753d..53459444a 100644 --- a/lib/Makefile.vc8 +++ b/lib/Makefile.vc8 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -115,6 +115,7 @@ LNKDLL = link.exe /DLL LNKLIB = link.exe /lib LFLAGS = /nologo /machine:$(MACHINE) SSLLIBS = libeay32.lib ssleay32.lib +WINSSLLIBS = crypt32.lib ZLIBLIBSDLL = zdll.lib ZLIBLIBS = zlib.lib WINLIBS = ws2_32.lib bufferoverflowu.lib wldap32.lib advapi32.lib @@ -176,7 +177,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -213,7 +214,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -540,14 +541,10 @@ X_OBJS= \ $(DIROBJ)\curl_gssapi.obj \ $(DIROBJ)\curl_memrchr.obj \ $(DIROBJ)\curl_multibyte.obj \ - $(DIROBJ)\curl_ntlm.obj \ $(DIROBJ)\curl_ntlm_core.obj \ - $(DIROBJ)\curl_ntlm_msgs.obj \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ - $(DIROBJ)\curl_sasl_gssapi.obj \ - $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_sspi.obj \ $(DIROBJ)\curl_threads.obj \ $(DIROBJ)\cyassl.obj \ @@ -577,7 +574,7 @@ X_OBJS= \ $(DIROBJ)\http_chunks.obj \ $(DIROBJ)\http_digest.obj \ $(DIROBJ)\http_negotiate.obj \ - $(DIROBJ)\http_negotiate_sspi.obj \ + $(DIROBJ)\http_ntlm.obj \ $(DIROBJ)\http_proxy.obj \ $(DIROBJ)\idn_win32.obj \ $(DIROBJ)\if2ip.obj \ @@ -620,6 +617,19 @@ X_OBJS= \ $(DIROBJ)\speedcheck.obj \ $(DIROBJ)\splay.obj \ $(DIROBJ)\ssh.obj \ + $(DIROBJ)\system_win32.obj \ + $(DIROBJ)\vauth.obj \ + $(DIROBJ)\cleartext.obj \ + $(DIROBJ)\cram.obj \ + $(DIROBJ)\digest.obj \ + $(DIROBJ)\digest_sspi.obj \ + $(DIROBJ)\krb5_gssapi.obj \ + $(DIROBJ)\krb5_sspi.obj \ + $(DIROBJ)\ntlm.obj \ + $(DIROBJ)\ntlm_sspi.obj \ + $(DIROBJ)\oauth2.obj \ + $(DIROBJ)\spnego_gssapi.obj \ + $(DIROBJ)\spnego_sspi.obj \ $(DIROBJ)\vtls.obj \ $(DIROBJ)\openssl.obj \ $(DIROBJ)\strdup.obj \ @@ -635,6 +645,7 @@ X_OBJS= \ $(DIROBJ)\version.obj \ $(DIROBJ)\warnless.obj \ $(DIROBJ)\wildcard.obj \ + $(DIROBJ)\x509asn1.obj \ $(RESOURCE) all : $(TARGET) @@ -660,6 +671,9 @@ $(DIROBJ): {.\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< +{.\vauth\}.c{$(DIROBJ)\}.obj: + $(CC) $(CFLAGS) /Fo"$@" $< + {.\vtls\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< diff --git a/lib/Makefile.vc9 b/lib/Makefile.vc9 index c4a8bd642..9cb29be71 100644 --- a/lib/Makefile.vc9 +++ b/lib/Makefile.vc9 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -115,6 +115,7 @@ LNKDLL = link.exe /DLL LNKLIB = link.exe /lib LFLAGS = /nologo /machine:$(MACHINE) SSLLIBS = libeay32.lib ssleay32.lib +WINSSLLIBS = crypt32.lib ZLIBLIBSDLL = zdll.lib ZLIBLIBS = zlib.lib WINLIBS = ws2_32.lib wldap32.lib advapi32.lib @@ -176,7 +177,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -213,7 +214,7 @@ CFGSET = TRUE TARGET = $(LIBCURL_STA_LIB_REL) DIROBJ = $(CFG) LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)" -LNK = $(LNKLIB) $(LFLAGSZLIB) /out:$(DIROBJ)\$(TARGET) +LNK = $(LNKLIB) $(LFLAGSZLIB) $(WINSSLLIBS) /out:$(DIROBJ)\$(TARGET) CC = $(CCNODBG) $(RTLIB) $(CFLAGSWINSSL) $(CFLAGSZLIB) $(CFLAGSLIB) CFGSET = TRUE !ENDIF @@ -540,14 +541,10 @@ X_OBJS= \ $(DIROBJ)\curl_gssapi.obj \ $(DIROBJ)\curl_memrchr.obj \ $(DIROBJ)\curl_multibyte.obj \ - $(DIROBJ)\curl_ntlm.obj \ $(DIROBJ)\curl_ntlm_core.obj \ - $(DIROBJ)\curl_ntlm_msgs.obj \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ - $(DIROBJ)\curl_sasl_gssapi.obj \ - $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_sspi.obj \ $(DIROBJ)\curl_threads.obj \ $(DIROBJ)\cyassl.obj \ @@ -577,7 +574,7 @@ X_OBJS= \ $(DIROBJ)\http_chunks.obj \ $(DIROBJ)\http_digest.obj \ $(DIROBJ)\http_negotiate.obj \ - $(DIROBJ)\http_negotiate_sspi.obj \ + $(DIROBJ)\http_ntlm.obj \ $(DIROBJ)\http_proxy.obj \ $(DIROBJ)\idn_win32.obj \ $(DIROBJ)\if2ip.obj \ @@ -620,6 +617,19 @@ X_OBJS= \ $(DIROBJ)\speedcheck.obj \ $(DIROBJ)\splay.obj \ $(DIROBJ)\ssh.obj \ + $(DIROBJ)\system_win32.obj \ + $(DIROBJ)\vauth.obj \ + $(DIROBJ)\cleartext.obj \ + $(DIROBJ)\cram.obj \ + $(DIROBJ)\digest.obj \ + $(DIROBJ)\digest_sspi.obj \ + $(DIROBJ)\krb5_gssapi.obj \ + $(DIROBJ)\krb5_sspi.obj \ + $(DIROBJ)\ntlm.obj \ + $(DIROBJ)\ntlm_sspi.obj \ + $(DIROBJ)\oauth2.obj \ + $(DIROBJ)\spnego_gssapi.obj \ + $(DIROBJ)\spnego_sspi.obj \ $(DIROBJ)\vtls.obj \ $(DIROBJ)\openssl.obj \ $(DIROBJ)\strdup.obj \ @@ -635,6 +645,7 @@ X_OBJS= \ $(DIROBJ)\version.obj \ $(DIROBJ)\warnless.obj \ $(DIROBJ)\wildcard.obj \ + $(DIROBJ)\x509asn1.obj \ $(RESOURCE) all : $(TARGET) @@ -660,6 +671,9 @@ $(DIROBJ): {.\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< +{.\vauth\}.c{$(DIROBJ)\}.obj: + $(CC) $(CFLAGS) /Fo"$@" $< + {.\vtls\}.c{$(DIROBJ)\}.obj: $(CC) $(CFLAGS) /Fo"$@" $< diff --git a/lib/amigaos.c b/lib/amigaos.c index e2fe35d1f..5591d2220 100644 --- a/lib/amigaos.c +++ b/lib/amigaos.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -35,7 +35,7 @@ extern int errno, h_errno; #include void __request(const char *msg); #else -# define __request( msg ) Printf( msg "\n\a") +# define __request(msg) Printf(msg "\n\a") #endif void Curl_amiga_cleanup() diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index adb1a238a..2aed94fe1 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -68,7 +68,6 @@ #include "connect.h" #include "select.h" #include "progress.h" -#include "curl_printf.h" # if defined(CURL_STATICLIB) && !defined(CARES_STATICLIB) && \ (defined(WIN32) || defined(_WIN32) || defined(__SYMBIAN32__)) @@ -83,8 +82,9 @@ #define HAVE_CARES_CALLBACK_TIMEOUTS 1 #endif +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" struct ResolverResults { @@ -249,7 +249,7 @@ int Curl_resolver_getsock(struct connectdata *conn, static int waitperform(struct connectdata *conn, int timeout_ms) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int nfds; int bitmask; ares_socket_t socks[ARES_GETSOCK_MAXNUM]; @@ -309,7 +309,7 @@ static int waitperform(struct connectdata *conn, int timeout_ms) CURLcode Curl_resolver_is_resolved(struct connectdata *conn, struct Curl_dns_entry **dns) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ResolverResults *res = (struct ResolverResults *) conn->async.os_specific; CURLcode result = CURLE_OK; @@ -353,7 +353,7 @@ CURLcode Curl_resolver_wait_resolv(struct connectdata *conn, struct Curl_dns_entry **entry) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; long timeout; struct timeval now = Curl_tvnow(); struct Curl_dns_entry *temp_entry; @@ -492,7 +492,7 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, int *waitp) { char *bufp; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct in_addr in; int family = PF_INET; #ifdef ENABLE_IPV6 /* CURLRES_IPV6 */ @@ -583,7 +583,7 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, return NULL; /* no struct yet */ } -CURLcode Curl_set_dns_servers(struct SessionHandle *data, +CURLcode Curl_set_dns_servers(struct Curl_easy *data, char *servers) { CURLcode result = CURLE_NOT_BUILT_IN; @@ -621,7 +621,7 @@ CURLcode Curl_set_dns_servers(struct SessionHandle *data, return result; } -CURLcode Curl_set_dns_interface(struct SessionHandle *data, +CURLcode Curl_set_dns_interface(struct Curl_easy *data, const char *interf) { #if (ARES_VERSION >= 0x010704) @@ -638,7 +638,7 @@ CURLcode Curl_set_dns_interface(struct SessionHandle *data, #endif } -CURLcode Curl_set_dns_local_ip4(struct SessionHandle *data, +CURLcode Curl_set_dns_local_ip4(struct Curl_easy *data, const char *local_ip4) { #if (ARES_VERSION >= 0x010704) @@ -663,7 +663,7 @@ CURLcode Curl_set_dns_local_ip4(struct SessionHandle *data, #endif } -CURLcode Curl_set_dns_local_ip6(struct SessionHandle *data, +CURLcode Curl_set_dns_local_ip6(struct Curl_easy *data, const char *local_ip6) { #if (ARES_VERSION >= 0x010704) && defined(ENABLE_IPV6) diff --git a/lib/asyn-thread.c b/lib/asyn-thread.c index 83ce0ce4e..7cce01aac 100644 --- a/lib/asyn-thread.c +++ b/lib/asyn-thread.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -69,10 +69,9 @@ #include "inet_ntop.h" #include "curl_threads.h" #include "connect.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" - -/* The last #include file should be: */ #include "memdebug.h" /*********************************************************************** @@ -280,6 +279,9 @@ static unsigned int CURL_STDCALL getaddrinfo_thread (void *arg) if(tsd->sock_error == 0) tsd->sock_error = RESOLVER_ENOMEM; } + else { + Curl_addrinfo_set_port(tsd->res, tsd->port); + } Curl_mutex_acquire(tsd->mtx); if(tsd->done) { @@ -495,7 +497,7 @@ CURLcode Curl_resolver_wait_resolv(struct connectdata *conn, CURLcode Curl_resolver_is_resolved(struct connectdata *conn, struct Curl_dns_entry **entry) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct thread_data *td = (struct thread_data*) conn->async.os_specific; int done = 0; @@ -603,6 +605,7 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, *waitp = 0; /* default to synchronous response */ +#ifndef USE_RESOLVE_ON_IPS /* First check if this is an IPv4 address string */ if(Curl_inet_pton(AF_INET, hostname, &in) > 0) /* This is a dotted IP address 123.123.123.123-style */ @@ -610,10 +613,13 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, #ifdef CURLRES_IPV6 /* check if this is an IPv6 address string */ - if(Curl_inet_pton (AF_INET6, hostname, &in6) > 0) + if(Curl_inet_pton(AF_INET6, hostname, &in6) > 0) /* This is an IPv6 address literal */ return Curl_ip2addr(AF_INET6, &in6, hostname, port); +#endif /* CURLRES_IPV6 */ +#endif /* !USE_RESOLVE_ON_IPS */ +#ifdef CURLRES_IPV6 /* * Check if a limited name resolve has been requested. */ @@ -632,7 +638,6 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, if((pf != PF_INET) && !Curl_ipv6works()) /* The stack seems to be a non-IPv6 one */ pf = PF_INET; - #endif /* CURLRES_IPV6 */ memset(&hints, 0, sizeof(hints)); @@ -657,12 +662,16 @@ Curl_addrinfo *Curl_resolver_getaddrinfo(struct connectdata *conn, hostname, port, Curl_strerror(conn, SOCKERRNO)); return NULL; } + else { + Curl_addrinfo_set_port(res, port); + } + return res; } #endif /* !HAVE_GETADDRINFO */ -CURLcode Curl_set_dns_servers(struct SessionHandle *data, +CURLcode Curl_set_dns_servers(struct Curl_easy *data, char *servers) { (void)data; @@ -671,7 +680,7 @@ CURLcode Curl_set_dns_servers(struct SessionHandle *data, } -CURLcode Curl_set_dns_interface(struct SessionHandle *data, +CURLcode Curl_set_dns_interface(struct Curl_easy *data, const char *interf) { (void)data; @@ -679,7 +688,7 @@ CURLcode Curl_set_dns_interface(struct SessionHandle *data, return CURLE_NOT_BUILT_IN; } -CURLcode Curl_set_dns_local_ip4(struct SessionHandle *data, +CURLcode Curl_set_dns_local_ip4(struct Curl_easy *data, const char *local_ip4) { (void)data; @@ -687,7 +696,7 @@ CURLcode Curl_set_dns_local_ip4(struct SessionHandle *data, return CURLE_NOT_BUILT_IN; } -CURLcode Curl_set_dns_local_ip6(struct SessionHandle *data, +CURLcode Curl_set_dns_local_ip6(struct Curl_easy *data, const char *local_ip6) { (void)data; diff --git a/lib/asyn.h b/lib/asyn.h index 416510f95..3adc3664a 100644 --- a/lib/asyn.h +++ b/lib/asyn.h @@ -27,7 +27,7 @@ struct addrinfo; struct hostent; -struct SessionHandle; +struct Curl_easy; struct connectdata; struct Curl_dns_entry; diff --git a/lib/base64.c b/lib/base64.c index 9bb7de495..ad254595f 100644 --- a/lib/base64.c +++ b/lib/base64.c @@ -23,13 +23,13 @@ /* Base64 encoding/decoding */ #include "curl_setup.h" -#include "curl_printf.h" -#include "urldata.h" /* for the SessionHandle definition */ +#include "urldata.h" /* for the Curl_easy definition */ #include "warnless.h" #include "curl_base64.h" #include "non-ascii.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -169,7 +169,7 @@ CURLcode Curl_base64_decode(const char *src, } static CURLcode base64_encode(const char *table64, - struct SessionHandle *data, + struct Curl_easy *data, const char *inputbuff, size_t insize, char **outptr, size_t *outlen) { @@ -246,7 +246,7 @@ static CURLcode base64_encode(const char *table64, table64[obuf[0]], table64[obuf[1]], table64[obuf[2]], - table64[obuf[3]] ); + table64[obuf[3]]); break; } output += 4; @@ -283,7 +283,7 @@ static CURLcode base64_encode(const char *table64, * * @unittest: 1302 */ -CURLcode Curl_base64_encode(struct SessionHandle *data, +CURLcode Curl_base64_encode(struct Curl_easy *data, const char *inputbuff, size_t insize, char **outptr, size_t *outlen) { @@ -307,7 +307,7 @@ CURLcode Curl_base64_encode(struct SessionHandle *data, * * @unittest: 1302 */ -CURLcode Curl_base64url_encode(struct SessionHandle *data, +CURLcode Curl_base64url_encode(struct Curl_easy *data, const char *inputbuff, size_t insize, char **outptr, size_t *outlen) { diff --git a/lib/checksrc.pl b/lib/checksrc.pl index 0c1674621..f31083a63 100755 --- a/lib/checksrc.pl +++ b/lib/checksrc.pl @@ -6,7 +6,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 2011 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 2011 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -31,9 +31,33 @@ my $file; my $dir="."; my $wlist; my $windows_os = $^O eq 'MSWin32' || $^O eq 'msys' || $^O eq 'cygwin'; - +my $verbose; my %whitelist; +my %warnings = ( + 'LONGLINE' => "Line longer than $max_column", + 'TABS' => 'TAB characters not allowed', + 'TRAILINGSPACE' => 'Trailing white space on the line', + 'CPPCOMMENTS' => '// comment detected', + 'SPACEBEFOREPAREN' => 'space before an open parenthesis', + 'SPACEAFTERPAREN' => 'space after open parenthesis', + 'SPACEBEFORECLOSE' => 'space before a close parenthesis', + 'SPACEBEFORECOMMA' => 'space before a comma', + 'RETURNNOSPACE' => 'return without space', + 'COMMANOSPACE' => 'comma without following space', + 'BRACEELSE' => '} else on the same line', + 'PARENBRACE' => '){ without sufficient space', + 'SPACESEMILCOLON' => 'space before semicolon', + 'BANNEDFUNC' => 'a banned function was used', + 'FOPENMODE' => 'fopen needs a macro for the mode string', + 'BRACEPOS' => 'wrong position for an open brace', + 'INDENTATION' => 'wrong start column for code', + 'COPYRIGHT' => 'file missing a copyright statement', + 'BADCOMMAND' => 'bad !checksrc! instruction', + 'UNUSEDIGNORE' => 'a warning ignore was not used', + 'OPENCOMMENT' => 'file ended with a /* comment still "open"' + ); + sub readwhitelist { open(W, "<$dir/checksrc.whitelist"); my @all=; @@ -45,14 +69,40 @@ sub readwhitelist { } sub checkwarn { - my ($num, $col, $file, $line, $msg, $error) = @_; + my ($name, $num, $col, $file, $line, $msg, $error) = @_; + + my $w=$error?"error":"warning"; + my $nowarn=0; + #if(!$warnings{$name}) { + # print STDERR "Dev! there's no description for $name!\n"; + #} + + # checksrc.whitelist if($whitelist{$line}) { + $nowarn = 1; + } + # !checksrc! controlled + elsif($ignore{$name}) { + $ignore{$name}--; + $ignore_used{$name}++; + $nowarn = 1; + if(!$ignore{$name}) { + # reached zero, enable again + enable_warn($name, $line, $file, $l); + } + } + + if($nowarn) { $supressed++; + if($w) { + $swarnings++; + } + else { + $serrors++; + } return; } - - my $w=$error?"error":"warning"; if($w) { $warnings++; @@ -62,7 +112,7 @@ sub checkwarn { } $col++; - print "$file:$num:$col: $w: $msg\n"; + print "$file:$num:$col: $w: $msg ($name)\n"; print " $line\n"; if($col < 80) { @@ -85,6 +135,10 @@ while(1) { $file = shift @ARGV; next; } + elsif($file =~ /^(-h|--help)/) { + undef $file; + last; + } last; } @@ -93,7 +147,12 @@ if(!$file) { print "checksrc.pl [option] [file2] ...\n"; print " Options:\n"; print " -D[DIR] Directory to prepend file names\n"; + print " -h Show help output\n"; print " -W[file] Whitelist the given file - ignore all its flaws\n"; + print "\nDetects and warns for these problems:\n"; + for(sort keys %warnings) { + printf (" %-18s: %s\n", $_, $warnings{$_}); + } exit; } @@ -109,6 +168,78 @@ do { } while($file); +sub checksrc_clear { + undef %ignore; + undef %ignore_set; + undef @ignore_line; +} + +sub checksrc_endoffile { + my ($file) = @_; + for(keys %ignore_set) { + if($ignore_set{$_} && !$ignore_used{$_}) { + checkwarn("UNUSEDIGNORE", $ignore_set{$_}, + length($_)+11, $file, + $ignore_line[$ignore_set{$_}], + "Unused ignore: $_"); + } + } +} + +sub enable_warn { + my ($what, $line, $file, $l) = @_; + + # switch it back on, but warn if not triggered! + if(!$ignore_used{$what}) { + checkwarn("UNUSEDIGNORE", + $line, length($what) + 11, $file, $l, + "No warning was inhibited!"); + } + $ignore_set{$what}=0; + $ignore_used{$what}=0; + $ignore{$what}=0; +} +sub checksrc { + my ($cmd, $line, $file, $l) = @_; + if($cmd =~ / *([^ ]*) *(.*)/) { + my ($enable, $what) = ($1, $2); + $what =~ s: *\*/$::; # cut off end of C comment + # print "ENABLE $enable WHAT $what\n"; + if($enable eq "disable") { + my ($warn, $scope)=($1, $2); + if($what =~ /([^ ]*) +(.*)/) { + ($warn, $scope)=($1, $2); + } + else { + $warn = $what; + $scope = 1; + } + # print "IGNORE $warn for SCOPE $scope\n"; + if($scope eq "all") { + $scope=999999; + } + + if($ignore_set{$warn}) { + checkwarn("BADCOMMAND", + $line, 0, $file, $l, + "$warn already disabled from line $ignore_set{$warn}"); + } + else { + $ignore{$warn}=$scope; + $ignore_set{$warn}=$line; + $ignore_line[$line]=$l; + } + } + elsif($enable eq "enable") { + enable_warn($what, $line, $file, $l); + } + else { + checkwarn("BADCOMMAND", + $line, 0, $file, $l, + "Illegal !checksrc! command"); + } + } +} sub scanfile { my ($file) = @_; @@ -118,13 +249,22 @@ sub scanfile { my $l; open(R, "<$file") || die "failed to open $file"; + my $incomment=0; my $copyright=0; + checksrc_clear(); # for file based ignores while() { $windows_os ? $_ =~ s/\r?\n$// : chomp; my $l = $_; + my $ol = $l; # keep the unmodified line for error reporting my $column = 0; + # check for !checksrc! commands + if($l =~ /\!checksrc\! (.*)/) { + my $cmd = $1; + checksrc($cmd, $line, $file, $l) + } + # check for a copyright statement if(!$copyright && ($l =~ /copyright .* \d\d\d\d/i)) { $copyright=1; @@ -132,42 +272,92 @@ sub scanfile { # detect long lines if(length($l) > $max_column) { - checkwarn($line, length($l), $file, $l, "Longer than $max_column columns"); + checkwarn("LONGLINE", $line, length($l), $file, $l, + "Longer than $max_column columns"); } # detect TAB characters if($l =~ /^(.*)\t/) { - checkwarn($line, length($1), $file, $l, "Contains TAB character", 1); + checkwarn("TABS", + $line, length($1), $file, $l, "Contains TAB character", 1); } # detect trailing white space if($l =~ /^(.*)[ \t]+\z/) { - checkwarn($line, length($1), $file, $l, "Trailing whitespace"); + checkwarn("TRAILINGSPACE", + $line, length($1), $file, $l, "Trailing whitespace"); + } + + # ------------------------------------------------------------ + # Above this marker, the checks were done on lines *including* + # comments + # ------------------------------------------------------------ + + # strip off C89 comments + + comment: + if(!$incomment) { + if($l =~ s/\/\*.*\*\// /g) { + # full /* comments */ were removed! + } + if($l =~ s/\/\*.*//) { + # start of /* comment was removed + $incomment = 1; + } + } + else { + if($l =~ s/.*\*\///) { + # end of comment */ was removed + $incomment = 0; + goto comment; + } + else { + # still within a comment + $l=""; + } } + # ------------------------------------------------------------ + # Below this marker, the checks were done on lines *without* + # comments + # ------------------------------------------------------------ + # crude attempt to detect // comments without too many false # positives if($l =~ /^([^"\*]*)[^:"]\/\//) { - checkwarn($line, length($1), $file, $l, "\/\/ comment"); + checkwarn("CPPCOMMENTS", + $line, length($1), $file, $l, "\/\/ comment"); } + # check spaces after for/if/while if($l =~ /^(.*)(for|if|while) \(/) { if($1 =~ / *\#/) { # this is a #if, treat it differently } else { - checkwarn($line, length($1)+length($2), $file, $l, + checkwarn("SPACEBEFOREPAREN", $line, length($1)+length($2), $file, $l, "$2 with space"); } } - # check spaces after open paren after for/if/while - if($l =~ /^(.*)(for|if|while)\( /) { - if($1 =~ / *\#/) { - # this is a #if, treat it differently - } - else { - checkwarn($line, length($1)+length($2)+1, $file, $l, - "$2 with space first in condition"); - } + # check spaces after open parentheses + if($l =~ /^(.*[a-z])\( /i) { + checkwarn("SPACEAFTERPAREN", + $line, length($1)+1, $file, $l, + "space after open parenthesis"); + } + + # check spaces before close parentheses, unless it was a space or a + # close parenthesis! + if($l =~ /(.*[^\) ]) \)/) { + checkwarn("SPACEBEFORECLOSE", + $line, length($1)+1, $file, $l, + "space before close parenthesis"); + } + + # check spaces before comma! + if($l =~ /(.*[^ ]) ,/) { + checkwarn("SPACEBEFORECOMMA", + $line, length($1)+1, $file, $l, + "space before comma"); } # check for "return(" without space @@ -176,7 +366,7 @@ sub scanfile { # this is a #if, treat it differently } else { - checkwarn($line, length($1)+6, $file, $l, + checkwarn("RETURNNOSPACE", $line, length($1)+6, $file, $l, "return without space before paren"); } } @@ -208,37 +398,48 @@ sub scanfile { } } if(!$ign) { - checkwarn($line, length($pref)+1, $file, $l, + checkwarn("COMMANOSPACE", $line, length($pref)+1, $file, $l, "comma without following space"); } } - + # check for "} else" if($l =~ /^(.*)\} *else/) { - checkwarn($line, length($1), $file, $l, "else after closing brace on same line"); + checkwarn("BRACEELSE", + $line, length($1), $file, $l, "else after closing brace on same line"); } # check for "){" if($l =~ /^(.*)\)\{/) { - checkwarn($line, length($1)+1, $file, $l, "missing space after close paren"); + checkwarn("PARENBRACE", + $line, length($1)+1, $file, $l, "missing space after close paren"); } # check for space before the semicolon last in a line if($l =~ /^(.*[^ ].*) ;$/) { - checkwarn($line, length($1), $file, $l, "space before last semicolon"); + checkwarn("SPACESEMILCOLON", + $line, length($1), $file, $ol, "space before last semicolon"); } # scan for use of banned functions - if($l =~ /^(.*\W)(sprintf|vsprintf|strcat|strncat|gets)\s*\(/) { - checkwarn($line, length($1), $file, $l, + if($l =~ /^(.*\W) + (gets| + v?sprintf| + (str|_mbs|_tcs|_wcs)n?cat| + LoadLibrary(Ex)?(A|W)?) + \s*\( + /x) { + checkwarn("BANNEDFUNC", + $line, length($1), $file, $ol, "use of $2 is banned"); } # scan for use of non-binary fopen without the macro - if($l =~ /^(.*\W)fopen\s*\([^"]*\"([^"]*)/) { + if($l =~ /^(.*\W)fopen\s*\([^,]*, *\"([^"]*)/) { my $mode = $2; if($mode !~ /b/) { - checkwarn($line, length($1), $file, $l, - "use of non-binary fopen without FOPEN_* macro"); + checkwarn("FOPENMODE", + $line, length($1), $file, $ol, + "use of non-binary fopen without FOPEN_* macro: $mode"); } } @@ -246,7 +447,8 @@ sub scanfile { # only alert if previous line ended with a close paren and wasn't a cpp # line if((($prevl =~ /\)\z/) && ($prevl !~ /^ *#/)) && ($l =~ /^( +)\{/)) { - checkwarn($line, length($1), $file, $l, "badly placed open brace"); + checkwarn("BRACEPOS", + $line, length($1), $file, $ol, "badly placed open brace"); } # if the previous line starts with if/while/for AND ends with an open @@ -261,7 +463,7 @@ sub scanfile { my $expect = $first+$indent; if($expect != $second) { my $diff = $second - $first; - checkwarn($line, length($1), $file, $l, + checkwarn("INDENTATION", $line, length($1), $file, $ol, "not indented $indent steps, uses $diff)"); } @@ -269,19 +471,29 @@ sub scanfile { } $line++; - $prevl = $l; + $prevl = $ol; } if(!$copyright) { - checkwarn(1, 0, $file, "", "Missing copyright statement", 1); + checkwarn("COPYRIGHT", 1, 0, $file, "", "Missing copyright statement", 1); + } + if($incomment) { + checkwarn("OPENCOMMENT", 1, 0, $file, "", "Missing closing comment", 1); } + checksrc_endoffile($file); + close(R); } -if($errors || $warnings) { +if($errors || $warnings || $verbose) { printf "checksrc: %d errors and %d warnings\n", $errors, $warnings; + if($supressed) { + printf "checksrc: %d errors and %d warnings suppressed\n", + $serrors, + $swarnings; + } exit 5; # return failure } diff --git a/lib/checksrc.whitelist b/lib/checksrc.whitelist deleted file mode 100644 index 9c29cf96d..000000000 --- a/lib/checksrc.whitelist +++ /dev/null @@ -1,12 +0,0 @@ - 227 Entering Passive Mode (a1,a2,a3,a4,p1,p2) - 228 Entering Long Passive Mode (4,4,a1,a2,a3,a4,2,p1,p2) - 150 ASCII data connection for /bin/ls (137.167.104.91,37445) (0 bytes). - 150 Opening ASCII mode data connection for [file] (0.0.0.0,0) (545 bytes) - * no_proxy=domain1.dom,host.domain2.dom - Default values are (0,0) initialized by calloc. - file = fopen(name, "r"); /* VMS */ - return fopen(file, "r"); /* VMS */ - return fopen(file, "r", "rfm=stmlf", "ctx=stm"); - curl_memlog("FILE %s:%d fopen(\"%s\",\"%s\") = %p\n", - a URL as file://localhost//foo must be valid as well, to refer to - const char atom_specials[] = "(){ %*]"; diff --git a/lib/conncache.c b/lib/conncache.c index 6e03caf3c..32a70303e 100644 --- a/lib/conncache.c +++ b/lib/conncache.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012, Linus Nielsen Feltzing, + * Copyright (C) 2012, 2016, Linus Nielsen Feltzing, * Copyright (C) 2012 - 2015, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which @@ -32,10 +32,9 @@ #include "sendf.h" #include "rawstr.h" #include "conncache.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" static void conn_llist_dtor(void *user, void *element) @@ -46,7 +45,7 @@ static void conn_llist_dtor(void *user, void *element) data->bundle = NULL; } -static CURLcode bundle_create(struct SessionHandle *data, +static CURLcode bundle_create(struct Curl_easy *data, struct connectbundle **cb_ptr) { (void)data; @@ -132,9 +131,16 @@ void Curl_conncache_destroy(struct conncache *connc) /* returns an allocated key to find a bundle for this connection */ static char *hashkey(struct connectdata *conn) { - return aprintf("%s:%d", - conn->bits.proxy?conn->proxy.name:conn->host.name, - conn->localport); + const char *hostname; + + if(conn->bits.proxy) + hostname = conn->proxy.name; + else if(conn->bits.conn_to_host) + hostname = conn->conn_to_host.name; + else + hostname = conn->host.name; + + return aprintf("%s:%d", hostname, conn->port); } /* Look up the bundle with all the connections to the same host this @@ -193,7 +199,7 @@ CURLcode Curl_conncache_add_conn(struct conncache *connc, CURLcode result; struct connectbundle *bundle; struct connectbundle *new_bundle = NULL; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; bundle = Curl_conncache_find_bundle(conn, data->state.conn_cache); if(!bundle) { diff --git a/lib/connect.c b/lib/connect.c index 567186a69..3225d70cf 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -56,7 +56,6 @@ #include #endif -#include "curl_printf.h" #include "urldata.h" #include "sendf.h" #include "if2ip.h" @@ -73,8 +72,10 @@ #include "warnless.h" #include "conncache.h" #include "multihandle.h" +#include "system_win32.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -103,7 +104,7 @@ struct tcp_keepalive { #endif static void -tcpkeepalive(struct SessionHandle *data, +tcpkeepalive(struct Curl_easy *data, curl_socket_t sockfd) { int optval = data->set.tcp_keepalive?1:0; @@ -129,6 +130,9 @@ tcpkeepalive(struct SessionHandle *data, infof(data, "Failed to set SIO_KEEPALIVE_VALS on fd %d: %d\n", (int)sockfd, WSAGetLastError()); } +#elif defined(CURL_WINDOWS_APP) + (void)majorVersion; + detectOsState = DETECT_OS_VISTA_OR_LATER; #else #ifdef TCP_KEEPIDLE optval = curlx_sltosi(data->set.tcp_keepidle); @@ -178,7 +182,7 @@ singleipconnect(struct connectdata *conn, * * @unittest: 1303 */ -long Curl_timeleft(struct SessionHandle *data, +long Curl_timeleft(struct Curl_easy *data, struct timeval *nowp, bool duringconnect) { @@ -238,7 +242,7 @@ long Curl_timeleft(struct SessionHandle *data, static CURLcode bindlocal(struct connectdata *conn, curl_socket_t sockfd, int af, unsigned int scope) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct Curl_sockaddr_storage sa; struct sockaddr *sock = (struct sockaddr *)&sa; /* bind to this address */ @@ -662,13 +666,13 @@ void Curl_updateconninfo(struct connectdata *conn, curl_socket_t sockfd) curl_socklen_t len; struct Curl_sockaddr_storage ssrem; struct Curl_sockaddr_storage ssloc; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(conn->socktype == SOCK_DGRAM) /* there's no connection! */ return; - if(!conn->bits.reuse) { + if(!conn->bits.reuse && !conn->bits.tcp_fastopen) { int error; len = sizeof(struct Curl_sockaddr_storage); @@ -719,7 +723,7 @@ CURLcode Curl_is_connected(struct connectdata *conn, int sockindex, bool *connected) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result = CURLE_OK; long allow; int error = 0; @@ -764,6 +768,7 @@ CURLcode Curl_is_connected(struct connectdata *conn, rc = Curl_socket_ready(CURL_SOCKET_BAD, conn->tempsock[i], 0); if(rc == 0) { /* no connection yet */ + error = 0; if(curlx_tvdiff(now, conn->connecttime) >= conn->timeoutms_per_addr) { infof(data, "After %ldms connect time, move on!\n", conn->timeoutms_per_addr); @@ -776,7 +781,7 @@ CURLcode Curl_is_connected(struct connectdata *conn, trynextip(conn, sockindex, 1); } } - else if(rc == CURL_CSELECT_OUT) { + else if(rc == CURL_CSELECT_OUT || conn->bits.tcp_fastopen) { if(verifyconnect(conn->tempsock[i], &error)) { /* we are connected with TCP, awesome! */ @@ -841,6 +846,8 @@ CURLcode Curl_is_connected(struct connectdata *conn, if(result) { /* no more addresses to try */ + const char* hostname; + /* if the first address family runs out of addresses to try before the happy eyeball timeout, go ahead and try the next family now */ if(conn->tempaddr[1] == NULL) { @@ -849,9 +856,15 @@ CURLcode Curl_is_connected(struct connectdata *conn, return result; } + if(conn->bits.proxy) + hostname = conn->proxy.name; + else if(conn->bits.conn_to_host) + hostname = conn->conn_to_host.name; + else + hostname = conn->host.name; + failf(data, "Failed to connect to %s port %ld: %s", - conn->bits.proxy?conn->proxy.name:conn->host.name, - conn->port, Curl_strerror(conn, error)); + hostname, conn->port, Curl_strerror(conn, error)); } return result; @@ -861,7 +874,7 @@ void Curl_tcpnodelay(struct connectdata *conn, curl_socket_t sockfd) { #if defined(TCP_NODELAY) #if !defined(CURL_DISABLE_VERBOSE_STRINGS) - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; #endif curl_socklen_t onoff = (curl_socklen_t) 1; int level = IPPROTO_TCP; @@ -903,7 +916,7 @@ void Curl_tcpnodelay(struct connectdata *conn, curl_socket_t sockfd) static void nosigpipe(struct connectdata *conn, curl_socket_t sockfd) { - struct SessionHandle *data= conn->data; + struct Curl_easy *data= conn->data; int onoff = 1; if(setsockopt(sockfd, SOL_SOCKET, SO_NOSIGPIPE, (void *)&onoff, sizeof(onoff)) < 0) @@ -936,43 +949,15 @@ void Curl_sndbufset(curl_socket_t sockfd) int val = CURL_MAX_WRITE_SIZE + 32; int curval = 0; int curlen = sizeof(curval); - DWORD majorVersion = 6; static int detectOsState = DETECT_OS_NONE; if(detectOsState == DETECT_OS_NONE) { -#if !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \ - (_WIN32_WINNT < _WIN32_WINNT_WIN2K) - OSVERSIONINFO osver; - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - - detectOsState = DETECT_OS_PREVISTA; - if(GetVersionEx(&osver)) { - if(osver.dwMajorVersion >= majorVersion) - detectOsState = DETECT_OS_VISTA_OR_LATER; - } -#else - ULONGLONG cm; - OSVERSIONINFOEX osver; - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - osver.dwMajorVersion = majorVersion; - - cm = VerSetConditionMask(0, VER_MAJORVERSION, VER_GREATER_EQUAL); - cm = VerSetConditionMask(cm, VER_MINORVERSION, VER_GREATER_EQUAL); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMAJOR, VER_GREATER_EQUAL); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMINOR, VER_GREATER_EQUAL); - - if(VerifyVersionInfo(&osver, (VER_MAJORVERSION | VER_MINORVERSION | - VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR), - cm)) + if(Curl_verify_windows_version(6, 0, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) detectOsState = DETECT_OS_VISTA_OR_LATER; else detectOsState = DETECT_OS_PREVISTA; -#endif } if(detectOsState == DETECT_OS_VISTA_OR_LATER) @@ -1000,10 +985,10 @@ static CURLcode singleipconnect(struct connectdata *conn, curl_socket_t *sockp) { struct Curl_sockaddr_ex addr; - int rc; + int rc = -1; int error = 0; bool isconnected = FALSE; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_socket_t sockfd; CURLcode result; char ipaddress[MAX_IPADR_LEN]; @@ -1089,7 +1074,29 @@ static CURLcode singleipconnect(struct connectdata *conn, /* Connect TCP sockets, bind UDP */ if(!isconnected && (conn->socktype == SOCK_STREAM)) { - rc = connect(sockfd, &addr.sa_addr, addr.addrlen); + if(conn->bits.tcp_fastopen) { +#if defined(CONNECT_DATA_IDEMPOTENT) /* OS X */ + sa_endpoints_t endpoints; + endpoints.sae_srcif = 0; + endpoints.sae_srcaddr = NULL; + endpoints.sae_srcaddrlen = 0; + endpoints.sae_dstaddr = &addr.sa_addr; + endpoints.sae_dstaddrlen = addr.addrlen; + + rc = connectx(sockfd, &endpoints, SAE_ASSOCID_ANY, + CONNECT_RESUME_ON_READ_WRITE | CONNECT_DATA_IDEMPOTENT, + NULL, 0, NULL, NULL); +#elif defined(MSG_FASTOPEN) /* Linux */ + if(conn->given->flags & PROTOPT_SSL) + rc = connect(sockfd, &addr.sa_addr, addr.addrlen); + else + rc = 0; /* Do nothing */ +#endif + } + else { + rc = connect(sockfd, &addr.sa_addr, addr.addrlen); + } + if(-1 == rc) error = SOCKERRNO; } @@ -1145,7 +1152,7 @@ static CURLcode singleipconnect(struct connectdata *conn, CURLcode Curl_connecthost(struct connectdata *conn, /* context */ const struct Curl_dns_entry *remotehost) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct timeval before = Curl_tvnow(); CURLcode result = CURLE_COULDNT_CONNECT; @@ -1204,11 +1211,11 @@ static int conn_is_conn(struct connectdata *conn, void *param) /* * Used to extract socket and connectdata struct for the most recent - * transfer on the given SessionHandle. + * transfer on the given Curl_easy. * * The returned socket will be CURL_SOCKET_BAD in case of failure! */ -curl_socket_t Curl_getconnectinfo(struct SessionHandle *data, +curl_socket_t Curl_getconnectinfo(struct Curl_easy *data, struct connectdata **connp) { curl_socket_t sockfd; @@ -1308,7 +1315,7 @@ CURLcode Curl_socket(struct connectdata *conn, struct Curl_sockaddr_ex *addr, curl_socket_t *sockfd) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct Curl_sockaddr_ex dummy; if(!addr) @@ -1364,25 +1371,26 @@ CURLcode Curl_socket(struct connectdata *conn, } -#ifdef CURLDEBUG /* - * Curl_conncontrol() is used to set the conn->bits.close bit on or off. It - * MUST be called with the connclose() or connkeep() macros with a stated - * reason. The reason is only shown in debug builds but helps to figure out - * decision paths when connections are or aren't re-used as expected. + * Curl_conncontrol() marks streams or connection for closure. */ -void Curl_conncontrol(struct connectdata *conn, bool closeit, - const char *reason) -{ -#if defined(CURL_DISABLE_VERBOSE_STRINGS) - (void) reason; +void Curl_conncontrol(struct connectdata *conn, + int ctrl /* see defines in header */ +#ifdef DEBUGBUILD + , const char *reason #endif - if(closeit != conn->bits.close) { - infof(conn->data, "Marked for [%s]: %s\n", closeit?"closure":"keep alive", - reason); - + ) +{ + /* close if a connection, or a stream that isn't multiplexed */ + bool closeit = (ctrl == CONNCTRL_CONNECTION) || + ((ctrl == CONNCTRL_STREAM) && !(conn->handler->flags & PROTOPT_STREAM)); + if((ctrl == CONNCTRL_STREAM) && + (conn->handler->flags & PROTOPT_STREAM)) + DEBUGF(infof(conn->data, "Kill stream: %s\n", reason)); + else if(closeit != conn->bits.close) { + DEBUGF(infof(conn->data, "Marked for [%s]: %s\n", + closeit?"closure":"keep alive", reason)); conn->bits.close = closeit; /* the only place in the source code that should assign this bit */ } } -#endif diff --git a/lib/connect.h b/lib/connect.h index f3d4ac747..a7cbc9bc2 100644 --- a/lib/connect.h +++ b/lib/connect.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -35,7 +35,7 @@ CURLcode Curl_connecthost(struct connectdata *conn, /* generic function that returns how much time there's left to run, according to the timeouts set */ -long Curl_timeleft(struct SessionHandle *data, +long Curl_timeleft(struct Curl_easy *data, struct timeval *nowp, bool duringconnect); @@ -45,11 +45,11 @@ long Curl_timeleft(struct SessionHandle *data, /* * Used to extract socket and connectdata struct for the most recent - * transfer on the given SessionHandle. + * transfer on the given Curl_easy. * * The returned socket will be CURL_SOCKET_BAD in case of failure! */ -curl_socket_t Curl_getconnectinfo(struct SessionHandle *data, +curl_socket_t Curl_getconnectinfo(struct Curl_easy *data, struct connectdata **connp); #ifdef USE_WINSOCK @@ -104,21 +104,37 @@ CURLcode Curl_socket(struct connectdata *conn, void Curl_tcpnodelay(struct connectdata *conn, curl_socket_t sockfd); -#ifdef CURLDEBUG /* - * Curl_connclose() sets the bit.close bit to TRUE with an explanation. - * Nothing else. + * Curl_conncontrol() marks the end of a connection/stream. The 'closeit' + * argument specifies if it is the end of a connection or a stream. + * + * For stream-based protocols (such as HTTP/2), a stream close will not cause + * a connection close. Other protocols will close the connection for both + * cases. + * + * It sets the bit.close bit to TRUE (with an explanation for debug builds), + * when the connection will close. */ -void Curl_conncontrol(struct connectdata *conn, - bool closeit, - const char *reason); -#define connclose(x,y) Curl_conncontrol(x,TRUE, y) -#define connkeep(x,y) Curl_conncontrol(x, FALSE, y) -#else /* if !CURLDEBUG */ -#define connclose(x,y) (x)->bits.close = TRUE -#define connkeep(x,y) (x)->bits.close = FALSE +#define CONNCTRL_KEEP 0 /* undo a marked closure */ +#define CONNCTRL_CONNECTION 1 +#define CONNCTRL_STREAM 2 +void Curl_conncontrol(struct connectdata *conn, + int closeit +#ifdef DEBUGBUILD + , const char *reason +#endif + ); + +#ifdef DEBUGBUILD +#define streamclose(x,y) Curl_conncontrol(x, CONNCTRL_STREAM, y) +#define connclose(x,y) Curl_conncontrol(x, CONNCTRL_CONNECTION, y) +#define connkeep(x,y) Curl_conncontrol(x, CONNCTRL_KEEP, y) +#else /* if !CURLDEBUG */ +#define streamclose(x,y) Curl_conncontrol(x, CONNCTRL_STREAM) +#define connclose(x,y) Curl_conncontrol(x, CONNCTRL_CONNECTION) +#define connkeep(x,y) Curl_conncontrol(x, CONNCTRL_KEEP) #endif #endif /* HEADER_CURL_CONNECT_H */ diff --git a/lib/content_encoding.c b/lib/content_encoding.c index 2d30816c1..fa36aca4c 100644 --- a/lib/content_encoding.c +++ b/lib/content_encoding.c @@ -67,7 +67,7 @@ zfree_cb(voidpf opaque, voidpf ptr) static CURLcode process_zlib_error(struct connectdata *conn, z_stream *z) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(z->msg) failf (data, "Error while processing content unencoding: %s", z->msg); @@ -425,7 +425,7 @@ Curl_unencode_gzip_write(struct connectdata *conn, void Curl_unencode_cleanup(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SingleRequest *k = &data->req; z_stream *z = &k->z; if(k->zlib_init != ZLIB_UNINIT) diff --git a/lib/cookie.c b/lib/cookie.c index 1f2239242..d5a83fd66 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -26,13 +26,13 @@ RECEIVING COOKIE INFORMATION ============================ -struct CookieInfo *Curl_cookie_init(struct SessionHandle *data, +struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, const char *file, struct CookieInfo *inc, bool newsession); Inits a cookie struct to store data in a local file. This is always called before any cookies are set. -struct Cookie *Curl_cookie_add(struct SessionHandle *data, +struct Cookie *Curl_cookie_add(struct Curl_easy *data, struct CookieInfo *c, bool httpheader, char *lineptr, const char *domain, const char *path); @@ -88,7 +88,6 @@ Example set of cookies: # include #endif -#include "curl_printf.h" #include "urldata.h" #include "cookie.h" #include "strequal.h" @@ -101,7 +100,8 @@ Example set of cookies: #include "curl_memrchr.h" #include "inet_pton.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -260,7 +260,7 @@ static char *sanitize_cookie_path(const char *cookie_path) * * NOTE: OOM or cookie parsing failures are ignored. */ -void Curl_cookie_loadfiles(struct SessionHandle *data) +void Curl_cookie_loadfiles(struct Curl_easy *data) { struct curl_slist *list = data->change.cookielist; if(list) { @@ -362,7 +362,7 @@ static bool isip(const char *domain) ***************************************************************************/ struct Cookie * -Curl_cookie_add(struct SessionHandle *data, +Curl_cookie_add(struct Curl_easy *data, /* The 'data' pointer here may be NULL at times, and thus must only be used very carefully for things that can deal with data being NULL. Such as infof() and similar */ @@ -913,7 +913,7 @@ Curl_cookie_add(struct SessionHandle *data, * * Returns NULL on out of memory. Invalid cookies are ignored. ****************************************************************************/ -struct CookieInfo *Curl_cookie_init(struct SessionHandle *data, +struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, const char *file, struct CookieInfo *inc, bool newsession) @@ -1314,7 +1314,7 @@ static int cookie_output(struct CookieInfo *c, const char *dumphere) fprintf(out, "#\n# Fatal libcurl error\n"); if(!use_stdout) fclose(out); - return 1; + return 1; } fprintf(out, "%s\n", format_ptr); free(format_ptr); @@ -1326,7 +1326,7 @@ static int cookie_output(struct CookieInfo *c, const char *dumphere) return 0; } -struct curl_slist *Curl_cookie_list(struct SessionHandle *data) +struct curl_slist *Curl_cookie_list(struct Curl_easy *data) { struct curl_slist *list = NULL; struct curl_slist *beg; @@ -1357,7 +1357,7 @@ struct curl_slist *Curl_cookie_list(struct SessionHandle *data) return list; } -void Curl_flush_cookies(struct SessionHandle *data, int cleanup) +void Curl_flush_cookies(struct Curl_easy *data, int cleanup) { if(data->set.str[STRING_COOKIEJAR]) { if(data->change.cookielist) { diff --git a/lib/cookie.h b/lib/cookie.h index 74a9224ec..cd7c54a28 100644 --- a/lib/cookie.h +++ b/lib/cookie.h @@ -70,13 +70,13 @@ struct CookieInfo { #define MAX_NAME 1024 #define MAX_NAME_TXT "1023" -struct SessionHandle; +struct Curl_easy; /* * Add a cookie to the internal list of cookies. The domain and path arguments * are only used if the header boolean is TRUE. */ -struct Cookie *Curl_cookie_add(struct SessionHandle *data, +struct Cookie *Curl_cookie_add(struct Curl_easy *data, struct CookieInfo *, bool header, char *lineptr, const char *domain, const char *path); @@ -93,12 +93,12 @@ void Curl_cookie_clearsess(struct CookieInfo *cookies); #define Curl_cookie_cleanup(x) Curl_nop_stmt #define Curl_flush_cookies(x,y) Curl_nop_stmt #else -void Curl_flush_cookies(struct SessionHandle *data, int cleanup); +void Curl_flush_cookies(struct Curl_easy *data, int cleanup); void Curl_cookie_cleanup(struct CookieInfo *); -struct CookieInfo *Curl_cookie_init(struct SessionHandle *data, +struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, const char *, struct CookieInfo *, bool); -struct curl_slist *Curl_cookie_list(struct SessionHandle *data); -void Curl_cookie_loadfiles(struct SessionHandle *data); +struct curl_slist *Curl_cookie_list(struct Curl_easy *data); +void Curl_cookie_loadfiles(struct Curl_easy *data); #endif #endif /* HEADER_CURL_COOKIE_H */ diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c index cc60ddb66..35eb2ddb9 100644 --- a/lib/curl_addrinfo.c +++ b/lib/curl_addrinfo.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -50,10 +50,9 @@ #include "curl_addrinfo.h" #include "inet_pton.h" #include "warnless.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" - -/* The last #include file should be: */ #include "memdebug.h" /* @@ -564,3 +563,32 @@ curl_dogetaddrinfo(const char *hostname, } #endif /* defined(CURLDEBUG) && defined(HAVE_GETADDRINFO) */ +#if defined(HAVE_GETADDRINFO) && defined(USE_RESOLVE_ON_IPS) +/* + * Work-arounds the sin6_port is always zero bug on iOS 9.3.2 and Mac OS X + * 10.11.5. + */ +void Curl_addrinfo_set_port(Curl_addrinfo *addrinfo, int port) +{ + Curl_addrinfo *ca; + struct sockaddr_in *addr; +#ifdef ENABLE_IPV6 + struct sockaddr_in6 *addr6; +#endif + for(ca = addrinfo; ca != NULL; ca = ca->ai_next) { + switch (ca->ai_family) { + case AF_INET: + addr = (void *)ca->ai_addr; /* storage area for this info */ + addr->sin_port = htons((unsigned short)port); + break; + +#ifdef ENABLE_IPV6 + case AF_INET6: + addr6 = (void *)ca->ai_addr; /* storage area for this info */ + addr6->sin6_port = htons((unsigned short)port); + break; +#endif + } + } +} +#endif diff --git a/lib/curl_addrinfo.h b/lib/curl_addrinfo.h index 01f286478..1a681e61e 100644 --- a/lib/curl_addrinfo.h +++ b/lib/curl_addrinfo.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2012, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -99,4 +99,12 @@ curl_dogetaddrinfo(const char *hostname, int line, const char *source); #endif +#ifdef HAVE_GETADDRINFO +#ifdef USE_RESOLVE_ON_IPS +void Curl_addrinfo_set_port(Curl_addrinfo *addrinfo, int port); +#else +#define Curl_addrinfo_set_port(x,y) +#endif +#endif + #endif /* HEADER_CURL_ADDRINFO_H */ diff --git a/lib/curl_base64.h b/lib/curl_base64.h index c26241767..7e9fc2606 100644 --- a/lib/curl_base64.h +++ b/lib/curl_base64.h @@ -22,10 +22,10 @@ * ***************************************************************************/ -CURLcode Curl_base64_encode(struct SessionHandle *data, +CURLcode Curl_base64_encode(struct Curl_easy *data, const char *inputbuff, size_t insize, char **outptr, size_t *outlen); -CURLcode Curl_base64url_encode(struct SessionHandle *data, +CURLcode Curl_base64url_encode(struct Curl_easy *data, const char *inputbuff, size_t insize, char **outptr, size_t *outlen); diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake index 6b5070a8b..f7dbd23c0 100644 --- a/lib/curl_config.h.cmake +++ b/lib/curl_config.h.cmake @@ -906,6 +906,9 @@ /* Define if you want to enable POSIX threaded DNS lookup */ #cmakedefine USE_THREADS_POSIX 1 +/* Define if you want to enable WIN32 threaded DNS lookup */ +#cmakedefine USE_THREADS_WIN32 1 + /* Define to disable non-blocking sockets. */ #cmakedefine USE_BLOCKING_SOCKETS 1 @@ -915,6 +918,9 @@ /* if PolarSSL is enabled */ #cmakedefine USE_POLARSSL 1 +/* if mbedTLS is enabled */ +#cmakedefine USE_MBEDTLS 1 + /* if libSSH2 is in use */ #cmakedefine USE_LIBSSH2 1 @@ -933,8 +939,7 @@ /* if Unix domain sockets are enabled */ #cmakedefine USE_UNIX_SOCKETS -/* Define to 1 if you are building a Windows target without large file - support. */ +/* Define to 1 if you are building a Windows target with large file support. */ #cmakedefine USE_WIN32_LARGE_FILES 1 /* to enable SSPI support */ diff --git a/lib/curl_config.h.in b/lib/curl_config.h.in index 561aa6e3d..ebdf680b2 100644 --- a/lib/curl_config.h.in +++ b/lib/curl_config.h.in @@ -144,6 +144,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_CRYPTO_H +/* Define to 1 if you have the `CyaSSL_CTX_UseSupportedCurve' function. */ +#undef HAVE_CYASSL_CTX_USESUPPORTEDCURVE + /* Define to 1 if you have the header file. */ #undef HAVE_CYASSL_ERROR_SSL_H @@ -398,9 +401,6 @@ /* Define to 1 if you have the `idn' library (-lidn). */ #undef HAVE_LIBIDN -/* Define to 1 if you have the `resolve' library (-lresolve). */ -#undef HAVE_LIBRESOLVE - /* Define to 1 if using libressl. */ #undef HAVE_LIBRESSL @@ -765,9 +765,15 @@ /* Define to 1 if you have the `wolfSSLv3_client_method' function. */ #undef HAVE_WOLFSSLV3_CLIENT_METHOD +/* Define to 1 if you have the `wolfSSL_CTX_UseSupportedCurve' function. */ +#undef HAVE_WOLFSSL_CTX_USESUPPORTEDCURVE + /* Define to 1 if you have the `wolfSSL_get_peer_certificate' function. */ #undef HAVE_WOLFSSL_GET_PEER_CERTIFICATE +/* Define to 1 if you have the `wolfSSL_UseALPN' function. */ +#undef HAVE_WOLFSSL_USEALPN + /* Define this symbol if your OS supports changing the contents of argv */ #undef HAVE_WRITABLE_ARGV diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c index 53240078a..e8108bb10 100644 --- a/lib/curl_fnmatch.c +++ b/lib/curl_fnmatch.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -22,6 +22,8 @@ #include "curl_setup.h" +#include + #include "curl_fnmatch.h" #include "curl_memory.h" diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c index 75af67036..bf7c766eb 100644 --- a/lib/curl_gssapi.c +++ b/lib/curl_gssapi.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2011 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2011 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -33,7 +33,7 @@ static char krb5_oid_bytes[] = "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"; gss_OID_desc Curl_krb5_mech_oid = { 9, &krb5_oid_bytes }; OM_uint32 Curl_gss_init_sec_context( - struct SessionHandle *data, + struct Curl_easy *data, OM_uint32 *minor_status, gss_ctx_id_t *context, gss_name_t target_name, @@ -76,45 +76,56 @@ OM_uint32 Curl_gss_init_sec_context( NULL /* time_rec */); } -/* - * Curl_gss_log_error() - * - * This is used to log a GSS-API error status. - * - * Parameters: - * - * data [in] - The session handle. - * status [in] - The status code. - * prefix [in] - The prefix of the log message. - */ -void Curl_gss_log_error(struct SessionHandle *data, OM_uint32 status, - const char *prefix) -{ +#define GSS_LOG_BUFFER_LEN 1024 +static size_t display_gss_error(OM_uint32 status, int type, + char *buf, size_t len) { OM_uint32 maj_stat; OM_uint32 min_stat; OM_uint32 msg_ctx = 0; gss_buffer_desc status_string; - char buf[1024]; - size_t len; - snprintf(buf, sizeof(buf), "%s", prefix); - len = strlen(buf); do { maj_stat = gss_display_status(&min_stat, status, - GSS_C_MECH_CODE, + type, GSS_C_NO_OID, &msg_ctx, &status_string); - if(sizeof(buf) > len + status_string.length + 1) { - snprintf(buf + len, sizeof(buf) - len, - ": %s", (char*)status_string.value); - len += status_string.length; + if(GSS_LOG_BUFFER_LEN > len + status_string.length + 3) { + len += snprintf(buf + len, GSS_LOG_BUFFER_LEN - len, + "%.*s. ", (int)status_string.length, + (char*)status_string.value); } gss_release_buffer(&min_stat, &status_string); } while(!GSS_ERROR(maj_stat) && msg_ctx != 0); - infof(data, "%s\n", buf); + return len; +} + +/* + * Curl_gss_log_error() + * + * This is used to log a GSS-API error status. + * + * Parameters: + * + * data [in] - The session handle. + * prefix [in] - The prefix of the log message. + * major [in] - The major status code. + * minor [in] - The minor status code. + */ +void Curl_gss_log_error(struct Curl_easy *data, const char *prefix, + OM_uint32 major, OM_uint32 minor) +{ + char buf[GSS_LOG_BUFFER_LEN]; + size_t len = 0; + + if(major != GSS_S_FAILURE) + len = display_gss_error(major, GSS_C_GSS_CODE, buf, len); + + display_gss_error(minor, GSS_C_MECH_CODE, buf, len); + + infof(data, "%s%s\n", prefix, buf); } #endif /* HAVE_GSSAPI */ diff --git a/lib/curl_gssapi.h b/lib/curl_gssapi.h index c1642a8b6..9700a2817 100644 --- a/lib/curl_gssapi.h +++ b/lib/curl_gssapi.h @@ -44,7 +44,7 @@ extern gss_OID_desc Curl_krb5_mech_oid; /* Common method for using GSS-API */ OM_uint32 Curl_gss_init_sec_context( - struct SessionHandle *data, + struct Curl_easy *data, OM_uint32 *minor_status, gss_ctx_id_t *context, gss_name_t target_name, @@ -56,8 +56,8 @@ OM_uint32 Curl_gss_init_sec_context( OM_uint32 *ret_flags); /* Helper to log a GSS-API error status */ -void Curl_gss_log_error(struct SessionHandle *data, OM_uint32 status, - const char *prefix); +void Curl_gss_log_error(struct Curl_easy *data, const char *prefix, + OM_uint32 major, OM_uint32 minor); /* Provide some definitions missing in old headers */ #ifdef HAVE_OLD_GSSMIT diff --git a/lib/curl_memory.h b/lib/curl_memory.h index fcd177cd5..6f792fffd 100644 --- a/lib/curl_memory.h +++ b/lib/curl_memory.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2013, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -83,7 +83,20 @@ #ifndef CURLX_NO_MEMORY_CALLBACKS -#include /* for the callback typedefs */ +#ifndef CURL_DID_MEMORY_FUNC_TYPEDEFS /* only if not already done */ +/* + * The following memory function replacement typedef's are COPIED from + * curl/curl.h and MUST match the originals. We copy them to avoid having to + * include curl/curl.h here. We avoid that include since it includes stdio.h + * and other headers that may get messed up with defines done here. + */ +typedef void *(*curl_malloc_callback)(size_t size); +typedef void (*curl_free_callback)(void *ptr); +typedef void *(*curl_realloc_callback)(void *ptr, size_t size); +typedef char *(*curl_strdup_callback)(const char *str); +typedef void *(*curl_calloc_callback)(size_t nmemb, size_t size); +#define CURL_DID_MEMORY_FUNC_TYPEDEFS +#endif extern curl_malloc_callback Curl_cmalloc; extern curl_free_callback Curl_cfree; diff --git a/lib/curl_memrchr.c b/lib/curl_memrchr.c index 1be27e5c8..c521497b2 100644 --- a/lib/curl_memrchr.c +++ b/lib/curl_memrchr.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -21,6 +21,9 @@ ***************************************************************************/ #include "curl_setup.h" + +#include + #include "curl_memrchr.h" #include "curl_memory.h" diff --git a/lib/curl_multibyte.c b/lib/curl_multibyte.c index e2078e05a..e78bb5002 100644 --- a/lib/curl_multibyte.c +++ b/lib/curl_multibyte.c @@ -22,6 +22,8 @@ #include "curl_setup.h" +#include + #if defined(USE_WIN32_IDN) || ((defined(USE_WINDOWS_SSPI) || \ defined(USE_WIN32_LDAP)) && defined(UNICODE)) diff --git a/lib/curl_ntlm.c b/lib/curl_ntlm.c deleted file mode 100644 index d4842e468..000000000 --- a/lib/curl_ntlm.c +++ /dev/null @@ -1,239 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - ***************************************************************************/ - -#include "curl_setup.h" - -#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) - -/* - * NTLM details: - * - * http://davenport.sourceforge.net/ntlm.html - * http://www.innovation.ch/java/ntlm.html - */ - -#define DEBUG_ME 0 - -#include "urldata.h" -#include "sendf.h" -#include "rawstr.h" -#include "curl_ntlm.h" -#include "curl_ntlm_msgs.h" -#include "curl_ntlm_wb.h" -#include "curl_sasl.h" -#include "url.h" -#include "curl_printf.h" - -#if defined(USE_NSS) -#include "vtls/nssg.h" -#elif defined(USE_WINDOWS_SSPI) -#include "curl_sspi.h" -#endif - -/* The last #include files should be: */ -#include "curl_memory.h" -#include "memdebug.h" - -#if DEBUG_ME -# define DEBUG_OUT(x) x -#else -# define DEBUG_OUT(x) Curl_nop_stmt -#endif - -CURLcode Curl_input_ntlm(struct connectdata *conn, - bool proxy, /* if proxy or not */ - const char *header) /* rest of the www-authenticate: - header */ -{ - /* point to the correct struct with this */ - struct ntlmdata *ntlm; - CURLcode result = CURLE_OK; - - ntlm = proxy ? &conn->proxyntlm : &conn->ntlm; - - if(checkprefix("NTLM", header)) { - header += strlen("NTLM"); - - while(*header && ISSPACE(*header)) - header++; - - if(*header) { - result = Curl_sasl_decode_ntlm_type2_message(conn->data, header, ntlm); - if(result) - return result; - - ntlm->state = NTLMSTATE_TYPE2; /* We got a type-2 message */ - } - else { - if(ntlm->state == NTLMSTATE_LAST) { - infof(conn->data, "NTLM auth restarted\n"); - Curl_http_ntlm_cleanup(conn); - } - else if(ntlm->state == NTLMSTATE_TYPE3) { - infof(conn->data, "NTLM handshake rejected\n"); - Curl_http_ntlm_cleanup(conn); - ntlm->state = NTLMSTATE_NONE; - return CURLE_REMOTE_ACCESS_DENIED; - } - else if(ntlm->state >= NTLMSTATE_TYPE1) { - infof(conn->data, "NTLM handshake failure (internal error)\n"); - return CURLE_REMOTE_ACCESS_DENIED; - } - - ntlm->state = NTLMSTATE_TYPE1; /* We should send away a type-1 */ - } - } - - return result; -} - -/* - * This is for creating ntlm header output - */ -CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy) -{ - char *base64 = NULL; - size_t len = 0; - CURLcode result; - - /* point to the address of the pointer that holds the string to send to the - server, which is for a plain host or for a HTTP proxy */ - char **allocuserpwd; - - /* point to the name and password for this */ - const char *userp; - const char *passwdp; - - /* point to the correct struct with this */ - struct ntlmdata *ntlm; - struct auth *authp; - - DEBUGASSERT(conn); - DEBUGASSERT(conn->data); - -#ifdef USE_NSS - if(CURLE_OK != Curl_nss_force_init(conn->data)) - return CURLE_OUT_OF_MEMORY; -#endif - - if(proxy) { - allocuserpwd = &conn->allocptr.proxyuserpwd; - userp = conn->proxyuser; - passwdp = conn->proxypasswd; - ntlm = &conn->proxyntlm; - authp = &conn->data->state.authproxy; - } - else { - allocuserpwd = &conn->allocptr.userpwd; - userp = conn->user; - passwdp = conn->passwd; - ntlm = &conn->ntlm; - authp = &conn->data->state.authhost; - } - authp->done = FALSE; - - /* not set means empty */ - if(!userp) - userp = ""; - - if(!passwdp) - passwdp = ""; - -#ifdef USE_WINDOWS_SSPI - if(s_hSecDll == NULL) { - /* not thread safe and leaks - use curl_global_init() to avoid */ - CURLcode err = Curl_sspi_global_init(); - if(s_hSecDll == NULL) - return err; - } -#endif - - switch(ntlm->state) { - case NTLMSTATE_TYPE1: - default: /* for the weird cases we (re)start here */ - /* Create a type-1 message */ - result = Curl_sasl_create_ntlm_type1_message(userp, passwdp, ntlm, &base64, - &len); - if(result) - return result; - - if(base64) { - free(*allocuserpwd); - *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n", - proxy ? "Proxy-" : "", - base64); - free(base64); - if(!*allocuserpwd) - return CURLE_OUT_OF_MEMORY; - - DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd)); - } - break; - - case NTLMSTATE_TYPE2: - /* We already received the type-2 message, create a type-3 message */ - result = Curl_sasl_create_ntlm_type3_message(conn->data, userp, passwdp, - ntlm, &base64, &len); - if(result) - return result; - - if(base64) { - free(*allocuserpwd); - *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n", - proxy ? "Proxy-" : "", - base64); - free(base64); - if(!*allocuserpwd) - return CURLE_OUT_OF_MEMORY; - - DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd)); - - ntlm->state = NTLMSTATE_TYPE3; /* we send a type-3 */ - authp->done = TRUE; - } - break; - - case NTLMSTATE_TYPE3: - /* connection is already authenticated, - * don't send a header in future requests */ - ntlm->state = NTLMSTATE_LAST; - /* fall-through */ - case NTLMSTATE_LAST: - Curl_safefree(*allocuserpwd); - authp->done = TRUE; - break; - } - - return CURLE_OK; -} - -void Curl_http_ntlm_cleanup(struct connectdata *conn) -{ - Curl_sasl_ntlm_cleanup(&conn->ntlm); - Curl_sasl_ntlm_cleanup(&conn->proxyntlm); - -#if defined(NTLM_WB_ENABLED) - Curl_ntlm_wb_cleanup(conn); -#endif -} - -#endif /* !CURL_DISABLE_HTTP && USE_NTLM */ diff --git a/lib/curl_ntlm.h b/lib/curl_ntlm.h deleted file mode 100644 index d186bbe37..000000000 --- a/lib/curl_ntlm.h +++ /dev/null @@ -1,40 +0,0 @@ -#ifndef HEADER_CURL_NTLM_H -#define HEADER_CURL_NTLM_H -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - ***************************************************************************/ - -#include "curl_setup.h" - -#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) - -/* this is for ntlm header input */ -CURLcode Curl_input_ntlm(struct connectdata *conn, bool proxy, - const char *header); - -/* this is for creating ntlm header output */ -CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy); - -void Curl_http_ntlm_cleanup(struct connectdata *conn); - -#endif /* !CURL_DISABLE_HTTP && USE_NTLM */ - -#endif /* HEADER_CURL_NTLM_H */ diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index e79d1f64f..4b9da2c2a 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -28,7 +28,7 @@ * NTLM details: * * http://davenport.sourceforge.net/ntlm.html - * http://www.innovation.ch/java/ntlm.html + * https://www.innovation.ch/java/ntlm.html */ #if !defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO) @@ -76,6 +76,11 @@ # define MD5_DIGEST_LENGTH 16 # define MD4_DIGEST_LENGTH 16 +#elif defined(USE_MBEDTLS) + +# include +# include + #elif defined(USE_NSS) # include @@ -107,9 +112,8 @@ #include "warnless.h" #include "curl_endian.h" #include "curl_des.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -189,6 +193,26 @@ static void setup_des_key(const unsigned char *key_56, gcry_cipher_setkey(*des, key, sizeof(key)); } +#elif defined(USE_MBEDTLS) + +static bool encrypt_des(const unsigned char *in, unsigned char *out, + const unsigned char *key_56) +{ + mbedtls_des_context ctx; + char key[8]; + + /* Expand the 56-bit key to 64-bits */ + extend_key_56_to_64(key_56, key); + + /* Set the key parity to odd */ + mbedtls_des_key_set_parity((unsigned char *) key); + + /* Perform the encryption */ + mbedtls_des_init(&ctx); + mbedtls_des_setkey_enc(&ctx, (unsigned char *) key); + return mbedtls_des_crypt_ecb(&ctx, in, out) == 0; +} + #elif defined(USE_NSS) /* @@ -401,8 +425,8 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys, setup_des_key(keys + 14, &des); gcry_cipher_encrypt(des, results + 16, 8, plaintext, 8); gcry_cipher_close(des); -#elif defined(USE_NSS) || defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) \ - || defined(USE_WIN32_CRYPTO) +#elif defined(USE_MBEDTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) \ + || defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) encrypt_des(plaintext, results, keys); encrypt_des(plaintext, results + 8, keys + 7); encrypt_des(plaintext, results + 16, keys + 14); @@ -412,7 +436,7 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys, /* * Set up lanmanager hashed password */ -CURLcode Curl_ntlm_core_mk_lm_hash(struct SessionHandle *data, +CURLcode Curl_ntlm_core_mk_lm_hash(struct Curl_easy *data, const char *password, unsigned char *lmbuffer /* 21 bytes */) { @@ -465,8 +489,8 @@ CURLcode Curl_ntlm_core_mk_lm_hash(struct SessionHandle *data, setup_des_key(pw + 7, &des); gcry_cipher_encrypt(des, lmbuffer + 8, 8, magic, 8); gcry_cipher_close(des); -#elif defined(USE_NSS) || defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) \ - || defined(USE_WIN32_CRYPTO) +#elif defined(USE_MBEDTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) \ + || defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) encrypt_des(magic, lmbuffer, pw); encrypt_des(magic, lmbuffer + 8, pw + 7); #endif @@ -506,7 +530,7 @@ static void ascii_uppercase_to_unicode_le(unsigned char *dest, * Set up nt hashed passwords * @unittest: 1600 */ -CURLcode Curl_ntlm_core_mk_nt_hash(struct SessionHandle *data, +CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data, const char *password, unsigned char *ntbuffer /* 21 bytes */) { @@ -544,6 +568,8 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct SessionHandle *data, gcry_md_write(MD4pw, pw, 2 * len); memcpy (ntbuffer, gcry_md_read (MD4pw, 0), MD4_DIGEST_LENGTH); gcry_md_close(MD4pw); +#elif defined(USE_MBEDTLS) + mbedtls_md4(pw, 2 * len, ntbuffer); #elif defined(USE_NSS) || defined(USE_OS400CRYPTO) Curl_md4it(ntbuffer, pw, 2 * len); #elif defined(USE_DARWINSSL) diff --git a/lib/curl_ntlm_core.h b/lib/curl_ntlm_core.h index cf37dc811..c5f90e778 100644 --- a/lib/curl_ntlm_core.h +++ b/lib/curl_ntlm_core.h @@ -64,12 +64,12 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys, const unsigned char *plaintext, unsigned char *results); -CURLcode Curl_ntlm_core_mk_lm_hash(struct SessionHandle *data, +CURLcode Curl_ntlm_core_mk_lm_hash(struct Curl_easy *data, const char *password, unsigned char *lmbuffer /* 21 bytes */); #if USE_NTRESPONSES -CURLcode Curl_ntlm_core_mk_nt_hash(struct SessionHandle *data, +CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data, const char *password, unsigned char *ntbuffer /* 21 bytes */); diff --git a/lib/curl_ntlm_msgs.c b/lib/curl_ntlm_msgs.c deleted file mode 100644 index fc9547207..000000000 --- a/lib/curl_ntlm_msgs.c +++ /dev/null @@ -1,821 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - ***************************************************************************/ - -#include "curl_setup.h" - -#if defined(USE_NTLM) && !defined(USE_WINDOWS_SSPI) - -/* - * NTLM details: - * - * http://davenport.sourceforge.net/ntlm.html - * http://www.innovation.ch/java/ntlm.html - */ - -#define DEBUG_ME 0 - -#include "urldata.h" -#include "non-ascii.h" -#include "sendf.h" -#include "curl_base64.h" -#include "curl_ntlm_core.h" -#include "curl_gethostname.h" -#include "curl_multibyte.h" -#include "warnless.h" - -#include "vtls/vtls.h" - -#ifdef USE_NSS -#include "vtls/nssg.h" /* for Curl_nss_force_init() */ -#endif - -#define BUILDING_CURL_NTLM_MSGS_C -#include "curl_ntlm_msgs.h" -#include "curl_sasl.h" -#include "curl_endian.h" -#include "curl_printf.h" - -/* The last #include files should be: */ -#include "curl_memory.h" -#include "memdebug.h" - -/* "NTLMSSP" signature is always in ASCII regardless of the platform */ -#define NTLMSSP_SIGNATURE "\x4e\x54\x4c\x4d\x53\x53\x50" - -#define SHORTPAIR(x) ((x) & 0xff), (((x) >> 8) & 0xff) -#define LONGQUARTET(x) ((x) & 0xff), (((x) >> 8) & 0xff), \ - (((x) >> 16) & 0xff), (((x) >> 24) & 0xff) - -#if DEBUG_ME -# define DEBUG_OUT(x) x -static void ntlm_print_flags(FILE *handle, unsigned long flags) -{ - if(flags & NTLMFLAG_NEGOTIATE_UNICODE) - fprintf(handle, "NTLMFLAG_NEGOTIATE_UNICODE "); - if(flags & NTLMFLAG_NEGOTIATE_OEM) - fprintf(handle, "NTLMFLAG_NEGOTIATE_OEM "); - if(flags & NTLMFLAG_REQUEST_TARGET) - fprintf(handle, "NTLMFLAG_REQUEST_TARGET "); - if(flags & (1<<3)) - fprintf(handle, "NTLMFLAG_UNKNOWN_3 "); - if(flags & NTLMFLAG_NEGOTIATE_SIGN) - fprintf(handle, "NTLMFLAG_NEGOTIATE_SIGN "); - if(flags & NTLMFLAG_NEGOTIATE_SEAL) - fprintf(handle, "NTLMFLAG_NEGOTIATE_SEAL "); - if(flags & NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE) - fprintf(handle, "NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE "); - if(flags & NTLMFLAG_NEGOTIATE_LM_KEY) - fprintf(handle, "NTLMFLAG_NEGOTIATE_LM_KEY "); - if(flags & NTLMFLAG_NEGOTIATE_NETWARE) - fprintf(handle, "NTLMFLAG_NEGOTIATE_NETWARE "); - if(flags & NTLMFLAG_NEGOTIATE_NTLM_KEY) - fprintf(handle, "NTLMFLAG_NEGOTIATE_NTLM_KEY "); - if(flags & (1<<10)) - fprintf(handle, "NTLMFLAG_UNKNOWN_10 "); - if(flags & NTLMFLAG_NEGOTIATE_ANONYMOUS) - fprintf(handle, "NTLMFLAG_NEGOTIATE_ANONYMOUS "); - if(flags & NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED) - fprintf(handle, "NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED "); - if(flags & NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED) - fprintf(handle, "NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED "); - if(flags & NTLMFLAG_NEGOTIATE_LOCAL_CALL) - fprintf(handle, "NTLMFLAG_NEGOTIATE_LOCAL_CALL "); - if(flags & NTLMFLAG_NEGOTIATE_ALWAYS_SIGN) - fprintf(handle, "NTLMFLAG_NEGOTIATE_ALWAYS_SIGN "); - if(flags & NTLMFLAG_TARGET_TYPE_DOMAIN) - fprintf(handle, "NTLMFLAG_TARGET_TYPE_DOMAIN "); - if(flags & NTLMFLAG_TARGET_TYPE_SERVER) - fprintf(handle, "NTLMFLAG_TARGET_TYPE_SERVER "); - if(flags & NTLMFLAG_TARGET_TYPE_SHARE) - fprintf(handle, "NTLMFLAG_TARGET_TYPE_SHARE "); - if(flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) - fprintf(handle, "NTLMFLAG_NEGOTIATE_NTLM2_KEY "); - if(flags & NTLMFLAG_REQUEST_INIT_RESPONSE) - fprintf(handle, "NTLMFLAG_REQUEST_INIT_RESPONSE "); - if(flags & NTLMFLAG_REQUEST_ACCEPT_RESPONSE) - fprintf(handle, "NTLMFLAG_REQUEST_ACCEPT_RESPONSE "); - if(flags & NTLMFLAG_REQUEST_NONNT_SESSION_KEY) - fprintf(handle, "NTLMFLAG_REQUEST_NONNT_SESSION_KEY "); - if(flags & NTLMFLAG_NEGOTIATE_TARGET_INFO) - fprintf(handle, "NTLMFLAG_NEGOTIATE_TARGET_INFO "); - if(flags & (1<<24)) - fprintf(handle, "NTLMFLAG_UNKNOWN_24 "); - if(flags & (1<<25)) - fprintf(handle, "NTLMFLAG_UNKNOWN_25 "); - if(flags & (1<<26)) - fprintf(handle, "NTLMFLAG_UNKNOWN_26 "); - if(flags & (1<<27)) - fprintf(handle, "NTLMFLAG_UNKNOWN_27 "); - if(flags & (1<<28)) - fprintf(handle, "NTLMFLAG_UNKNOWN_28 "); - if(flags & NTLMFLAG_NEGOTIATE_128) - fprintf(handle, "NTLMFLAG_NEGOTIATE_128 "); - if(flags & NTLMFLAG_NEGOTIATE_KEY_EXCHANGE) - fprintf(handle, "NTLMFLAG_NEGOTIATE_KEY_EXCHANGE "); - if(flags & NTLMFLAG_NEGOTIATE_56) - fprintf(handle, "NTLMFLAG_NEGOTIATE_56 "); -} - -static void ntlm_print_hex(FILE *handle, const char *buf, size_t len) -{ - const char *p = buf; - (void)handle; - fprintf(stderr, "0x"); - while(len-- > 0) - fprintf(stderr, "%02.2x", (unsigned int)*p++); -} -#else -# define DEBUG_OUT(x) Curl_nop_stmt -#endif - -/* - * ntlm_decode_type2_target() - * - * This is used to decode the "target info" in the NTLM type-2 message - * received. - * - * Parameters: - * - * data [in] - The session handle. - * buffer [in] - The decoded type-2 message. - * size [in] - The input buffer size, at least 32 bytes. - * ntlm [in/out] - The NTLM data struct being used and modified. - * - * Returns CURLE_OK on success. - */ -static CURLcode ntlm_decode_type2_target(struct SessionHandle *data, - unsigned char *buffer, - size_t size, - struct ntlmdata *ntlm) -{ - unsigned short target_info_len = 0; - unsigned int target_info_offset = 0; - -#if defined(CURL_DISABLE_VERBOSE_STRINGS) - (void) data; -#endif - - if(size >= 48) { - target_info_len = Curl_read16_le(&buffer[40]); - target_info_offset = Curl_read32_le(&buffer[44]); - if(target_info_len > 0) { - if(((target_info_offset + target_info_len) > size) || - (target_info_offset < 48)) { - infof(data, "NTLM handshake failure (bad type-2 message). " - "Target Info Offset Len is set incorrect by the peer\n"); - return CURLE_BAD_CONTENT_ENCODING; - } - - ntlm->target_info = malloc(target_info_len); - if(!ntlm->target_info) - return CURLE_OUT_OF_MEMORY; - - memcpy(ntlm->target_info, &buffer[target_info_offset], target_info_len); - } - } - - ntlm->target_info_len = target_info_len; - - return CURLE_OK; -} - -/* - NTLM message structure notes: - - A 'short' is a 'network short', a little-endian 16-bit unsigned value. - - A 'long' is a 'network long', a little-endian, 32-bit unsigned value. - - A 'security buffer' represents a triplet used to point to a buffer, - consisting of two shorts and one long: - - 1. A 'short' containing the length of the buffer content in bytes. - 2. A 'short' containing the allocated space for the buffer in bytes. - 3. A 'long' containing the offset to the start of the buffer in bytes, - from the beginning of the NTLM message. -*/ - -/* - * Curl_sasl_decode_ntlm_type2_message() - * - * This is used to decode an already encoded NTLM type-2 message. The message - * is first decoded from a base64 string into a raw NTLM message and checked - * for validity before the appropriate data for creating a type-3 message is - * written to the given NTLM data structure. - * - * Parameters: - * - * data [in] - The session handle. - * type2msg [in] - The base64 encoded type-2 message. - * ntlm [in/out] - The NTLM data struct being used and modified. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data, - const char *type2msg, - struct ntlmdata *ntlm) -{ - static const char type2_marker[] = { 0x02, 0x00, 0x00, 0x00 }; - - /* NTLM type-2 message structure: - - Index Description Content - 0 NTLMSSP Signature Null-terminated ASCII "NTLMSSP" - (0x4e544c4d53535000) - 8 NTLM Message Type long (0x02000000) - 12 Target Name security buffer - 20 Flags long - 24 Challenge 8 bytes - (32) Context 8 bytes (two consecutive longs) (*) - (40) Target Information security buffer (*) - (48) OS Version Structure 8 bytes (*) - 32 (48) (56) Start of data block (*) - (*) -> Optional - */ - - CURLcode result = CURLE_OK; - unsigned char *type2 = NULL; - size_t type2_len = 0; - -#if defined(USE_NSS) - /* Make sure the crypto backend is initialized */ - result = Curl_nss_force_init(data); - if(result) - return result; -#elif defined(CURL_DISABLE_VERBOSE_STRINGS) - (void)data; -#endif - - /* Decode the base-64 encoded type-2 message */ - if(strlen(type2msg) && *type2msg != '=') { - result = Curl_base64_decode(type2msg, &type2, &type2_len); - if(result) - return result; - } - - /* Ensure we have a valid type-2 message */ - if(!type2) { - infof(data, "NTLM handshake failure (empty type-2 message)\n"); - return CURLE_BAD_CONTENT_ENCODING; - } - - ntlm->flags = 0; - - if((type2_len < 32) || - (memcmp(type2, NTLMSSP_SIGNATURE, 8) != 0) || - (memcmp(type2 + 8, type2_marker, sizeof(type2_marker)) != 0)) { - /* This was not a good enough type-2 message */ - free(type2); - infof(data, "NTLM handshake failure (bad type-2 message)\n"); - return CURLE_BAD_CONTENT_ENCODING; - } - - ntlm->flags = Curl_read32_le(&type2[20]); - memcpy(ntlm->nonce, &type2[24], 8); - - if(ntlm->flags & NTLMFLAG_NEGOTIATE_TARGET_INFO) { - result = ntlm_decode_type2_target(data, type2, type2_len, ntlm); - if(result) { - free(type2); - infof(data, "NTLM handshake failure (bad type-2 message)\n"); - return result; - } - } - - DEBUG_OUT({ - fprintf(stderr, "**** TYPE2 header flags=0x%08.8lx ", ntlm->flags); - ntlm_print_flags(stderr, ntlm->flags); - fprintf(stderr, "\n nonce="); - ntlm_print_hex(stderr, (char *)ntlm->nonce, 8); - fprintf(stderr, "\n****\n"); - fprintf(stderr, "**** Header %s\n ", header); - }); - - free(type2); - - return result; -} - -/* copy the source to the destination and fill in zeroes in every - other destination byte! */ -static void unicodecpy(unsigned char *dest, const char *src, size_t length) -{ - size_t i; - for(i = 0; i < length; i++) { - dest[2 * i] = (unsigned char)src[i]; - dest[2 * i + 1] = '\0'; - } -} - -/* - * Curl_sasl_create_ntlm_type1_message() - * - * This is used to generate an already encoded NTLM type-1 message ready for - * sending to the recipient using the appropriate compile time crypto API. - * - * Parameters: - * - * userp [in] - The user name in the format User or Domain\User. - * passdwp [in] - The user's password. - * ntlm [in/out] - The NTLM data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp, - const char *passwdp, - struct ntlmdata *ntlm, - char **outptr, size_t *outlen) -{ - /* NTLM type-1 message structure: - - Index Description Content - 0 NTLMSSP Signature Null-terminated ASCII "NTLMSSP" - (0x4e544c4d53535000) - 8 NTLM Message Type long (0x01000000) - 12 Flags long - (16) Supplied Domain security buffer (*) - (24) Supplied Workstation security buffer (*) - (32) OS Version Structure 8 bytes (*) - (32) (40) Start of data block (*) - (*) -> Optional - */ - - size_t size; - - unsigned char ntlmbuf[NTLM_BUFSIZE]; - const char *host = ""; /* empty */ - const char *domain = ""; /* empty */ - size_t hostlen = 0; - size_t domlen = 0; - size_t hostoff = 0; - size_t domoff = hostoff + hostlen; /* This is 0: remember that host and - domain are empty */ - (void)userp; - (void)passwdp; - - /* Clean up any former leftovers and initialise to defaults */ - Curl_sasl_ntlm_cleanup(ntlm); - -#if USE_NTRESPONSES && USE_NTLM2SESSION -#define NTLM2FLAG NTLMFLAG_NEGOTIATE_NTLM2_KEY -#else -#define NTLM2FLAG 0 -#endif - snprintf((char *)ntlmbuf, NTLM_BUFSIZE, - NTLMSSP_SIGNATURE "%c" - "\x01%c%c%c" /* 32-bit type = 1 */ - "%c%c%c%c" /* 32-bit NTLM flag field */ - "%c%c" /* domain length */ - "%c%c" /* domain allocated space */ - "%c%c" /* domain name offset */ - "%c%c" /* 2 zeroes */ - "%c%c" /* host length */ - "%c%c" /* host allocated space */ - "%c%c" /* host name offset */ - "%c%c" /* 2 zeroes */ - "%s" /* host name */ - "%s", /* domain string */ - 0, /* trailing zero */ - 0, 0, 0, /* part of type-1 long */ - - LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM | - NTLMFLAG_REQUEST_TARGET | - NTLMFLAG_NEGOTIATE_NTLM_KEY | - NTLM2FLAG | - NTLMFLAG_NEGOTIATE_ALWAYS_SIGN), - SHORTPAIR(domlen), - SHORTPAIR(domlen), - SHORTPAIR(domoff), - 0, 0, - SHORTPAIR(hostlen), - SHORTPAIR(hostlen), - SHORTPAIR(hostoff), - 0, 0, - host, /* this is empty */ - domain /* this is empty */); - - /* Initial packet length */ - size = 32 + hostlen + domlen; - - DEBUG_OUT({ - fprintf(stderr, "* TYPE1 header flags=0x%02.2x%02.2x%02.2x%02.2x " - "0x%08.8x ", - LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM | - NTLMFLAG_REQUEST_TARGET | - NTLMFLAG_NEGOTIATE_NTLM_KEY | - NTLM2FLAG | - NTLMFLAG_NEGOTIATE_ALWAYS_SIGN), - NTLMFLAG_NEGOTIATE_OEM | - NTLMFLAG_REQUEST_TARGET | - NTLMFLAG_NEGOTIATE_NTLM_KEY | - NTLM2FLAG | - NTLMFLAG_NEGOTIATE_ALWAYS_SIGN); - ntlm_print_flags(stderr, - NTLMFLAG_NEGOTIATE_OEM | - NTLMFLAG_REQUEST_TARGET | - NTLMFLAG_NEGOTIATE_NTLM_KEY | - NTLM2FLAG | - NTLMFLAG_NEGOTIATE_ALWAYS_SIGN); - fprintf(stderr, "\n****\n"); - }); - - /* Return with binary blob encoded into base64 */ - return Curl_base64_encode(NULL, (char *)ntlmbuf, size, outptr, outlen); -} - -/* - * Curl_sasl_create_ntlm_type3_message() - * - * This is used to generate an already encoded NTLM type-3 message ready for - * sending to the recipient using the appropriate compile time crypto API. - * - * Parameters: - * - * data [in] - The session handle. - * userp [in] - The user name in the format User or Domain\User. - * passdwp [in] - The user's password. - * ntlm [in/out] - The NTLM data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - struct ntlmdata *ntlm, - char **outptr, size_t *outlen) - -{ - /* NTLM type-3 message structure: - - Index Description Content - 0 NTLMSSP Signature Null-terminated ASCII "NTLMSSP" - (0x4e544c4d53535000) - 8 NTLM Message Type long (0x03000000) - 12 LM/LMv2 Response security buffer - 20 NTLM/NTLMv2 Response security buffer - 28 Target Name security buffer - 36 User Name security buffer - 44 Workstation Name security buffer - (52) Session Key security buffer (*) - (60) Flags long (*) - (64) OS Version Structure 8 bytes (*) - 52 (64) (72) Start of data block - (*) -> Optional - */ - - CURLcode result = CURLE_OK; - size_t size; - unsigned char ntlmbuf[NTLM_BUFSIZE]; - int lmrespoff; - unsigned char lmresp[24]; /* fixed-size */ -#if USE_NTRESPONSES - int ntrespoff; - unsigned int ntresplen = 24; - unsigned char ntresp[24]; /* fixed-size */ - unsigned char *ptr_ntresp = &ntresp[0]; - unsigned char *ntlmv2resp = NULL; -#endif - bool unicode = (ntlm->flags & NTLMFLAG_NEGOTIATE_UNICODE) ? TRUE : FALSE; - char host[HOSTNAME_MAX + 1] = ""; - const char *user; - const char *domain = ""; - size_t hostoff = 0; - size_t useroff = 0; - size_t domoff = 0; - size_t hostlen = 0; - size_t userlen = 0; - size_t domlen = 0; - - user = strchr(userp, '\\'); - if(!user) - user = strchr(userp, '/'); - - if(user) { - domain = userp; - domlen = (user - domain); - user++; - } - else - user = userp; - - if(user) - userlen = strlen(user); - - /* Get the machine's un-qualified host name as NTLM doesn't like the fully - qualified domain name */ - if(Curl_gethostname(host, sizeof(host))) { - infof(data, "gethostname() failed, continuing without!\n"); - hostlen = 0; - } - else { - hostlen = strlen(host); - } - -#if USE_NTRESPONSES && USE_NTLM_V2 - if(ntlm->target_info_len) { - unsigned char ntbuffer[0x18]; - unsigned int entropy[2]; - unsigned char ntlmv2hash[0x18]; - - entropy[0] = Curl_rand(data); - entropy[1] = Curl_rand(data); - - result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer); - if(result) - return result; - - result = Curl_ntlm_core_mk_ntlmv2_hash(user, userlen, domain, domlen, - ntbuffer, ntlmv2hash); - if(result) - return result; - - /* LMv2 response */ - result = Curl_ntlm_core_mk_lmv2_resp(ntlmv2hash, - (unsigned char *)&entropy[0], - &ntlm->nonce[0], lmresp); - if(result) - return result; - - /* NTLMv2 response */ - result = Curl_ntlm_core_mk_ntlmv2_resp(ntlmv2hash, - (unsigned char *)&entropy[0], - ntlm, &ntlmv2resp, &ntresplen); - if(result) - return result; - - ptr_ntresp = ntlmv2resp; - } - else -#endif - -#if USE_NTRESPONSES && USE_NTLM2SESSION - /* We don't support NTLM2 if we don't have USE_NTRESPONSES */ - if(ntlm->flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) { - unsigned char ntbuffer[0x18]; - unsigned char tmp[0x18]; - unsigned char md5sum[MD5_DIGEST_LENGTH]; - unsigned int entropy[2]; - - /* Need to create 8 bytes random data */ - entropy[0] = Curl_rand(data); - entropy[1] = Curl_rand(data); - - /* 8 bytes random data as challenge in lmresp */ - memcpy(lmresp, entropy, 8); - - /* Pad with zeros */ - memset(lmresp + 8, 0, 0x10); - - /* Fill tmp with challenge(nonce?) + entropy */ - memcpy(tmp, &ntlm->nonce[0], 8); - memcpy(tmp + 8, entropy, 8); - - result = Curl_ssl_md5sum(tmp, 16, md5sum, MD5_DIGEST_LENGTH); - if(!result) - /* We shall only use the first 8 bytes of md5sum, but the des code in - Curl_ntlm_core_lm_resp only encrypt the first 8 bytes */ - result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer); - if(result) - return result; - - Curl_ntlm_core_lm_resp(ntbuffer, md5sum, ntresp); - - /* End of NTLM2 Session code */ - - } - else -#endif - { - -#if USE_NTRESPONSES - unsigned char ntbuffer[0x18]; -#endif - unsigned char lmbuffer[0x18]; - -#if USE_NTRESPONSES - result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer); - if(result) - return result; - - Curl_ntlm_core_lm_resp(ntbuffer, &ntlm->nonce[0], ntresp); -#endif - - result = Curl_ntlm_core_mk_lm_hash(data, passwdp, lmbuffer); - if(result) - return result; - - Curl_ntlm_core_lm_resp(lmbuffer, &ntlm->nonce[0], lmresp); - - /* A safer but less compatible alternative is: - * Curl_ntlm_core_lm_resp(ntbuffer, &ntlm->nonce[0], lmresp); - * See http://davenport.sourceforge.net/ntlm.html#ntlmVersion2 */ - } - - if(unicode) { - domlen = domlen * 2; - userlen = userlen * 2; - hostlen = hostlen * 2; - } - - lmrespoff = 64; /* size of the message header */ -#if USE_NTRESPONSES - ntrespoff = lmrespoff + 0x18; - domoff = ntrespoff + ntresplen; -#else - domoff = lmrespoff + 0x18; -#endif - useroff = domoff + domlen; - hostoff = useroff + userlen; - - /* Create the big type-3 message binary blob */ - size = snprintf((char *)ntlmbuf, NTLM_BUFSIZE, - NTLMSSP_SIGNATURE "%c" - "\x03%c%c%c" /* 32-bit type = 3 */ - - "%c%c" /* LanManager length */ - "%c%c" /* LanManager allocated space */ - "%c%c" /* LanManager offset */ - "%c%c" /* 2 zeroes */ - - "%c%c" /* NT-response length */ - "%c%c" /* NT-response allocated space */ - "%c%c" /* NT-response offset */ - "%c%c" /* 2 zeroes */ - - "%c%c" /* domain length */ - "%c%c" /* domain allocated space */ - "%c%c" /* domain name offset */ - "%c%c" /* 2 zeroes */ - - "%c%c" /* user length */ - "%c%c" /* user allocated space */ - "%c%c" /* user offset */ - "%c%c" /* 2 zeroes */ - - "%c%c" /* host length */ - "%c%c" /* host allocated space */ - "%c%c" /* host offset */ - "%c%c" /* 2 zeroes */ - - "%c%c" /* session key length (unknown purpose) */ - "%c%c" /* session key allocated space (unknown purpose) */ - "%c%c" /* session key offset (unknown purpose) */ - "%c%c" /* 2 zeroes */ - - "%c%c%c%c", /* flags */ - - /* domain string */ - /* user string */ - /* host string */ - /* LanManager response */ - /* NT response */ - - 0, /* zero termination */ - 0, 0, 0, /* type-3 long, the 24 upper bits */ - - SHORTPAIR(0x18), /* LanManager response length, twice */ - SHORTPAIR(0x18), - SHORTPAIR(lmrespoff), - 0x0, 0x0, - -#if USE_NTRESPONSES - SHORTPAIR(ntresplen), /* NT-response length, twice */ - SHORTPAIR(ntresplen), - SHORTPAIR(ntrespoff), - 0x0, 0x0, -#else - 0x0, 0x0, - 0x0, 0x0, - 0x0, 0x0, - 0x0, 0x0, -#endif - SHORTPAIR(domlen), - SHORTPAIR(domlen), - SHORTPAIR(domoff), - 0x0, 0x0, - - SHORTPAIR(userlen), - SHORTPAIR(userlen), - SHORTPAIR(useroff), - 0x0, 0x0, - - SHORTPAIR(hostlen), - SHORTPAIR(hostlen), - SHORTPAIR(hostoff), - 0x0, 0x0, - - 0x0, 0x0, - 0x0, 0x0, - 0x0, 0x0, - 0x0, 0x0, - - LONGQUARTET(ntlm->flags)); - - DEBUGASSERT(size == 64); - DEBUGASSERT(size == (size_t)lmrespoff); - - /* We append the binary hashes */ - if(size < (NTLM_BUFSIZE - 0x18)) { - memcpy(&ntlmbuf[size], lmresp, 0x18); - size += 0x18; - } - - DEBUG_OUT({ - fprintf(stderr, "**** TYPE3 header lmresp="); - ntlm_print_hex(stderr, (char *)&ntlmbuf[lmrespoff], 0x18); - }); - -#if USE_NTRESPONSES - if(size < (NTLM_BUFSIZE - ntresplen)) { - DEBUGASSERT(size == (size_t)ntrespoff); - memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen); - size += ntresplen; - } - - DEBUG_OUT({ - fprintf(stderr, "\n ntresp="); - ntlm_print_hex(stderr, (char *)&ntlmbuf[ntrespoff], ntresplen); - }); - - free(ntlmv2resp);/* Free the dynamic buffer allocated for NTLMv2 */ - -#endif - - DEBUG_OUT({ - fprintf(stderr, "\n flags=0x%02.2x%02.2x%02.2x%02.2x 0x%08.8x ", - LONGQUARTET(ntlm->flags), ntlm->flags); - ntlm_print_flags(stderr, ntlm->flags); - fprintf(stderr, "\n****\n"); - }); - - /* Make sure that the domain, user and host strings fit in the - buffer before we copy them there. */ - if(size + userlen + domlen + hostlen >= NTLM_BUFSIZE) { - failf(data, "user + domain + host name too big"); - return CURLE_OUT_OF_MEMORY; - } - - DEBUGASSERT(size == domoff); - if(unicode) - unicodecpy(&ntlmbuf[size], domain, domlen / 2); - else - memcpy(&ntlmbuf[size], domain, domlen); - - size += domlen; - - DEBUGASSERT(size == useroff); - if(unicode) - unicodecpy(&ntlmbuf[size], user, userlen / 2); - else - memcpy(&ntlmbuf[size], user, userlen); - - size += userlen; - - DEBUGASSERT(size == hostoff); - if(unicode) - unicodecpy(&ntlmbuf[size], host, hostlen / 2); - else - memcpy(&ntlmbuf[size], host, hostlen); - - size += hostlen; - - /* Convert domain, user, and host to ASCII but leave the rest as-is */ - result = Curl_convert_to_network(data, (char *)&ntlmbuf[domoff], - size - domoff); - if(result) - return CURLE_CONV_FAILED; - - /* Return with binary blob encoded into base64 */ - result = Curl_base64_encode(NULL, (char *)ntlmbuf, size, outptr, outlen); - - Curl_sasl_ntlm_cleanup(ntlm); - - return result; -} - -#endif /* USE_NTLM && !USE_WINDOWS_SSPI */ diff --git a/lib/curl_ntlm_msgs.h b/lib/curl_ntlm_msgs.h deleted file mode 100644 index b9026f87c..000000000 --- a/lib/curl_ntlm_msgs.h +++ /dev/null @@ -1,143 +0,0 @@ -#ifndef HEADER_CURL_NTLM_MSGS_H -#define HEADER_CURL_NTLM_MSGS_H -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - ***************************************************************************/ - -#include "curl_setup.h" - -#ifdef USE_NTLM - -/* NTLM buffer fixed size, large enough for long user + host + domain */ -#define NTLM_BUFSIZE 1024 - -/* Stuff only required for curl_ntlm_msgs.c */ -#ifdef BUILDING_CURL_NTLM_MSGS_C - -/* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */ - -#define NTLMFLAG_NEGOTIATE_UNICODE (1<<0) -/* Indicates that Unicode strings are supported for use in security buffer - data. */ - -#define NTLMFLAG_NEGOTIATE_OEM (1<<1) -/* Indicates that OEM strings are supported for use in security buffer data. */ - -#define NTLMFLAG_REQUEST_TARGET (1<<2) -/* Requests that the server's authentication realm be included in the Type 2 - message. */ - -/* unknown (1<<3) */ -#define NTLMFLAG_NEGOTIATE_SIGN (1<<4) -/* Specifies that authenticated communication between the client and server - should carry a digital signature (message integrity). */ - -#define NTLMFLAG_NEGOTIATE_SEAL (1<<5) -/* Specifies that authenticated communication between the client and server - should be encrypted (message confidentiality). */ - -#define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6) -/* Indicates that datagram authentication is being used. */ - -#define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7) -/* Indicates that the LAN Manager session key should be used for signing and - sealing authenticated communications. */ - -#define NTLMFLAG_NEGOTIATE_NETWARE (1<<8) -/* unknown purpose */ - -#define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9) -/* Indicates that NTLM authentication is being used. */ - -/* unknown (1<<10) */ - -#define NTLMFLAG_NEGOTIATE_ANONYMOUS (1<<11) -/* Sent by the client in the Type 3 message to indicate that an anonymous - context has been established. This also affects the response fields. */ - -#define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12) -/* Sent by the client in the Type 1 message to indicate that a desired - authentication realm is included in the message. */ - -#define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13) -/* Sent by the client in the Type 1 message to indicate that the client - workstation's name is included in the message. */ - -#define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14) -/* Sent by the server to indicate that the server and client are on the same - machine. Implies that the client may use a pre-established local security - context rather than responding to the challenge. */ - -#define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15) -/* Indicates that authenticated communication between the client and server - should be signed with a "dummy" signature. */ - -#define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16) -/* Sent by the server in the Type 2 message to indicate that the target - authentication realm is a domain. */ - -#define NTLMFLAG_TARGET_TYPE_SERVER (1<<17) -/* Sent by the server in the Type 2 message to indicate that the target - authentication realm is a server. */ - -#define NTLMFLAG_TARGET_TYPE_SHARE (1<<18) -/* Sent by the server in the Type 2 message to indicate that the target - authentication realm is a share. Presumably, this is for share-level - authentication. Usage is unclear. */ - -#define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19) -/* Indicates that the NTLM2 signing and sealing scheme should be used for - protecting authenticated communications. */ - -#define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20) -/* unknown purpose */ - -#define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21) -/* unknown purpose */ - -#define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22) -/* unknown purpose */ - -#define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23) -/* Sent by the server in the Type 2 message to indicate that it is including a - Target Information block in the message. */ - -/* unknown (1<24) */ -/* unknown (1<25) */ -/* unknown (1<26) */ -/* unknown (1<27) */ -/* unknown (1<28) */ - -#define NTLMFLAG_NEGOTIATE_128 (1<<29) -/* Indicates that 128-bit encryption is supported. */ - -#define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30) -/* Indicates that the client will provide an encrypted master key in - the "Session Key" field of the Type 3 message. */ - -#define NTLMFLAG_NEGOTIATE_56 (1<<31) -/* Indicates that 56-bit encryption is supported. */ - -#endif /* BUILDING_CURL_NTLM_MSGS_C */ - -#endif /* USE_NTLM */ - -#endif /* HEADER_CURL_NTLM_MSGS_H */ diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c index 06f66702d..afdea16c0 100644 --- a/lib/curl_ntlm_wb.c +++ b/lib/curl_ntlm_wb.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -29,7 +29,7 @@ * NTLM details: * * http://davenport.sourceforge.net/ntlm.html - * http://www.innovation.ch/java/ntlm.html + * https://www.innovation.ch/java/ntlm.html */ #define DEBUG_ME 0 @@ -47,13 +47,12 @@ #include "urldata.h" #include "sendf.h" #include "select.h" -#include "curl_ntlm_msgs.h" +#include "vauth/ntlm.h" #include "curl_ntlm_wb.h" #include "url.h" #include "strerror.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index 945d75232..65fa52932 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -36,6 +36,7 @@ #include "curl_base64.h" #include "curl_md5.h" +#include "vauth/vauth.h" #include "vtls/vtls.h" #include "curl_hmac.h" #include "curl_sasl.h" @@ -45,9 +46,8 @@ #include "rawstr.h" #include "sendf.h" #include "non-ascii.h" /* included for Curl_convert_... prototypes */ +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -69,1145 +69,6 @@ const struct { { ZERO_NULL, 0, 0 } }; -#if !defined(CURL_DISABLE_CRYPTO_AUTH) && !defined(USE_WINDOWS_SSPI) -#define DIGEST_QOP_VALUE_AUTH (1 << 0) -#define DIGEST_QOP_VALUE_AUTH_INT (1 << 1) -#define DIGEST_QOP_VALUE_AUTH_CONF (1 << 2) - -#define DIGEST_QOP_VALUE_STRING_AUTH "auth" -#define DIGEST_QOP_VALUE_STRING_AUTH_INT "auth-int" -#define DIGEST_QOP_VALUE_STRING_AUTH_CONF "auth-conf" - -/* The CURL_OUTPUT_DIGEST_CONV macro below is for non-ASCII machines. - It converts digest text to ASCII so the MD5 will be correct for - what ultimately goes over the network. -*/ -#define CURL_OUTPUT_DIGEST_CONV(a, b) \ - result = Curl_convert_to_network(a, (char *)b, strlen((const char*)b)); \ - if(result) { \ - free(b); \ - return result; \ - } - -#endif - -#if !defined(CURL_DISABLE_CRYPTO_AUTH) -bool Curl_sasl_digest_get_pair(const char *str, char *value, char *content, - const char **endptr) -{ - int c; - bool starts_with_quote = FALSE; - bool escape = FALSE; - - for(c = DIGEST_MAX_VALUE_LENGTH - 1; (*str && (*str != '=') && c--); ) - *value++ = *str++; - *value = 0; - - if('=' != *str++) - /* eek, no match */ - return FALSE; - - if('\"' == *str) { - /* this starts with a quote so it must end with one as well! */ - str++; - starts_with_quote = TRUE; - } - - for(c = DIGEST_MAX_CONTENT_LENGTH - 1; *str && c--; str++) { - switch(*str) { - case '\\': - if(!escape) { - /* possibly the start of an escaped quote */ - escape = TRUE; - *content++ = '\\'; /* even though this is an escape character, we still - store it as-is in the target buffer */ - continue; - } - break; - - case ',': - if(!starts_with_quote) { - /* this signals the end of the content if we didn't get a starting - quote and then we do "sloppy" parsing */ - c = 0; /* the end */ - continue; - } - break; - - case '\r': - case '\n': - /* end of string */ - c = 0; - continue; - - case '\"': - if(!escape && starts_with_quote) { - /* end of string */ - c = 0; - continue; - } - break; - } - - escape = FALSE; - *content++ = *str; - } - - *content = 0; - *endptr = str; - - return TRUE; -} -#endif - -#if !defined(CURL_DISABLE_CRYPTO_AUTH) && !defined(USE_WINDOWS_SSPI) -/* Convert md5 chunk to RFC2617 (section 3.1.3) -suitable ascii string*/ -static void sasl_digest_md5_to_ascii(unsigned char *source, /* 16 bytes */ - unsigned char *dest) /* 33 bytes */ -{ - int i; - for(i = 0; i < 16; i++) - snprintf((char *)&dest[i*2], 3, "%02x", source[i]); -} - -/* Perform quoted-string escaping as described in RFC2616 and its errata */ -static char *sasl_digest_string_quoted(const char *source) -{ - char *dest, *d; - const char *s = source; - size_t n = 1; /* null terminator */ - - /* Calculate size needed */ - while(*s) { - ++n; - if(*s == '"' || *s == '\\') { - ++n; - } - ++s; - } - - dest = malloc(n); - if(dest) { - s = source; - d = dest; - while(*s) { - if(*s == '"' || *s == '\\') { - *d++ = '\\'; - } - *d++ = *s++; - } - *d = 0; - } - - return dest; -} - -/* Retrieves the value for a corresponding key from the challenge string - * returns TRUE if the key could be found, FALSE if it does not exists - */ -static bool sasl_digest_get_key_value(const char *chlg, - const char *key, - char *value, - size_t max_val_len, - char end_char) -{ - char *find_pos; - size_t i; - - find_pos = strstr(chlg, key); - if(!find_pos) - return FALSE; - - find_pos += strlen(key); - - for(i = 0; *find_pos && *find_pos != end_char && i < max_val_len - 1; ++i) - value[i] = *find_pos++; - value[i] = '\0'; - - return TRUE; -} - -static CURLcode sasl_digest_get_qop_values(const char *options, int *value) -{ - char *tmp; - char *token; - char *tok_buf; - - /* Initialise the output */ - *value = 0; - - /* Tokenise the list of qop values. Use a temporary clone of the buffer since - strtok_r() ruins it. */ - tmp = strdup(options); - if(!tmp) - return CURLE_OUT_OF_MEMORY; - - token = strtok_r(tmp, ",", &tok_buf); - while(token != NULL) { - if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH)) - *value |= DIGEST_QOP_VALUE_AUTH; - else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_INT)) - *value |= DIGEST_QOP_VALUE_AUTH_INT; - else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_CONF)) - *value |= DIGEST_QOP_VALUE_AUTH_CONF; - - token = strtok_r(NULL, ",", &tok_buf); - } - - free(tmp); - - return CURLE_OK; -} -#endif /* !CURL_DISABLE_CRYPTO_AUTH && !USE_WINDOWS_SSPI */ - -#if !defined(USE_WINDOWS_SSPI) -/* - * Curl_sasl_build_spn() - * - * This is used to build a SPN string in the format service/instance. - * - * Parameters: - * - * service [in] - The service type such as www, smtp, pop or imap. - * instance [in] - The host name or realm. - * - * Returns a pointer to the newly allocated SPN. - */ -char *Curl_sasl_build_spn(const char *service, const char *instance) -{ - /* Generate and return our SPN */ - return aprintf("%s/%s", service, instance); -} -#endif - -/* - * sasl_create_plain_message() - * - * This is used to generate an already encoded PLAIN message ready - * for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * userp [in] - The user name. - * passdwp [in] - The user's password. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -static CURLcode sasl_create_plain_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - char **outptr, size_t *outlen) -{ - CURLcode result; - char *plainauth; - size_t ulen; - size_t plen; - - ulen = strlen(userp); - plen = strlen(passwdp); - - plainauth = malloc(2 * ulen + plen + 2); - if(!plainauth) { - *outlen = 0; - *outptr = NULL; - return CURLE_OUT_OF_MEMORY; - } - - /* Calculate the reply */ - memcpy(plainauth, userp, ulen); - plainauth[ulen] = '\0'; - memcpy(plainauth + ulen + 1, userp, ulen); - plainauth[2 * ulen + 1] = '\0'; - memcpy(plainauth + 2 * ulen + 2, passwdp, plen); - - /* Base64 encode the reply */ - result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr, - outlen); - free(plainauth); - return result; -} - -/* - * sasl_create_login_message() - * - * This is used to generate an already encoded LOGIN message containing the - * user name or password ready for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * valuep [in] - The user name or user's password. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -static CURLcode sasl_create_login_message(struct SessionHandle *data, - const char *valuep, char **outptr, - size_t *outlen) -{ - size_t vlen = strlen(valuep); - - if(!vlen) { - /* Calculate an empty reply */ - *outptr = strdup("="); - if(*outptr) { - *outlen = (size_t) 1; - return CURLE_OK; - } - - *outlen = 0; - return CURLE_OUT_OF_MEMORY; - } - - /* Base64 encode the value */ - return Curl_base64_encode(data, valuep, vlen, outptr, outlen); -} - -/* - * sasl_create_external_message() - * - * This is used to generate an already encoded EXTERNAL message containing - * the user name ready for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * user [in] - The user name. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -static CURLcode sasl_create_external_message(struct SessionHandle *data, - const char *user, char **outptr, - size_t *outlen) -{ - /* This is the same formatting as the login message. */ - return sasl_create_login_message(data, user, outptr, outlen); -} - -#ifndef CURL_DISABLE_CRYPTO_AUTH -/* - * sasl_decode_cram_md5_message() - * - * This is used to decode an already encoded CRAM-MD5 challenge message. - * - * Parameters: - * - * chlg64 [in] - The base64 encoded challenge message. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -static CURLcode sasl_decode_cram_md5_message(const char *chlg64, char **outptr, - size_t *outlen) -{ - CURLcode result = CURLE_OK; - size_t chlg64len = strlen(chlg64); - - *outptr = NULL; - *outlen = 0; - - /* Decode the challenge if necessary */ - if(chlg64len && *chlg64 != '=') - result = Curl_base64_decode(chlg64, (unsigned char **) outptr, outlen); - - return result; -} - -/* - * sasl_create_cram_md5_message() - * - * This is used to generate an already encoded CRAM-MD5 response message ready - * for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * chlg [in] - The challenge. - * userp [in] - The user name. - * passdwp [in] - The user's password. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -static CURLcode sasl_create_cram_md5_message(struct SessionHandle *data, - const char *chlg, - const char *userp, - const char *passwdp, - char **outptr, size_t *outlen) -{ - CURLcode result = CURLE_OK; - size_t chlglen = 0; - HMAC_context *ctxt; - unsigned char digest[MD5_DIGEST_LEN]; - char *response; - - if(chlg) - chlglen = strlen(chlg); - - /* Compute the digest using the password as the key */ - ctxt = Curl_HMAC_init(Curl_HMAC_MD5, - (const unsigned char *) passwdp, - curlx_uztoui(strlen(passwdp))); - if(!ctxt) - return CURLE_OUT_OF_MEMORY; - - /* Update the digest with the given challenge */ - if(chlglen > 0) - Curl_HMAC_update(ctxt, (const unsigned char *) chlg, - curlx_uztoui(chlglen)); - - /* Finalise the digest */ - Curl_HMAC_final(ctxt, digest); - - /* Generate the response */ - response = aprintf( - "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - userp, digest[0], digest[1], digest[2], digest[3], digest[4], - digest[5], digest[6], digest[7], digest[8], digest[9], digest[10], - digest[11], digest[12], digest[13], digest[14], digest[15]); - if(!response) - return CURLE_OUT_OF_MEMORY; - - /* Base64 encode the response */ - result = Curl_base64_encode(data, response, 0, outptr, outlen); - - free(response); - - return result; -} - -#ifndef USE_WINDOWS_SSPI -/* - * sasl_decode_digest_md5_message() - * - * This is used internally to decode an already encoded DIGEST-MD5 challenge - * message into the seperate attributes. - * - * Parameters: - * - * chlg64 [in] - The base64 encoded challenge message. - * nonce [in/out] - The buffer where the nonce will be stored. - * nlen [in] - The length of the nonce buffer. - * realm [in/out] - The buffer where the realm will be stored. - * rlen [in] - The length of the realm buffer. - * alg [in/out] - The buffer where the algorithm will be stored. - * alen [in] - The length of the algorithm buffer. - * qop [in/out] - The buffer where the qop-options will be stored. - * qlen [in] - The length of the qop buffer. - * - * Returns CURLE_OK on success. - */ -static CURLcode sasl_decode_digest_md5_message(const char *chlg64, - char *nonce, size_t nlen, - char *realm, size_t rlen, - char *alg, size_t alen, - char *qop, size_t qlen) -{ - CURLcode result = CURLE_OK; - unsigned char *chlg = NULL; - size_t chlglen = 0; - size_t chlg64len = strlen(chlg64); - - /* Decode the base-64 encoded challenge message */ - if(chlg64len && *chlg64 != '=') { - result = Curl_base64_decode(chlg64, &chlg, &chlglen); - if(result) - return result; - } - - /* Ensure we have a valid challenge message */ - if(!chlg) - return CURLE_BAD_CONTENT_ENCODING; - - /* Retrieve nonce string from the challenge */ - if(!sasl_digest_get_key_value((char *)chlg, "nonce=\"", nonce, nlen, '\"')) { - free(chlg); - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Retrieve realm string from the challenge */ - if(!sasl_digest_get_key_value((char *)chlg, "realm=\"", realm, rlen, '\"')) { - /* Challenge does not have a realm, set empty string [RFC2831] page 6 */ - strcpy(realm, ""); - } - - /* Retrieve algorithm string from the challenge */ - if(!sasl_digest_get_key_value((char *)chlg, "algorithm=", alg, alen, ',')) { - free(chlg); - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Retrieve qop-options string from the challenge */ - if(!sasl_digest_get_key_value((char *)chlg, "qop=\"", qop, qlen, '\"')) { - free(chlg); - return CURLE_BAD_CONTENT_ENCODING; - } - - free(chlg); - - return CURLE_OK; -} - -/* - * Curl_sasl_create_digest_md5_message() - * - * This is used to generate an already encoded DIGEST-MD5 response message - * ready for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * chlg64 [in] - The base64 encoded challenge message. - * userp [in] - The user name. - * passdwp [in] - The user's password. - * service [in] - The service type such as www, smtp, pop or imap. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, - const char *chlg64, - const char *userp, - const char *passwdp, - const char *service, - char **outptr, size_t *outlen) -{ - CURLcode result = CURLE_OK; - size_t i; - MD5_context *ctxt; - char *response = NULL; - unsigned char digest[MD5_DIGEST_LEN]; - char HA1_hex[2 * MD5_DIGEST_LEN + 1]; - char HA2_hex[2 * MD5_DIGEST_LEN + 1]; - char resp_hash_hex[2 * MD5_DIGEST_LEN + 1]; - char nonce[64]; - char realm[128]; - char algorithm[64]; - char qop_options[64]; - int qop_values; - char cnonce[33]; - unsigned int entropy[4]; - char nonceCount[] = "00000001"; - char method[] = "AUTHENTICATE"; - char qop[] = DIGEST_QOP_VALUE_STRING_AUTH; - char *spn = NULL; - - /* Decode the challange message */ - result = sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), - realm, sizeof(realm), - algorithm, sizeof(algorithm), - qop_options, sizeof(qop_options)); - if(result) - return result; - - /* We only support md5 sessions */ - if(strcmp(algorithm, "md5-sess") != 0) - return CURLE_BAD_CONTENT_ENCODING; - - /* Get the qop-values from the qop-options */ - result = sasl_digest_get_qop_values(qop_options, &qop_values); - if(result) - return result; - - /* We only support auth quality-of-protection */ - if(!(qop_values & DIGEST_QOP_VALUE_AUTH)) - return CURLE_BAD_CONTENT_ENCODING; - - /* Generate 16 bytes of random data */ - entropy[0] = Curl_rand(data); - entropy[1] = Curl_rand(data); - entropy[2] = Curl_rand(data); - entropy[3] = Curl_rand(data); - - /* Convert the random data into a 32 byte hex string */ - snprintf(cnonce, sizeof(cnonce), "%08x%08x%08x%08x", - entropy[0], entropy[1], entropy[2], entropy[3]); - - /* So far so good, now calculate A1 and H(A1) according to RFC 2831 */ - ctxt = Curl_MD5_init(Curl_DIGEST_MD5); - if(!ctxt) - return CURLE_OUT_OF_MEMORY; - - Curl_MD5_update(ctxt, (const unsigned char *) userp, - curlx_uztoui(strlen(userp))); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - Curl_MD5_update(ctxt, (const unsigned char *) realm, - curlx_uztoui(strlen(realm))); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - Curl_MD5_update(ctxt, (const unsigned char *) passwdp, - curlx_uztoui(strlen(passwdp))); - Curl_MD5_final(ctxt, digest); - - ctxt = Curl_MD5_init(Curl_DIGEST_MD5); - if(!ctxt) - return CURLE_OUT_OF_MEMORY; - - Curl_MD5_update(ctxt, (const unsigned char *) digest, MD5_DIGEST_LEN); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - Curl_MD5_update(ctxt, (const unsigned char *) nonce, - curlx_uztoui(strlen(nonce))); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - Curl_MD5_update(ctxt, (const unsigned char *) cnonce, - curlx_uztoui(strlen(cnonce))); - Curl_MD5_final(ctxt, digest); - - /* Convert calculated 16 octet hex into 32 bytes string */ - for(i = 0; i < MD5_DIGEST_LEN; i++) - snprintf(&HA1_hex[2 * i], 3, "%02x", digest[i]); - - /* Generate our SPN */ - spn = Curl_sasl_build_spn(service, realm); - if(!spn) - return CURLE_OUT_OF_MEMORY; - - /* Calculate H(A2) */ - ctxt = Curl_MD5_init(Curl_DIGEST_MD5); - if(!ctxt) { - free(spn); - - return CURLE_OUT_OF_MEMORY; - } - - Curl_MD5_update(ctxt, (const unsigned char *) method, - curlx_uztoui(strlen(method))); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - Curl_MD5_update(ctxt, (const unsigned char *) spn, - curlx_uztoui(strlen(spn))); - Curl_MD5_final(ctxt, digest); - - for(i = 0; i < MD5_DIGEST_LEN; i++) - snprintf(&HA2_hex[2 * i], 3, "%02x", digest[i]); - - /* Now calculate the response hash */ - ctxt = Curl_MD5_init(Curl_DIGEST_MD5); - if(!ctxt) { - free(spn); - - return CURLE_OUT_OF_MEMORY; - } - - Curl_MD5_update(ctxt, (const unsigned char *) HA1_hex, 2 * MD5_DIGEST_LEN); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - Curl_MD5_update(ctxt, (const unsigned char *) nonce, - curlx_uztoui(strlen(nonce))); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - - Curl_MD5_update(ctxt, (const unsigned char *) nonceCount, - curlx_uztoui(strlen(nonceCount))); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - Curl_MD5_update(ctxt, (const unsigned char *) cnonce, - curlx_uztoui(strlen(cnonce))); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - Curl_MD5_update(ctxt, (const unsigned char *) qop, - curlx_uztoui(strlen(qop))); - Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); - - Curl_MD5_update(ctxt, (const unsigned char *) HA2_hex, 2 * MD5_DIGEST_LEN); - Curl_MD5_final(ctxt, digest); - - for(i = 0; i < MD5_DIGEST_LEN; i++) - snprintf(&resp_hash_hex[2 * i], 3, "%02x", digest[i]); - - /* Generate the response */ - response = aprintf("username=\"%s\",realm=\"%s\",nonce=\"%s\"," - "cnonce=\"%s\",nc=\"%s\",digest-uri=\"%s\",response=%s," - "qop=%s", - userp, realm, nonce, - cnonce, nonceCount, spn, resp_hash_hex, qop); - free(spn); - if(!response) - return CURLE_OUT_OF_MEMORY; - - /* Base64 encode the response */ - result = Curl_base64_encode(data, response, 0, outptr, outlen); - - free(response); - - return result; -} - -/* - * Curl_sasl_decode_digest_http_message() - * - * This is used to decode a HTTP DIGEST challenge message into the seperate - * attributes. - * - * Parameters: - * - * chlg [in] - The challenge message. - * digest [in/out] - The digest data struct being used and modified. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_decode_digest_http_message(const char *chlg, - struct digestdata *digest) -{ - bool before = FALSE; /* got a nonce before */ - bool foundAuth = FALSE; - bool foundAuthInt = FALSE; - char *token = NULL; - char *tmp = NULL; - - /* If we already have received a nonce, keep that in mind */ - if(digest->nonce) - before = TRUE; - - /* Clean up any former leftovers and initialise to defaults */ - Curl_sasl_digest_cleanup(digest); - - for(;;) { - char value[DIGEST_MAX_VALUE_LENGTH]; - char content[DIGEST_MAX_CONTENT_LENGTH]; - - /* Pass all additional spaces here */ - while(*chlg && ISSPACE(*chlg)) - chlg++; - - /* Extract a value=content pair */ - if(Curl_sasl_digest_get_pair(chlg, value, content, &chlg)) { - if(Curl_raw_equal(value, "nonce")) { - free(digest->nonce); - digest->nonce = strdup(content); - if(!digest->nonce) - return CURLE_OUT_OF_MEMORY; - } - else if(Curl_raw_equal(value, "stale")) { - if(Curl_raw_equal(content, "true")) { - digest->stale = TRUE; - digest->nc = 1; /* we make a new nonce now */ - } - } - else if(Curl_raw_equal(value, "realm")) { - free(digest->realm); - digest->realm = strdup(content); - if(!digest->realm) - return CURLE_OUT_OF_MEMORY; - } - else if(Curl_raw_equal(value, "opaque")) { - free(digest->opaque); - digest->opaque = strdup(content); - if(!digest->opaque) - return CURLE_OUT_OF_MEMORY; - } - else if(Curl_raw_equal(value, "qop")) { - char *tok_buf; - /* Tokenize the list and choose auth if possible, use a temporary - clone of the buffer since strtok_r() ruins it */ - tmp = strdup(content); - if(!tmp) - return CURLE_OUT_OF_MEMORY; - - token = strtok_r(tmp, ",", &tok_buf); - while(token != NULL) { - if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH)) { - foundAuth = TRUE; - } - else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_INT)) { - foundAuthInt = TRUE; - } - token = strtok_r(NULL, ",", &tok_buf); - } - - free(tmp); - - /* Select only auth or auth-int. Otherwise, ignore */ - if(foundAuth) { - free(digest->qop); - digest->qop = strdup(DIGEST_QOP_VALUE_STRING_AUTH); - if(!digest->qop) - return CURLE_OUT_OF_MEMORY; - } - else if(foundAuthInt) { - free(digest->qop); - digest->qop = strdup(DIGEST_QOP_VALUE_STRING_AUTH_INT); - if(!digest->qop) - return CURLE_OUT_OF_MEMORY; - } - } - else if(Curl_raw_equal(value, "algorithm")) { - free(digest->algorithm); - digest->algorithm = strdup(content); - if(!digest->algorithm) - return CURLE_OUT_OF_MEMORY; - - if(Curl_raw_equal(content, "MD5-sess")) - digest->algo = CURLDIGESTALGO_MD5SESS; - else if(Curl_raw_equal(content, "MD5")) - digest->algo = CURLDIGESTALGO_MD5; - else - return CURLE_BAD_CONTENT_ENCODING; - } - else { - /* unknown specifier, ignore it! */ - } - } - else - break; /* we're done here */ - - /* Pass all additional spaces here */ - while(*chlg && ISSPACE(*chlg)) - chlg++; - - /* Allow the list to be comma-separated */ - if(',' == *chlg) - chlg++; - } - - /* We had a nonce since before, and we got another one now without - 'stale=true'. This means we provided bad credentials in the previous - request */ - if(before && !digest->stale) - return CURLE_BAD_CONTENT_ENCODING; - - /* We got this header without a nonce, that's a bad Digest line! */ - if(!digest->nonce) - return CURLE_BAD_CONTENT_ENCODING; - - return CURLE_OK; -} - -/* - * Curl_sasl_create_digest_http_message() - * - * This is used to generate a HTTP DIGEST response message ready for sending - * to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * userp [in] - The user name. - * passdwp [in] - The user's password. - * request [in] - The HTTP request. - * uripath [in] - The path of the HTTP uri. - * digest [in/out] - The digest data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_digest_http_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - const unsigned char *request, - const unsigned char *uripath, - struct digestdata *digest, - char **outptr, size_t *outlen) -{ - CURLcode result; - unsigned char md5buf[16]; /* 16 bytes/128 bits */ - unsigned char request_digest[33]; - unsigned char *md5this; - unsigned char ha1[33];/* 32 digits and 1 zero byte */ - unsigned char ha2[33];/* 32 digits and 1 zero byte */ - char cnoncebuf[33]; - char *cnonce = NULL; - size_t cnonce_sz = 0; - char *userp_quoted; - char *response = NULL; - char *tmp = NULL; - - if(!digest->nc) - digest->nc = 1; - - if(!digest->cnonce) { - snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x%08x%08x", - Curl_rand(data), Curl_rand(data), - Curl_rand(data), Curl_rand(data)); - - result = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf), - &cnonce, &cnonce_sz); - if(result) - return result; - - digest->cnonce = cnonce; - } - - /* - If the algorithm is "MD5" or unspecified (which then defaults to MD5): - - A1 = unq(username-value) ":" unq(realm-value) ":" passwd - - If the algorithm is "MD5-sess" then: - - A1 = H( unq(username-value) ":" unq(realm-value) ":" passwd ) ":" - unq(nonce-value) ":" unq(cnonce-value) - */ - - md5this = (unsigned char *) - aprintf("%s:%s:%s", userp, digest->realm, passwdp); - if(!md5this) - return CURLE_OUT_OF_MEMORY; - - CURL_OUTPUT_DIGEST_CONV(data, md5this); /* convert on non-ASCII machines */ - Curl_md5it(md5buf, md5this); - free(md5this); - sasl_digest_md5_to_ascii(md5buf, ha1); - - if(digest->algo == CURLDIGESTALGO_MD5SESS) { - /* nonce and cnonce are OUTSIDE the hash */ - tmp = aprintf("%s:%s:%s", ha1, digest->nonce, digest->cnonce); - if(!tmp) - return CURLE_OUT_OF_MEMORY; - - CURL_OUTPUT_DIGEST_CONV(data, tmp); /* convert on non-ASCII machines */ - Curl_md5it(md5buf, (unsigned char *)tmp); - free(tmp); - sasl_digest_md5_to_ascii(md5buf, ha1); - } - - /* - If the "qop" directive's value is "auth" or is unspecified, then A2 is: - - A2 = Method ":" digest-uri-value - - If the "qop" value is "auth-int", then A2 is: - - A2 = Method ":" digest-uri-value ":" H(entity-body) - - (The "Method" value is the HTTP request method as specified in section - 5.1.1 of RFC 2616) - */ - - md5this = (unsigned char *)aprintf("%s:%s", request, uripath); - - if(digest->qop && Curl_raw_equal(digest->qop, "auth-int")) { - /* We don't support auth-int for PUT or POST at the moment. - TODO: replace md5 of empty string with entity-body for PUT/POST */ - unsigned char *md5this2 = (unsigned char *) - aprintf("%s:%s", md5this, "d41d8cd98f00b204e9800998ecf8427e"); - free(md5this); - md5this = md5this2; - } - - if(!md5this) - return CURLE_OUT_OF_MEMORY; - - CURL_OUTPUT_DIGEST_CONV(data, md5this); /* convert on non-ASCII machines */ - Curl_md5it(md5buf, md5this); - free(md5this); - sasl_digest_md5_to_ascii(md5buf, ha2); - - if(digest->qop) { - md5this = (unsigned char *)aprintf("%s:%s:%08x:%s:%s:%s", - ha1, - digest->nonce, - digest->nc, - digest->cnonce, - digest->qop, - ha2); - } - else { - md5this = (unsigned char *)aprintf("%s:%s:%s", - ha1, - digest->nonce, - ha2); - } - - if(!md5this) - return CURLE_OUT_OF_MEMORY; - - CURL_OUTPUT_DIGEST_CONV(data, md5this); /* convert on non-ASCII machines */ - Curl_md5it(md5buf, md5this); - free(md5this); - sasl_digest_md5_to_ascii(md5buf, request_digest); - - /* for test case 64 (snooped from a Mozilla 1.3a request) - - Authorization: Digest username="testuser", realm="testrealm", \ - nonce="1053604145", uri="/64", response="c55f7f30d83d774a3d2dcacf725abaca" - - Digest parameters are all quoted strings. Username which is provided by - the user will need double quotes and backslashes within it escaped. For - the other fields, this shouldn't be an issue. realm, nonce, and opaque - are copied as is from the server, escapes and all. cnonce is generated - with web-safe characters. uri is already percent encoded. nc is 8 hex - characters. algorithm and qop with standard values only contain web-safe - characters. - */ - userp_quoted = sasl_digest_string_quoted(userp); - if(!userp_quoted) - return CURLE_OUT_OF_MEMORY; - - if(digest->qop) { - response = aprintf("username=\"%s\", " - "realm=\"%s\", " - "nonce=\"%s\", " - "uri=\"%s\", " - "cnonce=\"%s\", " - "nc=%08x, " - "qop=%s, " - "response=\"%s\"", - userp_quoted, - digest->realm, - digest->nonce, - uripath, - digest->cnonce, - digest->nc, - digest->qop, - request_digest); - - if(Curl_raw_equal(digest->qop, "auth")) - digest->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0 - padded which tells to the server how many times you are - using the same nonce in the qop=auth mode */ - } - else { - response = aprintf("username=\"%s\", " - "realm=\"%s\", " - "nonce=\"%s\", " - "uri=\"%s\", " - "response=\"%s\"", - userp_quoted, - digest->realm, - digest->nonce, - uripath, - request_digest); - } - free(userp_quoted); - if(!response) - return CURLE_OUT_OF_MEMORY; - - /* Add the optional fields */ - if(digest->opaque) { - /* Append the opaque */ - tmp = aprintf("%s, opaque=\"%s\"", response, digest->opaque); - free(response); - if(!tmp) - return CURLE_OUT_OF_MEMORY; - - response = tmp; - } - - if(digest->algorithm) { - /* Append the algorithm */ - tmp = aprintf("%s, algorithm=\"%s\"", response, digest->algorithm); - free(response); - if(!tmp) - return CURLE_OUT_OF_MEMORY; - - response = tmp; - } - - /* Return the output */ - *outptr = response; - *outlen = strlen(response); - - return CURLE_OK; -} - -/* - * Curl_sasl_digest_cleanup() - * - * This is used to clean up the digest specific data. - * - * Parameters: - * - * digest [in/out] - The digest data struct being cleaned up. - * - */ -void Curl_sasl_digest_cleanup(struct digestdata *digest) -{ - Curl_safefree(digest->nonce); - Curl_safefree(digest->cnonce); - Curl_safefree(digest->realm); - Curl_safefree(digest->opaque); - Curl_safefree(digest->qop); - Curl_safefree(digest->algorithm); - - digest->nc = 0; - digest->algo = CURLDIGESTALGO_MD5; /* default algorithm */ - digest->stale = FALSE; /* default means normal, not stale */ -} -#endif /* !USE_WINDOWS_SSPI */ - -#endif /* CURL_DISABLE_CRYPTO_AUTH */ - -#if defined(USE_NTLM) && !defined(USE_WINDOWS_SSPI) -/* - * Curl_sasl_ntlm_cleanup() - * - * This is used to clean up the NTLM specific data. - * - * Parameters: - * - * ntlm [in/out] - The NTLM data struct being cleaned up. - * - */ -void Curl_sasl_ntlm_cleanup(struct ntlmdata *ntlm) -{ - /* Free the target info */ - Curl_safefree(ntlm->target_info); - - /* Reset any variables */ - ntlm->target_info_len = 0; -} -#endif /* USE_NTLM && !USE_WINDOWS_SSPI*/ - -/* - * sasl_create_oauth_bearer_message() - * - * This is used to generate an already encoded OAuth 2.0 message ready for - * sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * user [in] - The user name. - * host [in] - The host name (for OAUTHBEARER). - * port [in] - The port (for OAUTHBEARER when not Port 80). - * bearer [in] - The bearer token. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -static CURLcode sasl_create_oauth_bearer_message(struct SessionHandle *data, - const char *user, - const char *host, - const long port, - const char *bearer, - char **outptr, size_t *outlen) -{ - CURLcode result = CURLE_OK; - char *oauth = NULL; - - /* Generate the message */ - if(host == NULL && (port == 0 || port == 80)) - oauth = aprintf("user=%s\1auth=Bearer %s\1\1", user, bearer); - else if(port == 0 || port == 80) - oauth = aprintf("user=%s\1host=%s\1auth=Bearer %s\1\1", user, host, - bearer); - else - oauth = aprintf("user=%s\1host=%s\1port=%ld\1auth=Bearer %s\1\1", user, - host, port, bearer); - if(!oauth) - return CURLE_OUT_OF_MEMORY; - - /* Base64 encode the reply */ - result = Curl_base64_encode(data, oauth, strlen(oauth), outptr, outlen); - - free(oauth); - - return result; -} - /* * Curl_sasl_cleanup() * @@ -1224,14 +85,14 @@ void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused) #if defined(USE_KERBEROS5) /* Cleanup the gssapi structure */ if(authused == SASL_MECH_GSSAPI) { - Curl_sasl_gssapi_cleanup(&conn->krb5); + Curl_auth_gssapi_cleanup(&conn->krb5); } #endif #if defined(USE_NTLM) /* Cleanup the NTLM structure */ if(authused == SASL_MECH_NTLM) { - Curl_sasl_ntlm_cleanup(&conn->ntlm); + Curl_auth_ntlm_cleanup(&conn->ntlm); } #endif @@ -1396,13 +257,18 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, bool force_ir, saslprogress *progress) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; unsigned int enabledmechs; const char *mech = NULL; char *resp = NULL; size_t len = 0; saslstate state1 = SASL_STOP; saslstate state2 = SASL_FINAL; +#if defined(USE_KERBEROS5) + const char* service = data->set.str[STRING_SERVICE_NAME] ? + data->set.str[STRING_SERVICE_NAME] : + sasl->params->service; +#endif sasl->force_ir = force_ir; /* Latch for future use */ sasl->authused = 0; /* No mechanism used yet */ @@ -1417,11 +283,13 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, sasl->authused = SASL_MECH_EXTERNAL; if(force_ir || data->set.sasl_ir) - result = sasl_create_external_message(data, conn->user, &resp, &len); + result = Curl_auth_create_external_message(data, conn->user, &resp, + &len); } else if(conn->bits.user_passwd) { #if defined(USE_KERBEROS5) - if(enabledmechs & SASL_MECH_GSSAPI) { + if((enabledmechs & SASL_MECH_GSSAPI) && Curl_auth_is_gssapi_supported() && + Curl_auth_user_contains_domain(conn->user)) { sasl->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */ mech = SASL_MECH_STRING_GSSAPI; state1 = SASL_GSSAPI; @@ -1429,9 +297,11 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, sasl->authused = SASL_MECH_GSSAPI; if(force_ir || data->set.sasl_ir) - result = Curl_sasl_create_gssapi_user_message(data, conn->user, + result = Curl_auth_create_gssapi_user_message(data, conn->user, conn->passwd, - sasl->params->service, + service, + data->easy_conn-> + host.name, sasl->mutual_auth, NULL, &conn->krb5, &resp, &len); @@ -1439,7 +309,8 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, else #endif #ifndef CURL_DISABLE_CRYPTO_AUTH - if(enabledmechs & SASL_MECH_DIGEST_MD5) { + if((enabledmechs & SASL_MECH_DIGEST_MD5) && + Curl_auth_is_digest_supported()) { mech = SASL_MECH_STRING_DIGEST_MD5; state1 = SASL_DIGESTMD5; sasl->authused = SASL_MECH_DIGEST_MD5; @@ -1452,14 +323,14 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, else #endif #ifdef USE_NTLM - if(enabledmechs & SASL_MECH_NTLM) { + if((enabledmechs & SASL_MECH_NTLM) && Curl_auth_is_ntlm_supported()) { mech = SASL_MECH_STRING_NTLM; state1 = SASL_NTLM; state2 = SASL_NTLM_TYPE2MSG; sasl->authused = SASL_MECH_NTLM; if(force_ir || data->set.sasl_ir) - result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd, + result = Curl_auth_create_ntlm_type1_message(conn->user, conn->passwd, &conn->ntlm, &resp, &len); } else @@ -1471,11 +342,11 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, sasl->authused = SASL_MECH_OAUTHBEARER; if(force_ir || data->set.sasl_ir) - result = sasl_create_oauth_bearer_message(data, conn->user, - conn->host.name, - conn->port, - conn->oauth_bearer, - &resp, &len); + result = Curl_auth_create_oauth_bearer_message(data, conn->user, + conn->host.name, + conn->port, + conn->oauth_bearer, + &resp, &len); } else if((enabledmechs & SASL_MECH_XOAUTH2) && conn->oauth_bearer) { mech = SASL_MECH_STRING_XOAUTH2; @@ -1483,10 +354,10 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, sasl->authused = SASL_MECH_XOAUTH2; if(force_ir || data->set.sasl_ir) - result = sasl_create_oauth_bearer_message(data, conn->user, - NULL, 0, - conn->oauth_bearer, - &resp, &len); + result = Curl_auth_create_oauth_bearer_message(data, conn->user, + NULL, 0, + conn->oauth_bearer, + &resp, &len); } else if(enabledmechs & SASL_MECH_LOGIN) { mech = SASL_MECH_STRING_LOGIN; @@ -1495,7 +366,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, sasl->authused = SASL_MECH_LOGIN; if(force_ir || data->set.sasl_ir) - result = sasl_create_login_message(data, conn->user, &resp, &len); + result = Curl_auth_create_login_message(data, conn->user, &resp, &len); } else if(enabledmechs & SASL_MECH_PLAIN) { mech = SASL_MECH_STRING_PLAIN; @@ -1503,24 +374,22 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, sasl->authused = SASL_MECH_PLAIN; if(force_ir || data->set.sasl_ir) - result = sasl_create_plain_message(data, conn->user, conn->passwd, - &resp, &len); + result = Curl_auth_create_plain_message(data, conn->user, conn->passwd, + &resp, &len); } } - if(!result) { + if(!result && mech) { if(resp && sasl->params->maxirlen && strlen(mech) + len > sasl->params->maxirlen) { free(resp); resp = NULL; } - if(mech) { - result = sasl->params->sendauth(conn, mech, resp); - if(!result) { - *progress = SASL_INPROGRESS; - state(sasl, conn, resp? state2: state1); - } + result = sasl->params->sendauth(conn, mech, resp); + if(!result) { + *progress = SASL_INPROGRESS; + state(sasl, conn, resp ? state2 : state1); } } @@ -1538,13 +407,18 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, int code, saslprogress *progress) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; saslstate newstate = SASL_FINAL; char *resp = NULL; #if !defined(CURL_DISABLE_CRYPTO_AUTH) char *serverdata; char *chlg = NULL; size_t chlglen = 0; +#endif +#if !defined(CURL_DISABLE_CRYPTO_AUTH) || defined(USE_KERBEROS5) + const char *service = data->set.str[STRING_SERVICE_NAME] ? + data->set.str[STRING_SERVICE_NAME] : + sasl->params->service; #endif size_t len = 0; @@ -1570,34 +444,35 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, *progress = SASL_DONE; return result; case SASL_PLAIN: - result = sasl_create_plain_message(data, conn->user, conn->passwd, &resp, - &len); + result = Curl_auth_create_plain_message(data, conn->user, conn->passwd, + &resp, + &len); break; case SASL_LOGIN: - result = sasl_create_login_message(data, conn->user, &resp, &len); + result = Curl_auth_create_login_message(data, conn->user, &resp, &len); newstate = SASL_LOGIN_PASSWD; break; case SASL_LOGIN_PASSWD: - result = sasl_create_login_message(data, conn->passwd, &resp, &len); + result = Curl_auth_create_login_message(data, conn->passwd, &resp, &len); break; case SASL_EXTERNAL: - result = sasl_create_external_message(data, conn->user, &resp, &len); + result = Curl_auth_create_external_message(data, conn->user, &resp, &len); break; #ifndef CURL_DISABLE_CRYPTO_AUTH case SASL_CRAMMD5: sasl->params->getmessage(data->state.buffer, &serverdata); - result = sasl_decode_cram_md5_message(serverdata, &chlg, &chlglen); + result = Curl_auth_decode_cram_md5_message(serverdata, &chlg, &chlglen); if(!result) - result = sasl_create_cram_md5_message(data, chlg, conn->user, - conn->passwd, &resp, &len); + result = Curl_auth_create_cram_md5_message(data, chlg, conn->user, + conn->passwd, &resp, &len); free(chlg); break; case SASL_DIGESTMD5: sasl->params->getmessage(data->state.buffer, &serverdata); - result = Curl_sasl_create_digest_md5_message(data, serverdata, + result = Curl_auth_create_digest_md5_message(data, serverdata, conn->user, conn->passwd, - sasl->params->service, + service, &resp, &len); newstate = SASL_DIGESTMD5_RESP; break; @@ -1611,17 +486,17 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, #ifdef USE_NTLM case SASL_NTLM: /* Create the type-1 message */ - result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd, + result = Curl_auth_create_ntlm_type1_message(conn->user, conn->passwd, &conn->ntlm, &resp, &len); newstate = SASL_NTLM_TYPE2MSG; break; case SASL_NTLM_TYPE2MSG: /* Decode the type-2 message */ sasl->params->getmessage(data->state.buffer, &serverdata); - result = Curl_sasl_decode_ntlm_type2_message(data, serverdata, + result = Curl_auth_decode_ntlm_type2_message(data, serverdata, &conn->ntlm); if(!result) - result = Curl_sasl_create_ntlm_type3_message(data, conn->user, + result = Curl_auth_create_ntlm_type3_message(data, conn->user, conn->passwd, &conn->ntlm, &resp, &len); break; @@ -1629,9 +504,10 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, #if defined(USE_KERBEROS5) case SASL_GSSAPI: - result = Curl_sasl_create_gssapi_user_message(data, conn->user, + result = Curl_auth_create_gssapi_user_message(data, conn->user, conn->passwd, - sasl->params->service, + service, + data->easy_conn->host.name, sasl->mutual_auth, NULL, &conn->krb5, &resp, &len); @@ -1642,7 +518,8 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, if(sasl->mutual_auth) { /* Decode the user token challenge and create the optional response message */ - result = Curl_sasl_create_gssapi_user_message(data, NULL, NULL, NULL, + result = Curl_auth_create_gssapi_user_message(data, NULL, NULL, + NULL, NULL, sasl->mutual_auth, serverdata, &conn->krb5, &resp, &len); @@ -1650,14 +527,14 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, } else /* Decode the security challenge and create the response message */ - result = Curl_sasl_create_gssapi_security_message(data, serverdata, + result = Curl_auth_create_gssapi_security_message(data, serverdata, &conn->krb5, &resp, &len); break; case SASL_GSSAPI_NO_DATA: sasl->params->getmessage(data->state.buffer, &serverdata); /* Decode the security challenge and create the response message */ - result = Curl_sasl_create_gssapi_security_message(data, serverdata, + result = Curl_auth_create_gssapi_security_message(data, serverdata, &conn->krb5, &resp, &len); break; @@ -1666,20 +543,20 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, case SASL_OAUTH2: /* Create the authorisation message */ if(sasl->authused == SASL_MECH_OAUTHBEARER) { - result = sasl_create_oauth_bearer_message(data, conn->user, - conn->host.name, - conn->port, - conn->oauth_bearer, - &resp, &len); + result = Curl_auth_create_oauth_bearer_message(data, conn->user, + conn->host.name, + conn->port, + conn->oauth_bearer, + &resp, &len); /* Failures maybe sent by the server as continuations for OAUTHBEARER */ newstate = SASL_OAUTH2_RESP; } else - result = sasl_create_oauth_bearer_message(data, conn->user, - NULL, 0, - conn->oauth_bearer, - &resp, &len); + result = Curl_auth_create_oauth_bearer_message(data, conn->user, + NULL, 0, + conn->oauth_bearer, + &resp, &len); break; case SASL_OAUTH2_RESP: diff --git a/lib/curl_sasl.h b/lib/curl_sasl.h index 2175e03d4..7647a48be 100644 --- a/lib/curl_sasl.h +++ b/lib/curl_sasl.h @@ -24,21 +24,9 @@ #include -struct SessionHandle; +struct Curl_easy; struct connectdata; -#if !defined(CURL_DISABLE_CRYPTO_AUTH) -struct digestdata; -#endif - -#if defined(USE_NTLM) -struct ntlmdata; -#endif - -#if defined(USE_KERBEROS5) -struct kerberos5data; -#endif - /* Authentication mechanism flags */ #define SASL_MECH_LOGIN (1 << 0) #define SASL_MECH_PLAIN (1 << 1) @@ -66,16 +54,6 @@ struct kerberos5data; #define SASL_MECH_STRING_XOAUTH2 "XOAUTH2" #define SASL_MECH_STRING_OAUTHBEARER "OAUTHBEARER" -#if !defined(CURL_DISABLE_CRYPTO_AUTH) -#define DIGEST_MAX_VALUE_LENGTH 256 -#define DIGEST_MAX_CONTENT_LENGTH 1024 -#endif - -enum { - CURLDIGESTALGO_MD5, - CURLDIGESTALGO_MD5SESS -}; - /* SASL machine states */ typedef enum { SASL_STOP, @@ -136,96 +114,6 @@ struct SASL { (wordlen == (sizeof(mech) - 1) / sizeof(char) && \ !memcmp(line, mech, wordlen)) -/* This is used to build a SPN string */ -#if !defined(USE_WINDOWS_SSPI) -char *Curl_sasl_build_spn(const char *service, const char *instance); -#else -TCHAR *Curl_sasl_build_spn(const char *service, const char *instance); -#endif - -#if defined(HAVE_GSSAPI) -char *Curl_sasl_build_gssapi_spn(const char *service, const char *instance); -#endif - -#ifndef CURL_DISABLE_CRYPTO_AUTH -/* This is used to extract the realm from a challenge message */ -bool Curl_sasl_digest_get_pair(const char *str, char *value, char *content, - const char **endptr); - -/* This is used to generate a base64 encoded DIGEST-MD5 response message */ -CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, - const char *chlg64, - const char *userp, - const char *passwdp, - const char *service, - char **outptr, size_t *outlen); - -/* This is used to decode a HTTP DIGEST challenge message */ -CURLcode Curl_sasl_decode_digest_http_message(const char *chlg, - struct digestdata *digest); - -/* This is used to generate a HTTP DIGEST response message */ -CURLcode Curl_sasl_create_digest_http_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - const unsigned char *request, - const unsigned char *uri, - struct digestdata *digest, - char **outptr, size_t *outlen); - -/* This is used to clean up the digest specific data */ -void Curl_sasl_digest_cleanup(struct digestdata *digest); -#endif - -#ifdef USE_NTLM -/* This is used to generate a base64 encoded NTLM type-1 message */ -CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp, - const char *passwdp, - struct ntlmdata *ntlm, - char **outptr, - size_t *outlen); - -/* This is used to decode a base64 encoded NTLM type-2 message */ -CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data, - const char *type2msg, - struct ntlmdata *ntlm); - -/* This is used to generate a base64 encoded NTLM type-3 message */ -CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - struct ntlmdata *ntlm, - char **outptr, size_t *outlen); - -/* This is used to clean up the ntlm specific data */ -void Curl_sasl_ntlm_cleanup(struct ntlmdata *ntlm); - -#endif /* USE_NTLM */ - -#if defined(USE_KERBEROS5) -/* This is used to generate a base64 encoded GSSAPI (Kerberos V5) user token - message */ -CURLcode Curl_sasl_create_gssapi_user_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - const char *service, - const bool mutual, - const char *chlg64, - struct kerberos5data *krb5, - char **outptr, size_t *outlen); - -/* This is used to generate a base64 encoded GSSAPI (Kerberos V5) security - token message */ -CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, - const char *input, - struct kerberos5data *krb5, - char **outptr, - size_t *outlen); - -/* This is used to clean up the gssapi specific data */ -void Curl_sasl_gssapi_cleanup(struct kerberos5data *krb5); -#endif /* USE_KERBEROS5 */ - /* This is used to cleanup any libraries or curl modules used by the sasl functions */ void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused); diff --git a/lib/curl_sasl_gssapi.c b/lib/curl_sasl_gssapi.c deleted file mode 100644 index dcc0498b9..000000000 --- a/lib/curl_sasl_gssapi.c +++ /dev/null @@ -1,392 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 2014 - 2016, Steve Holme, . - * Copyright (C) 2015, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism - * - ***************************************************************************/ - -#include "curl_setup.h" - -#if defined(HAVE_GSSAPI) && defined(USE_KERBEROS5) - -#include - -#include "curl_sasl.h" -#include "urldata.h" -#include "curl_base64.h" -#include "curl_gssapi.h" -#include "sendf.h" -#include "curl_printf.h" - -/* The last #include files should be: */ -#include "curl_memory.h" -#include "memdebug.h" - -/* -* Curl_sasl_build_gssapi_spn() -* -* This is used to build a SPN string in the format service@instance. -* -* Parameters: -* -* service [in] - The service type such as www, smtp, pop or imap. -* instance [in] - The host name or realm. -* -* Returns a pointer to the newly allocated SPN. -*/ -char *Curl_sasl_build_gssapi_spn(const char *service, const char *instance) -{ - /* Generate and return our SPN */ - return aprintf("%s@%s", service, instance); -} - -/* - * Curl_sasl_create_gssapi_user_message() - * - * This is used to generate an already encoded GSSAPI (Kerberos V5) user token - * message ready for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * userp [in] - The user name. - * passdwp [in] - The user's password. - * service [in] - The service type such as www, smtp, pop or imap. - * mutual_auth [in] - Flag specifing whether or not mutual authentication - * is enabled. - * chlg64 [in] - Pointer to the optional base64 encoded challenge - * message. - * krb5 [in/out] - The Kerberos 5 data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_gssapi_user_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - const char *service, - const bool mutual_auth, - const char *chlg64, - struct kerberos5data *krb5, - char **outptr, size_t *outlen) -{ - CURLcode result = CURLE_OK; - size_t chlglen = 0; - unsigned char *chlg = NULL; - OM_uint32 gss_status; - OM_uint32 gss_major_status; - OM_uint32 gss_minor_status; - gss_buffer_desc spn_token = GSS_C_EMPTY_BUFFER; - gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; - gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; - - (void) userp; - (void) passwdp; - - if(krb5->context == GSS_C_NO_CONTEXT) { - /* Generate our SPN */ - char *spn = Curl_sasl_build_gssapi_spn(service, - data->easy_conn->host.name); - if(!spn) - return CURLE_OUT_OF_MEMORY; - - /* Populate the SPN structure */ - spn_token.value = spn; - spn_token.length = strlen(spn); - - /* Import the SPN */ - gss_major_status = gss_import_name(&gss_minor_status, &spn_token, - GSS_C_NT_HOSTBASED_SERVICE, &krb5->spn); - if(GSS_ERROR(gss_major_status)) { - Curl_gss_log_error(data, gss_minor_status, "gss_import_name() failed: "); - - free(spn); - - return CURLE_OUT_OF_MEMORY; - } - - free(spn); - } - else { - /* Decode the base-64 encoded challenge message */ - if(strlen(chlg64) && *chlg64 != '=') { - result = Curl_base64_decode(chlg64, &chlg, &chlglen); - if(result) - return result; - } - - /* Ensure we have a valid challenge message */ - if(!chlg) { - infof(data, "GSSAPI handshake failure (empty challenge message)\n"); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Setup the challenge "input" security buffer */ - input_token.value = chlg; - input_token.length = chlglen; - } - - gss_major_status = Curl_gss_init_sec_context(data, - &gss_minor_status, - &krb5->context, - krb5->spn, - &Curl_krb5_mech_oid, - GSS_C_NO_CHANNEL_BINDINGS, - &input_token, - &output_token, - mutual_auth, - NULL); - - free(input_token.value); - - if(GSS_ERROR(gss_major_status)) { - if(output_token.value) - gss_release_buffer(&gss_status, &output_token); - - Curl_gss_log_error(data, gss_minor_status, - "gss_init_sec_context() failed: "); - - return CURLE_RECV_ERROR; - } - - if(output_token.value && output_token.length) { - /* Base64 encode the response */ - result = Curl_base64_encode(data, (char *) output_token.value, - output_token.length, outptr, outlen); - - gss_release_buffer(&gss_status, &output_token); - } - - return result; -} - -/* - * Curl_sasl_create_gssapi_security_message() - * - * This is used to generate an already encoded GSSAPI (Kerberos V5) security - * token message ready for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * chlg64 [in] - Pointer to the optional base64 encoded challenge message. - * krb5 [in/out] - The Kerberos 5 data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, - const char *chlg64, - struct kerberos5data *krb5, - char **outptr, - size_t *outlen) -{ - CURLcode result = CURLE_OK; - size_t chlglen = 0; - size_t messagelen = 0; - unsigned char *chlg = NULL; - unsigned char *message = NULL; - OM_uint32 gss_status; - OM_uint32 gss_major_status; - OM_uint32 gss_minor_status; - gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; - gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; - unsigned int indata = 0; - unsigned int outdata = 0; - gss_qop_t qop = GSS_C_QOP_DEFAULT; - unsigned int sec_layer = 0; - unsigned int max_size = 0; - gss_name_t username = GSS_C_NO_NAME; - gss_buffer_desc username_token; - - /* Decode the base-64 encoded input message */ - if(strlen(chlg64) && *chlg64 != '=') { - result = Curl_base64_decode(chlg64, &chlg, &chlglen); - if(result) - return result; - } - - /* Ensure we have a valid challenge message */ - if(!chlg) { - infof(data, "GSSAPI handshake failure (empty security message)\n"); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Get the fully qualified username back from the context */ - gss_major_status = gss_inquire_context(&gss_minor_status, krb5->context, - &username, NULL, NULL, NULL, NULL, - NULL, NULL); - if(GSS_ERROR(gss_major_status)) { - Curl_gss_log_error(data, gss_minor_status, - "gss_inquire_context() failed: "); - - free(chlg); - - return CURLE_OUT_OF_MEMORY; - } - - /* Convert the username from internal format to a displayable token */ - gss_major_status = gss_display_name(&gss_minor_status, username, - &username_token, NULL); - if(GSS_ERROR(gss_major_status)) { - Curl_gss_log_error(data, gss_minor_status, "gss_display_name() failed: "); - - free(chlg); - - return CURLE_OUT_OF_MEMORY; - } - - /* Setup the challenge "input" security buffer */ - input_token.value = chlg; - input_token.length = chlglen; - - /* Decrypt the inbound challenge and obtain the qop */ - gss_major_status = gss_unwrap(&gss_minor_status, krb5->context, &input_token, - &output_token, NULL, &qop); - if(GSS_ERROR(gss_major_status)) { - Curl_gss_log_error(data, gss_minor_status, "gss_unwrap() failed: "); - - gss_release_buffer(&gss_status, &username_token); - free(chlg); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Not 4 octets long so fail as per RFC4752 Section 3.1 */ - if(output_token.length != 4) { - infof(data, "GSSAPI handshake failure (invalid security data)\n"); - - gss_release_buffer(&gss_status, &username_token); - free(chlg); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Copy the data out and free the challenge as it is not required anymore */ - memcpy(&indata, output_token.value, 4); - gss_release_buffer(&gss_status, &output_token); - free(chlg); - - /* Extract the security layer */ - sec_layer = indata & 0x000000FF; - if(!(sec_layer & GSSAUTH_P_NONE)) { - infof(data, "GSSAPI handshake failure (invalid security layer)\n"); - - gss_release_buffer(&gss_status, &username_token); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Extract the maximum message size the server can receive */ - max_size = ntohl(indata & 0xFFFFFF00); - if(max_size > 0) { - /* The server has told us it supports a maximum receive buffer, however, as - we don't require one unless we are encrypting data, we tell the server - our receive buffer is zero. */ - max_size = 0; - } - - /* Allocate our message */ - messagelen = sizeof(outdata) + username_token.length + 1; - message = malloc(messagelen); - if(!message) { - gss_release_buffer(&gss_status, &username_token); - - return CURLE_OUT_OF_MEMORY; - } - - /* Populate the message with the security layer, client supported receive - message size and authorization identity including the 0x00 based - terminator. Note: Dispite RFC4752 Section 3.1 stating "The authorization - identity is not terminated with the zero-valued (%x00) octet." it seems - necessary to include it. */ - outdata = htonl(max_size) | sec_layer; - memcpy(message, &outdata, sizeof(outdata)); - memcpy(message + sizeof(outdata), username_token.value, - username_token.length); - message[messagelen - 1] = '\0'; - - /* Free the username token as it is not required anymore */ - gss_release_buffer(&gss_status, &username_token); - - /* Setup the "authentication data" security buffer */ - input_token.value = message; - input_token.length = messagelen; - - /* Encrypt the data */ - gss_major_status = gss_wrap(&gss_minor_status, krb5->context, 0, - GSS_C_QOP_DEFAULT, &input_token, NULL, - &output_token); - if(GSS_ERROR(gss_major_status)) { - Curl_gss_log_error(data, gss_minor_status, "gss_wrap() failed: "); - - free(message); - - return CURLE_OUT_OF_MEMORY; - } - - /* Base64 encode the response */ - result = Curl_base64_encode(data, (char *) output_token.value, - output_token.length, outptr, outlen); - - /* Free the output buffer */ - gss_release_buffer(&gss_status, &output_token); - - /* Free the message buffer */ - free(message); - - return result; -} - -/* - * Curl_sasl_gssapi_cleanup() - * - * This is used to clean up the GSSAPI (Kerberos V5) specific data. - * - * Parameters: - * - * krb5 [in/out] - The Kerberos 5 data struct being cleaned up. - * - */ -void Curl_sasl_gssapi_cleanup(struct kerberos5data *krb5) -{ - OM_uint32 minor_status; - - /* Free our security context */ - if(krb5->context != GSS_C_NO_CONTEXT) { - gss_delete_sec_context(&minor_status, &krb5->context, GSS_C_NO_BUFFER); - krb5->context = GSS_C_NO_CONTEXT; - } - - /* Free the SPN */ - if(krb5->spn != GSS_C_NO_NAME) { - gss_release_name(&minor_status, &krb5->spn); - krb5->spn = GSS_C_NO_NAME; - } -} - -#endif /* HAVE_GSSAPI && USE_KERBEROS5 */ diff --git a/lib/curl_sasl_sspi.c b/lib/curl_sasl_sspi.c deleted file mode 100644 index f46376cc4..000000000 --- a/lib/curl_sasl_sspi.c +++ /dev/null @@ -1,1295 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 2014 - 2016 Daniel Stenberg, , et al. - * Copyright (C) 2014 - 2016, Steve Holme, . - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * RFC2617 Basic and Digest Access Authentication - * RFC2831 DIGEST-MD5 authentication - * RFC4422 Simple Authentication and Security Layer (SASL) - * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism - * - ***************************************************************************/ - -#include "curl_setup.h" - -#if defined(USE_WINDOWS_SSPI) - -#include - -#include "curl_sasl.h" -#include "urldata.h" -#include "curl_base64.h" -#include "warnless.h" -#include "curl_multibyte.h" -#include "sendf.h" -#include "strdup.h" -#include "curl_printf.h" -#include "rawstr.h" - -/* The last #include files should be: */ -#include "curl_memory.h" -#include "memdebug.h" - -/* - * Curl_sasl_build_spn() - * - * This is used to build a SPN string in the format service/instance. - * - * Parameters: - * - * serivce [in] - The service type such as www, smtp, pop or imap. - * instance [in] - The host name or realm. - * - * Returns a pointer to the newly allocated SPN. - */ -TCHAR *Curl_sasl_build_spn(const char *service, const char *instance) -{ - char *utf8_spn = NULL; - TCHAR *tchar_spn = NULL; - - /* Note: We could use DsMakeSPN() or DsClientMakeSpnForTargetServer() rather - than doing this ourselves but the first is only available in Windows XP - and Windows Server 2003 and the latter is only available in Windows 2000 - but not Windows95/98/ME or Windows NT4.0 unless the Active Directory - Client Extensions are installed. As such it is far simpler for us to - formulate the SPN instead. */ - - /* Allocate our UTF8 based SPN */ - utf8_spn = aprintf("%s/%s", service, instance); - if(!utf8_spn) { - return NULL; - } - - /* Allocate our TCHAR based SPN */ - tchar_spn = Curl_convert_UTF8_to_tchar(utf8_spn); - if(!tchar_spn) { - free(utf8_spn); - - return NULL; - } - - /* Release the UTF8 variant when operating with Unicode */ - Curl_unicodefree(utf8_spn); - - /* Return our newly allocated SPN */ - return tchar_spn; -} - -#if !defined(CURL_DISABLE_CRYPTO_AUTH) -/* - * Curl_sasl_create_digest_md5_message() - * - * This is used to generate an already encoded DIGEST-MD5 response message - * ready for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * chlg64 [in] - The base64 encoded challenge message. - * userp [in] - The user name in the format User or Domain\User. - * passdwp [in] - The user's password. - * service [in] - The service type such as www, smtp, pop or imap. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, - const char *chlg64, - const char *userp, - const char *passwdp, - const char *service, - char **outptr, size_t *outlen) -{ - CURLcode result = CURLE_OK; - TCHAR *spn = NULL; - size_t chlglen = 0; - size_t token_max = 0; - unsigned char *input_token = NULL; - unsigned char *output_token = NULL; - CredHandle credentials; - CtxtHandle context; - PSecPkgInfo SecurityPackage; - SEC_WINNT_AUTH_IDENTITY identity; - SEC_WINNT_AUTH_IDENTITY *p_identity; - SecBuffer chlg_buf; - SecBuffer resp_buf; - SecBufferDesc chlg_desc; - SecBufferDesc resp_desc; - SECURITY_STATUS status; - unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ - - /* Decode the base-64 encoded challenge message */ - if(strlen(chlg64) && *chlg64 != '=') { - result = Curl_base64_decode(chlg64, &input_token, &chlglen); - if(result) - return result; - } - - /* Ensure we have a valid challenge message */ - if(!input_token) { - infof(data, "DIGEST-MD5 handshake failure (empty challenge message)\n"); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Query the security package for DigestSSP */ - status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST), - &SecurityPackage); - if(status != SEC_E_OK) { - free(input_token); - - return CURLE_NOT_BUILT_IN; - } - - token_max = SecurityPackage->cbMaxToken; - - /* Release the package buffer as it is not required anymore */ - s_pSecFn->FreeContextBuffer(SecurityPackage); - - /* Allocate our response buffer */ - output_token = malloc(token_max); - if(!output_token) { - free(input_token); - - return CURLE_OUT_OF_MEMORY; - } - - /* Generate our SPN */ - spn = Curl_sasl_build_spn(service, data->easy_conn->host.name); - if(!spn) { - free(output_token); - free(input_token); - - return CURLE_OUT_OF_MEMORY; - } - - if(userp && *userp) { - /* Populate our identity structure */ - result = Curl_create_sspi_identity(userp, passwdp, &identity); - if(result) { - free(spn); - free(output_token); - free(input_token); - - return result; - } - - /* Allow proper cleanup of the identity structure */ - p_identity = &identity; - } - else - /* Use the current Windows user */ - p_identity = NULL; - - /* Acquire our credentials handle */ - status = s_pSecFn->AcquireCredentialsHandle(NULL, - (TCHAR *) TEXT(SP_NAME_DIGEST), - SECPKG_CRED_OUTBOUND, NULL, - p_identity, NULL, NULL, - &credentials, &expiry); - - if(status != SEC_E_OK) { - Curl_sspi_free_identity(p_identity); - free(spn); - free(output_token); - free(input_token); - - return CURLE_LOGIN_DENIED; - } - - /* Setup the challenge "input" security buffer */ - chlg_desc.ulVersion = SECBUFFER_VERSION; - chlg_desc.cBuffers = 1; - chlg_desc.pBuffers = &chlg_buf; - chlg_buf.BufferType = SECBUFFER_TOKEN; - chlg_buf.pvBuffer = input_token; - chlg_buf.cbBuffer = curlx_uztoul(chlglen); - - /* Setup the response "output" security buffer */ - resp_desc.ulVersion = SECBUFFER_VERSION; - resp_desc.cBuffers = 1; - resp_desc.pBuffers = &resp_buf; - resp_buf.BufferType = SECBUFFER_TOKEN; - resp_buf.pvBuffer = output_token; - resp_buf.cbBuffer = curlx_uztoul(token_max); - - /* Generate our response message */ - status = s_pSecFn->InitializeSecurityContext(&credentials, NULL, spn, - 0, 0, 0, &chlg_desc, 0, - &context, &resp_desc, &attrs, - &expiry); - - if(status == SEC_I_COMPLETE_NEEDED || - status == SEC_I_COMPLETE_AND_CONTINUE) - s_pSecFn->CompleteAuthToken(&credentials, &resp_desc); - else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) { - s_pSecFn->FreeCredentialsHandle(&credentials); - Curl_sspi_free_identity(p_identity); - free(spn); - free(output_token); - free(input_token); - - return CURLE_RECV_ERROR; - } - - /* Base64 encode the response */ - result = Curl_base64_encode(data, (char *) output_token, resp_buf.cbBuffer, - outptr, outlen); - - /* Free our handles */ - s_pSecFn->DeleteSecurityContext(&context); - s_pSecFn->FreeCredentialsHandle(&credentials); - - /* Free the identity structure */ - Curl_sspi_free_identity(p_identity); - - /* Free the SPN */ - free(spn); - - /* Free the response buffer */ - free(output_token); - - /* Free the decoded challenge message */ - free(input_token); - - return result; -} - -/* - * Curl_override_sspi_http_realm() - * - * This is used to populate the domain in a SSPI identity structure - * The realm is extracted from the challenge message and used as the - * domain if it is not already explicitly set. - * - * Parameters: - * - * chlg [in] - The challenge message. - * identity [in/out] - The identity structure. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_override_sspi_http_realm(const char *chlg, - SEC_WINNT_AUTH_IDENTITY *identity) -{ - xcharp_u domain, dup_domain; - - /* If domain is blank or unset, check challenge message for realm */ - if(!identity->Domain || !identity->DomainLength) { - for(;;) { - char value[DIGEST_MAX_VALUE_LENGTH]; - char content[DIGEST_MAX_CONTENT_LENGTH]; - - /* Pass all additional spaces here */ - while(*chlg && ISSPACE(*chlg)) - chlg++; - - /* Extract a value=content pair */ - if(Curl_sasl_digest_get_pair(chlg, value, content, &chlg)) { - if(Curl_raw_equal(value, "realm")) { - - /* Setup identity's domain and length */ - domain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)content); - if(!domain.tchar_ptr) - return CURLE_OUT_OF_MEMORY; - dup_domain.tchar_ptr = _tcsdup(domain.tchar_ptr); - if(!dup_domain.tchar_ptr) { - Curl_unicodefree(domain.tchar_ptr); - return CURLE_OUT_OF_MEMORY; - } - free(identity->Domain); - identity->Domain = dup_domain.tbyte_ptr; - identity->DomainLength = curlx_uztoul(_tcslen(dup_domain.tchar_ptr)); - dup_domain.tchar_ptr = NULL; - - Curl_unicodefree(domain.tchar_ptr); - } - else { - /* unknown specifier, ignore it! */ - } - } - else - break; /* we're done here */ - - /* Pass all additional spaces here */ - while(*chlg && ISSPACE(*chlg)) - chlg++; - - /* Allow the list to be comma-separated */ - if(',' == *chlg) - chlg++; - } - } - - return CURLE_OK; -} - -/* - * Curl_sasl_decode_digest_http_message() - * - * This is used to decode a HTTP DIGEST challenge message into the seperate - * attributes. - * - * Parameters: - * - * chlg [in] - The challenge message. - * digest [in/out] - The digest data struct being used and modified. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_decode_digest_http_message(const char *chlg, - struct digestdata *digest) -{ - size_t chlglen = strlen(chlg); - - /* We had an input token before and we got another one now. This means we - provided bad credentials in the previous request. */ - if(digest->input_token) - return CURLE_BAD_CONTENT_ENCODING; - - /* Simply store the challenge for use later */ - digest->input_token = (BYTE *) Curl_memdup(chlg, chlglen); - if(!digest->input_token) - return CURLE_OUT_OF_MEMORY; - - digest->input_token_len = chlglen; - - return CURLE_OK; -} - -/* - * Curl_sasl_create_digest_http_message() - * - * This is used to generate a HTTP DIGEST response message ready for sending - * to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * userp [in] - The user name in the format User or Domain\User. - * passdwp [in] - The user's password. - * request [in] - The HTTP request. - * uripath [in] - The path of the HTTP uri. - * digest [in/out] - The digest data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_digest_http_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - const unsigned char *request, - const unsigned char *uripath, - struct digestdata *digest, - char **outptr, size_t *outlen) -{ - size_t token_max; - CredHandle credentials; - CtxtHandle context; - char *resp; - BYTE *output_token; - PSecPkgInfo SecurityPackage; - SEC_WINNT_AUTH_IDENTITY identity; - SEC_WINNT_AUTH_IDENTITY *p_identity; - SecBuffer chlg_buf[3]; - SecBuffer resp_buf; - SecBufferDesc chlg_desc; - SecBufferDesc resp_desc; - SECURITY_STATUS status; - unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ - TCHAR *spn; - - (void) data; - - /* Query the security package for DigestSSP */ - status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST), - &SecurityPackage); - if(status != SEC_E_OK) - return CURLE_NOT_BUILT_IN; - - token_max = SecurityPackage->cbMaxToken; - - /* Release the package buffer as it is not required anymore */ - s_pSecFn->FreeContextBuffer(SecurityPackage); - - /* Allocate the output buffer according to the max token size as indicated - by the security package */ - output_token = malloc(token_max); - if(!output_token) - return CURLE_OUT_OF_MEMORY; - - if(userp && *userp) { - /* Populate our identity structure */ - if(Curl_create_sspi_identity(userp, passwdp, &identity)) - return CURLE_OUT_OF_MEMORY; - - /* Populate our identity domain */ - if(Curl_override_sspi_http_realm((const char*)digest->input_token, - &identity)) - return CURLE_OUT_OF_MEMORY; - - /* Allow proper cleanup of the identity structure */ - p_identity = &identity; - } - else - /* Use the current Windows user */ - p_identity = NULL; - - /* Acquire our credentials handle */ - status = s_pSecFn->AcquireCredentialsHandle(NULL, - (TCHAR *) TEXT(SP_NAME_DIGEST), - SECPKG_CRED_OUTBOUND, NULL, - p_identity, NULL, NULL, - &credentials, &expiry); - if(status != SEC_E_OK) { - Curl_sspi_free_identity(p_identity); - free(output_token); - - return CURLE_LOGIN_DENIED; - } - - /* Setup the challenge "input" security buffer if present */ - chlg_desc.ulVersion = SECBUFFER_VERSION; - chlg_desc.cBuffers = 3; - chlg_desc.pBuffers = chlg_buf; - chlg_buf[0].BufferType = SECBUFFER_TOKEN; - chlg_buf[0].pvBuffer = digest->input_token; - chlg_buf[0].cbBuffer = curlx_uztoul(digest->input_token_len); - chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS; - chlg_buf[1].pvBuffer = (void *)request; - chlg_buf[1].cbBuffer = curlx_uztoul(strlen((const char *) request)); - chlg_buf[2].BufferType = SECBUFFER_PKG_PARAMS; - chlg_buf[2].pvBuffer = NULL; - chlg_buf[2].cbBuffer = 0; - - /* Setup the response "output" security buffer */ - resp_desc.ulVersion = SECBUFFER_VERSION; - resp_desc.cBuffers = 1; - resp_desc.pBuffers = &resp_buf; - resp_buf.BufferType = SECBUFFER_TOKEN; - resp_buf.pvBuffer = output_token; - resp_buf.cbBuffer = curlx_uztoul(token_max); - - spn = Curl_convert_UTF8_to_tchar((char *) uripath); - if(!spn) { - Curl_sspi_free_identity(p_identity); - free(output_token); - - return CURLE_OUT_OF_MEMORY; - } - - /* Generate our reponse message */ - status = s_pSecFn->InitializeSecurityContext(&credentials, NULL, - spn, - ISC_REQ_USE_HTTP_STYLE, 0, 0, - &chlg_desc, 0, &context, - &resp_desc, &attrs, &expiry); - Curl_unicodefree(spn); - - if(status == SEC_I_COMPLETE_NEEDED || - status == SEC_I_COMPLETE_AND_CONTINUE) - s_pSecFn->CompleteAuthToken(&credentials, &resp_desc); - else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) { - s_pSecFn->FreeCredentialsHandle(&credentials); - - Curl_sspi_free_identity(p_identity); - free(output_token); - - return CURLE_OUT_OF_MEMORY; - } - - resp = malloc(resp_buf.cbBuffer + 1); - if(!resp) { - s_pSecFn->DeleteSecurityContext(&context); - s_pSecFn->FreeCredentialsHandle(&credentials); - - Curl_sspi_free_identity(p_identity); - free(output_token); - - return CURLE_OUT_OF_MEMORY; - } - - /* Copy the generated reponse */ - memcpy(resp, resp_buf.pvBuffer, resp_buf.cbBuffer); - resp[resp_buf.cbBuffer] = 0x00; - - /* Return the response */ - *outptr = resp; - *outlen = resp_buf.cbBuffer; - - /* Free our handles */ - s_pSecFn->DeleteSecurityContext(&context); - s_pSecFn->FreeCredentialsHandle(&credentials); - - /* Free the identity structure */ - Curl_sspi_free_identity(p_identity); - - /* Free the response buffer */ - free(output_token); - - return CURLE_OK; -} - -/* - * Curl_sasl_digest_cleanup() - * - * This is used to clean up the digest specific data. - * - * Parameters: - * - * digest [in/out] - The digest data struct being cleaned up. - * - */ -void Curl_sasl_digest_cleanup(struct digestdata *digest) -{ - /* Free the input token */ - Curl_safefree(digest->input_token); - - /* Reset any variables */ - digest->input_token_len = 0; -} -#endif /* !CURL_DISABLE_CRYPTO_AUTH */ - -#if defined USE_NTLM -/* - * Curl_sasl_create_ntlm_type1_message() - * - * This is used to generate an already encoded NTLM type-1 message ready for - * sending to the recipient. - * - * Parameters: - * - * userp [in] - The user name in the format User or Domain\User. - * passdwp [in] - The user's password. - * ntlm [in/out] - The NTLM data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp, - const char *passwdp, - struct ntlmdata *ntlm, - char **outptr, size_t *outlen) -{ - PSecPkgInfo SecurityPackage; - SecBuffer type_1_buf; - SecBufferDesc type_1_desc; - SECURITY_STATUS status; - unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ - - /* Clean up any former leftovers and initialise to defaults */ - Curl_sasl_ntlm_cleanup(ntlm); - - /* Query the security package for NTLM */ - status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM), - &SecurityPackage); - if(status != SEC_E_OK) - return CURLE_NOT_BUILT_IN; - - ntlm->token_max = SecurityPackage->cbMaxToken; - - /* Release the package buffer as it is not required anymore */ - s_pSecFn->FreeContextBuffer(SecurityPackage); - - /* Allocate our output buffer */ - ntlm->output_token = malloc(ntlm->token_max); - if(!ntlm->output_token) - return CURLE_OUT_OF_MEMORY; - - if(userp && *userp) { - CURLcode result; - - /* Populate our identity structure */ - result = Curl_create_sspi_identity(userp, passwdp, &ntlm->identity); - if(result) - return result; - - /* Allow proper cleanup of the identity structure */ - ntlm->p_identity = &ntlm->identity; - } - else - /* Use the current Windows user */ - ntlm->p_identity = NULL; - - /* Allocate our credentials handle */ - ntlm->credentials = malloc(sizeof(CredHandle)); - if(!ntlm->credentials) - return CURLE_OUT_OF_MEMORY; - - memset(ntlm->credentials, 0, sizeof(CredHandle)); - - /* Acquire our credentials handle */ - status = s_pSecFn->AcquireCredentialsHandle(NULL, - (TCHAR *) TEXT(SP_NAME_NTLM), - SECPKG_CRED_OUTBOUND, NULL, - ntlm->p_identity, NULL, NULL, - ntlm->credentials, &expiry); - if(status != SEC_E_OK) - return CURLE_LOGIN_DENIED; - - /* Allocate our new context handle */ - ntlm->context = malloc(sizeof(CtxtHandle)); - if(!ntlm->context) - return CURLE_OUT_OF_MEMORY; - - memset(ntlm->context, 0, sizeof(CtxtHandle)); - - /* Setup the type-1 "output" security buffer */ - type_1_desc.ulVersion = SECBUFFER_VERSION; - type_1_desc.cBuffers = 1; - type_1_desc.pBuffers = &type_1_buf; - type_1_buf.BufferType = SECBUFFER_TOKEN; - type_1_buf.pvBuffer = ntlm->output_token; - type_1_buf.cbBuffer = curlx_uztoul(ntlm->token_max); - - /* Generate our type-1 message */ - status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL, - (TCHAR *) TEXT(""), - 0, 0, SECURITY_NETWORK_DREP, - NULL, 0, - ntlm->context, &type_1_desc, - &attrs, &expiry); - if(status == SEC_I_COMPLETE_NEEDED || - status == SEC_I_COMPLETE_AND_CONTINUE) - s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc); - else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) - return CURLE_RECV_ERROR; - - /* Base64 encode the response */ - return Curl_base64_encode(NULL, (char *) ntlm->output_token, - type_1_buf.cbBuffer, outptr, outlen); -} - -/* - * Curl_sasl_decode_ntlm_type2_message() - * - * This is used to decode an already encoded NTLM type-2 message. - * - * Parameters: - * - * data [in] - The session handle. - * type2msg [in] - The base64 encoded type-2 message. - * ntlm [in/out] - The NTLM data struct being used and modified. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data, - const char *type2msg, - struct ntlmdata *ntlm) -{ - CURLcode result = CURLE_OK; - unsigned char *type2 = NULL; - size_t type2_len = 0; - -#if defined(CURL_DISABLE_VERBOSE_STRINGS) - (void) data; -#endif - - /* Decode the base-64 encoded type-2 message */ - if(strlen(type2msg) && *type2msg != '=') { - result = Curl_base64_decode(type2msg, &type2, &type2_len); - if(result) - return result; - } - - /* Ensure we have a valid type-2 message */ - if(!type2) { - infof(data, "NTLM handshake failure (empty type-2 message)\n"); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Simply store the challenge for use later */ - ntlm->input_token = type2; - ntlm->input_token_len = type2_len; - - return result; -} - -/* - * Curl_sasl_create_ntlm_type3_message() - * - * This is used to generate an already encoded NTLM type-3 message ready for - * sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * userp [in] - The user name in the format User or Domain\User. - * passdwp [in] - The user's password. - * ntlm [in/out] - The NTLM data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - struct ntlmdata *ntlm, - char **outptr, size_t *outlen) -{ - CURLcode result = CURLE_OK; - SecBuffer type_2_buf; - SecBuffer type_3_buf; - SecBufferDesc type_2_desc; - SecBufferDesc type_3_desc; - SECURITY_STATUS status; - unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ - - (void) passwdp; - (void) userp; - - /* Setup the type-2 "input" security buffer */ - type_2_desc.ulVersion = SECBUFFER_VERSION; - type_2_desc.cBuffers = 1; - type_2_desc.pBuffers = &type_2_buf; - type_2_buf.BufferType = SECBUFFER_TOKEN; - type_2_buf.pvBuffer = ntlm->input_token; - type_2_buf.cbBuffer = curlx_uztoul(ntlm->input_token_len); - - /* Setup the type-3 "output" security buffer */ - type_3_desc.ulVersion = SECBUFFER_VERSION; - type_3_desc.cBuffers = 1; - type_3_desc.pBuffers = &type_3_buf; - type_3_buf.BufferType = SECBUFFER_TOKEN; - type_3_buf.pvBuffer = ntlm->output_token; - type_3_buf.cbBuffer = curlx_uztoul(ntlm->token_max); - - /* Generate our type-3 message */ - status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, - ntlm->context, - (TCHAR *) TEXT(""), - 0, 0, SECURITY_NETWORK_DREP, - &type_2_desc, - 0, ntlm->context, - &type_3_desc, - &attrs, &expiry); - if(status != SEC_E_OK) { - infof(data, "NTLM handshake failure (type-3 message): Status=%x\n", - status); - - return CURLE_RECV_ERROR; - } - - /* Base64 encode the response */ - result = Curl_base64_encode(data, (char *) ntlm->output_token, - type_3_buf.cbBuffer, outptr, outlen); - - Curl_sasl_ntlm_cleanup(ntlm); - - return result; -} - -/* - * Curl_sasl_ntlm_cleanup() - * - * This is used to clean up the NTLM specific data. - * - * Parameters: - * - * ntlm [in/out] - The NTLM data struct being cleaned up. - * - */ -void Curl_sasl_ntlm_cleanup(struct ntlmdata *ntlm) -{ - /* Free our security context */ - if(ntlm->context) { - s_pSecFn->DeleteSecurityContext(ntlm->context); - free(ntlm->context); - ntlm->context = NULL; - } - - /* Free our credentials handle */ - if(ntlm->credentials) { - s_pSecFn->FreeCredentialsHandle(ntlm->credentials); - free(ntlm->credentials); - ntlm->credentials = NULL; - } - - /* Free our identity */ - Curl_sspi_free_identity(ntlm->p_identity); - ntlm->p_identity = NULL; - - /* Free the input and output tokens */ - Curl_safefree(ntlm->input_token); - Curl_safefree(ntlm->output_token); - - /* Reset any variables */ - ntlm->token_max = 0; -} -#endif /* USE_NTLM */ - -#if defined(USE_KERBEROS5) -/* - * Curl_sasl_create_gssapi_user_message() - * - * This is used to generate an already encoded GSSAPI (Kerberos V5) user token - * message ready for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * userp [in] - The user name in the format User or Domain\User. - * passdwp [in] - The user's password. - * service [in] - The service type such as www, smtp, pop or imap. - * mutual_auth [in] - Flag specifing whether or not mutual authentication - * is enabled. - * chlg64 [in] - The optional base64 encoded challenge message. - * krb5 [in/out] - The Kerberos 5 data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_gssapi_user_message(struct SessionHandle *data, - const char *userp, - const char *passwdp, - const char *service, - const bool mutual_auth, - const char *chlg64, - struct kerberos5data *krb5, - char **outptr, size_t *outlen) -{ - CURLcode result = CURLE_OK; - size_t chlglen = 0; - unsigned char *chlg = NULL; - CtxtHandle context; - PSecPkgInfo SecurityPackage; - SecBuffer chlg_buf; - SecBuffer resp_buf; - SecBufferDesc chlg_desc; - SecBufferDesc resp_desc; - SECURITY_STATUS status; - unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ - - if(!krb5->credentials) { - /* Query the security package for Kerberos */ - status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) - TEXT(SP_NAME_KERBEROS), - &SecurityPackage); - if(status != SEC_E_OK) { - return CURLE_NOT_BUILT_IN; - } - - krb5->token_max = SecurityPackage->cbMaxToken; - - /* Release the package buffer as it is not required anymore */ - s_pSecFn->FreeContextBuffer(SecurityPackage); - - /* Allocate our response buffer */ - krb5->output_token = malloc(krb5->token_max); - if(!krb5->output_token) - return CURLE_OUT_OF_MEMORY; - - /* Generate our SPN */ - krb5->spn = Curl_sasl_build_spn(service, data->easy_conn->host.name); - if(!krb5->spn) - return CURLE_OUT_OF_MEMORY; - - if(userp && *userp) { - /* Populate our identity structure */ - result = Curl_create_sspi_identity(userp, passwdp, &krb5->identity); - if(result) - return result; - - /* Allow proper cleanup of the identity structure */ - krb5->p_identity = &krb5->identity; - } - else - /* Use the current Windows user */ - krb5->p_identity = NULL; - - /* Allocate our credentials handle */ - krb5->credentials = malloc(sizeof(CredHandle)); - if(!krb5->credentials) - return CURLE_OUT_OF_MEMORY; - - memset(krb5->credentials, 0, sizeof(CredHandle)); - - /* Acquire our credentials handle */ - status = s_pSecFn->AcquireCredentialsHandle(NULL, - (TCHAR *) - TEXT(SP_NAME_KERBEROS), - SECPKG_CRED_OUTBOUND, NULL, - krb5->p_identity, NULL, NULL, - krb5->credentials, &expiry); - if(status != SEC_E_OK) - return CURLE_LOGIN_DENIED; - - /* Allocate our new context handle */ - krb5->context = malloc(sizeof(CtxtHandle)); - if(!krb5->context) - return CURLE_OUT_OF_MEMORY; - - memset(krb5->context, 0, sizeof(CtxtHandle)); - } - else { - /* Decode the base-64 encoded challenge message */ - if(strlen(chlg64) && *chlg64 != '=') { - result = Curl_base64_decode(chlg64, &chlg, &chlglen); - if(result) - return result; - } - - /* Ensure we have a valid challenge message */ - if(!chlg) { - infof(data, "GSSAPI handshake failure (empty challenge message)\n"); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Setup the challenge "input" security buffer */ - chlg_desc.ulVersion = SECBUFFER_VERSION; - chlg_desc.cBuffers = 1; - chlg_desc.pBuffers = &chlg_buf; - chlg_buf.BufferType = SECBUFFER_TOKEN; - chlg_buf.pvBuffer = chlg; - chlg_buf.cbBuffer = curlx_uztoul(chlglen); - } - - /* Setup the response "output" security buffer */ - resp_desc.ulVersion = SECBUFFER_VERSION; - resp_desc.cBuffers = 1; - resp_desc.pBuffers = &resp_buf; - resp_buf.BufferType = SECBUFFER_TOKEN; - resp_buf.pvBuffer = krb5->output_token; - resp_buf.cbBuffer = curlx_uztoul(krb5->token_max); - - /* Generate our challenge-response message */ - status = s_pSecFn->InitializeSecurityContext(krb5->credentials, - chlg ? krb5->context : NULL, - krb5->spn, - (mutual_auth ? - ISC_REQ_MUTUAL_AUTH : 0), - 0, SECURITY_NATIVE_DREP, - chlg ? &chlg_desc : NULL, 0, - &context, - &resp_desc, &attrs, - &expiry); - - if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) { - free(chlg); - - return CURLE_RECV_ERROR; - } - - if(memcmp(&context, krb5->context, sizeof(context))) { - s_pSecFn->DeleteSecurityContext(krb5->context); - - memcpy(krb5->context, &context, sizeof(context)); - } - - if(resp_buf.cbBuffer) { - /* Base64 encode the response */ - result = Curl_base64_encode(data, (char *)resp_buf.pvBuffer, - resp_buf.cbBuffer, outptr, outlen); - } - - /* Free the decoded challenge */ - free(chlg); - - return result; -} - -/* - * Curl_sasl_create_gssapi_security_message() - * - * This is used to generate an already encoded GSSAPI (Kerberos V5) security - * token message ready for sending to the recipient. - * - * Parameters: - * - * data [in] - The session handle. - * chlg64 [in] - The optional base64 encoded challenge message. - * krb5 [in/out] - The Kerberos 5 data struct being used and modified. - * outptr [in/out] - The address where a pointer to newly allocated memory - * holding the result will be stored upon completion. - * outlen [out] - The length of the output message. - * - * Returns CURLE_OK on success. - */ -CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, - const char *chlg64, - struct kerberos5data *krb5, - char **outptr, - size_t *outlen) -{ - CURLcode result = CURLE_OK; - size_t offset = 0; - size_t chlglen = 0; - size_t messagelen = 0; - size_t appdatalen = 0; - unsigned char *chlg = NULL; - unsigned char *trailer = NULL; - unsigned char *message = NULL; - unsigned char *padding = NULL; - unsigned char *appdata = NULL; - SecBuffer input_buf[2]; - SecBuffer wrap_buf[3]; - SecBufferDesc input_desc; - SecBufferDesc wrap_desc; - unsigned long indata = 0; - unsigned long outdata = 0; - unsigned long qop = 0; - unsigned long sec_layer = 0; - unsigned long max_size = 0; - SecPkgContext_Sizes sizes; - SecPkgCredentials_Names names; - SECURITY_STATUS status; - char *user_name; - - /* Decode the base-64 encoded input message */ - if(strlen(chlg64) && *chlg64 != '=') { - result = Curl_base64_decode(chlg64, &chlg, &chlglen); - if(result) - return result; - } - - /* Ensure we have a valid challenge message */ - if(!chlg) { - infof(data, "GSSAPI handshake failure (empty security message)\n"); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Get our response size information */ - status = s_pSecFn->QueryContextAttributes(krb5->context, - SECPKG_ATTR_SIZES, - &sizes); - if(status != SEC_E_OK) { - free(chlg); - - return CURLE_OUT_OF_MEMORY; - } - - /* Get the fully qualified username back from the context */ - status = s_pSecFn->QueryCredentialsAttributes(krb5->credentials, - SECPKG_CRED_ATTR_NAMES, - &names); - if(status != SEC_E_OK) { - free(chlg); - - return CURLE_RECV_ERROR; - } - - /* Setup the "input" security buffer */ - input_desc.ulVersion = SECBUFFER_VERSION; - input_desc.cBuffers = 2; - input_desc.pBuffers = input_buf; - input_buf[0].BufferType = SECBUFFER_STREAM; - input_buf[0].pvBuffer = chlg; - input_buf[0].cbBuffer = curlx_uztoul(chlglen); - input_buf[1].BufferType = SECBUFFER_DATA; - input_buf[1].pvBuffer = NULL; - input_buf[1].cbBuffer = 0; - - /* Decrypt the inbound challenge and obtain the qop */ - status = s_pSecFn->DecryptMessage(krb5->context, &input_desc, 0, &qop); - if(status != SEC_E_OK) { - infof(data, "GSSAPI handshake failure (empty security message)\n"); - - free(chlg); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Not 4 octets long so fail as per RFC4752 Section 3.1 */ - if(input_buf[1].cbBuffer != 4) { - infof(data, "GSSAPI handshake failure (invalid security data)\n"); - - free(chlg); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Copy the data out and free the challenge as it is not required anymore */ - memcpy(&indata, input_buf[1].pvBuffer, 4); - s_pSecFn->FreeContextBuffer(input_buf[1].pvBuffer); - free(chlg); - - /* Extract the security layer */ - sec_layer = indata & 0x000000FF; - if(!(sec_layer & KERB_WRAP_NO_ENCRYPT)) { - infof(data, "GSSAPI handshake failure (invalid security layer)\n"); - - return CURLE_BAD_CONTENT_ENCODING; - } - - /* Extract the maximum message size the server can receive */ - max_size = ntohl(indata & 0xFFFFFF00); - if(max_size > 0) { - /* The server has told us it supports a maximum receive buffer, however, as - we don't require one unless we are encrypting data, we tell the server - our receive buffer is zero. */ - max_size = 0; - } - - /* Allocate the trailer */ - trailer = malloc(sizes.cbSecurityTrailer); - if(!trailer) - return CURLE_OUT_OF_MEMORY; - - /* Convert the user name to UTF8 when operating with Unicode */ - user_name = Curl_convert_tchar_to_UTF8(names.sUserName); - if(!user_name) { - free(trailer); - - return CURLE_OUT_OF_MEMORY; - } - - /* Allocate our message */ - messagelen = sizeof(outdata) + strlen(user_name) + 1; - message = malloc(messagelen); - if(!message) { - free(trailer); - Curl_unicodefree(user_name); - - return CURLE_OUT_OF_MEMORY; - } - - /* Populate the message with the security layer, client supported receive - message size and authorization identity including the 0x00 based - terminator. Note: Dispite RFC4752 Section 3.1 stating "The authorization - identity is not terminated with the zero-valued (%x00) octet." it seems - necessary to include it. */ - outdata = htonl(max_size) | sec_layer; - memcpy(message, &outdata, sizeof(outdata)); - strcpy((char *) message + sizeof(outdata), user_name); - Curl_unicodefree(user_name); - - /* Allocate the padding */ - padding = malloc(sizes.cbBlockSize); - if(!padding) { - free(message); - free(trailer); - - return CURLE_OUT_OF_MEMORY; - } - - /* Setup the "authentication data" security buffer */ - wrap_desc.ulVersion = SECBUFFER_VERSION; - wrap_desc.cBuffers = 3; - wrap_desc.pBuffers = wrap_buf; - wrap_buf[0].BufferType = SECBUFFER_TOKEN; - wrap_buf[0].pvBuffer = trailer; - wrap_buf[0].cbBuffer = sizes.cbSecurityTrailer; - wrap_buf[1].BufferType = SECBUFFER_DATA; - wrap_buf[1].pvBuffer = message; - wrap_buf[1].cbBuffer = curlx_uztoul(messagelen); - wrap_buf[2].BufferType = SECBUFFER_PADDING; - wrap_buf[2].pvBuffer = padding; - wrap_buf[2].cbBuffer = sizes.cbBlockSize; - - /* Encrypt the data */ - status = s_pSecFn->EncryptMessage(krb5->context, KERB_WRAP_NO_ENCRYPT, - &wrap_desc, 0); - if(status != SEC_E_OK) { - free(padding); - free(message); - free(trailer); - - return CURLE_OUT_OF_MEMORY; - } - - /* Allocate the encryption (wrap) buffer */ - appdatalen = wrap_buf[0].cbBuffer + wrap_buf[1].cbBuffer + - wrap_buf[2].cbBuffer; - appdata = malloc(appdatalen); - if(!appdata) { - free(padding); - free(message); - free(trailer); - - return CURLE_OUT_OF_MEMORY; - } - - /* Populate the encryption buffer */ - memcpy(appdata, wrap_buf[0].pvBuffer, wrap_buf[0].cbBuffer); - offset += wrap_buf[0].cbBuffer; - memcpy(appdata + offset, wrap_buf[1].pvBuffer, wrap_buf[1].cbBuffer); - offset += wrap_buf[1].cbBuffer; - memcpy(appdata + offset, wrap_buf[2].pvBuffer, wrap_buf[2].cbBuffer); - - /* Base64 encode the response */ - result = Curl_base64_encode(data, (char *)appdata, appdatalen, outptr, - outlen); - - /* Free all of our local buffers */ - free(appdata); - free(padding); - free(message); - free(trailer); - - return result; -} - -/* - * Curl_sasl_gssapi_cleanup() - * - * This is used to clean up the GSSAPI (Kerberos V5) specific data. - * - * Parameters: - * - * krb5 [in/out] - The Kerberos 5 data struct being cleaned up. - * - */ -void Curl_sasl_gssapi_cleanup(struct kerberos5data *krb5) -{ - /* Free our security context */ - if(krb5->context) { - s_pSecFn->DeleteSecurityContext(krb5->context); - free(krb5->context); - krb5->context = NULL; - } - - /* Free our credentials handle */ - if(krb5->credentials) { - s_pSecFn->FreeCredentialsHandle(krb5->credentials); - free(krb5->credentials); - krb5->credentials = NULL; - } - - /* Free our identity */ - Curl_sspi_free_identity(krb5->p_identity); - krb5->p_identity = NULL; - - /* Free the SPN and output token */ - Curl_safefree(krb5->spn); - Curl_safefree(krb5->output_token); - - /* Reset any variables */ - krb5->token_max = 0; -} -#endif /* USE_KERBEROS5 */ - -#endif /* USE_WINDOWS_SSPI */ diff --git a/lib/curl_setup.h b/lib/curl_setup.h index 516327345..9f29b2e9a 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -221,6 +221,15 @@ # include "setup-vms.h" #endif +/* + * Use getaddrinfo to resolve the IPv4 address literal. If the current network + * interface doesn’t support IPv4, but supports IPv6, NAT64, and DNS64, + * performing this task will result in a synthesized IPv6 address. + */ +#ifdef __APPLE__ +#define USE_RESOLVE_ON_IPS 1 +#endif + /* * Include header files for windows builds before redefining anything. * Use this preprocessor block only to include or exclude windows.h, @@ -473,7 +482,7 @@ # endif # ifndef fileno /* sunos 4 have this as a macro! */ - int fileno( FILE *stream); + int fileno(FILE *stream); # endif #endif /* WIN32 */ @@ -625,8 +634,9 @@ int netware_init(void); /* Single point where USE_NTLM definition might be defined */ #if !defined(CURL_DISABLE_NTLM) && !defined(CURL_DISABLE_CRYPTO_AUTH) #if defined(USE_OPENSSL) || defined(USE_WINDOWS_SSPI) || \ - defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) || \ - defined(USE_OS400CRYPTO) || defined(USE_WIN32_CRYPTO) + defined(USE_GNUTLS) || defined(USE_MBEDTLS) || defined(USE_NSS) || \ + defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO) || \ + defined(USE_WIN32_CRYPTO) #define USE_NTLM #endif @@ -722,4 +732,29 @@ endings either CRLF or LF so 't' is appropriate. #define FOPEN_WRITETEXT "w" #endif +/* WinSock destroys recv() buffer when send() failed. + * Enabled automatically for Windows and for Cygwin as Cygwin sockets are + * wrappers for WinSock sockets. https://github.com/curl/curl/issues/657 + * Define DONT_USE_RECV_BEFORE_SEND_WORKAROUND to force disable workaround. + */ +#if !defined(DONT_USE_RECV_BEFORE_SEND_WORKAROUND) +# if defined(WIN32) || defined(__CYGWIN__) +# define USE_RECV_BEFORE_SEND_WORKAROUND +# endif +#else /* DONT_USE_RECV_BEFORE_SEND_WORKAROUNDS */ +# ifdef USE_RECV_BEFORE_SEND_WORKAROUND +# undef USE_RECV_BEFORE_SEND_WORKAROUND +# endif +#endif /* DONT_USE_RECV_BEFORE_SEND_WORKAROUNDS */ + +/* Detect Windows App environment which has a restricted access + * to the Win32 APIs. */ +# if defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0602) +# include +# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \ + !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) +# define CURL_WINDOWS_APP +# endif +# endif + #endif /* HEADER_CURL_SETUP_H */ diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c index 04eac489b..11a7120a9 100644 --- a/lib/curl_sspi.c +++ b/lib/curl_sspi.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -27,6 +27,7 @@ #include #include "curl_sspi.h" #include "curl_multibyte.h" +#include "system_win32.h" #include "warnless.h" /* The last #include files should be: */ @@ -63,10 +64,15 @@ PSecurityFunctionTable s_pSecFn = NULL; * * Once this function has been executed, Windows SSPI functions can be * called through the Security Service Provider Interface dispatch table. + * + * Parameters: + * + * None. + * + * Returns CURLE_OK on success. */ CURLcode Curl_sspi_global_init(void) { - bool securityDll = FALSE; INITSECURITYINTERFACE_FN pInitSecurityInterface; /* If security interface is not yet initialized try to do this */ @@ -74,52 +80,12 @@ CURLcode Curl_sspi_global_init(void) /* Security Service Provider Interface (SSPI) functions are located in * security.dll on WinNT 4.0 and in secur32.dll on Win9x. Win2K and XP * have both these DLLs (security.dll forwards calls to secur32.dll) */ - DWORD majorVersion = 4; - DWORD platformId = VER_PLATFORM_WIN32_NT; - -#if !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \ - (_WIN32_WINNT < _WIN32_WINNT_WIN2K) - OSVERSIONINFO osver; - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - - /* Find out Windows version */ - if(!GetVersionEx(&osver)) - return CURLE_FAILED_INIT; - - /* Verify the major version number == 4 and platform id == WIN_NT */ - if(osver.dwMajorVersion == majorVersion && - osver.dwPlatformId == platformId) - securityDll = TRUE; -#else - ULONGLONG cm; - OSVERSIONINFOEX osver; - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - osver.dwMajorVersion = majorVersion; - osver.dwPlatformId = platformId; - - cm = VerSetConditionMask(0, VER_MAJORVERSION, VER_EQUAL); - cm = VerSetConditionMask(cm, VER_MINORVERSION, VER_GREATER_EQUAL); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMAJOR, VER_GREATER_EQUAL); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMINOR, VER_GREATER_EQUAL); - cm = VerSetConditionMask(cm, VER_PLATFORMID, VER_EQUAL); - - /* Verify the major version number == 4 and platform id == WIN_NT */ - if(VerifyVersionInfo(&osver, (VER_MAJORVERSION | VER_MINORVERSION | - VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR | - VER_PLATFORMID), - cm)) - securityDll = TRUE; -#endif /* Load SSPI dll into the address space of the calling process */ - if(securityDll) - s_hSecDll = LoadLibrary(TEXT("security.dll")); + if(Curl_verify_windows_version(4, 0, PLATFORM_WINNT, VERSION_EQUAL)) + s_hSecDll = Curl_load_library(TEXT("security.dll")); else - s_hSecDll = LoadLibrary(TEXT("secur32.dll")); + s_hSecDll = Curl_load_library(TEXT("secur32.dll")); if(!s_hSecDll) return CURLE_FAILED_INIT; @@ -142,8 +108,11 @@ CURLcode Curl_sspi_global_init(void) * Curl_sspi_global_cleanup() * * This deinitializes the Security Service Provider Interface from libcurl. + * + * Parameters: + * + * None. */ - void Curl_sspi_global_cleanup(void) { if(s_hSecDll) { @@ -245,6 +214,15 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp, return CURLE_OK; } +/* + * Curl_sspi_free_identity() + * + * This is used to free the contents of a SSPI identifier structure. + * + * Parameters: + * + * identity [in/out] - The identity structure. + */ void Curl_sspi_free_identity(SEC_WINNT_AUTH_IDENTITY *identity) { if(identity) { diff --git a/lib/curl_threads.c b/lib/curl_threads.c index 59d881143..c98d8bbad 100644 --- a/lib/curl_threads.c +++ b/lib/curl_threads.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -22,6 +22,8 @@ #include "curl_setup.h" +#include + #if defined(USE_THREADS_POSIX) # ifdef HAVE_PTHREAD_H # include diff --git a/lib/dict.c b/lib/dict.c index 2e7cb4778..a7b5965bd 100644 --- a/lib/dict.c +++ b/lib/dict.c @@ -91,7 +91,7 @@ const struct Curl_handler Curl_handler_dict = { PROTOPT_NONE | PROTOPT_NOURLQUERY /* flags */ }; -static char *unescape_word(struct SessionHandle *data, const char *inputbuff) +static char *unescape_word(struct Curl_easy *data, const char *inputbuff) { char *newp; char *dictp; @@ -133,7 +133,7 @@ static CURLcode dict_do(struct connectdata *conn, bool *done) char *nthdef = NULL; /* This is not part of the protocol, but required by RFC 2229 */ CURLcode result=CURLE_OK; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; curl_socket_t sockfd = conn->sock[FIRSTSOCKET]; char *path = data->state.path; diff --git a/lib/dotdot.c b/lib/dotdot.c index 99fac7f98..ea7c8a04f 100644 --- a/lib/dotdot.c +++ b/lib/dotdot.c @@ -22,9 +22,11 @@ #include "curl_setup.h" -#include "dotdot.h" +#include +#include "dotdot.h" #include "curl_memory.h" + /* The last #include file should be: */ #include "memdebug.h" diff --git a/lib/easy.c b/lib/easy.c index 2bddbb22f..583de154b 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -73,9 +73,8 @@ #include "multiif.h" #include "sigpipe.h" #include "ssh.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -121,8 +120,8 @@ static CURLcode win32_init(void) /* wVersionRequested in wVersion. wHighVersion contains the */ /* highest supported version. */ - if(LOBYTE( wsaData.wVersion ) != LOBYTE(wVersionRequested) || - HIBYTE( wsaData.wVersion ) != HIBYTE(wVersionRequested) ) { + if(LOBYTE(wsaData.wVersion) != LOBYTE(wVersionRequested) || + HIBYTE(wsaData.wVersion) != HIBYTE(wVersionRequested) ) { /* Tell the user that we couldn't find a useable */ /* winsock.dll. */ @@ -272,6 +271,8 @@ static CURLcode global_init(long flags, bool memoryfuncs) return CURLE_FAILED_INIT; } + (void)Curl_ipv6works(); + #if defined(USE_LIBSSH2) && defined(HAVE_LIBSSH2_INIT) if(libssh2_init(0)) { DEBUGF(fprintf(stderr, "Error: libssh2_init failed\n")); @@ -366,10 +367,10 @@ void curl_global_cleanup(void) * curl_easy_init() is the external interface to alloc, setup and init an * easy handle that is returned. If anything goes wrong, NULL is returned. */ -CURL *curl_easy_init(void) +struct Curl_easy *curl_easy_init(void) { CURLcode result; - struct SessionHandle *data; + struct Curl_easy *data; /* Make sure we inited the global SSL stuff */ if(!initialized) { @@ -397,13 +398,12 @@ CURL *curl_easy_init(void) */ #undef curl_easy_setopt -CURLcode curl_easy_setopt(CURL *curl, CURLoption tag, ...) +CURLcode curl_easy_setopt(struct Curl_easy *data, CURLoption tag, ...) { va_list arg; - struct SessionHandle *data = curl; CURLcode result; - if(!curl) + if(!data) return CURLE_BAD_FUNCTION_ARGUMENT; va_start(arg, tag); @@ -435,7 +435,7 @@ struct events { * updated. */ -static int events_timer(CURLM *multi, /* multi handle */ +static int events_timer(struct Curl_multi *multi, /* multi handle */ long timeout_ms, /* see above */ void *userp) /* private callback pointer */ { @@ -490,7 +490,7 @@ static short socketcb2poll(int pollmask) * Callback that gets called with information about socket activity to * monitor. */ -static int events_socket(CURL *easy, /* easy handle */ +static int events_socket(struct Curl_easy *easy, /* easy handle */ curl_socket_t s, /* socket */ int what, /* see above */ void *userp, /* private callback @@ -568,7 +568,7 @@ static int events_socket(CURL *easy, /* easy handle */ * * Do the multi handle setups that only event-based transfers need. */ -static void events_setup(CURLM *multi, struct events *ev) +static void events_setup(struct Curl_multi *multi, struct events *ev) { /* timer callback */ curl_multi_setopt(multi, CURLMOPT_TIMERFUNCTION, events_timer); @@ -625,7 +625,7 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev) if(0 == pollrc) { /* timeout! */ ev->ms = 0; - /* fprintf(stderr, "call curl_multi_socket_action( TIMEOUT )\n"); */ + /* fprintf(stderr, "call curl_multi_socket_action(TIMEOUT)\n"); */ mcode = curl_multi_socket_action(multi, CURL_SOCKET_TIMEOUT, 0, &ev->running_handles); } @@ -635,7 +635,7 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev) if(fds[i].revents) { /* socket activity, tell libcurl */ int act = poll2cselect(fds[i].revents); /* convert */ - infof(multi->easyp, "call curl_multi_socket_action( socket %d )\n", + infof(multi->easyp, "call curl_multi_socket_action(socket %d)\n", fds[i].fd); mcode = curl_multi_socket_action(multi, fds[i].fd, act, &ev->running_handles); @@ -672,7 +672,7 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev) * * Runs a transfer in a blocking manner using the events-based API */ -static CURLcode easy_events(CURLM *multi) +static CURLcode easy_events(struct Curl_multi *multi) { struct events evs= {2, FALSE, 0, NULL, 0}; @@ -686,7 +686,7 @@ static CURLcode easy_events(CURLM *multi) #define easy_events(x) CURLE_NOT_BUILT_IN #endif -static CURLcode easy_transfer(CURLM *multi) +static CURLcode easy_transfer(struct Curl_multi *multi) { bool done = FALSE; CURLMcode mcode = CURLM_OK; @@ -766,9 +766,9 @@ static CURLcode easy_transfer(CURLM *multi) * DEBUG: if 'events' is set TRUE, this function will use a replacement engine * instead of curl_multi_perform() and use curl_multi_socket_action(). */ -static CURLcode easy_perform(struct SessionHandle *data, bool events) +static CURLcode easy_perform(struct Curl_easy *data, bool events) { - CURLM *multi; + struct Curl_multi *multi; CURLMcode mcode; CURLcode result = CURLE_OK; SIGPIPE_VARIABLE(pipe_st); @@ -828,9 +828,9 @@ static CURLcode easy_perform(struct SessionHandle *data, bool events) * curl_easy_perform() is the external interface that performs a blocking * transfer as previously setup. */ -CURLcode curl_easy_perform(CURL *easy) +CURLcode curl_easy_perform(struct Curl_easy *data) { - return easy_perform(easy, FALSE); + return easy_perform(data, FALSE); } #ifdef CURLDEBUG @@ -838,9 +838,9 @@ CURLcode curl_easy_perform(CURL *easy) * curl_easy_perform_ev() is the external interface that performs a blocking * transfer using the event-based API internally. */ -CURLcode curl_easy_perform_ev(CURL *easy) +CURLcode curl_easy_perform_ev(struct Curl_easy *data) { - return easy_perform(easy, TRUE); + return easy_perform(data, TRUE); } #endif @@ -849,9 +849,8 @@ CURLcode curl_easy_perform_ev(CURL *easy) * curl_easy_cleanup() is the external interface to cleaning/freeing the given * easy handle. */ -void curl_easy_cleanup(CURL *curl) +void curl_easy_cleanup(struct Curl_easy *data) { - struct SessionHandle *data = (struct SessionHandle *)curl; SIGPIPE_VARIABLE(pipe_st); if(!data) @@ -867,12 +866,11 @@ void curl_easy_cleanup(CURL *curl) * information from a performed transfer and similar. */ #undef curl_easy_getinfo -CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...) +CURLcode curl_easy_getinfo(struct Curl_easy *data, CURLINFO info, ...) { va_list arg; void *paramp; CURLcode result; - struct SessionHandle *data = (struct SessionHandle *)curl; va_start(arg, info); paramp = va_arg(arg, void *); @@ -888,11 +886,9 @@ CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...) * given input easy handle. The returned handle will be a new working handle * with all options set exactly as the input source handle. */ -CURL *curl_easy_duphandle(CURL *incurl) +struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data) { - struct SessionHandle *data=(struct SessionHandle *)incurl; - - struct SessionHandle *outcurl = calloc(1, sizeof(struct SessionHandle)); + struct Curl_easy *outcurl = calloc(1, sizeof(struct Curl_easy)); if(NULL == outcurl) goto fail; @@ -983,10 +979,8 @@ CURL *curl_easy_duphandle(CURL *incurl) * curl_easy_reset() is an external interface that allows an app to re- * initialize a session handle to the default values. */ -void curl_easy_reset(CURL *curl) +void curl_easy_reset(struct Curl_easy *data) { - struct SessionHandle *data = (struct SessionHandle *)curl; - Curl_safefree(data->state.pathbuffer); data->state.path = NULL; @@ -1015,9 +1009,8 @@ void curl_easy_reset(CURL *curl) * * Action is a bitmask consisting of CURLPAUSE_* bits in curl/curl.h */ -CURLcode curl_easy_pause(CURL *curl, int action) +CURLcode curl_easy_pause(struct Curl_easy *data, int action) { - struct SessionHandle *data = (struct SessionHandle *)curl; struct SingleRequest *k = &data->req; CURLcode result = CURLE_OK; @@ -1051,13 +1044,13 @@ CURLcode curl_easy_pause(CURL *curl, int action) if(!result && ((newstate&(KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) != (KEEP_RECV_PAUSE|KEEP_SEND_PAUSE)) ) - Curl_expire(data, 1); /* get this handle going again */ + Curl_expire(data, 0); /* get this handle going again */ return result; } -static CURLcode easy_connection(struct SessionHandle *data, +static CURLcode easy_connection(struct Curl_easy *data, curl_socket_t *sfd, struct connectdata **connp) { @@ -1085,13 +1078,13 @@ static CURLcode easy_connection(struct SessionHandle *data, * curl_easy_perform() with CURLOPT_CONNECT_ONLY option. * Returns CURLE_OK on success, error code on error. */ -CURLcode curl_easy_recv(CURL *curl, void *buffer, size_t buflen, size_t *n) +CURLcode curl_easy_recv(struct Curl_easy *data, void *buffer, size_t buflen, + size_t *n) { curl_socket_t sfd; CURLcode result; ssize_t n1; struct connectdata *c; - struct SessionHandle *data = (struct SessionHandle *)curl; result = easy_connection(data, &sfd, &c); if(result) @@ -1112,14 +1105,13 @@ CURLcode curl_easy_recv(CURL *curl, void *buffer, size_t buflen, size_t *n) * Sends data over the connected socket. Use after successful * curl_easy_perform() with CURLOPT_CONNECT_ONLY option. */ -CURLcode curl_easy_send(CURL *curl, const void *buffer, size_t buflen, - size_t *n) +CURLcode curl_easy_send(struct Curl_easy *data, const void *buffer, + size_t buflen, size_t *n) { curl_socket_t sfd; CURLcode result; ssize_t n1; struct connectdata *c = NULL; - struct SessionHandle *data = (struct SessionHandle *)curl; result = easy_connection(data, &sfd, &c); if(result) diff --git a/lib/easyif.h b/lib/easyif.h index 65333494c..f6132cc70 100644 --- a/lib/easyif.h +++ b/lib/easyif.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2013, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -26,7 +26,7 @@ * Prototypes for library-wide functions provided by easy.c */ #ifdef CURLDEBUG -CURL_EXTERN CURLcode curl_easy_perform_ev(CURL *easy); +CURL_EXTERN CURLcode curl_easy_perform_ev(struct Curl_easy *easy); #endif #endif /* HEADER_CURL_EASYIF_H */ diff --git a/lib/escape.c b/lib/escape.c index 40338a904..04230b4ca 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -31,9 +31,8 @@ #include "warnless.h" #include "non-ascii.h" #include "escape.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -76,7 +75,8 @@ char *curl_unescape(const char *string, int length) return curl_easy_unescape(NULL, string, length, NULL); } -char *curl_easy_escape(CURL *handle, const char *string, int inlength) +char *curl_easy_escape(struct Curl_easy *data, const char *string, + int inlength) { size_t alloc = (inlength?(size_t)inlength:strlen(string))+1; char *ns; @@ -105,7 +105,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength) alloc *= 2; testing_ptr = realloc(ns, alloc); if(!testing_ptr) { - free( ns ); + free(ns); return NULL; } else { @@ -113,7 +113,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength) } } - result = Curl_convert_to_network(handle, &in, 1); + result = Curl_convert_to_network(data, &in, 1); if(result) { /* Curl_convert_to_network calls failf if unsuccessful */ free(ns); @@ -140,7 +140,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength) * *olen. If length == 0, the length is assumed to be strlen(string). * */ -CURLcode Curl_urldecode(struct SessionHandle *data, +CURLcode Curl_urldecode(struct Curl_easy *data, const char *string, size_t length, char **ostring, size_t *olen, bool reject_ctrl) @@ -207,13 +207,13 @@ CURLcode Curl_urldecode(struct SessionHandle *data, * If length == 0, the length is assumed to be strlen(string). * If olen == NULL, no output length is stored. */ -char *curl_easy_unescape(CURL *handle, const char *string, int length, - int *olen) +char *curl_easy_unescape(struct Curl_easy *data, const char *string, + int length, int *olen) { char *str = NULL; size_t inputlen = length; size_t outputlen; - CURLcode res = Curl_urldecode(handle, string, inputlen, &str, &outputlen, + CURLcode res = Curl_urldecode(data, string, inputlen, &str, &outputlen, FALSE); if(res) return NULL; diff --git a/lib/escape.h b/lib/escape.h index a6e2967b3..638666f03 100644 --- a/lib/escape.h +++ b/lib/escape.h @@ -24,7 +24,7 @@ /* Escape and unescape URL encoding in strings. The functions return a new * allocated string or NULL if an error occurred. */ -CURLcode Curl_urldecode(struct SessionHandle *data, +CURLcode Curl_urldecode(struct Curl_easy *data, const char *string, size_t length, char **ostring, size_t *olen, bool reject_crlf); diff --git a/lib/file.c b/lib/file.c index 5c31fc4f7..b534ec18d 100644 --- a/lib/file.c +++ b/lib/file.c @@ -61,9 +61,8 @@ #include "url.h" #include "parsedate.h" /* for the week day and month names */ #include "warnless.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -136,7 +135,7 @@ static CURLcode file_range(struct connectdata *conn) curl_off_t totalsize=-1; char *ptr; char *ptr2; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(data->state.use_range && data->state.range) { from=curlx_strtoofft(data->state.range, &ptr, 0); @@ -186,7 +185,7 @@ static CURLcode file_range(struct connectdata *conn) */ static CURLcode file_connect(struct connectdata *conn, bool *done) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; char *real_path; struct FILEPROTO *file = data->req.protop; int fd; @@ -228,15 +227,19 @@ static CURLcode file_connect(struct connectdata *conn, bool *done) for(i=0; i < real_path_len; ++i) if(actual_path[i] == '/') actual_path[i] = '\\'; - else if(!actual_path[i]) /* binary zero */ + else if(!actual_path[i]) { /* binary zero */ + Curl_safefree(real_path); return CURLE_URL_MALFORMAT; + } fd = open_readonly(actual_path, O_RDONLY|O_BINARY); file->path = actual_path; #else - if(memchr(real_path, 0, real_path_len)) + if(memchr(real_path, 0, real_path_len)) { /* binary zeroes indicate foul play */ + Curl_safefree(real_path); return CURLE_URL_MALFORMAT; + } fd = open_readonly(real_path, O_RDONLY); file->path = real_path; @@ -302,7 +305,7 @@ static CURLcode file_upload(struct connectdata *conn) int fd; int mode; CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; char *buf = data->state.buffer; size_t nread; size_t nwrite; @@ -368,7 +371,7 @@ static CURLcode file_upload(struct connectdata *conn) /*skip bytes before resume point*/ if(data->state.resume_from) { - if((curl_off_t)nread <= data->state.resume_from ) { + if((curl_off_t)nread <= data->state.resume_from) { data->state.resume_from -= nread; nread = 0; buf2 = buf; @@ -429,7 +432,7 @@ static CURLcode file_do(struct connectdata *conn, bool *done) bool size_known; bool fstated=FALSE; ssize_t nread; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; char *buf = data->state.buffer; curl_off_t bytecount = 0; int fd; @@ -469,6 +472,9 @@ static CURLcode file_do(struct connectdata *conn, bool *done) information. Which for FILE can't be much more than the file size and date. */ if(data->set.opt_no_body && data->set.include_header && fstated) { + time_t filetime; + struct tm buffer; + const struct tm *tm = &buffer; snprintf(buf, sizeof(data->state.buffer), "Content-Length: %" CURL_FORMAT_CURL_OFF_T "\r\n", expected_size); result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0); @@ -480,29 +486,24 @@ static CURLcode file_do(struct connectdata *conn, bool *done) if(result) return result; - if(fstated) { - time_t filetime = (time_t)statbuf.st_mtime; - struct tm buffer; - const struct tm *tm = &buffer; - result = Curl_gmtime(filetime, &buffer); - if(result) - return result; - - /* format: "Tue, 15 Nov 1994 12:45:26 GMT" */ - snprintf(buf, BUFSIZE-1, - "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n", - Curl_wkday[tm->tm_wday?tm->tm_wday-1:6], - tm->tm_mday, - Curl_month[tm->tm_mon], - tm->tm_year + 1900, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); - result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0); - } - /* if we fstat()ed the file, set the file size to make it available post- - transfer */ - if(fstated) + filetime = (time_t)statbuf.st_mtime; + result = Curl_gmtime(filetime, &buffer); + if(result) + return result; + + /* format: "Tue, 15 Nov 1994 12:45:26 GMT" */ + snprintf(buf, BUFSIZE-1, + "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n", + Curl_wkday[tm->tm_wday?tm->tm_wday-1:6], + tm->tm_mday, + Curl_month[tm->tm_mon], + tm->tm_year + 1900, + tm->tm_hour, + tm->tm_min, + tm->tm_sec); + result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0); + if(!result) + /* set the file size to make it available post transfer */ Curl_pgrsSetDownloadSize(data, expected_size); return result; } diff --git a/lib/formdata.c b/lib/formdata.c index c241e6e9b..673759de9 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -30,15 +30,14 @@ #include #endif -#include "urldata.h" /* for struct SessionHandle */ +#include "urldata.h" /* for struct Curl_easy */ #include "formdata.h" #include "vtls/vtls.h" #include "strequal.h" #include "sendf.h" #include "strdup.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -48,7 +47,7 @@ static char *Curl_basename(char *path); #endif static size_t readfromfile(struct Form *form, char *buffer, size_t size); -static char *formboundary(struct SessionHandle *data); +static char *formboundary(struct Curl_easy *data); /* What kind of Content-Type to use on un-specified files with unrecognized extensions. */ @@ -632,7 +631,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost, else { if(((form->flags & HTTPPOST_FILENAME) || (form->flags & HTTPPOST_BUFFER)) && - !form->contenttype ) { + !form->contenttype) { char *f = form->flags & HTTPPOST_BUFFER? form->showfilename : form->value; @@ -770,7 +769,7 @@ curl_off_t VmsRealFileSize(const char * name, int ret_stat; FILE * file; - file = fopen(name, "r"); /* VMS */ + file = fopen(name, FOPEN_READTEXT); /* VMS */ if(file == NULL) return 0; @@ -1137,7 +1136,7 @@ static CURLcode formdata_add_filename(const struct curl_httppost *file, * a NULL pointer in the 'data' argument. */ -CURLcode Curl_getformdata(struct SessionHandle *data, +CURLcode Curl_getformdata(struct Curl_easy *data, struct FormData **finalform, struct curl_httppost *post, const char *custom_content_type, @@ -1273,7 +1272,7 @@ CURLcode Curl_getformdata(struct SessionHandle *data, curList = file->contentheader; while(curList) { /* Process the additional headers specified for this form */ - result = AddFormDataf( &form, &size, "\r\n%s", curList->data ); + result = AddFormDataf(&form, &size, "\r\n%s", curList->data); if(result) break; curList = curList->next; @@ -1386,7 +1385,7 @@ CURLcode Curl_getformdata(struct SessionHandle *data, * Curl_FormInit() inits the struct 'form' points to with the 'formdata' * and resets the 'sent' counter. */ -int Curl_FormInit(struct Form *form, struct FormData *formdata ) +int Curl_FormInit(struct Form *form, struct FormData *formdata) { if(!formdata) return 1; /* error */ @@ -1421,10 +1420,10 @@ static FILE * vmsfopenread(const char *file, const char *mode) { case FAB$C_VAR: case FAB$C_VFC: case FAB$C_STMCR: - return fopen(file, "r"); /* VMS */ + return fopen(file, FOPEN_READTEXT); /* VMS */ break; default: - return fopen(file, "r", "rfm=stmlf", "ctx=stm"); + return fopen(file, FOPEN_READTEXT, "rfm=stmlf", "ctx=stm"); } } #endif @@ -1499,9 +1498,9 @@ size_t Curl_FormReader(char *buffer, } do { - if((form->data->length - form->sent ) > wantedsize - gotsize) { + if((form->data->length - form->sent) > wantedsize - gotsize) { - memcpy(buffer + gotsize , form->data->line + form->sent, + memcpy(buffer + gotsize, form->data->line + form->sent, wantedsize - gotsize); form->sent += wantedsize-gotsize; @@ -1550,7 +1549,7 @@ char *Curl_formpostheader(void *formp, size_t *len) * formboundary() creates a suitable boundary string and returns an allocated * one. */ -static char *formboundary(struct SessionHandle *data) +static char *formboundary(struct Curl_easy *data) { /* 24 dashes and 16 hexadecimal digits makes 64 bit (18446744073709551615) combinations */ diff --git a/lib/formdata.h b/lib/formdata.h index 3fe1e83bd..6eb7c6c9e 100644 --- a/lib/formdata.h +++ b/lib/formdata.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -68,9 +68,9 @@ typedef struct FormInfo { struct FormInfo *more; } FormInfo; -int Curl_FormInit(struct Form *form, struct FormData *formdata ); +int Curl_FormInit(struct Form *form, struct FormData *formdata); -CURLcode Curl_getformdata(struct SessionHandle *data, +CURLcode Curl_getformdata(struct Curl_easy *data, struct FormData **, struct curl_httppost *post, const char *custom_contenttype, @@ -93,6 +93,6 @@ char *Curl_FormBoundary(void); void Curl_formclean(struct FormData **); -CURLcode Curl_formconvert(struct SessionHandle *, struct FormData *); +CURLcode Curl_formconvert(struct Curl_easy *, struct FormData *); #endif /* HEADER_CURL_FORMDATA_H */ diff --git a/lib/ftp.c b/lib/ftp.c index 9b728cc98..4c369973f 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -77,10 +77,9 @@ #include "warnless.h" #include "http_proxy.h" #include "non-ascii.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" #ifndef NI_MAXHOST @@ -328,7 +327,7 @@ static bool isBadFtpString(const char *string) */ static CURLcode AcceptServerConnect(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_socket_t sock = conn->sock[SECONDARYSOCKET]; curl_socket_t s = CURL_SOCKET_BAD; #ifdef ENABLE_IPV6 @@ -385,7 +384,7 @@ static CURLcode AcceptServerConnect(struct connectdata *conn) * Curl_pgrsTime(..., TIMER_STARTACCEPT); * */ -static long ftp_timeleft_accept(struct SessionHandle *data) +static long ftp_timeleft_accept(struct Curl_easy *data) { long timeout_ms = DEFAULT_ACCEPT_TIMEOUT; long other; @@ -425,7 +424,7 @@ static long ftp_timeleft_accept(struct SessionHandle *data) */ static CURLcode ReceivedServerConnect(struct connectdata *conn, bool *received) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_socket_t ctrl_sock = conn->sock[FIRSTSOCKET]; curl_socket_t data_sock = conn->sock[SECONDARYSOCKET]; struct ftp_conn *ftpc = &conn->proto.ftpc; @@ -496,7 +495,7 @@ static CURLcode ReceivedServerConnect(struct connectdata *conn, bool *received) */ static CURLcode InitiateTransfer(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct FTP *ftp = data->req.protop; CURLcode result = CURLE_OK; @@ -547,7 +546,7 @@ static CURLcode InitiateTransfer(struct connectdata *conn) */ static CURLcode AllowServerConnect(struct connectdata *conn, bool *connected) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; long timeout_ms; CURLcode result = CURLE_OK; @@ -618,7 +617,7 @@ static CURLcode ftp_readresp(curl_socket_t sockfd, size_t *size) /* size of the response */ { struct connectdata *conn = pp->conn; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; #ifdef HAVE_GSSAPI char * const buf = data->state.buffer; #endif @@ -690,7 +689,7 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return number of bytes read */ curl_socket_t sockfd = conn->sock[FIRSTSOCKET]; long timeout; /* timeout in milliseconds */ long interval_ms; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result = CURLE_OK; struct ftp_conn *ftpc = &conn->proto.ftpc; struct pingpong *pp = &ftpc->pp; @@ -710,7 +709,7 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return number of bytes read */ /* check and reset timeout value every lap */ timeout = Curl_pp_state_timeout(pp); - if(timeout <=0 ) { + if(timeout <=0) { failf(data, "FTP response timeout"); return CURLE_OPERATION_TIMEDOUT; /* already too little time */ } @@ -912,7 +911,7 @@ static int ftp_domore_getsock(struct connectdata *conn, curl_socket_t *socks, } else { socks[1] = conn->sock[SECONDARYSOCKET]; - bits |= GETSOCK_WRITESOCK(1); + bits |= GETSOCK_WRITESOCK(1) | GETSOCK_READSOCK(1); } return bits; @@ -981,7 +980,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn, { CURLcode result = CURLE_OK; struct ftp_conn *ftpc = &conn->proto.ftpc; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; curl_socket_t portsock= CURL_SOCKET_BAD; char myhost[256] = ""; @@ -1036,7 +1035,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn, if(*string_ftpport == '[') { /* [ipv6]:port(-range) */ ip_start = string_ftpport + 1; - if((ip_end = strchr(string_ftpport, ']')) != NULL ) + if((ip_end = strchr(string_ftpport, ']')) != NULL) strncpy(addr, ip_start, ip_end - ip_start); } else @@ -1057,7 +1056,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn, else #endif /* (ipv4|domain|interface):port(-range) */ - strncpy(addr, string_ftpport, ip_end - ip_start ); + strncpy(addr, string_ftpport, ip_end - ip_start); } else /* ipv4|interface */ @@ -1077,11 +1076,11 @@ static CURLcode ftp_state_use_port(struct connectdata *conn, /* correct errors like: * :1234-1230 - * :-4711 , in this case port_min is (unsigned)-1, + * :-4711, in this case port_min is (unsigned)-1, * therefore port_min > port_max for all cases * but port_max = (unsigned)-1 */ - if(port_min > port_max ) + if(port_min > port_max) port_min = port_max = 0; @@ -1404,7 +1403,7 @@ static CURLcode ftp_state_prepare_transfer(struct connectdata *conn) { CURLcode result = CURLE_OK; struct FTP *ftp = conn->data->req.protop; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(ftp->transfer != FTPTRANSFER_BODY) { /* doesn't transfer any data */ @@ -1487,7 +1486,7 @@ static CURLcode ftp_state_size(struct connectdata *conn) static CURLcode ftp_state_list(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* If this output is to be machine-parsed, the NLST command might be better to use, since the LIST command output is not specified or standard in any @@ -1525,12 +1524,12 @@ static CURLcode ftp_state_list(struct connectdata *conn) } } - cmd = aprintf( "%s%s%s", - data->set.str[STRING_CUSTOMREQUEST]? - data->set.str[STRING_CUSTOMREQUEST]: - (data->set.ftp_list_only?"NLST":"LIST"), - lstArg? " ": "", - lstArg? lstArg: "" ); + cmd = aprintf("%s%s%s", + data->set.str[STRING_CUSTOMREQUEST]? + data->set.str[STRING_CUSTOMREQUEST]: + (data->set.ftp_list_only?"NLST":"LIST"), + lstArg? " ": "", + lstArg? lstArg: ""); if(!cmd) { free(lstArg); @@ -1576,7 +1575,7 @@ static CURLcode ftp_state_type(struct connectdata *conn) { CURLcode result = CURLE_OK; struct FTP *ftp = conn->data->req.protop; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ftp_conn *ftpc = &conn->proto.ftpc; /* If we have selected NOBODY and HEADER, it means that we only want file @@ -1608,7 +1607,7 @@ static CURLcode ftp_state_type(struct connectdata *conn) static CURLcode ftp_state_mdtm(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ftp_conn *ftpc = &conn->proto.ftpc; /* Requested time of file or time-depended transfer? */ @@ -1633,7 +1632,7 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn, { CURLcode result = CURLE_OK; struct FTP *ftp = conn->data->req.protop; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ftp_conn *ftpc = &conn->proto.ftpc; int seekerr = CURL_SEEKFUNC_OK; @@ -1652,7 +1651,7 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn, /* 4. lower the infilesize counter */ /* => transfer as usual */ - if(data->state.resume_from < 0 ) { + if(data->state.resume_from < 0) { /* Got no given size to start from, figure it out */ PPSENDF(&ftpc->pp, "SIZE %s", ftpc->file); state(conn, FTP_STOR_SIZE); @@ -1729,7 +1728,7 @@ static CURLcode ftp_state_quote(struct connectdata *conn, ftpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct FTP *ftp = data->req.protop; struct ftp_conn *ftpc = &conn->proto.ftpc; bool quote=FALSE; @@ -1860,7 +1859,7 @@ static CURLcode proxy_magic(struct connectdata *conn, bool *magicdone) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; #if defined(CURL_DISABLE_PROXY) (void) newhost; @@ -1951,7 +1950,7 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn, { struct ftp_conn *ftpc = &conn->proto.ftpc; CURLcode result; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; struct Curl_dns_entry *addr=NULL; int rc; unsigned short connectport; /* the local port connect() should use! */ @@ -2126,7 +2125,7 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn, static CURLcode ftp_state_port_resp(struct connectdata *conn, int ftpcode) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ftp_conn *ftpc = &conn->proto.ftpc; ftpport fcmd = (ftpport)ftpc->count1; CURLcode result = CURLE_OK; @@ -2163,7 +2162,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn, int ftpcode) { CURLcode result = CURLE_OK; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; struct FTP *ftp = data->req.protop; struct ftp_conn *ftpc = &conn->proto.ftpc; @@ -2268,7 +2267,7 @@ static CURLcode ftp_state_type_resp(struct connectdata *conn, ftpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; if(ftpcode/100 != 2) { /* "sasserftpd" and "(u)r(x)bot ftpd" both responds with 226 after a @@ -2297,7 +2296,7 @@ static CURLcode ftp_state_retr(struct connectdata *conn, curl_off_t filesize) { CURLcode result = CURLE_OK; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; struct FTP *ftp = data->req.protop; struct ftp_conn *ftpc = &conn->proto.ftpc; @@ -2380,7 +2379,7 @@ static CURLcode ftp_state_size_resp(struct connectdata *conn, ftpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; curl_off_t filesize; char *buf = data->state.buffer; @@ -2452,7 +2451,7 @@ static CURLcode ftp_state_stor_resp(struct connectdata *conn, int ftpcode, ftpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(ftpcode>=400) { failf(data, "Failed FTP upload: %0d", ftpcode); @@ -2491,7 +2490,7 @@ static CURLcode ftp_state_get_resp(struct connectdata *conn, ftpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct FTP *ftp = data->req.protop; char *buf = data->state.buffer; @@ -2648,7 +2647,7 @@ static CURLcode ftp_state_user_resp(struct connectdata *conn, ftpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct FTP *ftp = data->req.protop; struct ftp_conn *ftpc = &conn->proto.ftpc; (void)instate; /* no use for this yet */ @@ -2703,7 +2702,7 @@ static CURLcode ftp_state_acct_resp(struct connectdata *conn, int ftpcode) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(ftpcode != 230) { failf(data, "ACCT rejected by server: %03d", ftpcode); result = CURLE_FTP_WEIRD_PASS_REPLY; /* FIX */ @@ -2719,7 +2718,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) { CURLcode result; curl_socket_t sock = conn->sock[FIRSTSOCKET]; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; int ftpcode; struct ftp_conn *ftpc = &conn->proto.ftpc; struct pingpong *pp = &ftpc->pp; @@ -3242,25 +3241,19 @@ static CURLcode ftp_connect(struct connectdata *conn, * Input argument is already checked for validity. */ static CURLcode ftp_done(struct connectdata *conn, CURLcode status, - bool premature) + bool premature) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct FTP *ftp = data->req.protop; struct ftp_conn *ftpc = &conn->proto.ftpc; struct pingpong *pp = &ftpc->pp; ssize_t nread; int ftpcode; CURLcode result = CURLE_OK; - bool was_ctl_valid = ftpc->ctl_valid; char *path; const char *path_to_use = data->state.path; if(!ftp) - /* When the easy handle is removed from the multi while libcurl is still - * trying to resolve the host name, it seems that the ftp struct is not - * yet initialized, but the removal action calls Curl_done() which calls - * this function. So we simply return success if no ftp pointer is set. - */ return CURLE_OK; switch(status) { @@ -3280,10 +3273,9 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status, /* the connection stays alive fine even though this happened */ /* fall-through */ case CURLE_OK: /* doesn't affect the control connection's status */ - if(!premature) { - ftpc->ctl_valid = was_ctl_valid; + if(!premature) break; - } + /* until we cope better with prematurely ended requests, let them * fallback as if in complete failure */ default: /* by default, an error means the control connection is @@ -3593,7 +3585,7 @@ static CURLcode ftp_range(struct connectdata *conn) curl_off_t from, to; char *ptr; char *ptr2; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ftp_conn *ftpc = &conn->proto.ftpc; if(data->state.use_range && data->state.range) { @@ -3651,7 +3643,7 @@ static CURLcode ftp_range(struct connectdata *conn) static CURLcode ftp_do_more(struct connectdata *conn, int *completep) { - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; struct ftp_conn *ftpc = &conn->proto.ftpc; CURLcode result = CURLE_OK; bool connected = FALSE; @@ -4215,7 +4207,7 @@ static CURLcode ftp_disconnect(struct connectdata *conn, bool dead_connection) (void)ftp_quit(conn); /* ignore errors on the QUIT */ if(ftpc->entrypath) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(data->state.most_recent_ftp_entrypath == ftpc->entrypath) { data->state.most_recent_ftp_entrypath = NULL; } @@ -4248,7 +4240,7 @@ static CURLcode ftp_disconnect(struct connectdata *conn, bool dead_connection) static CURLcode ftp_parse_url_path(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* the ftp struct is already inited in ftp_connect() */ struct FTP *ftp = data->req.protop; struct ftp_conn *ftpc = &conn->proto.ftpc; @@ -4500,7 +4492,7 @@ CURLcode ftp_regular_transfer(struct connectdata *conn, { CURLcode result=CURLE_OK; bool connected=FALSE; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ftp_conn *ftpc = &conn->proto.ftpc; data->req.size = -1; /* make sure this is unknown at this point */ @@ -4534,7 +4526,7 @@ CURLcode ftp_regular_transfer(struct connectdata *conn, static CURLcode ftp_setup_connection(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; char *type; char command; struct FTP *ftp; diff --git a/lib/ftp.h b/lib/ftp.h index 7495e3e07..2ed5b434e 100644 --- a/lib/ftp.h +++ b/lib/ftp.h @@ -97,9 +97,9 @@ typedef enum { file */ } curl_ftpfile; -/* This FTP struct is used in the SessionHandle. All FTP data that is +/* This FTP struct is used in the Curl_easy. All FTP data that is connection-oriented must be in FTP_conn to properly deal with the fact that - perhaps the SessionHandle is changed between the times the connection is + perhaps the Curl_easy is changed between the times the connection is used. */ struct FTP { curl_off_t *bytecountp; diff --git a/lib/getenv.c b/lib/getenv.c index 50bb79f53..89d181de3 100644 --- a/lib/getenv.c +++ b/lib/getenv.c @@ -30,7 +30,8 @@ static char *GetEnv(const char *variable) { -#ifdef _WIN32_WCE +#if defined(_WIN32_WCE) || defined(CURL_WINDOWS_APP) + (void)variable; return NULL; #else #ifdef WIN32 diff --git a/lib/getinfo.c b/lib/getinfo.c index 39189cb60..262cd934f 100644 --- a/lib/getinfo.c +++ b/lib/getinfo.c @@ -39,7 +39,7 @@ * This is supposed to be called in the beginning of a perform() session * and should reset all session-info variables */ -CURLcode Curl_initinfo(struct SessionHandle *data) +CURLcode Curl_initinfo(struct Curl_easy *data) { struct Progress *pro = &data->progress; struct PureInfo *info = &data->info; @@ -73,7 +73,7 @@ CURLcode Curl_initinfo(struct SessionHandle *data) return CURLE_OK; } -static CURLcode getinfo_char(struct SessionHandle *data, CURLINFO info, +static CURLcode getinfo_char(struct Curl_easy *data, CURLINFO info, char **param_charp) { switch(info) { @@ -119,7 +119,7 @@ static CURLcode getinfo_char(struct SessionHandle *data, CURLINFO info, return CURLE_OK; } -static CURLcode getinfo_long(struct SessionHandle *data, CURLINFO info, +static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info, long *param_longp) { curl_socket_t sockfd; @@ -198,6 +198,22 @@ static CURLcode getinfo_long(struct SessionHandle *data, CURLINFO info, case CURLINFO_RTSP_CSEQ_RECV: *param_longp = data->state.rtsp_CSeq_recv; break; + case CURLINFO_HTTP_VERSION: + switch (data->info.httpversion) { + case 10: + *param_longp = CURL_HTTP_VERSION_1_0; + break; + case 11: + *param_longp = CURL_HTTP_VERSION_1_1; + break; + case 20: + *param_longp = CURL_HTTP_VERSION_2_0; + break; + default: + *param_longp = CURL_HTTP_VERSION_NONE; + break; + } + break; default: return CURLE_UNKNOWN_OPTION; @@ -206,7 +222,7 @@ static CURLcode getinfo_long(struct SessionHandle *data, CURLINFO info, return CURLE_OK; } -static CURLcode getinfo_double(struct SessionHandle *data, CURLINFO info, +static CURLcode getinfo_double(struct Curl_easy *data, CURLINFO info, double *param_doublep) { switch(info) { @@ -259,7 +275,7 @@ static CURLcode getinfo_double(struct SessionHandle *data, CURLINFO info, return CURLE_OK; } -static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, +static CURLcode getinfo_slist(struct Curl_easy *data, CURLINFO info, struct curl_slist **param_slistp) { union { @@ -307,7 +323,7 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, #elif defined(USE_GSKIT) tsi->internals = (void *)conn->ssl[i].handle; #elif defined(USE_MBEDTLS) - tsi->internals = (void *)&conn->ssl[i].ssn; + tsi->internals = (void *)&conn->ssl[i].ssl; #elif defined(USE_NSS) tsi->internals = (void *)conn->ssl[i].handle; #elif defined(USE_OPENSSL) @@ -316,7 +332,7 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, (void *)conn->ssl[i].ctx : (void *)conn->ssl[i].handle); #elif defined(USE_POLARSSL) - tsi->internals = (void *)&conn->ssl[i].ssn; + tsi->internals = (void *)&conn->ssl[i].ssl; #elif defined(USE_SCHANNEL) tsi->internals = (void *)&conn->ssl[i].ctxt->ctxt_handle; #elif defined(USE_SSL) @@ -335,7 +351,7 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, return CURLE_OK; } -static CURLcode getinfo_socket(struct SessionHandle *data, CURLINFO info, +static CURLcode getinfo_socket(struct Curl_easy *data, CURLINFO info, curl_socket_t *param_socketp) { switch(info) { @@ -349,7 +365,7 @@ static CURLcode getinfo_socket(struct SessionHandle *data, CURLINFO info, return CURLE_OK; } -CURLcode Curl_getinfo(struct SessionHandle *data, CURLINFO info, ...) +CURLcode Curl_getinfo(struct Curl_easy *data, CURLINFO info, ...) { va_list arg; long *param_longp = NULL; diff --git a/lib/getinfo.h b/lib/getinfo.h index 4c2c16848..aecf717f7 100644 --- a/lib/getinfo.h +++ b/lib/getinfo.h @@ -21,7 +21,7 @@ * KIND, either express or implied. * ***************************************************************************/ -CURLcode Curl_getinfo(struct SessionHandle *data, CURLINFO info, ...); -CURLcode Curl_initinfo(struct SessionHandle *data); +CURLcode Curl_getinfo(struct Curl_easy *data, CURLINFO info, ...); +CURLcode Curl_initinfo(struct Curl_easy *data); #endif /* HEADER_CURL_GETINFO_H */ diff --git a/lib/gopher.c b/lib/gopher.c index 19f2f5a89..f1efb6042 100644 --- a/lib/gopher.c +++ b/lib/gopher.c @@ -75,7 +75,7 @@ const struct Curl_handler Curl_handler_gopher = { static CURLcode gopher_do(struct connectdata *conn, bool *done) { CURLcode result=CURLE_OK; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; curl_socket_t sockfd = conn->sock[FIRSTSOCKET]; curl_off_t *bytecount = &data->req.bytecount; diff --git a/lib/hash.c b/lib/hash.c index a0889783d..937381b65 100644 --- a/lib/hash.c +++ b/lib/hash.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -22,9 +22,12 @@ #include "curl_setup.h" +#include + #include "hash.h" #include "llist.h" #include "curl_memory.h" + /* The last #include file should be: */ #include "memdebug.h" diff --git a/lib/hmac.c b/lib/hmac.c index 664c77418..3df471585 100644 --- a/lib/hmac.c +++ b/lib/hmac.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -26,8 +26,11 @@ #ifndef CURL_DISABLE_CRYPTO_AUTH +#include + #include "curl_hmac.h" #include "curl_memory.h" + /* The last #include file should be: */ #include "memdebug.h" diff --git a/lib/hostasyn.c b/lib/hostasyn.c index c96734a5a..28bdf7a48 100644 --- a/lib/hostasyn.c +++ b/lib/hostasyn.c @@ -77,7 +77,7 @@ CURLcode Curl_addrinfo_callback(struct connectdata *conn, if(CURL_ASYNC_SUCCESS == status) { if(ai) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(data->share) Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE); diff --git a/lib/hostip.c b/lib/hostip.c index a4bde568f..f2d984164 100644 --- a/lib/hostip.c +++ b/lib/hostip.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -56,9 +56,9 @@ #include "url.h" #include "inet_ntop.h" #include "warnless.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" #if defined(CURLRES_SYNCH) && \ @@ -254,7 +254,7 @@ hostcache_prune(struct curl_hash *hostcache, long cache_timeout, time_t now) * Library-wide function for pruning the DNS cache. This function takes and * returns the appropriate locks. */ -void Curl_hostcache_prune(struct SessionHandle *data) +void Curl_hostcache_prune(struct Curl_easy *data) { time_t now; @@ -293,7 +293,7 @@ fetch_addr(struct connectdata *conn, char *entry_id = NULL; struct Curl_dns_entry *dns = NULL; size_t entry_len; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Create an entry id, based upon the hostname and port */ entry_id = create_hostcache_id(hostname, port); @@ -345,7 +345,7 @@ Curl_fetch_addr(struct connectdata *conn, const char *hostname, int port) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct Curl_dns_entry *dns = NULL; if(data->share) @@ -353,7 +353,8 @@ Curl_fetch_addr(struct connectdata *conn, dns = fetch_addr(conn, hostname, port); - if(dns) dns->inuse++; /* we use it! */ + if(dns) + dns->inuse++; /* we use it! */ if(data->share) Curl_share_unlock(data, CURL_LOCK_DATA_DNS); @@ -371,7 +372,7 @@ Curl_fetch_addr(struct connectdata *conn, * Returns the Curl_dns_entry entry pointer or NULL if the storage failed. */ struct Curl_dns_entry * -Curl_cache_addr(struct SessionHandle *data, +Curl_cache_addr(struct Curl_easy *data, Curl_addrinfo *addr, const char *hostname, int port) @@ -446,7 +447,7 @@ int Curl_resolv(struct connectdata *conn, struct Curl_dns_entry **entry) { struct Curl_dns_entry *dns = NULL; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result; int rc = CURLRESOLV_ERROR; /* default to failure */ @@ -581,7 +582,7 @@ int Curl_resolv_timeout(struct connectdata *conn, #endif /* HAVE_SIGACTION */ volatile long timeout; volatile unsigned int prev_alarm = 0; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; #endif /* USE_ALARM_TIMEOUT */ int rc; @@ -715,7 +716,7 @@ clean_up: * * May be called with 'data' == NULL for global cache. */ -void Curl_resolv_unlock(struct SessionHandle *data, struct Curl_dns_entry *dns) +void Curl_resolv_unlock(struct Curl_easy *data, struct Curl_dns_entry *dns) { if(data && data->share) Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE); @@ -757,7 +758,7 @@ int Curl_mk_dnscache(struct curl_hash *hash) * can be done! */ -void Curl_hostcache_clean(struct SessionHandle *data, +void Curl_hostcache_clean(struct Curl_easy *data, struct curl_hash *hash) { if(data && data->share) @@ -770,14 +771,14 @@ void Curl_hostcache_clean(struct SessionHandle *data, } -CURLcode Curl_loadhostpairs(struct SessionHandle *data) +CURLcode Curl_loadhostpairs(struct Curl_easy *data) { struct curl_slist *hostp; char hostname[256]; char address[256]; int port; - for(hostp = data->change.resolve; hostp; hostp = hostp->next ) { + for(hostp = data->change.resolve; hostp; hostp = hostp->next) { if(!hostp->data) continue; if(hostp->data[0] == '-') { diff --git a/lib/hostip.h b/lib/hostip.h index 37ccd96e1..9098ee39d 100644 --- a/lib/hostip.h +++ b/lib/hostip.h @@ -50,7 +50,7 @@ struct addrinfo; struct hostent; -struct SessionHandle; +struct Curl_easy; struct connectdata; /* @@ -118,7 +118,7 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn, /* unlock a previously resolved dns entry */ -void Curl_resolv_unlock(struct SessionHandle *data, +void Curl_resolv_unlock(struct Curl_easy *data, struct Curl_dns_entry *dns); /* for debugging purposes only: */ @@ -128,7 +128,7 @@ void Curl_scan_cache_used(void *user, void *ptr); int Curl_mk_dnscache(struct curl_hash *hash); /* prune old entries from the DNS cache */ -void Curl_hostcache_prune(struct SessionHandle *data); +void Curl_hostcache_prune(struct Curl_easy *data); /* Return # of adresses in a Curl_addrinfo struct */ int Curl_num_addresses (const Curl_addrinfo *addr); @@ -188,7 +188,7 @@ Curl_fetch_addr(struct connectdata *conn, * Returns the Curl_dns_entry entry pointer or NULL if the storage failed. */ struct Curl_dns_entry * -Curl_cache_addr(struct SessionHandle *data, Curl_addrinfo *addr, +Curl_cache_addr(struct Curl_easy *data, Curl_addrinfo *addr, const char *hostname, int port); #ifndef INADDR_NONE @@ -209,42 +209,42 @@ extern sigjmp_buf curl_jmpenv; /* * Function provided by the resolver backend to set DNS servers to use. */ -CURLcode Curl_set_dns_servers(struct SessionHandle *data, char *servers); +CURLcode Curl_set_dns_servers(struct Curl_easy *data, char *servers); /* * Function provided by the resolver backend to set * outgoing interface to use for DNS requests */ -CURLcode Curl_set_dns_interface(struct SessionHandle *data, +CURLcode Curl_set_dns_interface(struct Curl_easy *data, const char *interf); /* * Function provided by the resolver backend to set * local IPv4 address to use as source address for DNS requests */ -CURLcode Curl_set_dns_local_ip4(struct SessionHandle *data, +CURLcode Curl_set_dns_local_ip4(struct Curl_easy *data, const char *local_ip4); /* * Function provided by the resolver backend to set * local IPv6 address to use as source address for DNS requests */ -CURLcode Curl_set_dns_local_ip6(struct SessionHandle *data, +CURLcode Curl_set_dns_local_ip6(struct Curl_easy *data, const char *local_ip6); /* * Clean off entries from the cache */ -void Curl_hostcache_clean(struct SessionHandle *data, struct curl_hash *hash); +void Curl_hostcache_clean(struct Curl_easy *data, struct curl_hash *hash); /* * Destroy the hostcache of this handle. */ -void Curl_hostcache_destroy(struct SessionHandle *data); +void Curl_hostcache_destroy(struct Curl_easy *data); /* * Populate the cache with specified entries from CURLOPT_RESOLVE. */ -CURLcode Curl_loadhostpairs(struct SessionHandle *data); +CURLcode Curl_loadhostpairs(struct Curl_easy *data); #endif /* HEADER_CURL_HOSTIP_H */ diff --git a/lib/hostip4.c b/lib/hostip4.c index 25c452965..15895d7ce 100644 --- a/lib/hostip4.c +++ b/lib/hostip4.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -48,9 +48,9 @@ #include "strerror.h" #include "url.h" #include "inet_pton.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /*********************************************************************** diff --git a/lib/hostip6.c b/lib/hostip6.c index 2f58376d2..4ebfc2dcf 100644 --- a/lib/hostip6.c +++ b/lib/hostip6.c @@ -49,10 +49,9 @@ #include "url.h" #include "inet_pton.h" #include "connect.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" - -/* The last #include file should be: */ #include "memdebug.h" /*********************************************************************** @@ -168,10 +167,12 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn, int error; char sbuf[12]; char *sbufptr = NULL; +#ifndef USE_RESOLVE_ON_IPS char addrbuf[128]; +#endif int pf; #if !defined(CURL_DISABLE_VERBOSE_STRINGS) - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; #endif *waitp = 0; /* synchronous response only */ @@ -197,11 +198,17 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn, hints.ai_family = pf; hints.ai_socktype = conn->socktype; +#ifndef USE_RESOLVE_ON_IPS + /* + * The AI_NUMERICHOST must not be set to get synthesized IPv6 address from + * an IPv4 address on iOS and Mac OS X. + */ if((1 == Curl_inet_pton(AF_INET, hostname, addrbuf)) || (1 == Curl_inet_pton(AF_INET6, hostname, addrbuf))) { /* the given address is numerical only, prevent a reverse lookup */ hints.ai_flags = AI_NUMERICHOST; } +#endif if(port) { snprintf(sbuf, sizeof(sbuf), "%d", port); @@ -214,6 +221,10 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn, return NULL; } + if(port) { + Curl_addrinfo_set_port(res, port); + } + dump_addrinfo(conn, res); return res; diff --git a/lib/hostsyn.c b/lib/hostsyn.c index db4c82fcc..1a95263c6 100644 --- a/lib/hostsyn.c +++ b/lib/hostsyn.c @@ -59,7 +59,7 @@ /* * Function provided by the resolver backend to set DNS servers to use. */ -CURLcode Curl_set_dns_servers(struct SessionHandle *data, +CURLcode Curl_set_dns_servers(struct Curl_easy *data, char *servers) { (void)data; @@ -72,7 +72,7 @@ CURLcode Curl_set_dns_servers(struct SessionHandle *data, * Function provided by the resolver backend to set * outgoing interface to use for DNS requests */ -CURLcode Curl_set_dns_interface(struct SessionHandle *data, +CURLcode Curl_set_dns_interface(struct Curl_easy *data, const char *interf) { (void)data; @@ -84,7 +84,7 @@ CURLcode Curl_set_dns_interface(struct SessionHandle *data, * Function provided by the resolver backend to set * local IPv4 address to use as source address for DNS requests */ -CURLcode Curl_set_dns_local_ip4(struct SessionHandle *data, +CURLcode Curl_set_dns_local_ip4(struct Curl_easy *data, const char *local_ip4) { (void)data; @@ -96,7 +96,7 @@ CURLcode Curl_set_dns_local_ip4(struct SessionHandle *data, * Function provided by the resolver backend to set * local IPv6 address to use as source address for DNS requests */ -CURLcode Curl_set_dns_local_ip6(struct SessionHandle *data, +CURLcode Curl_set_dns_local_ip6(struct Curl_easy *data, const char *local_ip6) { (void)data; diff --git a/lib/http.c b/lib/http.c index b85ff0d5a..e4b9d8b4b 100644 --- a/lib/http.c +++ b/lib/http.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -54,9 +54,10 @@ #include "curl_base64.h" #include "cookie.h" #include "strequal.h" +#include "vauth/vauth.h" #include "vtls/vtls.h" #include "http_digest.h" -#include "curl_ntlm.h" +#include "http_ntlm.h" #include "curl_ntlm_wb.h" #include "http_negotiate.h" #include "url.h" @@ -76,9 +77,9 @@ #include "pipeline.h" #include "http2.h" #include "connect.h" -#include "curl_printf.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -144,14 +145,13 @@ const struct Curl_handler Curl_handler_https = { ZERO_NULL, /* readwrite */ PORT_HTTPS, /* defport */ CURLPROTO_HTTPS, /* protocol */ - PROTOPT_SSL | PROTOPT_CREDSPERREQUEST /* flags */ + PROTOPT_SSL | PROTOPT_CREDSPERREQUEST | PROTOPT_ALPN_NPN /* flags */ }; #endif - CURLcode Curl_http_setup_conn(struct connectdata *conn) { - /* allocate the HTTP-specific struct for the SessionHandle, only to survive + /* allocate the HTTP-specific struct for the Curl_easy, only to survive during this request */ struct HTTP *http; DEBUGASSERT(conn->data->req.protop == NULL); @@ -179,12 +179,13 @@ char *Curl_checkheaders(const struct connectdata *conn, { struct curl_slist *head; size_t thislen = strlen(thisheader); - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; for(head = data->set.headers;head; head=head->next) { if(Curl_raw_nequal(head->data, thisheader, thislen)) return head->data; } + return NULL; } @@ -193,24 +194,24 @@ char *Curl_checkheaders(const struct connectdata *conn, * if proxy headers are not available, then it will lookup into http header * link list * - * It takes a connectdata struct as input instead of the SessionHandle simply + * It takes a connectdata struct as input instead of the Curl_easy simply * to know if this is a proxy request or not, as it then might check a * different header list. - * */ char *Curl_checkProxyheaders(const struct connectdata *conn, const char *thisheader) { struct curl_slist *head; size_t thislen = strlen(thisheader); - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; - for(head = (conn->bits.proxy && data->set.sep_headers)? - data->set.proxyheaders:data->set.headers; + for(head = (conn->bits.proxy && data->set.sep_headers) ? + data->set.proxyheaders : data->set.headers; head; head=head->next) { if(Curl_raw_nequal(head->data, thisheader, thislen)) return head->data; } + return NULL; } @@ -279,7 +280,7 @@ static CURLcode http_output_basic(struct connectdata *conn, bool proxy) { size_t size = 0; char *authorization = NULL; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; char **userp; const char *user; const char *pwd; @@ -309,7 +310,7 @@ static CURLcode http_output_basic(struct connectdata *conn, bool proxy) free(*userp); *userp = aprintf("%sAuthorization: Basic %s\r\n", - proxy?"Proxy-":"", + proxy ? "Proxy-" : "", authorization); free(authorization); if(!*userp) @@ -376,7 +377,7 @@ static bool pickoneauth(struct auth *pick) */ static CURLcode http_perhapsrewind(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct HTTP *http = data->req.protop; curl_off_t bytessent; curl_off_t expectsend = -1; /* default is unknown */ @@ -461,7 +462,7 @@ static CURLcode http_perhapsrewind(struct connectdata *conn) #endif /* This is not NTLM or many bytes left to send: close */ - connclose(conn, "Mid-auth HTTP and much data left to send"); + streamclose(conn, "Mid-auth HTTP and much data left to send"); data->req.size = 0; /* don't download any more than 0 bytes */ /* There still is data left to send, but this connection is marked for @@ -484,7 +485,7 @@ static CURLcode http_perhapsrewind(struct connectdata *conn) CURLcode Curl_http_auth_act(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; bool pickhost = FALSE; bool pickproxy = FALSE; CURLcode result = CURLE_OK; @@ -528,7 +529,6 @@ CURLcode Curl_http_auth_act(struct connectdata *conn) return result; } } - else if((data->req.httpcode < 300) && (!data->state.authhost.done) && conn->bits.authneg) { @@ -553,7 +553,6 @@ CURLcode Curl_http_auth_act(struct connectdata *conn) return result; } - /* * Output the correct authentication header depending on the auth type * and whether or not it is to a proxy. @@ -568,7 +567,7 @@ output_auth_headers(struct connectdata *conn, const char *auth = NULL; CURLcode result = CURLE_OK; #if !defined(CURL_DISABLE_VERBOSE_STRINGS) || defined(USE_SPNEGO) - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; #endif #ifdef USE_SPNEGO struct negotiatedata *negdata = proxy ? @@ -584,7 +583,7 @@ output_auth_headers(struct connectdata *conn, negdata->state = GSS_AUTHNONE; if((authstatus->picked == CURLAUTH_NEGOTIATE) && negdata->context && !GSS_ERROR(negdata->status)) { - auth="Negotiate"; + auth = "Negotiate"; result = Curl_output_negotiate(conn, proxy); if(result) return result; @@ -595,7 +594,7 @@ output_auth_headers(struct connectdata *conn, #endif #ifdef USE_NTLM if(authstatus->picked == CURLAUTH_NTLM) { - auth="NTLM"; + auth = "NTLM"; result = Curl_output_ntlm(conn, proxy); if(result) return result; @@ -613,7 +612,7 @@ output_auth_headers(struct connectdata *conn, #endif #ifndef CURL_DISABLE_CRYPTO_AUTH if(authstatus->picked == CURLAUTH_DIGEST) { - auth="Digest"; + auth = "Digest"; result = Curl_output_digest(conn, proxy, (const unsigned char *)request, @@ -629,11 +628,12 @@ output_auth_headers(struct connectdata *conn, !Curl_checkProxyheaders(conn, "Proxy-authorization:")) || (!proxy && conn->bits.user_passwd && !Curl_checkheaders(conn, "Authorization:"))) { - auth="Basic"; + auth = "Basic"; result = http_output_basic(conn, proxy); if(result) return result; } + /* NOTE: this function should set 'done' TRUE, as the other auth functions work that way */ authstatus->done = TRUE; @@ -641,9 +641,9 @@ output_auth_headers(struct connectdata *conn, if(auth) { infof(data, "%s auth using %s with user '%s'\n", - proxy?"Proxy":"Server", auth, - proxy?(conn->proxyuser?conn->proxyuser:""): - (conn->user?conn->user:"")); + proxy ? "Proxy" : "Server", auth, + proxy ? (conn->proxyuser ? conn->proxyuser : "") : + (conn->user ? conn->user : "")); authstatus->multi = (!authstatus->done) ? TRUE : FALSE; } else @@ -674,7 +674,7 @@ Curl_http_output_auth(struct connectdata *conn, up the proxy tunnel */ { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct auth *authhost; struct auth *authproxy; @@ -735,7 +735,6 @@ Curl_http_output_auth(struct connectdata *conn, return result; } - /* * Curl_http_input_auth() deals with Proxy-Authenticate: and WWW-Authenticate: * headers. They are dealt with both in the transfer.c main loop and in the @@ -748,7 +747,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, /* * This resource requires authentication */ - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; #ifdef USE_SPNEGO struct negotiatedata *negdata = proxy? @@ -780,29 +779,32 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, * request is sent, and then it is again set _after_ all response 401/407 * headers have been received but then only to a single preferred method * (bit). - * */ while(*auth) { #ifdef USE_SPNEGO if(checkprefix("Negotiate", auth)) { - *availp |= CURLAUTH_NEGOTIATE; - authp->avail |= CURLAUTH_NEGOTIATE; - - if(authp->picked == CURLAUTH_NEGOTIATE) { - if(negdata->state == GSS_AUTHSENT || negdata->state == GSS_AUTHNONE) { - CURLcode result = Curl_input_negotiate(conn, proxy, auth); - if(!result) { - DEBUGASSERT(!data->req.newurl); - data->req.newurl = strdup(data->change.url); - if(!data->req.newurl) - return CURLE_OUT_OF_MEMORY; - data->state.authproblem = FALSE; - /* we received a GSS auth token and we dealt with it fine */ - negdata->state = GSS_AUTHRECV; + if((authp->avail & CURLAUTH_NEGOTIATE) || + Curl_auth_is_spnego_supported()) { + *availp |= CURLAUTH_NEGOTIATE; + authp->avail |= CURLAUTH_NEGOTIATE; + + if(authp->picked == CURLAUTH_NEGOTIATE) { + if(negdata->state == GSS_AUTHSENT || + negdata->state == GSS_AUTHNONE) { + CURLcode result = Curl_input_negotiate(conn, proxy, auth); + if(!result) { + DEBUGASSERT(!data->req.newurl); + data->req.newurl = strdup(data->change.url); + if(!data->req.newurl) + return CURLE_OUT_OF_MEMORY; + data->state.authproblem = FALSE; + /* we received a GSS auth token and we dealt with it fine */ + negdata->state = GSS_AUTHRECV; + } + else + data->state.authproblem = TRUE; } - else - data->state.authproblem = TRUE; } } } @@ -811,39 +813,44 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, #ifdef USE_NTLM /* NTLM support requires the SSL crypto libs */ if(checkprefix("NTLM", auth)) { - *availp |= CURLAUTH_NTLM; - authp->avail |= CURLAUTH_NTLM; - if(authp->picked == CURLAUTH_NTLM || - authp->picked == CURLAUTH_NTLM_WB) { - /* NTLM authentication is picked and activated */ - CURLcode result = Curl_input_ntlm(conn, proxy, auth); - if(!result) { - data->state.authproblem = FALSE; + if((authp->avail & CURLAUTH_NTLM) || + (authp->avail & CURLAUTH_NTLM_WB) || + Curl_auth_is_ntlm_supported()) { + *availp |= CURLAUTH_NTLM; + authp->avail |= CURLAUTH_NTLM; + + if(authp->picked == CURLAUTH_NTLM || + authp->picked == CURLAUTH_NTLM_WB) { + /* NTLM authentication is picked and activated */ + CURLcode result = Curl_input_ntlm(conn, proxy, auth); + if(!result) { + data->state.authproblem = FALSE; #ifdef NTLM_WB_ENABLED - if(authp->picked == CURLAUTH_NTLM_WB) { - *availp &= ~CURLAUTH_NTLM; - authp->avail &= ~CURLAUTH_NTLM; - *availp |= CURLAUTH_NTLM_WB; - authp->avail |= CURLAUTH_NTLM_WB; - - /* Get the challenge-message which will be passed to - * ntlm_auth for generating the type 3 message later */ - while(*auth && ISSPACE(*auth)) - auth++; - if(checkprefix("NTLM", auth)) { - auth += strlen("NTLM"); + if(authp->picked == CURLAUTH_NTLM_WB) { + *availp &= ~CURLAUTH_NTLM; + authp->avail &= ~CURLAUTH_NTLM; + *availp |= CURLAUTH_NTLM_WB; + authp->avail |= CURLAUTH_NTLM_WB; + + /* Get the challenge-message which will be passed to + * ntlm_auth for generating the type 3 message later */ while(*auth && ISSPACE(*auth)) auth++; - if(*auth) - if((conn->challenge_header = strdup(auth)) == NULL) - return CURLE_OUT_OF_MEMORY; + if(checkprefix("NTLM", auth)) { + auth += strlen("NTLM"); + while(*auth && ISSPACE(*auth)) + auth++; + if(*auth) + if((conn->challenge_header = strdup(auth)) == NULL) + return CURLE_OUT_OF_MEMORY; + } } - } #endif - } - else { - infof(data, "Authentication problem. Ignoring this.\n"); - data->state.authproblem = TRUE; + } + else { + infof(data, "Authentication problem. Ignoring this.\n"); + data->state.authproblem = TRUE; + } } } } @@ -851,18 +858,18 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, #endif #ifndef CURL_DISABLE_CRYPTO_AUTH if(checkprefix("Digest", auth)) { - if((authp->avail & CURLAUTH_DIGEST) != 0) { + if((authp->avail & CURLAUTH_DIGEST) != 0) infof(data, "Ignoring duplicate digest auth header.\n"); - } - else { + else if(Curl_auth_is_digest_supported()) { CURLcode result; + *availp |= CURLAUTH_DIGEST; authp->avail |= CURLAUTH_DIGEST; /* We call this function on input Digest headers even if Digest * authentication isn't activated yet, as we need to store the - * incoming data from this header in case we are gonna use - * Digest. */ + * incoming data from this header in case we are going to use + * Digest */ result = Curl_input_digest(conn, proxy, auth); if(result) { infof(data, "Authentication problem. Ignoring this.\n"); @@ -893,6 +900,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, while(*auth && ISSPACE(*auth)) auth++; } + return CURLE_OK; } @@ -908,7 +916,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, */ static int http_should_fail(struct connectdata *conn) { - struct SessionHandle *data; + struct Curl_easy *data; int httpcode; DEBUGASSERT(conn); @@ -934,8 +942,7 @@ static int http_should_fail(struct connectdata *conn) ** Any code >= 400 that's not 401 or 407 is always ** a terminal error */ - if((httpcode != 401) && - (httpcode != 407)) + if((httpcode != 401) && (httpcode != 407)) return 1; /* @@ -986,7 +993,7 @@ static size_t readmoredata(char *buffer, struct HTTP *http = conn->data->req.protop; size_t fullsize = size * nitems; - if(0 == http->postsize) + if(!http->postsize) /* nothing to return */ return 0; @@ -1092,7 +1099,6 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in, return result; } - if((conn->handler->flags & PROTOPT_SSL) && conn->httpversion != 20) { /* We never send more than CURL_MAX_WRITE_SIZE bytes in one single chunk when we speak HTTPS, as if only a fraction of it is sent now, this data @@ -1100,7 +1106,7 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in, buffer is using this size. */ - sendsize= (size > CURL_MAX_WRITE_SIZE)?CURL_MAX_WRITE_SIZE:size; + sendsize = (size > CURL_MAX_WRITE_SIZE) ? CURL_MAX_WRITE_SIZE : size; /* OpenSSL is very picky and we must send the SAME buffer pointer to the library when we attempt to re-send this buffer. Sending the same data @@ -1123,7 +1129,7 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in, * only send away a part). */ /* how much of the header that was sent */ - size_t headlen = (size_t)amount>headersize?headersize:(size_t)amount; + size_t headlen = (size_t)amount>headersize ? headersize : (size_t)amount; size_t bodylen = amount - headlen; if(conn->data->set.verbose) { @@ -1136,10 +1142,6 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in, ptr+headlen, bodylen, conn); } } - if(bodylen) - /* since we sent a piece of the body here, up the byte counter for it - accordingly */ - http->writebytecount += bodylen; /* 'amount' can never be a very large value here so typecasting it so a signed 31 bit value should not cause problems even if ssize_t is @@ -1147,6 +1149,10 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in, *bytes_written += (long)amount; if(http) { + /* if we sent a piece of the body here, up the byte counter for it + accordingly */ + http->writebytecount += bodylen; + if((size_t)amount != size) { /* The whole request could not be sent in one system call. We must queue it up and send it later when we get the chance. We must not @@ -1242,11 +1248,11 @@ CURLcode Curl_add_buffer(Curl_send_buffer *in, const void *inptr, size_t size) buffer size that doubles the required size. If this new size would wrap size_t, then just use the largest possible one */ - if((size > (size_t)-1/2) || (in->size_used > (size_t)-1/2) || - (~(size*2) < (in->size_used*2))) + if((size > (size_t)-1 / 2) || (in->size_used > (size_t)-1 / 2) || + (~(size * 2) < (in->size_used * 2))) new_size = (size_t)-1; else - new_size = (in->size_used+size)*2; + new_size = (in->size_used+size) * 2; if(in->buffer) /* we have a buffer, enlarge the existing one */ @@ -1419,6 +1425,7 @@ static int https_getsock(struct connectdata *conn, return GETSOCK_READSOCK(0); } } + return CURLE_OK; } #else @@ -1436,18 +1443,17 @@ static int https_getsock(struct connectdata *conn, #endif /* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL */ /* - * Curl_http_done() gets called from Curl_done() after a single HTTP request - * has been performed. + * Curl_http_done() gets called after a single HTTP request has been + * performed. */ CURLcode Curl_http_done(struct connectdata *conn, CURLcode status, bool premature) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct HTTP *http = data->req.protop; -#ifdef USE_NGHTTP2 - struct http_conn *httpc = &conn->proto.httpc; -#endif + + infof(data, "Curl_http_done: called premature == %d\n", premature); Curl_unencode_cleanup(conn); @@ -1456,9 +1462,11 @@ CURLcode Curl_http_done(struct connectdata *conn, data->state.negotiate.state == GSS_AUTHSENT) { /* add forbid re-use if http-code != 401/407 as a WA only needed for * 401/407 that signal auth failure (empty) otherwise state will be RECV - * with current code */ - if((data->req.httpcode != 401) && (data->req.httpcode != 407)) - connclose(conn, "Negotiate transfer completed"); + * with current code. + * Do not close CONNECT_ONLY connections. */ + if((data->req.httpcode != 401) && (data->req.httpcode != 407) && + !data->set.connect_only) + streamclose(conn, "Negotiate transfer completed"); Curl_cleanup_negotiate(data); } #endif @@ -1467,7 +1475,7 @@ CURLcode Curl_http_done(struct connectdata *conn, conn->seek_func = data->set.seek_func; /* restore */ conn->seek_client = data->set.seek_client; /* restore */ - if(http == NULL) + if(!http) return CURLE_OK; if(http->send_buffer) { @@ -1475,27 +1483,7 @@ CURLcode Curl_http_done(struct connectdata *conn, http->send_buffer = NULL; /* clear the pointer */ } -#ifdef USE_NGHTTP2 - if(http->header_recvbuf) { - DEBUGF(infof(data, "free header_recvbuf!!\n")); - Curl_add_buffer_free(http->header_recvbuf); - http->header_recvbuf = NULL; /* clear the pointer */ - Curl_add_buffer_free(http->trailer_recvbuf); - http->trailer_recvbuf = NULL; /* clear the pointer */ - if(http->push_headers) { - /* if they weren't used and then freed before */ - for(; http->push_headers_used > 0; --http->push_headers_used) { - free(http->push_headers[http->push_headers_used - 1]); - } - free(http->push_headers); - http->push_headers = NULL; - } - } - if(http->stream_id) { - nghttp2_session_set_stream_user_data(httpc->h2, http->stream_id, 0); - http->stream_id = 0; - } -#endif + Curl_http2_done(conn, premature); if(HTTPREQ_POST_FORM == data->set.httpreq) { data->req.bytecount = http->readbytecount + http->writebytecount; @@ -1517,9 +1505,9 @@ CURLcode Curl_http_done(struct connectdata *conn, entire operation is complete */ !conn->bits.retry && !data->set.connect_only && - ((http->readbytecount + - data->req.headerbytecount - - data->req.deductheadercount)) <= 0) { + (http->readbytecount + + data->req.headerbytecount - + data->req.deductheadercount) <= 0) { /* If this connection isn't simply closed to be retried, AND nothing was read from the HTTP server (that counts), this can't be right so we return an error here */ @@ -1530,7 +1518,6 @@ CURLcode Curl_http_done(struct connectdata *conn, return CURLE_OK; } - /* * Determine if we should use HTTP 1.1 (OR BETTER) for this request. Reasons * to avoid it include: @@ -1540,7 +1527,7 @@ CURLcode Curl_http_done(struct connectdata *conn, * - if any server previously contacted to handle this request only supports * 1.0. */ -static bool use_http_1_1plus(const struct SessionHandle *data, +static bool use_http_1_1plus(const struct Curl_easy *data, const struct connectdata *conn) { if((data->state.httpversion == 10) || (conn->httpversion == 10)) @@ -1553,7 +1540,7 @@ static bool use_http_1_1plus(const struct SessionHandle *data, } /* check and possibly add an Expect: header */ -static CURLcode expect100(struct SessionHandle *data, +static CURLcode expect100(struct Curl_easy *data, struct connectdata *conn, Curl_send_buffer *req_buffer) { @@ -1578,6 +1565,7 @@ static CURLcode expect100(struct SessionHandle *data, data->state.expect100header = TRUE; } } + return result; } @@ -1595,7 +1583,7 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn, struct curl_slist *h[2]; struct curl_slist *headers; int numlists=1; /* by default */ - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int i; enum proxy_use proxy; @@ -1696,10 +1684,11 @@ CURLcode Curl_add_custom_headers(struct connectdata *conn, headers = headers->next; } } + return CURLE_OK; } -CURLcode Curl_add_timecondition(struct SessionHandle *data, +CURLcode Curl_add_timecondition(struct Curl_easy *data, Curl_send_buffer *req_buffer) { const struct tm *tm; @@ -1757,13 +1746,13 @@ CURLcode Curl_add_timecondition(struct SessionHandle *data, } /* - * Curl_http() gets called from the generic Curl_do() function when a HTTP + * Curl_http() gets called from the generic multi_do() function when a HTTP * request is to be performed. This creates and sends a properly constructed * HTTP request. */ CURLcode Curl_http(struct connectdata *conn, bool *done) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result = CURLE_OK; struct HTTP *http; const char *ppath = data->state.path; @@ -1793,13 +1782,6 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) switch(conn->negnpn) { case CURL_HTTP_VERSION_2: conn->httpversion = 20; /* we know we're on HTTP/2 now */ - result = Curl_http2_init(conn); - if(result) - return result; - - result = Curl_http2_setup(conn); - if(result) - return result; result = Curl_http2_switched(conn, NULL, 0); if(result) @@ -1809,7 +1791,18 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) /* continue with HTTP/1.1 when explicitly requested */ break; default: - /* and as fallback */ + /* Check if user wants to use HTTP/2 with clear TCP*/ +#ifdef USE_NGHTTP2 + if(conn->data->set.httpversion == + CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE) { + DEBUGF(infof(data, "HTTP/2 over clean TCP\n")); + conn->httpversion = 20; + + result = Curl_http2_switched(conn, NULL, 0); + if(result) + return result; + } +#endif break; } } @@ -1829,6 +1822,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) data->state.first_host = strdup(conn->host.name); if(!data->state.first_host) return CURLE_OUT_OF_MEMORY; + + data->state.first_remote_port = conn->remote_port; } http->writebytecount = http->readbytecount = 0; @@ -1910,6 +1905,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) if(!conn->allocptr.accept_encoding) return CURLE_OUT_OF_MEMORY; } + else { + Curl_safefree(conn->allocptr.accept_encoding); + conn->allocptr.accept_encoding = NULL; + } #ifdef HAVE_LIBZ /* we only consider transfer-encoding magic if libz support is built-in */ @@ -2145,7 +2144,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) * file size before we continue this venture in the dark lands of HTTP. *********************************************************************/ - if(data->state.resume_from < 0 ) { + if(data->state.resume_from < 0) { /* * This is meant to get the size of the present remote-file by itself. * We don't support this now. Bail out! @@ -2294,6 +2293,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) "%s" /* TE: */ "%s" /* accept-encoding */ "%s" /* referer */ + "%s" /* Proxy-Connection */ "%s",/* transfer-encoding */ ftp_typecode, @@ -2316,6 +2316,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) conn->allocptr.accept_encoding:"", (data->change.referer && conn->allocptr.ref)? conn->allocptr.ref:"" /* Referer: */, + (conn->bits.httpproxy && + !conn->bits.tunnel_proxy && + !Curl_checkProxyheaders(conn, "Proxy-Connection:"))? + "Proxy-Connection: Keep-Alive\r\n":"", te ); @@ -2766,7 +2770,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) * Returns TRUE if member of the list matches prefix of string */ static bool -checkhttpprefix(struct SessionHandle *data, +checkhttpprefix(struct Curl_easy *data, const char *s) { struct curl_slist *head = data->set.http200aliases; @@ -2805,7 +2809,7 @@ checkhttpprefix(struct SessionHandle *data, #ifndef CURL_DISABLE_RTSP static bool -checkrtspprefix(struct SessionHandle *data, +checkrtspprefix(struct Curl_easy *data, const char *s) { @@ -2833,7 +2837,7 @@ checkrtspprefix(struct SessionHandle *data, #endif /* CURL_DISABLE_RTSP */ static bool -checkprotoprefix(struct SessionHandle *data, struct connectdata *conn, +checkprotoprefix(struct Curl_easy *data, struct connectdata *conn, const char *s) { #ifndef CURL_DISABLE_RTSP @@ -2851,7 +2855,7 @@ checkprotoprefix(struct SessionHandle *data, struct connectdata *conn, * header. We make sure that the full string fit in the allocated header * buffer, or else we enlarge it. */ -static CURLcode header_append(struct SessionHandle *data, +static CURLcode header_append(struct Curl_easy *data, struct SingleRequest *k, size_t length) { @@ -2889,7 +2893,7 @@ static CURLcode header_append(struct SessionHandle *data, return CURLE_OK; } -static void print_http_error(struct SessionHandle *data) +static void print_http_error(struct Curl_easy *data) { struct SingleRequest *k = &data->req; char *beg = k->p; @@ -2929,7 +2933,7 @@ static void print_http_error(struct SessionHandle *data) /* * Read any HTTP header lines from the server and pass them to the client app. */ -CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, +CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, struct connectdata *conn, ssize_t *nread, bool *stop_reading) @@ -3029,21 +3033,21 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, #endif /* CURL_DOES_CONVERSIONS */ if(100 <= k->httpcode && 199 >= k->httpcode) { - /* - * We have made a HTTP PUT or POST and this is 1.1-lingo - * that tells us that the server is OK with this and ready - * to receive the data. - * However, we'll get more headers now so we must get - * back into the header-parsing state! - */ - k->header = TRUE; - k->headerline = 0; /* restart the header line counter */ - /* "A user agent MAY ignore unexpected 1xx status responses." */ switch(k->httpcode) { case 100: + /* + * We have made a HTTP PUT or POST and this is 1.1-lingo + * that tells us that the server is OK with this and ready + * to receive the data. + * However, we'll get more headers now so we must get + * back into the header-parsing state! + */ + k->header = TRUE; + k->headerline = 0; /* restart the header line counter */ + /* if we did wait for this do enable write now! */ - if(k->exp100) { + if(k->exp100 > EXP100_SEND_DATA) { k->exp100 = EXP100_SEND_DATA; k->keepon |= KEEP_SEND; } @@ -3051,9 +3055,14 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, case 101: /* Switching Protocols */ if(k->upgr101 == UPGR101_REQUESTED) { + /* Switching to HTTP/2 */ infof(data, "Received 101\n"); k->upgr101 = UPGR101_RECEIVED; + /* we'll get more headers (HTTP/2 response) */ + k->header = TRUE; + k->headerline = 0; /* restart the header line counter */ + /* switch to http2 now. The bytes after response headers are also processed here, otherwise they are lost. */ result = Curl_http2_switched(conn, k->str, *nread); @@ -3061,8 +3070,16 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, return result; *nread = 0; } + else { + /* Switching to another protocol (e.g. WebSocket) */ + k->header = FALSE; /* no more header to parse! */ + } break; default: + /* the status code 1xx indicates a provisional response, so + we'll get another set of headers */ + k->header = TRUE; + k->headerline = 0; /* restart the header line counter */ break; } } @@ -3080,7 +3097,7 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, signal the end of the document. */ infof(data, "no chunk, no close, no size. Assume close to " "signal end\n"); - connclose(conn, "HTTP: No end-of-message indicator"); + streamclose(conn, "HTTP: No end-of-message indicator"); } } @@ -3127,52 +3144,50 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, data->req.deductheadercount = (100 <= k->httpcode && 199 >= k->httpcode)?data->req.headerbytecount:0; - if(!*stop_reading) { - /* Curl_http_auth_act() checks what authentication methods - * that are available and decides which one (if any) to - * use. It will set 'newurl' if an auth method was picked. */ - result = Curl_http_auth_act(conn); + /* Curl_http_auth_act() checks what authentication methods + * that are available and decides which one (if any) to + * use. It will set 'newurl' if an auth method was picked. */ + result = Curl_http_auth_act(conn); - if(result) - return result; + if(result) + return result; - if(k->httpcode >= 300) { - if((!conn->bits.authneg) && !conn->bits.close && - !conn->bits.rewindaftersend) { - /* - * General treatment of errors when about to send data. Including : - * "417 Expectation Failed", while waiting for 100-continue. - * - * The check for close above is done simply because of something - * else has already deemed the connection to get closed then - * something else should've considered the big picture and we - * avoid this check. - * - * rewindaftersend indicates that something has told libcurl to - * continue sending even if it gets discarded + if(k->httpcode >= 300) { + if((!conn->bits.authneg) && !conn->bits.close && + !conn->bits.rewindaftersend) { + /* + * General treatment of errors when about to send data. Including : + * "417 Expectation Failed", while waiting for 100-continue. + * + * The check for close above is done simply because of something + * else has already deemed the connection to get closed then + * something else should've considered the big picture and we + * avoid this check. + * + * rewindaftersend indicates that something has told libcurl to + * continue sending even if it gets discarded + */ + + switch(data->set.httpreq) { + case HTTPREQ_PUT: + case HTTPREQ_POST: + case HTTPREQ_POST_FORM: + /* We got an error response. If this happened before the whole + * request body has been sent we stop sending and mark the + * connection for closure after we've read the entire response. */ - - switch(data->set.httpreq) { - case HTTPREQ_PUT: - case HTTPREQ_POST: - case HTTPREQ_POST_FORM: - /* We got an error response. If this happened before the whole - * request body has been sent we stop sending and mark the - * connection for closure after we've read the entire response. - */ - if(!k->upload_done) { - infof(data, "HTTP error before end of send, stop sending\n"); - connclose(conn, "Stop sending data before everything sent"); - k->upload_done = TRUE; - k->keepon &= ~KEEP_SEND; /* don't send */ - if(data->state.expect100header) - k->exp100 = EXP100_FAILED; - } - break; - - default: /* default label present to avoid compiler warnings */ - break; + if(!k->upload_done) { + infof(data, "HTTP error before end of send, stop sending\n"); + streamclose(conn, "Stop sending data before everything sent"); + k->upload_done = TRUE; + k->keepon &= ~KEEP_SEND; /* don't send */ + if(data->state.expect100header) + k->exp100 = EXP100_FAILED; } + break; + + default: /* default label present to avoid compiler warnings */ + break; } } @@ -3199,7 +3214,7 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, (k->size <= -1)) /* Respect section 4.4 of rfc2326: If the Content-Length header is absent, a length 0 must be assumed. It will prevent libcurl from - hanging on DECRIBE request that got refused for whatever + hanging on DESCRIBE request that got refused for whatever reason */ *stop_reading = TRUE; #endif @@ -3297,6 +3312,13 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, &httpversion_major, &conn->httpversion, &k->httpcode); + + if(nc == 1 && httpversion_major == 2 && + 1 == sscanf(HEADER1, " HTTP/2 %d", &k->httpcode)) { + conn->httpversion = 0; + nc = 3; + } + if(nc==3) { conn->httpversion += 10 * httpversion_major; @@ -3460,7 +3482,7 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, /* Negative Content-Length is really odd, and we know it happens for example when older Apache servers send large files */ - connclose(conn, "negative content-length"); + streamclose(conn, "negative content-length"); infof(data, "Negative content-length: %" CURL_FORMAT_CURL_OFF_T ", closing after transfer\n", contentlength); } @@ -3533,7 +3555,7 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, * the connection will close when this request has been * served. */ - connclose(conn, "Connection: close used"); + streamclose(conn, "Connection: close used"); } else if(checkprefix("Transfer-Encoding:", k->p)) { /* One or more encodings. We check for chunked and/or a compression @@ -3743,7 +3765,7 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, k->hbufp = data->state.headerbuff; k->hbuflen = 0; } - while(!*stop_reading && *k->str); /* header line within buffer */ + while(*k->str); /* header line within buffer */ /* We might have reached the end of the header part here, but there might be a non-header part left in the end of the read diff --git a/lib/http.h b/lib/http.h index 5000df448..9fb669c9d 100644 --- a/lib/http.h +++ b/lib/http.h @@ -69,7 +69,7 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in, size_t included_body_bytes, int socketindex); -CURLcode Curl_add_timecondition(struct SessionHandle *data, +CURLcode Curl_add_timecondition(struct Curl_easy *data, Curl_send_buffer *buf); CURLcode Curl_add_custom_headers(struct connectdata *conn, bool is_connect, @@ -87,7 +87,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn, char *datap, ssize_t length, ssize_t *wrote); /* These functions are in http.c */ -void Curl_http_auth_stage(struct SessionHandle *data, int stage); +void Curl_http_auth_stage(struct Curl_easy *data, int stage); CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, const char *auth); CURLcode Curl_http_auth_act(struct connectdata *conn); @@ -168,6 +168,7 @@ struct HTTP { const uint8_t *pausedata; /* pointer to data received in on_data_chunk */ size_t pauselen; /* the number of bytes left in data */ bool closed; /* TRUE on HTTP2 stream close */ + bool close_handled; /* TRUE if stream closure is handled by libcurl */ uint32_t error_code; /* HTTP/2 error code */ char *mem; /* points to a buffer in memory to store received data */ @@ -214,15 +215,16 @@ struct http_conn { them for both cases. */ int32_t pause_stream_id; /* stream ID which paused nghttp2_session_mem_recv */ + size_t drain_total; /* sum of all stream's UrlState.drain */ - /* this is a hash of all individual streams (SessionHandle structs) */ + /* this is a hash of all individual streams (Curl_easy structs) */ struct h2settings settings; #else int unused; /* prevent a compiler warning */ #endif }; -CURLcode Curl_http_readwrite_headers(struct SessionHandle *data, +CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, struct connectdata *conn, ssize_t *nread, bool *stop_reading); diff --git a/lib/http2.c b/lib/http2.c index 91abbf04e..a66b8f74c 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -23,7 +23,6 @@ #include "curl_setup.h" #ifdef USE_NGHTTP2 -#include "curl_printf.h" #include #include "urldata.h" #include "http2.h" @@ -35,8 +34,10 @@ #include "conncache.h" #include "url.h" #include "connect.h" +#include "strtoofft.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -46,6 +47,18 @@ #error too old nghttp2 version, upgrade! #endif +#if (NGHTTP2_VERSION_NUM > 0x010800) +#define NGHTTP2_HAS_HTTP2_STRERROR 1 +#endif + +#if (NGHTTP2_VERSION_NUM >= 0x010900) +/* nghttp2_session_callbacks_set_error_callback is present in nghttp2 1.9.0 or + later */ +#define NGHTTP2_HAS_ERROR_CALLBACK 1 +#else +#define nghttp2_session_callbacks_set_error_callback(x,y) +#endif + /* * Curl_http2_init_state() is called when the easy handle is created and * allows for HTTP/2 specific init of state. @@ -79,8 +92,9 @@ static int http2_perform_getsock(const struct connectdata *conn, because of renegotiation. */ sock[0] = conn->sock[FIRSTSOCKET]; - if(nghttp2_session_want_read(c->h2)) - bitmap |= GETSOCK_READSOCK(FIRSTSOCKET); + /* in a HTTP/2 connection we can basically always get a frame so we should + always be ready for one */ + bitmap |= GETSOCK_READSOCK(FIRSTSOCKET); if(nghttp2_session_want_write(c->h2)) bitmap |= GETSOCK_WRITESOCK(FIRSTSOCKET); @@ -126,7 +140,7 @@ static CURLcode http2_disconnect(struct connectdata *conn, } /* called from Curl_http_setup_conn */ -void Curl_http2_setup_req(struct SessionHandle *data) +void Curl_http2_setup_req(struct Curl_easy *data) { struct HTTP *http = data->req.protop; @@ -137,6 +151,7 @@ void Curl_http2_setup_req(struct SessionHandle *data) http->pauselen = 0; http->error_code = NGHTTP2_NO_ERROR; http->closed = FALSE; + http->close_handled = FALSE; http->mem = data->state.buffer; http->len = BUFSIZE; http->memlen = 0; @@ -155,7 +170,7 @@ void Curl_http2_setup_conn(struct connectdata *conn) * HTTP to HTTP2. */ const struct Curl_handler Curl_handler_http2 = { - "HTTP2", /* scheme */ + "HTTP", /* scheme */ ZERO_NULL, /* setup_connection */ Curl_http, /* do_it */ Curl_http_done, /* done */ @@ -171,11 +186,11 @@ const struct Curl_handler Curl_handler_http2 = { ZERO_NULL, /* readwrite */ PORT_HTTP, /* defport */ CURLPROTO_HTTP, /* protocol */ - PROTOPT_NONE /* flags */ + PROTOPT_STREAM /* flags */ }; const struct Curl_handler Curl_handler_http2_ssl = { - "HTTP2", /* scheme */ + "HTTPS", /* scheme */ ZERO_NULL, /* setup_connection */ Curl_http, /* do_it */ Curl_http_done, /* done */ @@ -191,7 +206,7 @@ const struct Curl_handler Curl_handler_http2_ssl = { ZERO_NULL, /* readwrite */ PORT_HTTP, /* defport */ CURLPROTO_HTTPS, /* protocol */ - PROTOPT_SSL /* flags */ + PROTOPT_SSL | PROTOPT_STREAM /* flags */ }; /* @@ -204,6 +219,34 @@ int Curl_http2_ver(char *p, size_t len) return snprintf(p, len, " nghttp2/%s", h2->version_str); } +/* HTTP/2 error code to name based on the Error Code Registry. +https://tools.ietf.org/html/rfc7540#page-77 +nghttp2_error_code enums are identical. +*/ +const char *Curl_http2_strerror(uint32_t err) { +#ifndef NGHTTP2_HAS_HTTP2_STRERROR + const char *str[] = { + "NO_ERROR", /* 0x0 */ + "PROTOCOL_ERROR", /* 0x1 */ + "INTERNAL_ERROR", /* 0x2 */ + "FLOW_CONTROL_ERROR", /* 0x3 */ + "SETTINGS_TIMEOUT", /* 0x4 */ + "STREAM_CLOSED", /* 0x5 */ + "FRAME_SIZE_ERROR", /* 0x6 */ + "REFUSED_STREAM", /* 0x7 */ + "CANCEL", /* 0x8 */ + "COMPRESSION_ERROR", /* 0x9 */ + "CONNECT_ERROR", /* 0xA */ + "ENHANCE_YOUR_CALM", /* 0xB */ + "INADEQUATE_SECURITY", /* 0xC */ + "HTTP_1_1_REQUIRED" /* 0xD */ + }; + return (err < sizeof str / sizeof str[0]) ? str[err] : "unknown"; +#else + return nghttp2_http2_strerror(err); +#endif +} + /* * The implementation of nghttp2_send_callback type. Here we write |data| with * size |length| to the network and return the number of bytes actually @@ -243,7 +286,7 @@ static ssize_t send_callback(nghttp2_session *h2, /* We pass a pointer to this struct in the push callback, but the contents of the struct are hidden from the user. */ struct curl_pushheaders { - struct SessionHandle *data; + struct Curl_easy *data; const nghttp2_push_promise *frame; }; @@ -294,9 +337,9 @@ char *curl_pushheader_byname(struct curl_pushheaders *h, const char *header) return NULL; } -static CURL *duphandle(struct SessionHandle *data) +static struct Curl_easy *duphandle(struct Curl_easy *data) { - struct SessionHandle *second = curl_easy_duphandle(data); + struct Curl_easy *second = curl_easy_duphandle(data); if(second) { /* setup the request struct */ struct HTTP *http = calloc(1, sizeof(struct HTTP)); @@ -322,7 +365,7 @@ static CURL *duphandle(struct SessionHandle *data) } -static int push_promise(struct SessionHandle *data, +static int push_promise(struct Curl_easy *data, struct connectdata *conn, const nghttp2_push_promise *frame) { @@ -337,7 +380,7 @@ static int push_promise(struct SessionHandle *data, struct http_conn *httpc; size_t i; /* clone the parent */ - struct SessionHandle *newhandle = duphandle(data); + struct Curl_easy *newhandle = duphandle(data); if(!newhandle) { infof(data, "failed to duplicate handle\n"); rv = 1; /* FAIL HARD */ @@ -404,7 +447,7 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, { struct connectdata *conn = (struct connectdata *)userp; struct http_conn *httpc = &conn->proto.httpc; - struct SessionHandle *data_s = NULL; + struct Curl_easy *data_s = NULL; struct HTTP *stream = NULL; static int lastStream = -1; int rv; @@ -441,14 +484,17 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, } if(!data_s) { DEBUGF(infof(conn->data, - "No SessionHandle associated with stream: %x\n", + "No Curl_easy associated with stream: %x\n", stream_id)); return 0; } stream = data_s->req.protop; - if(!stream) + if(!stream) { + DEBUGF(infof(conn->data, "No proto pointer for stream: %x\n", + stream_id)); return NGHTTP2_ERR_CALLBACK_FAILURE; + } DEBUGF(infof(data_s, "on_frame_recv() header %x stream %x\n", frame->hd.type, stream_id)); @@ -499,13 +545,14 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, stream->memlen += ncopy; data_s->state.drain++; + httpc->drain_total++; { /* get the pointer from userp again since it was re-assigned above */ struct connectdata *conn_s = (struct connectdata *)userp; /* if we receive data for another handle, wake that up */ if(conn_s->data != data_s) - Curl_expire(data_s, 1); + Curl_expire(data_s, 0); } break; case NGHTTP2_PUSH_PROMISE: @@ -531,7 +578,7 @@ static int on_invalid_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, int lib_error_code, void *userp) { - struct SessionHandle *data_s = NULL; + struct Curl_easy *data_s = NULL; (void)userp; data_s = nghttp2_session_get_stream_user_data(session, frame->hd.stream_id); @@ -548,7 +595,7 @@ static int on_data_chunk_recv(nghttp2_session *session, uint8_t flags, const uint8_t *data, size_t len, void *userp) { struct HTTP *stream; - struct SessionHandle *data_s; + struct Curl_easy *data_s; size_t nread; struct connectdata *conn = (struct connectdata *)userp; (void)session; @@ -575,11 +622,11 @@ static int on_data_chunk_recv(nghttp2_session *session, uint8_t flags, stream->memlen += nread; data_s->state.drain++; + conn->proto.httpc.drain_total++; /* if we receive data for another handle, wake that up */ if(conn->data != data_s) - Curl_expire(data_s, 1); /* TODO: fix so that this can be set to 0 for - immediately? */ + Curl_expire(data_s, 0); DEBUGF(infof(data_s, "%zu data received for stream %u " "(%zu left in buffer %p, total %zu)\n", @@ -594,8 +641,18 @@ static int on_data_chunk_recv(nghttp2_session *session, uint8_t flags, ", stream %u\n", len - nread, stream_id)); data_s->easy_conn->proto.httpc.pause_stream_id = stream_id; + + return NGHTTP2_ERR_PAUSE; + } + + /* pause execution of nghttp2 if we received data for another handle + in order to process them first. */ + if(conn->data != data_s) { + data_s->easy_conn->proto.httpc.pause_stream_id = stream_id; + return NGHTTP2_ERR_PAUSE; } + return 0; } @@ -603,7 +660,7 @@ static int before_frame_send(nghttp2_session *session, const nghttp2_frame *frame, void *userp) { - struct SessionHandle *data_s; + struct Curl_easy *data_s; (void)userp; data_s = nghttp2_session_get_stream_user_data(session, frame->hd.stream_id); @@ -617,7 +674,7 @@ static int on_frame_send(nghttp2_session *session, const nghttp2_frame *frame, void *userp) { - struct SessionHandle *data_s; + struct Curl_easy *data_s; (void)userp; data_s = nghttp2_session_get_stream_user_data(session, frame->hd.stream_id); @@ -631,7 +688,7 @@ static int on_frame_not_send(nghttp2_session *session, const nghttp2_frame *frame, int lib_error_code, void *userp) { - struct SessionHandle *data_s; + struct Curl_easy *data_s; (void)userp; data_s = nghttp2_session_get_stream_user_data(session, frame->hd.stream_id); @@ -645,11 +702,11 @@ static int on_frame_not_send(nghttp2_session *session, static int on_stream_close(nghttp2_session *session, int32_t stream_id, uint32_t error_code, void *userp) { - struct SessionHandle *data_s; + struct Curl_easy *data_s; struct HTTP *stream; + struct connectdata *conn = (struct connectdata *)userp; (void)session; (void)stream_id; - (void)userp; if(stream_id) { /* get the stream from the hash based on Stream ID, stream ID zero is for @@ -660,14 +717,16 @@ static int on_stream_close(nghttp2_session *session, int32_t stream_id, decided to reject stream (e.g., PUSH_PROMISE). */ return 0; } - DEBUGF(infof(data_s, "on_stream_close(), error_code = %d, stream %u\n", - error_code, stream_id)); + DEBUGF(infof(data_s, "on_stream_close(), %s (err %d), stream %u\n", + Curl_http2_strerror(error_code), error_code, stream_id)); stream = data_s->req.protop; if(!stream) return NGHTTP2_ERR_CALLBACK_FAILURE; stream->error_code = error_code; stream->closed = TRUE; + data_s->state.drain++; + conn->proto.httpc.drain_total++; /* remove the entry from the hash as the stream is now gone */ nghttp2_session_set_stream_user_data(session, stream_id, 0); @@ -680,7 +739,7 @@ static int on_begin_headers(nghttp2_session *session, const nghttp2_frame *frame, void *userp) { struct HTTP *stream; - struct SessionHandle *data_s = NULL; + struct Curl_easy *data_s = NULL; (void)userp; data_s = nghttp2_session_get_stream_user_data(session, frame->hd.stream_id); @@ -747,7 +806,7 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, void *userp) { struct HTTP *stream; - struct SessionHandle *data_s; + struct Curl_easy *data_s; int32_t stream_id = frame->hd.stream_id; struct connectdata *conn = (struct connectdata *)userp; (void)flags; @@ -807,7 +866,7 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, Curl_add_buffer(stream->trailer_recvbuf, &n, sizeof(n)); Curl_add_buffer(stream->trailer_recvbuf, name, namelen); - Curl_add_buffer(stream->trailer_recvbuf, ":", 1); + Curl_add_buffer(stream->trailer_recvbuf, ": ", 2); Curl_add_buffer(stream->trailer_recvbuf, value, valuelen); Curl_add_buffer(stream->trailer_recvbuf, "\r\n\0", 3); @@ -822,13 +881,13 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, stream->status_code = decode_status_code(value, valuelen); DEBUGASSERT(stream->status_code != -1); - Curl_add_buffer(stream->header_recvbuf, "HTTP/2.0 ", 9); + Curl_add_buffer(stream->header_recvbuf, "HTTP/2 ", 7); Curl_add_buffer(stream->header_recvbuf, value, valuelen); - Curl_add_buffer(stream->header_recvbuf, "\r\n", 2); - data_s->state.drain++; + /* the space character after the status code is mandatory */ + Curl_add_buffer(stream->header_recvbuf, " \r\n", 3); /* if we receive data for another handle, wake that up */ if(conn->data != data_s) - Curl_expire(data_s, 1); + Curl_expire(data_s, 0); DEBUGF(infof(data_s, "h2 status: HTTP/2 %03d (easy %p)\n", stream->status_code, data_s)); @@ -839,13 +898,12 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, received, and this is not pseudo-header field . */ /* convert to a HTTP1-style header */ Curl_add_buffer(stream->header_recvbuf, name, namelen); - Curl_add_buffer(stream->header_recvbuf, ":", 1); + Curl_add_buffer(stream->header_recvbuf, ": ", 2); Curl_add_buffer(stream->header_recvbuf, value, valuelen); Curl_add_buffer(stream->header_recvbuf, "\r\n", 2); - data_s->state.drain++; /* if we receive data for another handle, wake that up */ if(conn->data != data_s) - Curl_expire(data_s, 1); + Curl_expire(data_s, 0); DEBUGF(infof(data_s, "h2 header: %.*s: %.*s\n", namelen, name, valuelen, value)); @@ -860,7 +918,7 @@ static ssize_t data_source_read_callback(nghttp2_session *session, nghttp2_data_source *source, void *userp) { - struct SessionHandle *data_s; + struct Curl_easy *data_s; struct HTTP *stream = NULL; size_t nread; (void)source; @@ -891,7 +949,7 @@ static ssize_t data_source_read_callback(nghttp2_session *session, } if(stream->upload_left == 0) - *data_flags = 1; + *data_flags = NGHTTP2_DATA_FLAG_EOF; else if(nread == 0) return NGHTTP2_ERR_DEFERRED; @@ -912,6 +970,56 @@ static nghttp2_settings_entry settings[] = { #define H2_BUFSIZE 32768 +#ifdef NGHTTP2_HAS_ERROR_CALLBACK +static int error_callback(nghttp2_session *session, + const char *msg, + size_t len, + void *userp) +{ + struct connectdata *conn = (struct connectdata *)userp; + (void)session; + infof(conn->data, "http2 error: %.*s\n", len, msg); + return 0; +} +#endif + +void Curl_http2_done(struct connectdata *conn, bool premature) +{ + struct Curl_easy *data = conn->data; + struct HTTP *http = data->req.protop; + struct http_conn *httpc = &conn->proto.httpc; + + if(http->header_recvbuf) { + DEBUGF(infof(data, "free header_recvbuf!!\n")); + Curl_add_buffer_free(http->header_recvbuf); + http->header_recvbuf = NULL; /* clear the pointer */ + Curl_add_buffer_free(http->trailer_recvbuf); + http->trailer_recvbuf = NULL; /* clear the pointer */ + if(http->push_headers) { + /* if they weren't used and then freed before */ + for(; http->push_headers_used > 0; --http->push_headers_used) { + free(http->push_headers[http->push_headers_used - 1]); + } + free(http->push_headers); + http->push_headers = NULL; + } + } + + if(premature) { + /* RST_STREAM */ + nghttp2_submit_rst_stream(httpc->h2, NGHTTP2_FLAG_NONE, http->stream_id, + NGHTTP2_STREAM_CLOSED); + if(http->stream_id == httpc->pause_stream_id) { + infof(data, "stopped the pause stream!\n"); + httpc->pause_stream_id = 0; + } + } + if(http->stream_id) { + nghttp2_session_set_stream_user_data(httpc->h2, http->stream_id, 0); + http->stream_id = 0; + } +} + /* * Initialize nghttp2 for a Curl connection */ @@ -961,6 +1069,8 @@ CURLcode Curl_http2_init(struct connectdata *conn) /* nghttp2_on_header_callback */ nghttp2_session_callbacks_set_on_header_callback(callbacks, on_header); + nghttp2_session_callbacks_set_error_callback(callbacks, error_callback); + /* The nghttp2 session is not yet setup, do it */ rc = nghttp2_session_client_new(&conn->proto.httpc.h2, callbacks, conn); @@ -1019,9 +1129,110 @@ CURLcode Curl_http2_request_upgrade(Curl_send_buffer *req, return result; } +/* + * Returns nonzero if current HTTP/2 session should be closed. + */ +static int should_close_session(struct http_conn *httpc) +{ + return httpc->drain_total == 0 && !nghttp2_session_want_read(httpc->h2) && + !nghttp2_session_want_write(httpc->h2); +} + +static int h2_session_send(struct Curl_easy *data, + nghttp2_session *h2); + +/* + * h2_process_pending_input() processes pending input left in + * httpc->inbuf. Then, call h2_session_send() to send pending data. + * This function returns 0 if it succeeds, or -1 and error code will + * be assigned to *err. + */ +static int h2_process_pending_input(struct Curl_easy *data, + struct http_conn *httpc, + CURLcode *err) +{ + ssize_t nread; + char *inbuf; + ssize_t rv; + + nread = httpc->inbuflen - httpc->nread_inbuf; + inbuf = httpc->inbuf + httpc->nread_inbuf; + + rv = nghttp2_session_mem_recv(httpc->h2, (const uint8_t *)inbuf, nread); + if(rv < 0) { + failf(data, + "h2_process_pending_input: nghttp2_session_mem_recv() returned " + "%d:%s\n", rv, nghttp2_strerror((int)rv)); + *err = CURLE_RECV_ERROR; + return -1; + } + + if(nread == rv) { + DEBUGF(infof(data, + "h2_process_pending_input: All data in connection buffer " + "processed\n")); + httpc->inbuflen = 0; + httpc->nread_inbuf = 0; + } + else { + httpc->nread_inbuf += rv; + DEBUGF(infof(data, + "h2_process_pending_input: %zu bytes left in connection " + "buffer\n", + httpc->inbuflen - httpc->nread_inbuf)); + } + + rv = h2_session_send(data, httpc->h2); + if(rv != 0) { + *err = CURLE_SEND_ERROR; + return -1; + } + + if(should_close_session(httpc)) { + DEBUGF(infof(data, + "h2_process_pending_input: nothing to do in this session\n")); + *err = CURLE_HTTP2; + return -1; + } + + return 0; +} + +/* + * Called from transfer.c:done_sending when we stop uploading. + */ +CURLcode Curl_http2_done_sending(struct connectdata *conn) +{ + CURLcode result = CURLE_OK; + + if((conn->handler == &Curl_handler_http2_ssl) || + (conn->handler == &Curl_handler_http2)) { + /* make sure this is only attempted for HTTP/2 transfers */ + + struct HTTP *stream = conn->data->req.protop; + + if(stream->upload_left) { + /* If the stream still thinks there's data left to upload. */ + struct http_conn *httpc = &conn->proto.httpc; + nghttp2_session *h2 = httpc->h2; + + stream->upload_left = 0; /* DONE! */ + + /* resume sending here to trigger the callback to get called again so + that it can signal EOF to nghttp2 */ + (void)nghttp2_session_resume_data(h2, stream->stream_id); + + (void)h2_process_pending_input(conn->data, httpc, &result); + } + } + return result; +} + + static ssize_t http2_handle_stream_close(struct connectdata *conn, - struct SessionHandle *data, - struct HTTP *stream, CURLcode *err) { + struct Curl_easy *data, + struct HTTP *stream, CURLcode *err) +{ char *trailer_pos, *trailer_end; CURLcode result; struct http_conn *httpc = &conn->proto.httpc; @@ -1029,13 +1240,34 @@ static ssize_t http2_handle_stream_close(struct connectdata *conn, if(httpc->pause_stream_id == stream->stream_id) { httpc->pause_stream_id = 0; } - /* Reset to FALSE to prevent infinite loop in readwrite_data - function. */ + + DEBUGASSERT(httpc->drain_total >= data->state.drain); + httpc->drain_total -= data->state.drain; + data->state.drain = 0; + + if(httpc->pause_stream_id == 0) { + if(h2_process_pending_input(data, httpc, err) != 0) { + return -1; + } + } + + DEBUGASSERT(data->state.drain == 0); + + /* Reset to FALSE to prevent infinite loop in readwrite_data function. */ stream->closed = FALSE; if(stream->error_code != NGHTTP2_NO_ERROR) { - failf(data, "HTTP/2 stream %u was not closed cleanly: error_code = %d", - stream->stream_id, stream->error_code); - *err = CURLE_HTTP2; + failf(data, "HTTP/2 stream %u was not closed cleanly: %s (err %d)", + stream->stream_id, Curl_http2_strerror(stream->error_code), + stream->error_code); + *err = CURLE_HTTP2_STREAM; + return -1; + } + + if(!stream->bodystarted) { + failf(data, "HTTP/2 stream %u was closed cleanly, but before getting " + " all response header fields, teated as error", + stream->stream_id); + *err = CURLE_HTTP2_STREAM; return -1; } @@ -1058,6 +1290,8 @@ static ssize_t http2_handle_stream_close(struct connectdata *conn, } } + stream->close_handled = TRUE; + DEBUGF(infof(data, "http2_recv returns 0, http2_handle_stream_close\n")); return 0; } @@ -1068,7 +1302,7 @@ static ssize_t http2_handle_stream_close(struct connectdata *conn, * struct. */ -static void h2_pri_spec(struct SessionHandle *data, +static void h2_pri_spec(struct Curl_easy *data, nghttp2_priority_spec *pri_spec) { struct HTTP *depstream = (data->set.stream_depends_on? @@ -1086,7 +1320,7 @@ static void h2_pri_spec(struct SessionHandle *data, * dependency settings and if so it submits a PRIORITY frame with the updated * info. */ -static int h2_session_send(struct SessionHandle *data, +static int h2_session_send(struct Curl_easy *data, nghttp2_session *h2) { struct HTTP *stream = data->req.protop; @@ -1110,10 +1344,6 @@ static int h2_session_send(struct SessionHandle *data, return nghttp2_session_send(h2); } -/* - * If the read would block (EWOULDBLOCK) we return -1. Otherwise we return - * a regular CURLcode value. - */ static ssize_t http2_recv(struct connectdata *conn, int sockindex, char *mem, size_t len, CURLcode *err) { @@ -1121,17 +1351,16 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, ssize_t rv; ssize_t nread; struct http_conn *httpc = &conn->proto.httpc; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct HTTP *stream = data->req.protop; (void)sockindex; /* we always do HTTP2 on sockindex 0 */ - /* If stream is closed, return 0 to signal the http routine to close - the connection. We need to handle stream closure here, - otherwise, we may be going to read from underlying connection, - and gets EAGAIN, and we will get stuck there. */ - if(stream->memlen == 0 && stream->closed) { - return http2_handle_stream_close(conn, data, stream, err); + if(should_close_session(httpc)) { + DEBUGF(infof(data, + "http2_recv: nothing to do in this session\n")); + *err = CURLE_HTTP2; + return -1; } /* Nullify here because we call nghttp2_session_send() and they @@ -1140,7 +1369,7 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, stream->upload_len = 0; /* - * At this point 'stream' is just in the SessionHandle the connection + * At this point 'stream' is just in the Curl_easy the connection * identifies as its owner at this time. */ @@ -1173,8 +1402,18 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, stream->len = len - stream->memlen; stream->mem = mem; } + if(httpc->pause_stream_id == stream->stream_id && !stream->pausedata) { + /* We have paused nghttp2, but we have no pause data (see + on_data_chunk_recv). */ + httpc->pause_stream_id = 0; + if(h2_process_pending_input(data, httpc, &result) != 0) { + *err = result; + return -1; + } + } } else if(stream->pausedata) { + DEBUGASSERT(httpc->pause_stream_id == stream->stream_id); nread = MIN(len, stream->pauselen); memcpy(mem, stream->pausedata, nread); @@ -1197,7 +1436,10 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, frames, then we have to call it again with 0-length data. Without this, on_stream_close callback will not be called, and stream could be hanged. */ - nghttp2_session_mem_recv(httpc->h2, NULL, 0); + if(h2_process_pending_input(data, httpc, &result) != 0) { + *err = result; + return -1; + } } DEBUGF(infof(data, "http2_recv: returns unpaused %zd bytes on stream %u\n", nread, stream->stream_id)); @@ -1212,6 +1454,8 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, socket is not read. But it seems that usually streams are notified with its drain property, and socket is read again quickly. */ + DEBUGF(infof(data, "stream %x is paused, pause id: %x\n", + stream->stream_id, httpc->pause_stream_id)); *err = CURLE_AGAIN; return -1; } @@ -1230,6 +1474,10 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, if(nread == -1) { if(result != CURLE_AGAIN) failf(data, "Failed receiving HTTP2 data"); + else if(stream->closed) + /* received when the stream was already closed! */ + return http2_handle_stream_close(conn, data, stream, err); + *err = result; return -1; } @@ -1278,6 +1526,12 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, *err = CURLE_SEND_ERROR; return 0; } + + if(should_close_session(httpc)) { + DEBUGF(infof(data, "http2_recv: nothing to do in this session\n")); + *err = CURLE_HTTP2; + return -1; + } } if(stream->memlen) { ssize_t retlen = stream->memlen; @@ -1291,8 +1545,11 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, DEBUGF(infof(data, "Data returned for PAUSED stream %u\n", stream->stream_id)); } - else + else if(!stream->closed) { + DEBUGASSERT(httpc->drain_total >= data->state.drain); + httpc->drain_total -= data->state.drain; data->state.drain = 0; /* this stream is hereby drained */ + } return retlen; } @@ -1311,7 +1568,9 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, field list. */ #define AUTHORITY_DST_IDX 3 -/* return number of received (decrypted) bytes */ +#define HEADER_OVERFLOW(x) \ + (x.namelen > (uint16_t)-1 || x.valuelen > (uint16_t)-1 - x.namelen) + static ssize_t http2_send(struct connectdata *conn, int sockindex, const void *mem, size_t len, CURLcode *err) { @@ -1323,12 +1582,12 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, int rv; struct http_conn *httpc = &conn->proto.httpc; struct HTTP *stream = conn->data->req.protop; - nghttp2_nv *nva; + nghttp2_nv *nva = NULL; size_t nheader; size_t i; size_t authority_idx; char *hdbuf = (char*)mem; - char *end; + char *end, *line_end; nghttp2_data_provider data_prd; int32_t stream_id; nghttp2_session *h2 = httpc->h2; @@ -1339,6 +1598,14 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, DEBUGF(infof(conn->data, "http2_send len=%zu\n", len)); if(stream->stream_id != -1) { + if(stream->close_handled) { + infof(conn->data, "stream %d closed\n", stream->stream_id); + *err = CURLE_HTTP2_STREAM; + return -1; + } + else if(stream->closed) { + return http2_handle_stream_close(conn, conn->data, stream, err); + } /* If stream_id != -1, we have dispatched request HEADERS, and now are going to send or sending request body in DATA frame */ stream->upload_mem = mem; @@ -1356,6 +1623,12 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, stream->upload_mem = NULL; stream->upload_len = 0; + if(should_close_session(httpc)) { + DEBUGF(infof(conn->data, "http2_send: nothing to do in this session\n")); + *err = CURLE_HTTP2; + return -1; + } + if(stream->upload_left) { /* we are sure that we have more data to send here. Calling the following API will make nghttp2_session_want_write() return @@ -1373,12 +1646,16 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, /* Here, we assume the curl http code generate *correct* HTTP header field block */ nheader = 0; - for(i = 0; i < len; ++i) { - if(hdbuf[i] == 0x0a) { + for(i = 1; i < len; ++i) { + if(hdbuf[i] == '\n' && hdbuf[i - 1] == '\r') { ++nheader; + ++i; } } - /* We counted additional 2 \n in the first and last line. We need 3 + if(nheader < 2) + goto fail; + + /* We counted additional 2 \r\n in the first and last line. We need 3 new headers: :method, :path and :scheme. Therefore we need one more space. */ nheader += 1; @@ -1387,51 +1664,84 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, *err = CURLE_OUT_OF_MEMORY; return -1; } + /* Extract :method, :path from request line */ - end = strchr(hdbuf, ' '); - if(!end) + line_end = strstr(hdbuf, "\r\n"); + + /* Method does not contain spaces */ + end = memchr(hdbuf, ' ', line_end - hdbuf); + if(!end || end == hdbuf) goto fail; nva[0].name = (unsigned char *)":method"; - nva[0].namelen = (uint16_t)strlen((char *)nva[0].name); + nva[0].namelen = strlen((char *)nva[0].name); nva[0].value = (unsigned char *)hdbuf; - nva[0].valuelen = (uint16_t)(end - hdbuf); + nva[0].valuelen = (size_t)(end - hdbuf); nva[0].flags = NGHTTP2_NV_FLAG_NONE; + if(HEADER_OVERFLOW(nva[0])) { + failf(conn->data, "Failed sending HTTP request: Header overflow"); + goto fail; + } hdbuf = end + 1; - end = strchr(hdbuf, ' '); - if(!end) + /* Path may contain spaces so scan backwards */ + end = NULL; + for(i = (size_t)(line_end - hdbuf); i; --i) { + if(hdbuf[i - 1] == ' ') { + end = &hdbuf[i - 1]; + break; + } + } + if(!end || end == hdbuf) goto fail; nva[1].name = (unsigned char *)":path"; - nva[1].namelen = (uint16_t)strlen((char *)nva[1].name); + nva[1].namelen = strlen((char *)nva[1].name); nva[1].value = (unsigned char *)hdbuf; - nva[1].valuelen = (uint16_t)(end - hdbuf); + nva[1].valuelen = (size_t)(end - hdbuf); nva[1].flags = NGHTTP2_NV_FLAG_NONE; + if(HEADER_OVERFLOW(nva[1])) { + failf(conn->data, "Failed sending HTTP request: Header overflow"); + goto fail; + } + + hdbuf = end + 1; + end = line_end; nva[2].name = (unsigned char *)":scheme"; - nva[2].namelen = (uint16_t)strlen((char *)nva[2].name); + nva[2].namelen = strlen((char *)nva[2].name); if(conn->handler->flags & PROTOPT_SSL) nva[2].value = (unsigned char *)"https"; else nva[2].value = (unsigned char *)"http"; - nva[2].valuelen = (uint16_t)strlen((char *)nva[2].value); + nva[2].valuelen = strlen((char *)nva[2].value); nva[2].flags = NGHTTP2_NV_FLAG_NONE; - - hdbuf = strchr(hdbuf, 0x0a); - if(!hdbuf) + if(HEADER_OVERFLOW(nva[2])) { + failf(conn->data, "Failed sending HTTP request: Header overflow"); goto fail; - ++hdbuf; + } authority_idx = 0; - i = 3; while(i < nheader) { size_t hlen; int skip = 0; - end = strchr(hdbuf, ':'); - if(!end) + + hdbuf = line_end + 2; + + line_end = strstr(hdbuf, "\r\n"); + if(line_end == hdbuf) + goto fail; + + /* header continuation lines are not supported */ + if(*hdbuf == ' ' || *hdbuf == '\t') + goto fail; + + for(end = hdbuf; end < line_end && *end != ':'; ++end) + ; + if(end == hdbuf || end == line_end) goto fail; hlen = end - hdbuf; + if(hlen == 10 && Curl_raw_nequal("connection", hdbuf, 10)) { /* skip Connection: headers! */ skip = 1; @@ -1440,40 +1750,26 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, else if(hlen == 4 && Curl_raw_nequal("host", hdbuf, 4)) { authority_idx = i; nva[i].name = (unsigned char *)":authority"; - nva[i].namelen = (uint16_t)strlen((char *)nva[i].name); + nva[i].namelen = strlen((char *)nva[i].name); } else { nva[i].name = (unsigned char *)hdbuf; - nva[i].namelen = (uint16_t)(end - hdbuf); + nva[i].namelen = (size_t)(end - hdbuf); } hdbuf = end + 1; - for(; *hdbuf == ' '; ++hdbuf); - end = strchr(hdbuf, 0x0d); - if(!end) - goto fail; + while(*hdbuf == ' ' || *hdbuf == '\t') + ++hdbuf; + end = line_end; if(!skip) { nva[i].value = (unsigned char *)hdbuf; - nva[i].valuelen = (uint16_t)(end - hdbuf); + nva[i].valuelen = (size_t)(end - hdbuf); nva[i].flags = NGHTTP2_NV_FLAG_NONE; - /* Inspect Content-Length header field and retrieve the request - entity length so that we can set END_STREAM to the last DATA - frame. */ - if(nva[i].namelen == 14 && - Curl_raw_nequal("content-length", (char*)nva[i].name, 14)) { - size_t j; - stream->upload_left = 0; - for(j = 0; j < nva[i].valuelen; ++j) { - stream->upload_left *= 10; - stream->upload_left += nva[i].value[j] - '0'; - } - DEBUGF(infof(conn->data, - "request content-length=%" - CURL_FORMAT_CURL_OFF_T - "\n", stream->upload_left)); + if(HEADER_OVERFLOW(nva[i])) { + failf(conn->data, "Failed sending HTTP request: Header overflow"); + goto fail; } ++i; } - hdbuf = end + 2; } /* :authority must come before non-pseudo header fields */ @@ -1485,12 +1781,41 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, nva[i] = authority; } + /* Warn stream may be rejected if cumulative length of headers is too large. + It appears nghttp2 will not send a header frame larger than 64KB. */ + { + size_t acc = 0; + const size_t max_acc = 60000; /* <64KB to account for some overhead */ + + for(i = 0; i < nheader; ++i) { + if(nva[i].namelen > max_acc - acc) + break; + acc += nva[i].namelen; + + if(nva[i].valuelen > max_acc - acc) + break; + acc += nva[i].valuelen; + } + + if(i != nheader) { + infof(conn->data, "http2_send: Warning: The cumulative length of all " + "headers exceeds %zu bytes and that could cause the " + "stream to be rejected.\n", max_acc); + } + } + h2_pri_spec(conn->data, &pri_spec); switch(conn->data->set.httpreq) { case HTTPREQ_POST: case HTTPREQ_POST_FORM: case HTTPREQ_PUT: + if(conn->data->state.infilesize != -1) + stream->upload_left = conn->data->state.infilesize; + else + /* data sending without specifying the data amount up front */ + stream->upload_left = -1; /* unknown, but not zero */ + data_prd.read_callback = data_source_read_callback; data_prd.source.ptr = NULL; stream_id = nghttp2_submit_request(h2, &pri_spec, nva, nheader, @@ -1522,6 +1847,12 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, return -1; } + if(should_close_session(httpc)) { + DEBUGF(infof(conn->data, "http2_send: nothing to do in this session\n")); + *err = CURLE_HTTP2; + return -1; + } + if(stream->stream_id != -1) { /* If whole HEADERS frame was sent off to the underlying socket, the nghttp2 library calls data_source_read_callback. But only @@ -1575,6 +1906,7 @@ CURLcode Curl_http2_setup(struct connectdata *conn) httpc->nread_inbuf = 0; httpc->pause_stream_id = 0; + httpc->drain_total = 0; conn->bits.multiplex = TRUE; /* at least potentially multiplexed */ conn->httpversion = 20; @@ -1583,10 +1915,6 @@ CURLcode Curl_http2_setup(struct connectdata *conn) infof(conn->data, "Connection state changed (HTTP/2 confirmed)\n"); Curl_multi_connchanged(conn->data->multi); - /* switch on TCP_NODELAY as we need to send off packets without delay for - maximum throughput */ - Curl_tcpnodelay(conn, conn->sock[FIRSTSOCKET]); - return CURLE_OK; } @@ -1597,7 +1925,7 @@ CURLcode Curl_http2_switched(struct connectdata *conn, struct http_conn *httpc = &conn->proto.httpc; int rv; ssize_t nproc; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct HTTP *stream = conn->data->req.protop; result = Curl_http2_setup(conn); @@ -1682,6 +2010,12 @@ CURLcode Curl_http2_switched(struct connectdata *conn, return CURLE_HTTP2; } + if(should_close_session(httpc)) { + DEBUGF(infof(data, + "nghttp2_session_send(): nothing to do in this session\n")); + return CURLE_HTTP2; + } + return CURLE_OK; } diff --git a/lib/http2.h b/lib/http2.h index 2d073347e..891753590 100644 --- a/lib/http2.h +++ b/lib/http2.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -37,6 +37,8 @@ */ int Curl_http2_ver(char *p, size_t len); +const char *Curl_http2_strerror(uint32_t err); + CURLcode Curl_http2_init(struct connectdata *conn); void Curl_http2_init_state(struct UrlState *state); void Curl_http2_init_userset(struct UserDefined *set); @@ -48,7 +50,9 @@ CURLcode Curl_http2_switched(struct connectdata *conn, const char *data, size_t nread); /* called from Curl_http_setup_conn */ void Curl_http2_setup_conn(struct connectdata *conn); -void Curl_http2_setup_req(struct SessionHandle *data); +void Curl_http2_setup_req(struct Curl_easy *data); +void Curl_http2_done(struct connectdata *conn, bool premature); +CURLcode Curl_http2_done_sending(struct connectdata *conn); #else /* USE_NGHTTP2 */ #define Curl_http2_init(x) CURLE_UNSUPPORTED_PROTOCOL #define Curl_http2_send_request(x) CURLE_UNSUPPORTED_PROTOCOL @@ -59,6 +63,8 @@ void Curl_http2_setup_req(struct SessionHandle *data); #define Curl_http2_setup_req(x) #define Curl_http2_init_state(x) #define Curl_http2_init_userset(x) +#define Curl_http2_done(x,y) +#define Curl_http2_done_sending(x) #endif #endif /* HEADER_CURL_HTTP2_H */ diff --git a/lib/http_chunks.c b/lib/http_chunks.c index 53091738a..ea171092b 100644 --- a/lib/http_chunks.c +++ b/lib/http_chunks.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -80,7 +80,7 @@ static bool Curl_isxdigit(char digit) { return ( (digit >= 0x30 && digit <= 0x39) /* 0-9 */ || (digit >= 0x41 && digit <= 0x46) /* A-F */ - || (digit >= 0x61 && digit <= 0x66) /* a-f */ ) ? TRUE : FALSE; + || (digit >= 0x61 && digit <= 0x66) /* a-f */) ? TRUE : FALSE; } void Curl_httpchunk_init(struct connectdata *conn) @@ -108,7 +108,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn, ssize_t *wrotep) { CURLcode result=CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct Curl_chunker *ch = &conn->chunk; struct SingleRequest *k = &data->req; size_t piece; diff --git a/lib/http_digest.c b/lib/http_digest.c index dc867d52e..97230e797 100644 --- a/lib/http_digest.c +++ b/lib/http_digest.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -26,11 +26,10 @@ #include "urldata.h" #include "rawstr.h" -#include "curl_sasl.h" +#include "vauth/vauth.h" #include "http_digest.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -46,7 +45,7 @@ CURLcode Curl_input_digest(struct connectdata *conn, const char *header) /* rest of the *-authenticate: header */ { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Point to the correct struct with this */ struct digestdata *digest; @@ -65,7 +64,7 @@ CURLcode Curl_input_digest(struct connectdata *conn, while(*header && ISSPACE(*header)) header++; - return Curl_sasl_decode_digest_http_message(header, digest); + return Curl_auth_decode_digest_http_message(header, digest); } CURLcode Curl_output_digest(struct connectdata *conn, @@ -74,7 +73,7 @@ CURLcode Curl_output_digest(struct connectdata *conn, const unsigned char *uripath) { CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; unsigned char *path; char *tmp; char *response; @@ -152,7 +151,7 @@ CURLcode Curl_output_digest(struct connectdata *conn, if(!path) return CURLE_OUT_OF_MEMORY; - result = Curl_sasl_create_digest_http_message(data, userp, passwdp, request, + result = Curl_auth_create_digest_http_message(data, userp, passwdp, request, path, digest, &response, &len); free(path); if(result) @@ -170,10 +169,10 @@ CURLcode Curl_output_digest(struct connectdata *conn, return CURLE_OK; } -void Curl_digest_cleanup(struct SessionHandle *data) +void Curl_digest_cleanup(struct Curl_easy *data) { - Curl_sasl_digest_cleanup(&data->state.digest); - Curl_sasl_digest_cleanup(&data->state.proxydigest); + Curl_auth_digest_cleanup(&data->state.digest); + Curl_auth_digest_cleanup(&data->state.proxydigest); } #endif diff --git a/lib/http_digest.h b/lib/http_digest.h index 49aad897c..fd225c7c1 100644 --- a/lib/http_digest.h +++ b/lib/http_digest.h @@ -34,7 +34,7 @@ CURLcode Curl_output_digest(struct connectdata *conn, const unsigned char *uripath); #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_CRYPTO_AUTH) -void Curl_digest_cleanup(struct SessionHandle *data); +void Curl_digest_cleanup(struct Curl_easy *data); #else #define Curl_digest_cleanup(x) Curl_nop_stmt #endif diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index 4a808f8f3..c39d6f363 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -22,156 +22,94 @@ #include "curl_setup.h" -#if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO) +#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO) #include "urldata.h" #include "sendf.h" -#include "curl_gssapi.h" #include "rawstr.h" -#include "curl_base64.h" #include "http_negotiate.h" -#include "curl_sasl.h" -#include "url.h" -#include "curl_printf.h" +#include "vauth/vauth.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, const char *header) { - struct SessionHandle *data = conn->data; - struct negotiatedata *neg_ctx = proxy?&data->state.proxyneg: - &data->state.negotiate; - OM_uint32 major_status, minor_status, discard_st; - gss_buffer_desc spn_token = GSS_C_EMPTY_BUFFER; - gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; - gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; + struct Curl_easy *data = conn->data; size_t len; - size_t rawlen = 0; - CURLcode result; - if(neg_ctx->context && neg_ctx->status == GSS_S_COMPLETE) { - /* We finished successfully our part of authentication, but server - * rejected it (since we're again here). Exit with an error since we - * can't invent anything better */ - Curl_cleanup_negotiate(data); - return CURLE_LOGIN_DENIED; - } + /* Point to the username, password, service and host */ + const char *userp; + const char *passwdp; + const char *service; + const char *host; - if(!neg_ctx->server_name) { - /* Generate our SPN */ - char *spn = Curl_sasl_build_gssapi_spn( - proxy ? data->set.str[STRING_PROXY_SERVICE_NAME] : - data->set.str[STRING_SERVICE_NAME], - proxy ? conn->proxy.name : conn->host.name); - if(!spn) - return CURLE_OUT_OF_MEMORY; - - /* Populate the SPN structure */ - spn_token.value = spn; - spn_token.length = strlen(spn); - - /* Import the SPN */ - major_status = gss_import_name(&minor_status, &spn_token, - GSS_C_NT_HOSTBASED_SERVICE, - &neg_ctx->server_name); - if(GSS_ERROR(major_status)) { - Curl_gss_log_error(data, minor_status, "gss_import_name() failed: "); - - free(spn); - - return CURLE_OUT_OF_MEMORY; - } + /* Point to the correct struct with this */ + struct negotiatedata *neg_ctx; - free(spn); + if(proxy) { + userp = conn->proxyuser; + passwdp = conn->proxypasswd; + service = data->set.str[STRING_PROXY_SERVICE_NAME] ? + data->set.str[STRING_PROXY_SERVICE_NAME] : "HTTP"; + host = conn->proxy.name; + neg_ctx = &data->state.proxyneg; + } + else { + userp = conn->user; + passwdp = conn->passwd; + service = data->set.str[STRING_SERVICE_NAME] ? + data->set.str[STRING_SERVICE_NAME] : "HTTP"; + host = conn->host.name; + neg_ctx = &data->state.negotiate; } + /* Not set means empty */ + if(!userp) + userp = ""; + + if(!passwdp) + passwdp = ""; + + /* Obtain the input token, if any */ header += strlen("Negotiate"); while(*header && ISSPACE(*header)) header++; len = strlen(header); - if(len > 0) { - result = Curl_base64_decode(header, (unsigned char **)&input_token.value, - &rawlen); - if(result) - return result; - - if(!rawlen) { - infof(data, "Negotiate handshake failure (empty challenge message)\n"); - - return CURLE_BAD_CONTENT_ENCODING; + if(!len) { + /* Is this the first call in a new negotiation? */ + if(neg_ctx->context) { + /* The server rejected our authentication and hasn't suppled any more + negotiation mechanisms */ + return CURLE_LOGIN_DENIED; } - - input_token.length = rawlen; - - DEBUGASSERT(input_token.value != NULL); - } - - major_status = Curl_gss_init_sec_context(data, - &minor_status, - &neg_ctx->context, - neg_ctx->server_name, - &Curl_spnego_mech_oid, - GSS_C_NO_CHANNEL_BINDINGS, - &input_token, - &output_token, - TRUE, - NULL); - Curl_safefree(input_token.value); - - neg_ctx->status = major_status; - if(GSS_ERROR(major_status)) { - if(output_token.value) - gss_release_buffer(&discard_st, &output_token); - Curl_gss_log_error(conn->data, minor_status, - "gss_init_sec_context() failed: "); - return CURLE_OUT_OF_MEMORY; - } - - if(!output_token.value || !output_token.length) { - if(output_token.value) - gss_release_buffer(&discard_st, &output_token); - return CURLE_OUT_OF_MEMORY; } - neg_ctx->output_token = output_token; - - return CURLE_OK; + /* Initilise the security context and decode our challenge */ + return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host, + header, neg_ctx); } CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) { - struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg: + struct negotiatedata *neg_ctx = proxy ? &conn->data->state.proxyneg : &conn->data->state.negotiate; - char *encoded = NULL; + char *base64 = NULL; size_t len = 0; char *userp; CURLcode result; - OM_uint32 discard_st; - - result = Curl_base64_encode(conn->data, - neg_ctx->output_token.value, - neg_ctx->output_token.length, - &encoded, &len); - if(result) { - gss_release_buffer(&discard_st, &neg_ctx->output_token); - neg_ctx->output_token.value = NULL; - neg_ctx->output_token.length = 0; - return result; - } - if(!encoded || !len) { - gss_release_buffer(&discard_st, &neg_ctx->output_token); - neg_ctx->output_token.value = NULL; - neg_ctx->output_token.length = 0; - return CURLE_REMOTE_ACCESS_DENIED; - } + result = Curl_auth_create_spnego_message(conn->data, neg_ctx, &base64, &len); + if(result) + return result; userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "", - encoded); + base64); + if(proxy) { Curl_safefree(conn->allocptr.proxyuserpwd); conn->allocptr.proxyuserpwd = userp; @@ -181,30 +119,15 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) conn->allocptr.userpwd = userp; } - free(encoded); + free(base64); return (userp == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK; } -static void cleanup(struct negotiatedata *neg_ctx) -{ - OM_uint32 minor_status; - if(neg_ctx->context != GSS_C_NO_CONTEXT) - gss_delete_sec_context(&minor_status, &neg_ctx->context, GSS_C_NO_BUFFER); - - if(neg_ctx->output_token.value) - gss_release_buffer(&minor_status, &neg_ctx->output_token); - - if(neg_ctx->server_name != GSS_C_NO_NAME) - gss_release_name(&minor_status, &neg_ctx->server_name); - - memset(neg_ctx, 0, sizeof(*neg_ctx)); -} - -void Curl_cleanup_negotiate(struct SessionHandle *data) +void Curl_cleanup_negotiate(struct Curl_easy *data) { - cleanup(&data->state.negotiate); - cleanup(&data->state.proxyneg); + Curl_auth_spnego_cleanup(&data->state.negotiate); + Curl_auth_spnego_cleanup(&data->state.proxyneg); } -#endif /* HAVE_GSSAPI && !CURL_DISABLE_HTTP && USE_SPNEGO */ +#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */ diff --git a/lib/http_negotiate.h b/lib/http_negotiate.h index acbbf6ae5..c64e54825 100644 --- a/lib/http_negotiate.h +++ b/lib/http_negotiate.h @@ -31,11 +31,7 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, /* this is for creating Negotiate header output */ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy); -void Curl_cleanup_negotiate(struct SessionHandle *data); - -#ifdef USE_WINDOWS_SSPI -#define GSS_ERROR(status) (status & 0x80000000) -#endif +void Curl_cleanup_negotiate(struct Curl_easy *data); #endif /* USE_SPNEGO */ diff --git a/lib/http_negotiate_sspi.c b/lib/http_negotiate_sspi.c deleted file mode 100644 index d2643bb41..000000000 --- a/lib/http_negotiate_sspi.c +++ /dev/null @@ -1,302 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - ***************************************************************************/ - -#include "curl_setup.h" - -#ifdef USE_WINDOWS_SSPI - -#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO) - -#include "urldata.h" -#include "sendf.h" -#include "rawstr.h" -#include "warnless.h" -#include "curl_base64.h" -#include "curl_sasl.h" -#include "http_negotiate.h" -#include "curl_multibyte.h" -#include "curl_printf.h" - -/* The last #include files should be: */ -#include "curl_memory.h" -#include "memdebug.h" - -CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, - const char *header) -{ - struct SessionHandle *data = conn->data; - BYTE *input_token = NULL; - SecBufferDesc out_buff_desc; - SecBuffer out_sec_buff; - SecBufferDesc in_buff_desc; - SecBuffer in_sec_buff; - SECURITY_STATUS status; - unsigned long attrs; - TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ - size_t len = 0, input_token_len = 0; - CURLcode result; - - /* Point to the username and password */ - const char *userp; - const char *passwdp; - - /* Point to the correct struct with this */ - struct negotiatedata *neg_ctx; - - if(proxy) { - userp = conn->proxyuser; - passwdp = conn->proxypasswd; - neg_ctx = &data->state.proxyneg; - } - else { - userp = conn->user; - passwdp = conn->passwd; - neg_ctx = &data->state.negotiate; - } - - /* Not set means empty */ - if(!userp) - userp = ""; - - if(!passwdp) - passwdp = ""; - - if(neg_ctx->context && neg_ctx->status == SEC_E_OK) { - /* We finished successfully our part of authentication, but server - * rejected it (since we're again here). Exit with an error since we - * can't invent anything better */ - Curl_cleanup_negotiate(data); - return CURLE_LOGIN_DENIED; - } - - if(!neg_ctx->server_name) { - /* Check proxy auth requested but no given proxy name */ - if(proxy && !conn->proxy.name) - return CURLE_BAD_FUNCTION_ARGUMENT; - - /* Generate our SPN */ - neg_ctx->server_name = Curl_sasl_build_spn( - proxy ? data->set.str[STRING_PROXY_SERVICE_NAME] : - data->set.str[STRING_SERVICE_NAME], - proxy ? conn->proxy.name : conn->host.name); - if(!neg_ctx->server_name) - return CURLE_OUT_OF_MEMORY; - } - - if(!neg_ctx->output_token) { - PSecPkgInfo SecurityPackage; - status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) - TEXT(SP_NAME_NEGOTIATE), - &SecurityPackage); - if(status != SEC_E_OK) - return CURLE_NOT_BUILT_IN; - - /* Allocate input and output buffers according to the max token size - as indicated by the security package */ - neg_ctx->token_max = SecurityPackage->cbMaxToken; - neg_ctx->output_token = malloc(neg_ctx->token_max); - s_pSecFn->FreeContextBuffer(SecurityPackage); - } - - /* Obtain the input token, if any */ - header += strlen("Negotiate"); - while(*header && ISSPACE(*header)) - header++; - - len = strlen(header); - if(!len) { - /* Is this the first call in a new negotiation? */ - if(neg_ctx->context) { - /* The server rejected our authentication and hasn't suppled any more - negotiation mechanisms */ - return CURLE_LOGIN_DENIED; - } - - /* We have to acquire credentials and allocate memory for the context */ - neg_ctx->credentials = malloc(sizeof(CredHandle)); - neg_ctx->context = malloc(sizeof(CtxtHandle)); - - if(!neg_ctx->credentials || !neg_ctx->context) - return CURLE_OUT_OF_MEMORY; - - if(userp && *userp) { - /* Populate our identity structure */ - result = Curl_create_sspi_identity(userp, passwdp, &neg_ctx->identity); - if(result) - return result; - - /* Allow proper cleanup of the identity structure */ - neg_ctx->p_identity = &neg_ctx->identity; - } - else - /* Use the current Windows user */ - neg_ctx->p_identity = NULL; - - /* Acquire our credientials handle */ - neg_ctx->status = - s_pSecFn->AcquireCredentialsHandle(NULL, - (TCHAR *) TEXT(SP_NAME_NEGOTIATE), - SECPKG_CRED_OUTBOUND, NULL, - neg_ctx->p_identity, NULL, NULL, - neg_ctx->credentials, &expiry); - if(neg_ctx->status != SEC_E_OK) - return CURLE_LOGIN_DENIED; - } - else { - result = Curl_base64_decode(header, - (unsigned char **)&input_token, - &input_token_len); - if(result) - return result; - - if(!input_token_len) { - infof(data, - "Negotiate handshake failure (empty challenge message)\n"); - - return CURLE_BAD_CONTENT_ENCODING; - } - } - - /* Setup the "output" security buffer */ - out_buff_desc.ulVersion = SECBUFFER_VERSION; - out_buff_desc.cBuffers = 1; - out_buff_desc.pBuffers = &out_sec_buff; - out_sec_buff.BufferType = SECBUFFER_TOKEN; - out_sec_buff.pvBuffer = neg_ctx->output_token; - out_sec_buff.cbBuffer = curlx_uztoul(neg_ctx->token_max); - - /* Setup the "input" security buffer if present */ - if(input_token) { - in_buff_desc.ulVersion = SECBUFFER_VERSION; - in_buff_desc.cBuffers = 1; - in_buff_desc.pBuffers = &in_sec_buff; - in_sec_buff.BufferType = SECBUFFER_TOKEN; - in_sec_buff.pvBuffer = input_token; - in_sec_buff.cbBuffer = curlx_uztoul(input_token_len); - } - - /* Generate our message */ - neg_ctx->status = s_pSecFn->InitializeSecurityContext( - neg_ctx->credentials, - input_token ? neg_ctx->context : NULL, - neg_ctx->server_name, - ISC_REQ_CONFIDENTIALITY, - 0, - SECURITY_NATIVE_DREP, - input_token ? &in_buff_desc : NULL, - 0, - neg_ctx->context, - &out_buff_desc, - &attrs, - &expiry); - - free(input_token); - - if(GSS_ERROR(neg_ctx->status)) - return CURLE_OUT_OF_MEMORY; - - if(neg_ctx->status == SEC_I_COMPLETE_NEEDED || - neg_ctx->status == SEC_I_COMPLETE_AND_CONTINUE) { - neg_ctx->status = s_pSecFn->CompleteAuthToken(neg_ctx->context, - &out_buff_desc); - if(GSS_ERROR(neg_ctx->status)) - return CURLE_RECV_ERROR; - } - - neg_ctx->output_token_length = out_sec_buff.cbBuffer; - - return CURLE_OK; -} - -CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) -{ - struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg: - &conn->data->state.negotiate; - char *encoded = NULL; - size_t len = 0; - char *userp; - CURLcode result; - - result = Curl_base64_encode(conn->data, - (const char*)neg_ctx->output_token, - neg_ctx->output_token_length, - &encoded, &len); - if(result) - return result; - - if(!len) - return CURLE_REMOTE_ACCESS_DENIED; - - userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "", - encoded); - - if(proxy) { - Curl_safefree(conn->allocptr.proxyuserpwd); - conn->allocptr.proxyuserpwd = userp; - } - else { - Curl_safefree(conn->allocptr.userpwd); - conn->allocptr.userpwd = userp; - } - - free(encoded); - - return (userp == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK; -} - -static void cleanup(struct negotiatedata *neg_ctx) -{ - /* Free our security context */ - if(neg_ctx->context) { - s_pSecFn->DeleteSecurityContext(neg_ctx->context); - free(neg_ctx->context); - neg_ctx->context = NULL; - } - - /* Free our credentials handle */ - if(neg_ctx->credentials) { - s_pSecFn->FreeCredentialsHandle(neg_ctx->credentials); - free(neg_ctx->credentials); - neg_ctx->credentials = NULL; - } - - /* Free our identity */ - Curl_sspi_free_identity(neg_ctx->p_identity); - neg_ctx->p_identity = NULL; - - /* Free the SPN and output token */ - Curl_safefree(neg_ctx->server_name); - Curl_safefree(neg_ctx->output_token); - - /* Reset any variables */ - neg_ctx->token_max = 0; -} - -void Curl_cleanup_negotiate(struct SessionHandle *data) -{ - cleanup(&data->state.negotiate); - cleanup(&data->state.proxyneg); -} - -#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */ - -#endif /* USE_WINDOWS_SSPI */ diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c new file mode 100644 index 000000000..935df25db --- /dev/null +++ b/lib/http_ntlm.c @@ -0,0 +1,238 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) + +/* + * NTLM details: + * + * http://davenport.sourceforge.net/ntlm.html + * https://www.innovation.ch/java/ntlm.html + */ + +#define DEBUG_ME 0 + +#include "urldata.h" +#include "sendf.h" +#include "rawstr.h" +#include "http_ntlm.h" +#include "curl_ntlm_wb.h" +#include "vauth/vauth.h" +#include "url.h" + +#if defined(USE_NSS) +#include "vtls/nssg.h" +#elif defined(USE_WINDOWS_SSPI) +#include "curl_sspi.h" +#endif + +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" +#include "curl_memory.h" +#include "memdebug.h" + +#if DEBUG_ME +# define DEBUG_OUT(x) x +#else +# define DEBUG_OUT(x) Curl_nop_stmt +#endif + +CURLcode Curl_input_ntlm(struct connectdata *conn, + bool proxy, /* if proxy or not */ + const char *header) /* rest of the www-authenticate: + header */ +{ + /* point to the correct struct with this */ + struct ntlmdata *ntlm; + CURLcode result = CURLE_OK; + + ntlm = proxy ? &conn->proxyntlm : &conn->ntlm; + + if(checkprefix("NTLM", header)) { + header += strlen("NTLM"); + + while(*header && ISSPACE(*header)) + header++; + + if(*header) { + result = Curl_auth_decode_ntlm_type2_message(conn->data, header, ntlm); + if(result) + return result; + + ntlm->state = NTLMSTATE_TYPE2; /* We got a type-2 message */ + } + else { + if(ntlm->state == NTLMSTATE_LAST) { + infof(conn->data, "NTLM auth restarted\n"); + Curl_http_ntlm_cleanup(conn); + } + else if(ntlm->state == NTLMSTATE_TYPE3) { + infof(conn->data, "NTLM handshake rejected\n"); + Curl_http_ntlm_cleanup(conn); + ntlm->state = NTLMSTATE_NONE; + return CURLE_REMOTE_ACCESS_DENIED; + } + else if(ntlm->state >= NTLMSTATE_TYPE1) { + infof(conn->data, "NTLM handshake failure (internal error)\n"); + return CURLE_REMOTE_ACCESS_DENIED; + } + + ntlm->state = NTLMSTATE_TYPE1; /* We should send away a type-1 */ + } + } + + return result; +} + +/* + * This is for creating ntlm header output + */ +CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy) +{ + char *base64 = NULL; + size_t len = 0; + CURLcode result; + + /* point to the address of the pointer that holds the string to send to the + server, which is for a plain host or for a HTTP proxy */ + char **allocuserpwd; + + /* point to the name and password for this */ + const char *userp; + const char *passwdp; + + /* point to the correct struct with this */ + struct ntlmdata *ntlm; + struct auth *authp; + + DEBUGASSERT(conn); + DEBUGASSERT(conn->data); + +#ifdef USE_NSS + if(CURLE_OK != Curl_nss_force_init(conn->data)) + return CURLE_OUT_OF_MEMORY; +#endif + + if(proxy) { + allocuserpwd = &conn->allocptr.proxyuserpwd; + userp = conn->proxyuser; + passwdp = conn->proxypasswd; + ntlm = &conn->proxyntlm; + authp = &conn->data->state.authproxy; + } + else { + allocuserpwd = &conn->allocptr.userpwd; + userp = conn->user; + passwdp = conn->passwd; + ntlm = &conn->ntlm; + authp = &conn->data->state.authhost; + } + authp->done = FALSE; + + /* not set means empty */ + if(!userp) + userp = ""; + + if(!passwdp) + passwdp = ""; + +#ifdef USE_WINDOWS_SSPI + if(s_hSecDll == NULL) { + /* not thread safe and leaks - use curl_global_init() to avoid */ + CURLcode err = Curl_sspi_global_init(); + if(s_hSecDll == NULL) + return err; + } +#endif + + switch(ntlm->state) { + case NTLMSTATE_TYPE1: + default: /* for the weird cases we (re)start here */ + /* Create a type-1 message */ + result = Curl_auth_create_ntlm_type1_message(userp, passwdp, ntlm, &base64, + &len); + if(result) + return result; + + if(base64) { + free(*allocuserpwd); + *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n", + proxy ? "Proxy-" : "", + base64); + free(base64); + if(!*allocuserpwd) + return CURLE_OUT_OF_MEMORY; + + DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd)); + } + break; + + case NTLMSTATE_TYPE2: + /* We already received the type-2 message, create a type-3 message */ + result = Curl_auth_create_ntlm_type3_message(conn->data, userp, passwdp, + ntlm, &base64, &len); + if(result) + return result; + + if(base64) { + free(*allocuserpwd); + *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n", + proxy ? "Proxy-" : "", + base64); + free(base64); + if(!*allocuserpwd) + return CURLE_OUT_OF_MEMORY; + + DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd)); + + ntlm->state = NTLMSTATE_TYPE3; /* we send a type-3 */ + authp->done = TRUE; + } + break; + + case NTLMSTATE_TYPE3: + /* connection is already authenticated, + * don't send a header in future requests */ + ntlm->state = NTLMSTATE_LAST; + /* fall-through */ + case NTLMSTATE_LAST: + Curl_safefree(*allocuserpwd); + authp->done = TRUE; + break; + } + + return CURLE_OK; +} + +void Curl_http_ntlm_cleanup(struct connectdata *conn) +{ + Curl_auth_ntlm_cleanup(&conn->ntlm); + Curl_auth_ntlm_cleanup(&conn->proxyntlm); + +#if defined(NTLM_WB_ENABLED) + Curl_ntlm_wb_cleanup(conn); +#endif +} + +#endif /* !CURL_DISABLE_HTTP && USE_NTLM */ diff --git a/lib/http_ntlm.h b/lib/http_ntlm.h new file mode 100644 index 000000000..d186bbe37 --- /dev/null +++ b/lib/http_ntlm.h @@ -0,0 +1,40 @@ +#ifndef HEADER_CURL_NTLM_H +#define HEADER_CURL_NTLM_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) + +/* this is for ntlm header input */ +CURLcode Curl_input_ntlm(struct connectdata *conn, bool proxy, + const char *header); + +/* this is for creating ntlm header output */ +CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy); + +void Curl_http_ntlm_cleanup(struct connectdata *conn); + +#endif /* !CURL_DISABLE_HTTP && USE_NTLM */ + +#endif /* HEADER_CURL_NTLM_H */ diff --git a/lib/http_proxy.c b/lib/http_proxy.c index e082ba291..082b73ad7 100644 --- a/lib/http_proxy.c +++ b/lib/http_proxy.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -35,11 +35,11 @@ #include "progress.h" #include "non-ascii.h" #include "connect.h" -#include "curl_printf.h" #include "curlx.h" +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" CURLcode Curl_proxy_connect(struct connectdata *conn) @@ -49,6 +49,8 @@ CURLcode Curl_proxy_connect(struct connectdata *conn) /* for [protocol] tunneled through HTTP proxy */ struct HTTP http_proxy; void *prot_save; + const char *hostname; + int remote_port; CURLcode result; /* BLOCKING */ @@ -67,8 +69,16 @@ CURLcode Curl_proxy_connect(struct connectdata *conn) memset(&http_proxy, 0, sizeof(http_proxy)); conn->data->req.protop = &http_proxy; connkeep(conn, "HTTP proxy CONNECT"); - result = Curl_proxyCONNECT(conn, FIRSTSOCKET, - conn->host.name, conn->remote_port, FALSE); + if(conn->bits.conn_to_host) + hostname = conn->conn_to_host.name; + else + hostname = conn->host.name; + if(conn->bits.conn_to_port) + remote_port = conn->conn_to_port; + else + remote_port = conn->remote_port; + result = Curl_proxyCONNECT(conn, FIRSTSOCKET, hostname, + remote_port, FALSE); conn->data->req.protop = prot_save; if(CURLE_OK != result) return result; @@ -97,7 +107,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, bool blocking) { int subversion=0; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; struct SingleRequest *k = &data->req; CURLcode result; curl_socket_t tunnelsocket = conn->sock[sockindex]; @@ -150,12 +160,18 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, if(!result) { char *host=(char *)""; + const char *proxyconn=""; const char *useragent=""; const char *http = (conn->proxytype == CURLPROXY_HTTP_1_0) ? "1.0" : "1.1"; - char *hostheader= /* host:port with IPv6 support */ - aprintf("%s%s%s:%hu", conn->bits.ipv6_ip?"[":"", - hostname, conn->bits.ipv6_ip?"]":"", + bool ipv6_ip = conn->bits.ipv6_ip; + char *hostheader; + + /* the hostname may be different */ + if(hostname != conn->host.name) + ipv6_ip = (strchr(hostname, ':') != NULL); + hostheader= /* host:port with IPv6 support */ + aprintf("%s%s%s:%hu", ipv6_ip?"[":"", hostname, ipv6_ip?"]":"", remote_port); if(!hostheader) { Curl_add_buffer_free(req_buffer); @@ -170,6 +186,9 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, return CURLE_OUT_OF_MEMORY; } } + if(!Curl_checkProxyheaders(conn, "Proxy-Connection:")) + proxyconn = "Proxy-Connection: Keep-Alive\r\n"; + if(!Curl_checkProxyheaders(conn, "User-Agent:") && data->set.str[STRING_USERAGENT]) useragent = conn->allocptr.uagent; @@ -179,13 +198,15 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, "CONNECT %s HTTP/%s\r\n" "%s" /* Host: */ "%s" /* Proxy-Authorization */ - "%s", /* User-Agent */ + "%s" /* User-Agent */ + "%s", /* Proxy-Connection */ hostheader, http, host, conn->allocptr.proxyuserpwd? conn->allocptr.proxyuserpwd:"", - useragent); + useragent, + proxyconn); if(host && *host) free(host); @@ -553,7 +574,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, free(data->req.newurl); data->req.newurl = NULL; /* failure, close this connection to avoid re-use */ - connclose(conn, "proxy CONNECT failure"); + streamclose(conn, "proxy CONNECT failure"); Curl_closesocket(conn, conn->sock[sockindex]); conn->sock[sockindex] = CURL_SOCKET_BAD; } diff --git a/lib/if2ip.c b/lib/if2ip.c index 63bea541d..2f92b2def 100644 --- a/lib/if2ip.c +++ b/lib/if2ip.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -53,10 +53,9 @@ #include "inet_ntop.h" #include "strequal.h" #include "if2ip.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* ------------------------------------------------------------------ */ diff --git a/lib/imap.c b/lib/imap.c index ff25e54e0..123ea3b26 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -80,10 +80,10 @@ #include "rawstr.h" #include "curl_sasl.h" #include "warnless.h" -#include "curl_printf.h" +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* Local API functions */ @@ -364,7 +364,7 @@ static bool imap_endofresp(struct connectdata *conn, char *line, size_t len, a space and optionally some text as per RFC-3501 for the AUTHENTICATE and APPEND commands and as outlined in Section 4. Examples of RFC-4959 but some e-mail servers ignore this and only send a single + instead. */ - if(!imap->custom && ((len == 3 && !memcmp("+", line, 1)) || + if(imap && !imap->custom && ((len == 3 && !memcmp("+", line, 1)) || (len >= 2 && !memcmp("+ ", line, 2)))) { switch(imapc->state) { /* States which are interested in continuation responses */ @@ -648,7 +648,7 @@ static CURLcode imap_perform_authentication(struct connectdata *conn) static CURLcode imap_perform_list(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; char *mailbox; @@ -683,7 +683,7 @@ static CURLcode imap_perform_list(struct connectdata *conn) static CURLcode imap_perform_select(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; struct imap_conn *imapc = &conn->proto.imapc; char *mailbox; @@ -840,7 +840,7 @@ static CURLcode imap_state_servergreet_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -860,7 +860,7 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct imap_conn *imapc = &conn->proto.imapc; const char *line = data->state.buffer; size_t wordlen; @@ -947,7 +947,7 @@ static CURLcode imap_state_starttls_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -971,7 +971,7 @@ static CURLcode imap_state_auth_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct imap_conn *imapc = &conn->proto.imapc; saslprogress progress; @@ -1005,7 +1005,7 @@ static CURLcode imap_state_login_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -1020,9 +1020,10 @@ static CURLcode imap_state_login_resp(struct connectdata *conn, return result; } -/* For LIST responses */ -static CURLcode imap_state_list_resp(struct connectdata *conn, int imapcode, - imapstate instate) +/* For LIST and SEARCH responses */ +static CURLcode imap_state_listsearch_resp(struct connectdata *conn, + int imapcode, + imapstate instate) { CURLcode result = CURLE_OK; char *line = conn->data->state.buffer; @@ -1050,7 +1051,7 @@ static CURLcode imap_state_select_resp(struct connectdata *conn, int imapcode, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = conn->data->req.protop; struct imap_conn *imapc = &conn->proto.imapc; const char *line = data->state.buffer; @@ -1097,7 +1098,7 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct imap_conn *imapc = &conn->proto.imapc; struct pingpong *pp = &imapc->pp; const char *ptr = data->state.buffer; @@ -1210,7 +1211,7 @@ static CURLcode imap_state_append_resp(struct connectdata *conn, int imapcode, imapstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* No use for this yet */ @@ -1249,31 +1250,6 @@ static CURLcode imap_state_append_final_resp(struct connectdata *conn, return result; } -/* For SEARCH responses */ -static CURLcode imap_state_search_resp(struct connectdata *conn, int imapcode, - imapstate instate) -{ - CURLcode result = CURLE_OK; - char *line = conn->data->state.buffer; - size_t len = strlen(line); - - (void)instate; /* No use for this yet */ - - if(imapcode == '*') { - /* Temporarily add the LF character back and send as body to the client */ - line[len] = '\n'; - result = Curl_client_write(conn, CLIENTWRITE_BODY, line, len + 1); - line[len] = '\0'; - } - else if(imapcode != 'O') - result = CURLE_QUOTE_ERROR; /* TODO: Fix error code */ - else - /* End of DO phase */ - state(conn, IMAP_STOP); - - return result; -} - static CURLcode imap_statemach_act(struct connectdata *conn) { CURLcode result = CURLE_OK; @@ -1327,7 +1303,7 @@ static CURLcode imap_statemach_act(struct connectdata *conn) break; case IMAP_LIST: - result = imap_state_list_resp(conn, imapcode, imapc->state); + result = imap_state_listsearch_resp(conn, imapcode, imapc->state); break; case IMAP_SELECT: @@ -1351,7 +1327,7 @@ static CURLcode imap_statemach_act(struct connectdata *conn) break; case IMAP_SEARCH: - result = imap_state_search_resp(conn, imapcode, imapc->state); + result = imap_state_listsearch_resp(conn, imapcode, imapc->state); break; case IMAP_LOGOUT: @@ -1395,12 +1371,12 @@ static CURLcode imap_block_statemach(struct connectdata *conn) return result; } -/* Allocate and initialize the struct IMAP for the current SessionHandle if +/* Allocate and initialize the struct IMAP for the current Curl_easy if required */ static CURLcode imap_init(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap; imap = data->req.protop = calloc(sizeof(struct IMAP), 1); @@ -1480,16 +1456,12 @@ static CURLcode imap_done(struct connectdata *conn, CURLcode status, bool premature) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; (void)premature; if(!imap) - /* When the easy handle is removed from the multi interface while libcurl - is still trying to resolve the host name, the IMAP struct is not yet - initialized. However, the removal action calls Curl_done() which in - turn calls this function, so we simply return success. */ return CURLE_OK; if(status) { @@ -1512,8 +1484,7 @@ static CURLcode imap_done(struct connectdata *conn, CURLcode status, TODO: when the multi interface is used, this _really_ should be using the imap_multi_statemach function but we have no general support for - non-blocking DONE operations, not in the multi state machine and with - Curl_done() invokes on several places in the code! + non-blocking DONE operations! */ if(!result) result = imap_block_statemach(conn); @@ -1547,7 +1518,7 @@ static CURLcode imap_perform(struct connectdata *conn, bool *connected, { /* This is IMAP and no proxy */ CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; struct imap_conn *imapc = &conn->proto.imapc; bool selected = FALSE; @@ -1712,7 +1683,7 @@ static CURLcode imap_regular_transfer(struct connectdata *conn, { CURLcode result = CURLE_OK; bool connected = FALSE; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Make sure size is unknown at this point */ data->req.size = -1; @@ -1735,7 +1706,7 @@ static CURLcode imap_regular_transfer(struct connectdata *conn, static CURLcode imap_setup_connection(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Initialise the IMAP layer */ CURLcode result = imap_init(conn); @@ -1825,6 +1796,7 @@ static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...) */ static char *imap_atom(const char *str, bool escape_only) { + /* !checksrc! disable PARENBRACE 1 */ const char atom_specials[] = "(){ %*]"; const char *p1; char *p2; @@ -1999,7 +1971,7 @@ static CURLcode imap_parse_url_path(struct connectdata *conn) { /* The imap struct is already initialised in imap_connect() */ CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; const char *begin = data->state.path; const char *ptr = begin; @@ -2129,7 +2101,7 @@ static CURLcode imap_parse_url_path(struct connectdata *conn) static CURLcode imap_parse_custom_request(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct IMAP *imap = data->req.protop; const char *custom = data->set.str[STRING_CUSTOMREQUEST]; diff --git a/lib/imap.h b/lib/imap.h index e6b9b8944..5e0e228f5 100644 --- a/lib/imap.h +++ b/lib/imap.h @@ -49,9 +49,9 @@ typedef enum { IMAP_LAST /* never used */ } imapstate; -/* This IMAP struct is used in the SessionHandle. All IMAP data that is +/* This IMAP struct is used in the Curl_easy. All IMAP data that is connection-oriented must be in imap_conn to properly deal with the fact that - perhaps the SessionHandle is changed between the times the connection is + perhaps the Curl_easy is changed between the times the connection is used. */ struct IMAP { curl_pp_transfer transfer; diff --git a/lib/inet_ntop.c b/lib/inet_ntop.c index da9a3ab43..416005c03 100644 --- a/lib/inet_ntop.c +++ b/lib/inet_ntop.c @@ -32,9 +32,8 @@ #include #endif -#include "curl_printf.h" - #include "inet_ntop.h" +#include "curl_printf.h" #define IN6ADDRSZ 16 #define INADDRSZ 4 @@ -57,10 +56,10 @@ static char *inet_ntop4 (const unsigned char *src, char *dst, size_t size) tmp[0] = '\0'; (void)snprintf(tmp, sizeof(tmp), "%d.%d.%d.%d", - ((int)((unsigned char)src[0])) & 0xff, - ((int)((unsigned char)src[1])) & 0xff, - ((int)((unsigned char)src[2])) & 0xff, - ((int)((unsigned char)src[3])) & 0xff); + ((int)((unsigned char)src[0])) & 0xff, + ((int)((unsigned char)src[1])) & 0xff, + ((int)((unsigned char)src[2])) & 0xff, + ((int)((unsigned char)src[3])) & 0xff); len = strlen(tmp); if(len == 0 || len >= size) { diff --git a/lib/krb5.c b/lib/krb5.c index 65869c99d..87ce8ee6c 100644 --- a/lib/krb5.c +++ b/lib/krb5.c @@ -47,9 +47,9 @@ #include "sendf.h" #include "curl_sec.h" #include "warnless.h" -#include "curl_printf.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -150,9 +150,12 @@ krb5_auth(void *app_data, struct connectdata *conn) const char *host = conn->host.name; ssize_t nread; curl_socklen_t l = sizeof(conn->local_addr); - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result; - const char *service = "ftp", *srv_host = "host"; + const char *service = data->set.str[STRING_SERVICE_NAME] ? + data->set.str[STRING_SERVICE_NAME] : + "ftp"; + const char *srv_host = "host"; gss_buffer_desc input_buffer, output_buffer, _gssresp, *gssresp; OM_uint32 maj, min; gss_name_t gssname; @@ -180,9 +183,9 @@ krb5_auth(void *app_data, struct connectdata *conn) /* this really shouldn't be repeated here, but can't help it */ if(service == srv_host) { result = Curl_ftpsendf(conn, "AUTH GSSAPI"); - if(result) return -2; + if(Curl_GetFTPResponse(&nread, conn, NULL)) return -1; diff --git a/lib/ldap.c b/lib/ldap.c index 4f4c7072a..a1646279d 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -76,9 +76,8 @@ #include "curl_base64.h" #include "rawstr.h" #include "connect.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -193,7 +192,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) LDAPMessage *ldapmsg = NULL; LDAPMessage *entryIterator; int num = 0; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; int ldap_proto = LDAP_VERSION3; int ldap_ssl = 0; char *val_b64 = NULL; @@ -228,7 +227,7 @@ static CURLcode Curl_ldap(struct connectdata *conn, bool *done) goto quit; } - /* Get the URL scheme ( either ldap or ldaps ) */ + /* Get the URL scheme (either ldap or ldaps) */ if(conn->given->flags & PROTOPT_SSL) ldap_ssl = 1; infof(data, "LDAP local: trying to establish %s connection\n", @@ -717,7 +716,7 @@ static int str2scope (const char *p) return LDAP_SCOPE_BASE; if(strequal(p, "sub")) return LDAP_SCOPE_SUBTREE; - if(strequal( p, "subtree")) + if(strequal(p, "subtree")) return LDAP_SCOPE_SUBTREE; return (-1); } diff --git a/lib/libcurl.plist b/lib/libcurl.plist index 147ff79e2..1caac8f84 100644 --- a/lib/libcurl.plist +++ b/lib/libcurl.plist @@ -15,7 +15,7 @@ se.haxx.curl.libcurl CFBundleVersion - 7.48.0 + 7.50.2 CFBundleName libcurl @@ -27,9 +27,9 @@ ???? CFBundleShortVersionString - libcurl 7.48.0 + libcurl 7.50.2 CFBundleGetInfoString - libcurl.plist 7.48.0 + libcurl.plist 7.50.2 diff --git a/lib/llist.c b/lib/llist.c index 04b23e77c..482aaa041 100644 --- a/lib/llist.c +++ b/lib/llist.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -22,6 +22,8 @@ #include "curl_setup.h" +#include + #include "llist.h" #include "curl_memory.h" diff --git a/lib/md5.c b/lib/md5.c index 6df07dc06..f818d3288 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -24,6 +24,8 @@ #ifndef CURL_DISABLE_CRYPTO_AUTH +#include + #include "curl_md5.h" #include "curl_hmac.h" #include "warnless.h" @@ -122,7 +124,7 @@ static void MD5_Final(unsigned char digest[16], MD5_CTX *ctx) CC_MD5_Final(digest, ctx); } -#elif defined(_WIN32) +#elif defined(_WIN32) && !defined(CURL_WINDOWS_APP) #include #include "curl_memory.h" diff --git a/lib/memdebug.c b/lib/memdebug.c index 804b5fa34..ccbf461be 100644 --- a/lib/memdebug.c +++ b/lib/memdebug.c @@ -26,10 +26,12 @@ #include -#include "curl_printf.h" #include "urldata.h" #define MEMDEBUG_NODEFINES /* don't redefine the standard functions */ + +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -117,7 +119,7 @@ void curl_memdebug(const char *logname) logfile = stderr; #ifdef MEMDEBUG_LOG_SYNC /* Flush the log file after every line so the log isn't lost in a crash */ - setvbuf(logfile, (char *)NULL, _IOLBF, 0); + setbuf(logfile, (char *)NULL); #endif } } diff --git a/lib/memdebug.h b/lib/memdebug.h index ce1a842af..835dab38c 100644 --- a/lib/memdebug.h +++ b/lib/memdebug.h @@ -8,7 +8,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -28,10 +28,6 @@ * as well as the library. Do not mix with library internals! */ -#include "curl_setup.h" - -#include - #define CURL_MT_LOGFNAME_BUFSIZE 512 #define logfile curl_debuglogfile @@ -57,17 +53,17 @@ CURL_EXTERN void curl_memlog(const char *format, ...); /* file descriptor manipulators */ CURL_EXTERN curl_socket_t curl_socket(int domain, int type, int protocol, - int line , const char *source); + int line, const char *source); CURL_EXTERN void curl_mark_sclose(curl_socket_t sockfd, - int line , const char *source); + int line, const char *source); CURL_EXTERN int curl_sclose(curl_socket_t sockfd, - int line , const char *source); + int line, const char *source); CURL_EXTERN curl_socket_t curl_accept(curl_socket_t s, void *a, void *alen, int line, const char *source); #ifdef HAVE_SOCKETPAIR CURL_EXTERN int curl_socketpair(int domain, int type, int protocol, curl_socket_t socket_vector[2], - int line , const char *source); + int line, const char *source); #endif /* FILE functions */ diff --git a/lib/mk-ca-bundle.pl b/lib/mk-ca-bundle.pl index 5a1435c52..01a552e0b 100755 --- a/lib/mk-ca-bundle.pl +++ b/lib/mk-ca-bundle.pl @@ -6,7 +6,7 @@ # * | (__| |_| | _ <| |___ # * \___|\___/|_| \_\_____| # * -# * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +# * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # * # * This software is licensed as described in the file COPYING, which # * you should have received as part of this distribution. The terms @@ -34,7 +34,7 @@ use Getopt::Std; use MIME::Base64; use LWP::UserAgent; use strict; -use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_l $opt_n $opt_p $opt_q $opt_s $opt_t $opt_u $opt_v $opt_w); +use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_l $opt_m $opt_n $opt_p $opt_q $opt_s $opt_t $opt_u $opt_v $opt_w); use List::Util; use Text::Wrap; my $MOD_SHA = "Digest::SHA"; @@ -62,7 +62,7 @@ $opt_d = 'release'; # If the OpenSSL commandline is not in search path you can configure it here! my $openssl = 'openssl'; -my $version = '1.25'; +my $version = '1.26'; $opt_w = 76; # default base64 encoded lines length @@ -109,7 +109,7 @@ my @valid_signature_algorithms = ( $0 =~ s@.*(/|\\)@@; $Getopt::Std::STANDARD_HELP_VERSION = 1; -getopts('bd:fhilnp:qs:tuvw:'); +getopts('bd:fhilmnp:qs:tuvw:'); if(!defined($opt_d)) { # to make plain "-d" use not cause warnings, and actually still work @@ -161,6 +161,7 @@ sub HELP_MESSAGE() { print "\t-f\tforce rebuild even if certdata.txt is current\n"; print "\t-i\tprint version info about used modules\n"; print "\t-l\tprint license info about certdata.txt\n"; + print "\t-m\tinclude meta data in output\n"; print "\t-n\tno download of certdata.txt (to use existing)\n"; print wrap("\t","\t\t", "-p\tlist of Mozilla trust purposes and levels for certificates to include in output. Takes the form of a comma separated list of purposes, a colon, and a comma separated list of levels. (default: $default_mozilla_trust_purposes:$default_mozilla_trust_levels)"), "\n"; print "\t\t Valid purposes are:\n"; @@ -371,6 +372,7 @@ my $caname; my $certnum = 0; my $skipnum = 0; my $start_of_cert = 0; +my @precert; open(TXT,"$txt") or die "Couldn't open $txt: $!\n"; while () { @@ -383,11 +385,15 @@ while () { last if (/\*\*\*\*\* END LICENSE BLOCK \*\*\*\*\*/); } } - next if /^#|^\s*$/; - chomp; - if (/^CVS_ID\s+\"(.*)\"/) { - print CRT "# $1\n"; + elsif(/^# (Issuer|Serial Number|Subject|Not Valid Before|Not Valid After |Fingerprint \(MD5\)|Fingerprint \(SHA1\)):/) { + push @precert, $_; + next; + } + elsif(/^#|^\s*$/) { + undef @precert; + next; } + chomp; # this is a match for the start of a certificate if (/^CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE/) { @@ -436,7 +442,7 @@ while () { . $encoded . "-----END CERTIFICATE-----\n"; print CRT "\n$caname\n"; - + print CRT @precert if($opt_m); my $maxStringLength = length($caname); if ($opt_t) { foreach my $key (keys %trust_purposes_by_level) { @@ -479,7 +485,9 @@ while () { $certnum ++; $start_of_cert = 0; } + undef @precert; } + } close(TXT) or die "Couldn't close $txt: $!\n"; close(CRT) or die "Couldn't close $crt.~: $!\n"; diff --git a/lib/mprintf.c b/lib/mprintf.c index f5fc9962f..73f854bcb 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1999 - 2014, Daniel Stenberg, , et al. + * Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -36,11 +36,6 @@ */ #include "curl_setup.h" - -#if defined(DJGPP) && (DJGPP_MINOR < 4) -#undef _MPRINTF_REPLACE /* don't use x_was_used() here */ -#endif - #include #include "curl_memory.h" @@ -465,22 +460,24 @@ static long dprintf_Pass1(const char *format, va_stack_t *vto, char **endpos, if(flags & FLAGS_WIDTHPARAM) { /* we have the width specified from a parameter, so we make that parameter's info setup properly */ - vto[i].width = width - 1; - i = width - 1; - vto[i].type = FORMAT_WIDTH; - vto[i].flags = FLAGS_NEW; - vto[i].precision = vto[i].width = 0; /* can't use width or precision - of width! */ + long k = width - 1; + vto[i].width = k; + vto[k].type = FORMAT_WIDTH; + vto[k].flags = FLAGS_NEW; + /* can't use width or precision of width! */ + vto[k].width = 0; + vto[k].precision = 0; } if(flags & FLAGS_PRECPARAM) { /* we have the precision specified from a parameter, so we make that parameter's info setup properly */ - vto[i].precision = precision - 1; - i = precision - 1; - vto[i].type = FORMAT_WIDTH; - vto[i].flags = FLAGS_NEW; - vto[i].precision = vto[i].width = 0; /* can't use width or precision - of width! */ + long k = precision - 1; + vto[i].precision = k; + vto[k].type = FORMAT_WIDTH; + vto[k].flags = FLAGS_NEW; + /* can't use width or precision of width! */ + vto[k].width = 0; + vto[k].precision = 0; } *endpos++ = fmt + 1; /* end of this sequence */ } @@ -488,11 +485,15 @@ static long dprintf_Pass1(const char *format, va_stack_t *vto, char **endpos, /* Read the arg list parameters into our data list */ for(i=0; iflags & FLAGS_WIDTHPARAM) + if(p->flags & FLAGS_WIDTHPARAM) { width = (long)vto[p->width].data.num.as_signed; + param_num++; /* since the width is extracted from a parameter, we + must skip that to get to the next one properly */ + if(width < 0) { + /* "A negative field width is taken as a '-' flag followed by a + positive field width." */ + width = -width; + p->flags |= FLAGS_LEFT; + p->flags &= ~FLAGS_PAD_NIL; + } + } else width = p->width; /* pick up the specified precision */ if(p->flags & FLAGS_PRECPARAM) { prec = (long)vto[p->precision].data.num.as_signed; - param_num++; /* since the precision is extraced from a parameter, we + param_num++; /* since the precision is extracted from a parameter, we must skip that to get to the next one properly */ + if(prec < 0) + /* "A negative precision is taken as if the precision were + omitted." */ + prec = -1; } else if(p->flags & FLAGS_PREC) prec = p->precision; @@ -715,72 +737,68 @@ static int dprintf_formatf( number: /* Number of base BASE. */ - { - char *workend = &work[sizeof(work) - 1]; - char *w; - - /* Supply a default precision if none was given. */ - if(prec == -1) - prec = 1; - - /* Put the number in WORK. */ - w = workend; - while(num > 0) { - *w-- = digits[num % base]; - num /= base; - } - width -= (long)(workend - w); - prec -= (long)(workend - w); - if(is_alt && base == 8 && prec <= 0) { - *w-- = '0'; - --width; - } + /* Supply a default precision if none was given. */ + if(prec == -1) + prec = 1; - if(prec > 0) { - width -= prec; - while(prec-- > 0) - *w-- = '0'; - } + /* Put the number in WORK. */ + w = workend; + while(num > 0) { + *w-- = digits[num % base]; + num /= base; + } + width -= (long)(workend - w); + prec -= (long)(workend - w); - if(is_alt && base == 16) - width -= 2; + if(is_alt && base == 8 && prec <= 0) { + *w-- = '0'; + --width; + } - if(is_neg || (p->flags & FLAGS_SHOWSIGN) || (p->flags & FLAGS_SPACE)) - --width; + if(prec > 0) { + width -= prec; + while(prec-- > 0) + *w-- = '0'; + } - if(!(p->flags & FLAGS_LEFT) && !(p->flags & FLAGS_PAD_NIL)) - while(width-- > 0) - OUTCHAR(' '); + if(is_alt && base == 16) + width -= 2; - if(is_neg) - OUTCHAR('-'); - else if(p->flags & FLAGS_SHOWSIGN) - OUTCHAR('+'); - else if(p->flags & FLAGS_SPACE) - OUTCHAR(' '); + if(is_neg || (p->flags & FLAGS_SHOWSIGN) || (p->flags & FLAGS_SPACE)) + --width; - if(is_alt && base == 16) { - OUTCHAR('0'); - if(p->flags & FLAGS_UPPER) - OUTCHAR('X'); - else - OUTCHAR('x'); - } + if(!(p->flags & FLAGS_LEFT) && !(p->flags & FLAGS_PAD_NIL)) + while(width-- > 0) + OUTCHAR(' '); - if(!(p->flags & FLAGS_LEFT) && (p->flags & FLAGS_PAD_NIL)) - while(width-- > 0) - OUTCHAR('0'); + if(is_neg) + OUTCHAR('-'); + else if(p->flags & FLAGS_SHOWSIGN) + OUTCHAR('+'); + else if(p->flags & FLAGS_SPACE) + OUTCHAR(' '); + + if(is_alt && base == 16) { + OUTCHAR('0'); + if(p->flags & FLAGS_UPPER) + OUTCHAR('X'); + else + OUTCHAR('x'); + } - /* Write the number. */ - while(++w <= workend) { - OUTCHAR(*w); - } + if(!(p->flags & FLAGS_LEFT) && (p->flags & FLAGS_PAD_NIL)) + while(width-- > 0) + OUTCHAR('0'); - if(p->flags & FLAGS_LEFT) - while(width-- > 0) - OUTCHAR(' '); + /* Write the number. */ + while(++w <= workend) { + OUTCHAR(*w); } + + if(p->flags & FLAGS_LEFT) + while(width-- > 0) + OUTCHAR(' '); break; case FORMAT_STRING: @@ -809,7 +827,7 @@ static int dprintf_formatf( else len = strlen(str); - width -= (long)len; + width -= (len > LONG_MAX) ? LONG_MAX : (long)len; if(p->flags & FLAGS_ALT) OUTCHAR('"'); diff --git a/lib/multi.c b/lib/multi.c index a147963f8..8e4091687 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -42,9 +42,9 @@ #include "multihandle.h" #include "pipeline.h" #include "sigpipe.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* @@ -61,15 +61,15 @@ #define CURL_MULTI_HANDLE 0x000bab1e #define GOOD_MULTI_HANDLE(x) \ - ((x) && (((struct Curl_multi *)(x))->type == CURL_MULTI_HANDLE)) + ((x) && (x)->type == CURL_MULTI_HANDLE) static void singlesocket(struct Curl_multi *multi, - struct SessionHandle *data); + struct Curl_easy *data); static int update_timer(struct Curl_multi *multi); static CURLMcode add_next_timeout(struct timeval now, struct Curl_multi *multi, - struct SessionHandle *d); + struct Curl_easy *d); static CURLMcode multi_timeout(struct Curl_multi *multi, long *timeout_ms); @@ -100,10 +100,10 @@ static const char * const statename[]={ static void multi_freetimeout(void *a, void *b); /* function pointer called once when switching TO a state */ -typedef void (*init_multistate_func)(struct SessionHandle *data); +typedef void (*init_multistate_func)(struct Curl_easy *data); /* always use this function to change state, to make debugging easier */ -static void mstate(struct SessionHandle *data, CURLMstate state +static void mstate(struct Curl_easy *data, CURLMstate state #ifdef DEBUGBUILD , int lineno #endif @@ -136,7 +136,7 @@ static void mstate(struct SessionHandle *data, CURLMstate state connection_id = data->easy_conn->connection_id; infof(data, - "STATE: %s => %s handle %p; line %d (connection #%ld) \n", + "STATE: %s => %s handle %p; line %d (connection #%ld)\n", statename[oldstate], statename[data->mstate], (void *)data, lineno, connection_id); } @@ -162,7 +162,7 @@ static void mstate(struct SessionHandle *data, CURLMstate state */ struct Curl_sh_entry { - struct SessionHandle *easy; + struct Curl_easy *easy; int action; /* what action READ/WRITE this socket waits for */ curl_socket_t socket; /* mainly to ease debugging */ void *socketp; /* settable by users with curl_multi_assign() */ @@ -185,7 +185,7 @@ static struct Curl_sh_entry *sh_getentry(struct curl_hash *sh, /* make sure this socket is present in the hash for this handle */ static struct Curl_sh_entry *sh_addentry(struct curl_hash *sh, curl_socket_t s, - struct SessionHandle *data) + struct Curl_easy *data) { struct Curl_sh_entry *there = sh_getentry(sh, s); struct Curl_sh_entry *check; @@ -334,7 +334,7 @@ struct Curl_multi *Curl_multi_handle(int hashsize, /* socket hash */ /* -1 means it not set by user, use the default value */ multi->maxconnects = -1; - return (CURLM *) multi; + return multi; error: @@ -350,25 +350,23 @@ struct Curl_multi *Curl_multi_handle(int hashsize, /* socket hash */ return NULL; } -CURLM *curl_multi_init(void) +struct Curl_multi *curl_multi_init(void) { return Curl_multi_handle(CURL_SOCKET_HASH_TABLE_SIZE, CURL_CONNECTION_HASH_SIZE); } -CURLMcode curl_multi_add_handle(CURLM *multi_handle, - CURL *easy_handle) +CURLMcode curl_multi_add_handle(struct Curl_multi *multi, + struct Curl_easy *data) { struct curl_llist *timeoutlist; - struct Curl_multi *multi = (struct Curl_multi *)multi_handle; - struct SessionHandle *data = (struct SessionHandle *)easy_handle; /* First, make some basic checks that the CURLM handle is a good handle */ if(!GOOD_MULTI_HANDLE(multi)) return CURLM_BAD_HANDLE; /* Verify that we got a somewhat good easy handle too */ - if(!GOOD_EASY_HANDLE(easy_handle)) + if(!GOOD_EASY_HANDLE(data)) return CURLM_BAD_EASY_HANDLE; /* Prevent users from adding same easy handle more than once and prevent @@ -417,14 +415,14 @@ CURLMcode curl_multi_add_handle(CURLM *multi_handle, data->state.conn_cache = &multi->conn_cache; /* This adds the new entry at the 'end' of the doubly-linked circular - list of SessionHandle structs to try and maintain a FIFO queue so + list of Curl_easy structs to try and maintain a FIFO queue so the pipelined requests are in order. */ /* We add this new entry last in the list. */ data->next = NULL; /* end of the line */ if(multi->easyp) { - struct SessionHandle *last = multi->easylp; + struct Curl_easy *last = multi->easylp; last->next = data; data->prev = last; multi->easylp = data; /* the new last node */ @@ -435,8 +433,8 @@ CURLMcode curl_multi_add_handle(CURLM *multi_handle, multi->easylp = multi->easyp = data; /* both first and last */ } - /* make the SessionHandle refer back to this multi handle */ - data->multi = multi_handle; + /* make the Curl_easy refer back to this multi handle */ + data->multi = multi; /* Set the timeout for this handle to expire really soon so that it will be taken care of even when this handle is added in the midst of operation @@ -444,7 +442,7 @@ CURLMcode curl_multi_add_handle(CURLM *multi_handle, sockets that time-out or have actions will be dealt with. Since this handle has no action yet, we make sure it times out to get things to happen. */ - Curl_expire(data, 1); + Curl_expire(data, 0); /* increase the node-counter */ multi->num_easy++; @@ -484,12 +482,170 @@ static void debug_print_sock_hash(void *p) } #endif -CURLMcode curl_multi_remove_handle(CURLM *multi_handle, - CURL *curl_handle) +/* Mark the connection as 'idle', or close it if the cache is full. + Returns TRUE if the connection is kept, or FALSE if it was closed. */ +static bool +ConnectionDone(struct Curl_easy *data, struct connectdata *conn) +{ + /* data->multi->maxconnects can be negative, deal with it. */ + size_t maxconnects = + (data->multi->maxconnects < 0) ? data->multi->num_easy * 4: + data->multi->maxconnects; + struct connectdata *conn_candidate = NULL; + + /* Mark the current connection as 'unused' */ + conn->inuse = FALSE; + + if(maxconnects > 0 && + data->state.conn_cache->num_connections > maxconnects) { + infof(data, "Connection cache is full, closing the oldest one.\n"); + + conn_candidate = Curl_oldest_idle_connection(data); + + if(conn_candidate) { + /* Set the connection's owner correctly */ + conn_candidate->data = data; + + /* the winner gets the honour of being disconnected */ + (void)Curl_disconnect(conn_candidate, /* dead_connection */ FALSE); + } + } + + return (conn_candidate == conn) ? FALSE : TRUE; +} + +static CURLcode multi_done(struct connectdata **connp, + CURLcode status, /* an error if this is called + after an error was detected */ + bool premature) +{ + CURLcode result; + struct connectdata *conn; + struct Curl_easy *data; + + DEBUGASSERT(*connp); + + conn = *connp; + data = conn->data; + + DEBUGF(infof(data, "multi_done\n")); + + if(data->state.done) + /* Stop if multi_done() has already been called */ + return CURLE_OK; + + Curl_getoff_all_pipelines(data, conn); + + /* Cleanup possible redirect junk */ + free(data->req.newurl); + data->req.newurl = NULL; + free(data->req.location); + data->req.location = NULL; + + switch(status) { + case CURLE_ABORTED_BY_CALLBACK: + case CURLE_READ_ERROR: + case CURLE_WRITE_ERROR: + /* When we're aborted due to a callback return code it basically have to + be counted as premature as there is trouble ahead if we don't. We have + many callbacks and protocols work differently, we could potentially do + this more fine-grained in the future. */ + premature = TRUE; + default: + break; + } + + /* this calls the protocol-specific function pointer previously set */ + if(conn->handler->done) + result = conn->handler->done(conn, status, premature); + else + result = status; + + if(CURLE_ABORTED_BY_CALLBACK != result) { + /* avoid this if we already aborted by callback to avoid this calling + another callback */ + CURLcode rc = Curl_pgrsDone(conn); + if(!result && rc) + result = CURLE_ABORTED_BY_CALLBACK; + } + + if(conn->send_pipe->size + conn->recv_pipe->size != 0 && + !data->set.reuse_forbid && + !conn->bits.close) { + /* Stop if pipeline is not empty and we do not have to close + connection. */ + DEBUGF(infof(data, "Connection still in use, no more multi_done now!\n")); + return CURLE_OK; + } + + data->state.done = TRUE; /* called just now! */ + Curl_resolver_cancel(conn); + + if(conn->dns_entry) { + Curl_resolv_unlock(data, conn->dns_entry); /* done with this */ + conn->dns_entry = NULL; + } + + /* if the transfer was completed in a paused state there can be buffered + data left to write and then kill */ + free(data->state.tempwrite); + data->state.tempwrite = NULL; + + /* if data->set.reuse_forbid is TRUE, it means the libcurl client has + forced us to close this connection. This is ignored for requests taking + place in a NTLM authentication handshake + + if conn->bits.close is TRUE, it means that the connection should be + closed in spite of all our efforts to be nice, due to protocol + restrictions in our or the server's end + + if premature is TRUE, it means this connection was said to be DONE before + the entire request operation is complete and thus we can't know in what + state it is for re-using, so we're forced to close it. In a perfect world + we can add code that keep track of if we really must close it here or not, + but currently we have no such detail knowledge. + */ + + if((data->set.reuse_forbid +#if defined(USE_NTLM) + && !(conn->ntlm.state == NTLMSTATE_TYPE2 || + conn->proxyntlm.state == NTLMSTATE_TYPE2) +#endif + ) || conn->bits.close || premature) { + CURLcode res2 = Curl_disconnect(conn, premature); /* close connection */ + + /* If we had an error already, make sure we return that one. But + if we got a new error, return that. */ + if(!result && res2) + result = res2; + } + else { + /* the connection is no longer in use */ + if(ConnectionDone(data, conn)) { + /* remember the most recently used connection */ + data->state.lastconnect = conn; + + infof(data, "Connection #%ld to host %s left intact\n", + conn->connection_id, + conn->bits.httpproxy?conn->proxy.dispname:conn->host.dispname); + } + else + data->state.lastconnect = NULL; + } + + *connp = NULL; /* to make the caller of this function better detect that + this was either closed or handed over to the connection + cache here, and therefore cannot be used from this point on + */ + Curl_free_request_state(data); + + return result; +} + +CURLMcode curl_multi_remove_handle(struct Curl_multi *multi, + struct Curl_easy *data) { - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; - struct SessionHandle *easy = curl_handle; - struct SessionHandle *data = easy; + struct Curl_easy *easy = data; bool premature; bool easy_owns_conn; struct curl_llist_element *e; @@ -499,7 +655,7 @@ CURLMcode curl_multi_remove_handle(CURLM *multi_handle, return CURLM_BAD_HANDLE; /* Verify that we got a somewhat good easy handle too */ - if(!GOOD_EASY_HANDLE(curl_handle)) + if(!GOOD_EASY_HANDLE(data)) return CURLM_BAD_EASY_HANDLE; /* Prevent users from trying to remove same easy handle more than once */ @@ -528,9 +684,9 @@ CURLMcode curl_multi_remove_handle(CURLM *multi_handle, /* If the handle is in a pipeline and has started sending off its request but not received its response yet, we need to close connection. */ - connclose(data->easy_conn, "Removed with partial response"); - /* Set connection owner so that Curl_done() closes it. - We can safely do this here since connection is killed. */ + streamclose(data->easy_conn, "Removed with partial response"); + /* Set connection owner so that the DONE function closes it. We can + safely do this here since connection is killed. */ data->easy_conn->data = easy; easy_owns_conn = TRUE; } @@ -538,7 +694,7 @@ CURLMcode curl_multi_remove_handle(CURLM *multi_handle, /* The timer must be shut down before data->multi is set to NULL, else the timenode will remain in the splay tree after curl_easy_cleanup is called. */ - Curl_expire(data, 0); + Curl_expire_clear(data); if(data->dns.hostcachetype == HCACHE_MULTI) { /* stop using the multi handle's DNS cache */ @@ -548,26 +704,26 @@ CURLMcode curl_multi_remove_handle(CURLM *multi_handle, if(data->easy_conn) { - /* we must call Curl_done() here (if we still "own it") so that we don't - leave a half-baked one around */ + /* we must call multi_done() here (if we still own the connection) so that + we don't leave a half-baked one around */ if(easy_owns_conn) { - /* Curl_done() clears the conn->data field to lose the association + /* multi_done() clears the conn->data field to lose the association between the easy handle and the connection Note that this ignores the return code simply because there's nothing really useful to do with it anyway! */ - (void)Curl_done(&data->easy_conn, data->result, premature); + (void)multi_done(&data->easy_conn, data->result, premature); } else - /* Clear connection pipelines, if Curl_done above was not called */ + /* Clear connection pipelines, if multi_done above was not called */ Curl_getoff_all_pipelines(data, data->easy_conn); } Curl_wildcard_dtor(&data->wildcard); /* destroy the timeout list that is held in the easy handle, do this *after* - Curl_done() as that may actuall call Curl_expire that uses this */ + multi_done() as that may actually call Curl_expire that uses this */ if(data->state.timeoutlist) { Curl_llist_destroy(data->state.timeoutlist, NULL); data->state.timeoutlist = NULL; @@ -630,7 +786,7 @@ bool Curl_pipeline_wanted(const struct Curl_multi *multi, int bits) return (multi && (multi->pipelining & bits)) ? TRUE : FALSE; } -void Curl_multi_handlePipeBreak(struct SessionHandle *data) +void Curl_multi_handlePipeBreak(struct Curl_easy *data) { data->easy_conn = NULL; } @@ -683,7 +839,7 @@ static int domore_getsock(struct connectdata *conn, } /* returns bitmapped flags for this handle and its sockets */ -static int multi_getsock(struct SessionHandle *data, +static int multi_getsock(struct Curl_easy *data, curl_socket_t *socks, /* points to numsocks number of sockets */ int numsocks) @@ -749,15 +905,14 @@ static int multi_getsock(struct SessionHandle *data, } -CURLMcode curl_multi_fdset(CURLM *multi_handle, +CURLMcode curl_multi_fdset(struct Curl_multi *multi, fd_set *read_fd_set, fd_set *write_fd_set, fd_set *exc_fd_set, int *max_fd) { /* Scan through all the easy handles to get the file descriptors set. Some easy handles may not have connected to the remote host yet, and then we must make sure that is done. */ - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; - struct SessionHandle *data; + struct Curl_easy *data; int this_max_fd=-1; curl_socket_t sockbunch[MAX_SOCKSPEREASYHANDLE]; int bitmap; @@ -799,14 +954,13 @@ CURLMcode curl_multi_fdset(CURLM *multi_handle, return CURLM_OK; } -CURLMcode curl_multi_wait(CURLM *multi_handle, +CURLMcode curl_multi_wait(struct Curl_multi *multi, struct curl_waitfd extra_fds[], unsigned int extra_nfds, int timeout_ms, int *ret) { - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; - struct SessionHandle *data; + struct Curl_easy *data; curl_socket_t sockbunch[MAX_SOCKSPEREASYHANDLE]; int bitmap; unsigned int i; @@ -969,7 +1123,7 @@ static bool multi_ischanged(struct Curl_multi *multi, bool clear) } CURLMcode Curl_multi_add_perform(struct Curl_multi *multi, - struct SessionHandle *data, + struct Curl_easy *data, struct connectdata *conn) { CURLMcode rc; @@ -990,9 +1144,142 @@ CURLMcode Curl_multi_add_perform(struct Curl_multi *multi, return rc; } +static CURLcode multi_reconnect_request(struct connectdata **connp) +{ + CURLcode result = CURLE_OK; + struct connectdata *conn = *connp; + struct Curl_easy *data = conn->data; + + /* This was a re-use of a connection and we got a write error in the + * DO-phase. Then we DISCONNECT this connection and have another attempt to + * CONNECT and then DO again! The retry cannot possibly find another + * connection to re-use, since we only keep one possible connection for + * each. */ + + infof(data, "Re-used connection seems dead, get a new one\n"); + + connclose(conn, "Reconnect dead connection"); /* enforce close */ + result = multi_done(&conn, result, FALSE); /* we are so done with this */ + + /* conn may no longer be a good pointer, clear it to avoid mistakes by + parent functions */ + *connp = NULL; + + /* + * We need to check for CURLE_SEND_ERROR here as well. This could happen + * when the request failed on a FTP connection and thus multi_done() itself + * tried to use the connection (again). + */ + if(!result || (CURLE_SEND_ERROR == result)) { + bool async; + bool protocol_done = TRUE; + + /* Now, redo the connect and get a new connection */ + result = Curl_connect(data, connp, &async, &protocol_done); + if(!result) { + /* We have connected or sent away a name resolve query fine */ + + conn = *connp; /* setup conn to again point to something nice */ + if(async) { + /* Now, if async is TRUE here, we need to wait for the name + to resolve */ + result = Curl_resolver_wait_resolv(conn, NULL); + if(result) + return result; + + /* Resolved, continue with the connection */ + result = Curl_async_resolved(conn, &protocol_done); + if(result) + return result; + } + } + } + + return result; +} + +/* + * do_complete is called when the DO actions are complete. + * + * We init chunking and trailer bits to their default values here immediately + * before receiving any header data for the current request in the pipeline. + */ +static void do_complete(struct connectdata *conn) +{ + conn->data->req.chunk=FALSE; + conn->data->req.maxfd = (conn->sockfd>conn->writesockfd? + conn->sockfd:conn->writesockfd)+1; + Curl_pgrsTime(conn->data, TIMER_PRETRANSFER); +} + +static CURLcode multi_do(struct connectdata **connp, bool *done) +{ + CURLcode result=CURLE_OK; + struct connectdata *conn = *connp; + struct Curl_easy *data = conn->data; + + if(conn->handler->do_it) { + /* generic protocol-specific function pointer set in curl_connect() */ + result = conn->handler->do_it(conn, done); + + /* This was formerly done in transfer.c, but we better do it here */ + if((CURLE_SEND_ERROR == result) && conn->bits.reuse) { + /* + * If the connection is using an easy handle, call reconnect + * to re-establish the connection. Otherwise, let the multi logic + * figure out how to re-establish the connection. + */ + if(!data->multi) { + result = multi_reconnect_request(connp); + + if(!result) { + /* ... finally back to actually retry the DO phase */ + conn = *connp; /* re-assign conn since multi_reconnect_request + creates a new connection */ + result = conn->handler->do_it(conn, done); + } + } + else + return result; + } + + if(!result && *done) + /* do_complete must be called after the protocol-specific DO function */ + do_complete(conn); + } + return result; +} + +/* + * multi_do_more() is called during the DO_MORE multi state. It is basically a + * second stage DO state which (wrongly) was introduced to support FTP's + * second connection. + * + * TODO: A future libcurl should be able to work away this state. + * + * 'complete' can return 0 for incomplete, 1 for done and -1 for go back to + * DOING state there's more work to do! + */ + +static CURLcode multi_do_more(struct connectdata *conn, int *complete) +{ + CURLcode result=CURLE_OK; + + *complete = 0; + + if(conn->handler->do_more) + result = conn->handler->do_more(conn, complete); + + if(!result && (*complete == 1)) + /* do_complete must be called after the protocol-specific DO function */ + do_complete(conn); + + return result; +} + static CURLMcode multi_runsingle(struct Curl_multi *multi, struct timeval now, - struct SessionHandle *data) + struct Curl_easy *data) { struct Curl_message *msg = NULL; bool connected; @@ -1010,7 +1297,9 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, return CURLM_BAD_EASY_HANDLE; do { - bool disconnect_conn = FALSE; + /* A "stream" here is a logical stream if the protocol can handle that + (HTTP/2), or the full connection for older protocols */ + bool stream_error = FALSE; rc = CURLM_OK; /* Handle the case when the pipe breaks, i.e., the connection @@ -1075,7 +1364,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, failf(data, "Operation timed out after %ld milliseconds with %" CURL_FORMAT_CURL_OFF_T " out of %" CURL_FORMAT_CURL_OFF_T " bytes received", - Curl_tvdiff(k->now, data->progress.t_startsingle), + Curl_tvdiff(now, data->progress.t_startsingle), k->bytecount, k->size); } else { @@ -1088,11 +1377,11 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* Force connection closed if the connection has indeed been used */ if(data->mstate > CURLM_STATE_DO) { - connclose(data->easy_conn, "Disconnected with pending data"); - disconnect_conn = TRUE; + streamclose(data->easy_conn, "Disconnected with pending data"); + stream_error = TRUE; } result = CURLE_OPERATION_TIMEDOUT; - (void)Curl_done(&data->easy_conn, result, TRUE); + (void)multi_done(&data->easy_conn, result, TRUE); /* Skip the statemachine and go directly to error handling section. */ goto statemachine_end; } @@ -1138,7 +1427,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* Add this handle to the send or pend pipeline */ result = Curl_add_handle_to_pipeline(data, data->easy_conn); if(result) - disconnect_conn = TRUE; + stream_error = TRUE; else { if(async) /* We're now waiting for an asynchronous name lookup */ @@ -1170,9 +1459,17 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, { struct Curl_dns_entry *dns = NULL; struct connectdata *conn = data->easy_conn; + const char *hostname; + + if(conn->bits.proxy) + hostname = conn->proxy.name; + else if(conn->bits.conn_to_host) + hostname = conn->conn_to_host.name; + else + hostname = conn->host.name; /* check if we have the name resolved by now */ - dns = Curl_fetch_addr(conn, conn->host.name, (int)conn->port); + dns = Curl_fetch_addr(conn, hostname, (int)conn->port); if(dns) { #ifdef CURLRES_ASYNCH @@ -1180,7 +1477,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, conn->async.done = TRUE; #endif result = CURLE_OK; - infof(data, "Hostname was found in DNS cache\n"); + infof(data, "Hostname '%s' was found in DNS cache\n", hostname); } if(!dns) @@ -1222,7 +1519,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, if(result) { /* failure detected */ - disconnect_conn = TRUE; + stream_error = TRUE; break; } } @@ -1237,7 +1534,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, rc = CURLM_CALL_MULTI_PERFORM; /* connect back to proxy again */ result = CURLE_OK; - Curl_done(&data->easy_conn, CURLE_OK, FALSE); + multi_done(&data->easy_conn, CURLE_OK, FALSE); multistate(data, CURLM_STATE_CONNECT); } else if(!result) { @@ -1262,7 +1559,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, else if(result) { /* failure detected */ /* Just break, the cleaning up is handled all in one place */ - disconnect_conn = TRUE; + stream_error = TRUE; break; } break; @@ -1281,8 +1578,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, else if(result) { /* failure detected */ Curl_posttransfer(data); - Curl_done(&data->easy_conn, result, TRUE); - disconnect_conn = TRUE; + multi_done(&data->easy_conn, result, TRUE); + stream_error = TRUE; } break; @@ -1298,8 +1595,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, else if(result) { /* failure detected */ Curl_posttransfer(data); - Curl_done(&data->easy_conn, result, TRUE); - disconnect_conn = TRUE; + multi_done(&data->easy_conn, result, TRUE); + stream_error = TRUE; } break; @@ -1322,9 +1619,9 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, } else { /* Perform the protocol's DO action */ - result = Curl_do(&data->easy_conn, &dophase_done); + result = multi_do(&data->easy_conn, &dophase_done); - /* When Curl_do() returns failure, data->easy_conn might be NULL! */ + /* When multi_do() returns failure, data->easy_conn might be NULL! */ if(!result) { if(!dophase_done) { @@ -1333,7 +1630,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, struct WildcardData *wc = &data->wildcard; if(wc->state == CURLWC_DONE || wc->state == CURLWC_SKIP) { /* skip some states if it is important */ - Curl_done(&data->easy_conn, CURLE_OK, FALSE); + multi_done(&data->easy_conn, CURLE_OK, FALSE); multistate(data, CURLM_STATE_DONE); rc = CURLM_CALL_MULTI_PERFORM; break; @@ -1374,13 +1671,13 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, if(drc) { /* a failure here pretty much implies an out of memory */ result = drc; - disconnect_conn = TRUE; + stream_error = TRUE; } else retry = (newurl)?TRUE:FALSE; Curl_posttransfer(data); - drc = Curl_done(&data->easy_conn, result, FALSE); + drc = multi_done(&data->easy_conn, result, FALSE); /* When set to retry the connection, we must to go back to * the CONNECT state */ @@ -1407,7 +1704,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, } else { /* Have error handler disconnect conn if we can't retry */ - disconnect_conn = TRUE; + stream_error = TRUE; free(newurl); } } @@ -1415,8 +1712,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* failure detected */ Curl_posttransfer(data); if(data->easy_conn) - Curl_done(&data->easy_conn, result, FALSE); - disconnect_conn = TRUE; + multi_done(&data->easy_conn, result, FALSE); + stream_error = TRUE; } } break; @@ -1437,8 +1734,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, else { /* failure detected */ Curl_posttransfer(data); - Curl_done(&data->easy_conn, result, FALSE); - disconnect_conn = TRUE; + multi_done(&data->easy_conn, result, FALSE); + stream_error = TRUE; } break; @@ -1446,10 +1743,10 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* * When we are connected, DO MORE and then go DO_DONE */ - result = Curl_do_more(data->easy_conn, &control); + result = multi_do_more(data->easy_conn, &control); /* No need to remove this handle from the send pipeline here since that - is done in Curl_done() */ + is done in multi_done() */ if(!result) { if(control) { /* if positive, advance to DO_DONE @@ -1466,8 +1763,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, else { /* failure detected */ Curl_posttransfer(data); - Curl_done(&data->easy_conn, result, FALSE); - disconnect_conn = TRUE; + multi_done(&data->easy_conn, result, FALSE); + stream_error = TRUE; } break; @@ -1504,9 +1801,17 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, result = Curl_speedcheck(data, now); if(( (data->set.max_send_speed == 0) || - (data->progress.ulspeed < data->set.max_send_speed )) && + (Curl_pgrsLimitWaitTime(data->progress.uploaded, + data->progress.ul_limit_size, + data->set.max_send_speed, + data->progress.ul_limit_start, + now) <= 0)) && ( (data->set.max_recv_speed == 0) || - (data->progress.dlspeed < data->set.max_recv_speed))) + (Curl_pgrsLimitWaitTime(data->progress.downloaded, + data->progress.dl_limit_size, + data->set.max_recv_speed, + data->progress.dl_limit_start, + now) <= 0))) multistate(data, CURLM_STATE_PERFORM); break; @@ -1514,41 +1819,38 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, { char *newurl = NULL; bool retry = FALSE; + bool comeback = FALSE; /* check if over send speed */ - if((data->set.max_send_speed > 0) && - (data->progress.ulspeed > data->set.max_send_speed)) { - int buffersize; - - multistate(data, CURLM_STATE_TOOFAST); - - /* calculate upload rate-limitation timeout. */ - buffersize = (int)(data->set.buffer_size ? - data->set.buffer_size : BUFSIZE); - timeout_ms = Curl_sleep_time(data->set.max_send_speed, - data->progress.ulspeed, buffersize); - Curl_expire_latest(data, timeout_ms); - break; + if(data->set.max_send_speed > 0) { + timeout_ms = Curl_pgrsLimitWaitTime(data->progress.uploaded, + data->progress.ul_limit_size, + data->set.max_send_speed, + data->progress.ul_limit_start, + now); + if(timeout_ms > 0) { + multistate(data, CURLM_STATE_TOOFAST); + Curl_expire_latest(data, timeout_ms); + break; + } } /* check if over recv speed */ - if((data->set.max_recv_speed > 0) && - (data->progress.dlspeed > data->set.max_recv_speed)) { - int buffersize; - - multistate(data, CURLM_STATE_TOOFAST); - - /* Calculate download rate-limitation timeout. */ - buffersize = (int)(data->set.buffer_size ? - data->set.buffer_size : BUFSIZE); - timeout_ms = Curl_sleep_time(data->set.max_recv_speed, - data->progress.dlspeed, buffersize); - Curl_expire_latest(data, timeout_ms); - break; + if(data->set.max_recv_speed > 0) { + timeout_ms = Curl_pgrsLimitWaitTime(data->progress.downloaded, + data->progress.dl_limit_size, + data->set.max_recv_speed, + data->progress.dl_limit_start, + now); + if(timeout_ms > 0) { + multistate(data, CURLM_STATE_TOOFAST); + Curl_expire_latest(data, timeout_ms); + break; + } } /* read/write data if it is ready to do so */ - result = Curl_readwrite(data->easy_conn, data, &done); + result = Curl_readwrite(data->easy_conn, data, &done, &comeback); k = &data->req; @@ -1586,11 +1888,12 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, * happened in the data connection. */ - if(!(data->easy_conn->handler->flags & PROTOPT_DUAL)) - connclose(data->easy_conn, "Transfer returned error"); + if(!(data->easy_conn->handler->flags & PROTOPT_DUAL) && + result != CURLE_HTTP2_STREAM) + streamclose(data->easy_conn, "Transfer returned error"); Curl_posttransfer(data); - Curl_done(&data->easy_conn, result, FALSE); + multi_done(&data->easy_conn, result, TRUE); } else if(done) { followtype follow=FOLLOW_NONE; @@ -1603,7 +1906,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* expire the new receiving pipeline head */ if(data->easy_conn->recv_pipe->head) - Curl_expire_latest(data->easy_conn->recv_pipe->head->ptr, 1); + Curl_expire_latest(data->easy_conn->recv_pipe->head->ptr, 0); /* Check if we can move pending requests to send pipe */ Curl_multi_process_pending_handles(multi); @@ -1621,7 +1924,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, } else follow = FOLLOW_RETRY; - result = Curl_done(&data->easy_conn, CURLE_OK, FALSE); + result = multi_done(&data->easy_conn, CURLE_OK, FALSE); if(!result) { result = Curl_follow(data, newurl, follow); if(!result) { @@ -1646,13 +1949,15 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, if(!result) newurl = NULL; /* allocation was handed over Curl_follow() */ else - disconnect_conn = TRUE; + stream_error = TRUE; } multistate(data, CURLM_STATE_DONE); rc = CURLM_CALL_MULTI_PERFORM; } } + else if(comeback) + rc = CURLM_CALL_MULTI_PERFORM; free(newurl); break; @@ -1671,14 +1976,14 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, Curl_multi_process_pending_handles(multi); /* post-transfer command */ - res = Curl_done(&data->easy_conn, result, FALSE); + res = multi_done(&data->easy_conn, result, FALSE); /* allow a previously set error code take precedence */ if(!result) result = res; /* - * If there are other handles on the pipeline, Curl_done won't set + * If there are other handles on the pipeline, multi_done won't set * easy_conn to NULL. In such a case, curl_multi_remove_handle() can * access free'd data, if the connection is free'd and the handle * removed before we perform the processing in CURLM_STATE_COMPLETED @@ -1697,7 +2002,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, } /* after we have DONE what we're supposed to do, go COMPLETED, and - it doesn't matter what the Curl_done() returned! */ + it doesn't matter what the multi_done() returned! */ multistate(data, CURLM_STATE_COMPLETED); break; @@ -1711,7 +2016,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, that could be freed anytime */ data->easy_conn = NULL; - Curl_expire(data, 0); /* stop all timers */ + Curl_expire_clear(data); /* stop all timers */ break; case CURLM_STATE_MSGSENT: @@ -1745,7 +2050,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, Curl_removeHandleFromPipeline(data, data->easy_conn->send_pipe); Curl_removeHandleFromPipeline(data, data->easy_conn->recv_pipe); - if(disconnect_conn) { + if(stream_error) { /* Don't attempt to send data over a connection that timed out */ bool dead_connection = result == CURLE_OPERATION_TIMEDOUT; /* disconnect properly */ @@ -1769,7 +2074,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* aborted due to progress callback return code must close the connection */ result = CURLE_ABORTED_BY_CALLBACK; - connclose(data->easy_conn, "Aborted by callback"); + streamclose(data->easy_conn, "Aborted by callback"); /* if not yet in DONE state, go there, otherwise COMPLETED */ multistate(data, (data->mstate < CURLM_STATE_DONE)? @@ -1799,10 +2104,9 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, } -CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles) +CURLMcode curl_multi_perform(struct Curl_multi *multi, int *running_handles) { - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; - struct SessionHandle *data; + struct Curl_easy *data; CURLMcode returncode=CURLM_OK; struct Curl_tree *t; struct timeval now = Curl_tvnow(); @@ -1813,27 +2117,12 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles) data=multi->easyp; while(data) { CURLMcode result; - struct WildcardData *wc = &data->wildcard; SIGPIPE_VARIABLE(pipe_st); - if(data->set.wildcardmatch) { - if(!wc->filelist) { - CURLcode ret = Curl_wildcard_init(wc); /* init wildcard structures */ - if(ret) - return CURLM_OUT_OF_MEMORY; - } - } - sigpipe_ignore(data, &pipe_st); result = multi_runsingle(multi, now, data); sigpipe_restore(&pipe_st); - if(data->set.wildcardmatch) { - /* destruct wildcard structures if it is needed */ - if(wc->state == CURLWC_DONE || result) - Curl_wildcard_dtor(wc); - } - if(result) returncode = result; @@ -1876,6 +2165,8 @@ static void close_all_connections(struct Curl_multi *multi) conn->data = multi->closure_handle; sigpipe_ignore(conn->data, &pipe_st); + conn->data->easy_conn = NULL; /* clear the easy handle's connection + pointer */ /* This will remove the connection from the cache */ (void)Curl_disconnect(conn, FALSE); sigpipe_restore(&pipe_st); @@ -1884,11 +2175,10 @@ static void close_all_connections(struct Curl_multi *multi) } } -CURLMcode curl_multi_cleanup(CURLM *multi_handle) +CURLMcode curl_multi_cleanup(struct Curl_multi *multi) { - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; - struct SessionHandle *data; - struct SessionHandle *nextdata; + struct Curl_easy *data; + struct Curl_easy *nextdata; if(GOOD_MULTI_HANDLE(multi)) { bool restore_pipe = FALSE; @@ -1959,9 +2249,8 @@ CURLMcode curl_multi_cleanup(CURLM *multi_handle) * beyond. The current design is fully O(1). */ -CURLMsg *curl_multi_info_read(CURLM *multi_handle, int *msgs_in_queue) +CURLMsg *curl_multi_info_read(struct Curl_multi *multi, int *msgs_in_queue) { - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; struct Curl_message *msg; *msgs_in_queue = 0; /* default to none */ @@ -1992,7 +2281,7 @@ CURLMsg *curl_multi_info_read(CURLM *multi_handle, int *msgs_in_queue) * call the callback accordingly. */ static void singlesocket(struct Curl_multi *multi, - struct SessionHandle *data) + struct Curl_easy *data) { curl_socket_t socks[MAX_SOCKSPEREASYHANDLE]; int i; @@ -2164,7 +2453,7 @@ void Curl_multi_closed(struct connectdata *conn, curl_socket_t s) /* * add_next_timeout() * - * Each SessionHandle has a list of timeouts. The add_next_timeout() is called + * Each Curl_easy has a list of timeouts. The add_next_timeout() is called * when it has just been removed from the splay tree because the timeout has * expired. This function is then to advance in the list to pick the next * timeout to use (skip the already expired ones) and add this node back to @@ -2175,7 +2464,7 @@ void Curl_multi_closed(struct connectdata *conn, curl_socket_t s) */ static CURLMcode add_next_timeout(struct timeval now, struct Curl_multi *multi, - struct SessionHandle *d) + struct Curl_easy *d) { struct timeval *tv = &d->state.expiretime; struct curl_llist *list = d->state.timeoutlist; @@ -2184,7 +2473,7 @@ static CURLMcode add_next_timeout(struct timeval now, /* move over the timeout list for this specific handle and remove all timeouts that are now passed tense and store the next pending timeout in *tv */ - for(e = list->head; e; ) { + for(e = list->head; e;) { struct curl_llist_element *n = e->next; long diff = curlx_tvdiff(*(struct timeval *)e->ptr, now); if(diff <= 0) @@ -2223,7 +2512,7 @@ static CURLMcode multi_socket(struct Curl_multi *multi, int *running_handles) { CURLMcode result = CURLM_OK; - struct SessionHandle *data = NULL; + struct Curl_easy *data = NULL; struct Curl_tree *t; struct timeval now = Curl_tvnow(); @@ -2351,10 +2640,9 @@ static CURLMcode multi_socket(struct Curl_multi *multi, } #undef curl_multi_setopt -CURLMcode curl_multi_setopt(CURLM *multi_handle, +CURLMcode curl_multi_setopt(struct Curl_multi *multi, CURLMoption option, ...) { - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; CURLMcode res = CURLM_OK; va_list param; @@ -2422,33 +2710,32 @@ CURLMcode curl_multi_setopt(CURLM *multi_handle, /* we define curl_multi_socket() in the public multi.h header */ #undef curl_multi_socket -CURLMcode curl_multi_socket(CURLM *multi_handle, curl_socket_t s, +CURLMcode curl_multi_socket(struct Curl_multi *multi, curl_socket_t s, int *running_handles) { - CURLMcode result = multi_socket((struct Curl_multi *)multi_handle, FALSE, s, - 0, running_handles); + CURLMcode result = multi_socket(multi, FALSE, s, 0, running_handles); if(CURLM_OK >= result) - update_timer((struct Curl_multi *)multi_handle); + update_timer(multi); return result; } -CURLMcode curl_multi_socket_action(CURLM *multi_handle, curl_socket_t s, +CURLMcode curl_multi_socket_action(struct Curl_multi *multi, curl_socket_t s, int ev_bitmask, int *running_handles) { - CURLMcode result = multi_socket((struct Curl_multi *)multi_handle, FALSE, s, + CURLMcode result = multi_socket(multi, FALSE, s, ev_bitmask, running_handles); if(CURLM_OK >= result) - update_timer((struct Curl_multi *)multi_handle); + update_timer(multi); return result; } -CURLMcode curl_multi_socket_all(CURLM *multi_handle, int *running_handles) +CURLMcode curl_multi_socket_all(struct Curl_multi *multi, int *running_handles) { - CURLMcode result = multi_socket((struct Curl_multi *)multi_handle, - TRUE, CURL_SOCKET_BAD, 0, running_handles); + CURLMcode result = multi_socket(multi, TRUE, CURL_SOCKET_BAD, 0, + running_handles); if(CURLM_OK >= result) - update_timer((struct Curl_multi *)multi_handle); + update_timer(multi); return result; } @@ -2487,11 +2774,9 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, return CURLM_OK; } -CURLMcode curl_multi_timeout(CURLM *multi_handle, +CURLMcode curl_multi_timeout(struct Curl_multi *multi, long *timeout_ms) { - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; - /* First, make some basic checks that the CURLM handle is a good handle */ if(!GOOD_MULTI_HANDLE(multi)) return CURLM_BAD_HANDLE; @@ -2518,7 +2803,7 @@ static int update_timer(struct Curl_multi *multi) multi->timer_lastcall = none; /* there's no timeout now but there was one previously, tell the app to disable it */ - return multi->timer_cb((CURLM*)multi, -1, multi->timer_userp); + return multi->timer_cb(multi, -1, multi->timer_userp); } return 0; } @@ -2532,7 +2817,7 @@ static int update_timer(struct Curl_multi *multi) multi->timer_lastcall = multi->timetree->key; - return multi->timer_cb((CURLM*)multi, timeout_ms, multi->timer_userp); + return multi->timer_cb(multi, timeout_ms, multi->timer_userp); } /* @@ -2599,92 +2884,59 @@ multi_addtimeout(struct curl_llist *timeoutlist, * given a number of milliseconds from now to use to set the 'act before * this'-time for the transfer, to be extracted by curl_multi_timeout() * - * Note that the timeout will be added to a queue of timeouts if it defines a - * moment in time that is later than the current head of queue. - * - * Pass zero to clear all timeout values for this handle. -*/ -void Curl_expire(struct SessionHandle *data, long milli) + * The timeout will be added to a queue of timeouts if it defines a moment in + * time that is later than the current head of queue. + */ +void Curl_expire(struct Curl_easy *data, long milli) { struct Curl_multi *multi = data->multi; struct timeval *nowp = &data->state.expiretime; int rc; + struct timeval set; /* this is only interesting while there is still an associated multi struct remaining! */ if(!multi) return; - if(!milli) { - /* No timeout, clear the time data. */ - if(nowp->tv_sec || nowp->tv_usec) { - /* Since this is an cleared time, we must remove the previous entry from - the splay tree */ - struct curl_llist *list = data->state.timeoutlist; - - rc = Curl_splayremovebyaddr(multi->timetree, - &data->state.timenode, - &multi->timetree); - if(rc) - infof(data, "Internal error clearing splay node = %d\n", rc); - - /* flush the timeout list too */ - while(list->size > 0) - Curl_llist_remove(list, list->tail, NULL); + set = Curl_tvnow(); + set.tv_sec += milli/1000; + set.tv_usec += (milli%1000)*1000; -#ifdef DEBUGBUILD - infof(data, "Expire cleared\n"); -#endif - nowp->tv_sec = 0; - nowp->tv_usec = 0; - } + if(set.tv_usec >= 1000000) { + set.tv_sec++; + set.tv_usec -= 1000000; } - else { - struct timeval set; - - set = Curl_tvnow(); - set.tv_sec += milli/1000; - set.tv_usec += (milli%1000)*1000; - - if(set.tv_usec >= 1000000) { - set.tv_sec++; - set.tv_usec -= 1000000; - } - - if(nowp->tv_sec || nowp->tv_usec) { - /* This means that the struct is added as a node in the splay tree. - Compare if the new time is earlier, and only remove-old/add-new if it - is. */ - long diff = curlx_tvdiff(set, *nowp); - if(diff > 0) { - /* the new expire time was later so just add it to the queue - and get out */ - multi_addtimeout(data->state.timeoutlist, &set); - return; - } - /* the new time is newer than the presently set one, so add the current - to the queue and update the head */ - multi_addtimeout(data->state.timeoutlist, nowp); - - /* Since this is an updated time, we must remove the previous entry from - the splay tree first and then re-add the new value */ - rc = Curl_splayremovebyaddr(multi->timetree, - &data->state.timenode, - &multi->timetree); - if(rc) - infof(data, "Internal error removing splay node = %d\n", rc); + if(nowp->tv_sec || nowp->tv_usec) { + /* This means that the struct is added as a node in the splay tree. + Compare if the new time is earlier, and only remove-old/add-new if it + is. */ + long diff = curlx_tvdiff(set, *nowp); + if(diff > 0) { + /* the new expire time was later so just add it to the queue + and get out */ + multi_addtimeout(data->state.timeoutlist, &set); + return; } - *nowp = set; - data->state.timenode.payload = data; - multi->timetree = Curl_splayinsert(*nowp, - multi->timetree, - &data->state.timenode); + /* the new time is newer than the presently set one, so add the current + to the queue and update the head */ + multi_addtimeout(data->state.timeoutlist, nowp); + + /* Since this is an updated time, we must remove the previous entry from + the splay tree first and then re-add the new value */ + rc = Curl_splayremovebyaddr(multi->timetree, + &data->state.timenode, + &multi->timetree); + if(rc) + infof(data, "Internal error removing splay node = %d\n", rc); } -#if 0 - Curl_splayprint(multi->timetree, 0, TRUE); -#endif + + *nowp = set; + data->state.timenode.payload = data; + multi->timetree = Curl_splayinsert(*nowp, multi->timetree, + &data->state.timenode); } /* @@ -2698,7 +2950,7 @@ void Curl_expire(struct SessionHandle *data, long milli) * time-out period to expire. * */ -void Curl_expire_latest(struct SessionHandle *data, long milli) +void Curl_expire_latest(struct Curl_easy *data, long milli) { struct timeval *expire = &data->state.expiretime; @@ -2727,11 +2979,53 @@ void Curl_expire_latest(struct SessionHandle *data, long milli) Curl_expire(data, milli); } -CURLMcode curl_multi_assign(CURLM *multi_handle, - curl_socket_t s, void *hashp) + +/* + * Curl_expire_clear() + * + * Clear ALL timeout values for this handle. + */ +void Curl_expire_clear(struct Curl_easy *data) +{ + struct Curl_multi *multi = data->multi; + struct timeval *nowp = &data->state.expiretime; + int rc; + + /* this is only interesting while there is still an associated multi struct + remaining! */ + if(!multi) + return; + + if(nowp->tv_sec || nowp->tv_usec) { + /* Since this is an cleared time, we must remove the previous entry from + the splay tree */ + struct curl_llist *list = data->state.timeoutlist; + + rc = Curl_splayremovebyaddr(multi->timetree, + &data->state.timenode, + &multi->timetree); + if(rc) + infof(data, "Internal error clearing splay node = %d\n", rc); + + /* flush the timeout list too */ + while(list->size > 0) + Curl_llist_remove(list, list->tail, NULL); + +#ifdef DEBUGBUILD + infof(data, "Expire cleared\n"); +#endif + nowp->tv_sec = 0; + nowp->tv_usec = 0; + } +} + + + + +CURLMcode curl_multi_assign(struct Curl_multi *multi, curl_socket_t s, + void *hashp) { struct Curl_sh_entry *there = NULL; - struct Curl_multi *multi = (struct Curl_multi *)multi_handle; there = sh_getentry(&multi->sockhash, s); @@ -2778,7 +3072,7 @@ void Curl_multi_process_pending_handles(struct Curl_multi *multi) struct curl_llist_element *e = multi->pending->head; while(e) { - struct SessionHandle *data = e->ptr; + struct Curl_easy *data = e->ptr; struct curl_llist_element *next = e->next; if(data->mstate == CURLM_STATE_CONNECT_PEND) { @@ -2788,7 +3082,7 @@ void Curl_multi_process_pending_handles(struct Curl_multi *multi) Curl_llist_remove(multi->pending, e, NULL); /* Make sure that the handle will be processed soonish. */ - Curl_expire_latest(data, 1); + Curl_expire_latest(data, 0); } e = next; /* operate on next handle */ @@ -2796,10 +3090,9 @@ void Curl_multi_process_pending_handles(struct Curl_multi *multi) } #ifdef DEBUGBUILD -void Curl_multi_dump(const struct Curl_multi *multi_handle) +void Curl_multi_dump(struct Curl_multi *multi) { - struct Curl_multi *multi=(struct Curl_multi *)multi_handle; - struct SessionHandle *data; + struct Curl_easy *data; int i; fprintf(stderr, "* Multi status: %d handles, %d alive\n", multi->num_easy, multi->num_alive); diff --git a/lib/multihandle.h b/lib/multihandle.h index fc81a5540..c56b6aec1 100644 --- a/lib/multihandle.h +++ b/lib/multihandle.h @@ -71,8 +71,8 @@ struct Curl_multi { long type; /* We have a doubly-linked circular list with easy handles */ - struct SessionHandle *easyp; - struct SessionHandle *easylp; /* last node */ + struct Curl_easy *easyp; + struct Curl_easy *easylp; /* last node */ int num_easy; /* amount of entries in the linked list above. */ int num_alive; /* amount of easy handles that are added but have not yet @@ -80,7 +80,7 @@ struct Curl_multi { struct curl_llist *msglist; /* a list of messages from completed transfers */ - struct curl_llist *pending; /* SessionHandles that are in the + struct curl_llist *pending; /* Curl_easys that are in the CURLM_STATE_CONNECT_PEND state */ /* callback function and user data pointer for the *socket() API */ @@ -113,7 +113,7 @@ struct Curl_multi { /* This handle will be used for closing the cached connections in curl_multi_cleanup() */ - struct SessionHandle *closure_handle; + struct Curl_easy *closure_handle; long maxconnects; /* if >0, a fixed limit of the maximum number of entries we're allowed to grow the connection cache to */ diff --git a/lib/multiif.h b/lib/multiif.h index b229f53ee..eaff496ea 100644 --- a/lib/multiif.h +++ b/lib/multiif.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -25,10 +25,11 @@ /* * Prototypes for library-wide functions provided by multi.c */ -void Curl_expire(struct SessionHandle *data, long milli); -void Curl_expire_latest(struct SessionHandle *data, long milli); +void Curl_expire(struct Curl_easy *data, long milli); +void Curl_expire_clear(struct Curl_easy *data); +void Curl_expire_latest(struct Curl_easy *data, long milli); bool Curl_pipeline_wanted(const struct Curl_multi* multi, int bits); -void Curl_multi_handlePipeBreak(struct SessionHandle *data); +void Curl_multi_handlePipeBreak(struct Curl_easy *data); /* Internal version of curl_multi_init() accepts size parameters for the socket and connection hashes */ @@ -51,7 +52,7 @@ struct Curl_multi *Curl_multi_handle(int hashsize, int chashsize); * allow easier tracking of the internal handle's state and what sockets * they use. Only for research and development DEBUGBUILD enabled builds. */ -void Curl_multi_dump(const struct Curl_multi *multi_handle); +void Curl_multi_dump(struct Curl_multi *multi); #endif void Curl_multi_process_pending_handles(struct Curl_multi *multi); @@ -92,6 +93,6 @@ void Curl_multi_closed(struct connectdata *conn, curl_socket_t s); * Add a handle and move it into PERFORM state at once. For pushed streams. */ CURLMcode Curl_multi_add_perform(struct Curl_multi *multi, - struct SessionHandle *data, + struct Curl_easy *data, struct connectdata *conn); #endif /* HEADER_CURL_MULTIIF_H */ diff --git a/lib/netrc.c b/lib/netrc.c index 541310e2b..46f427a2b 100644 --- a/lib/netrc.c +++ b/lib/netrc.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -32,9 +32,9 @@ #include "strequal.h" #include "strtok.h" #include "rawstr.h" -#include "curl_printf.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" diff --git a/lib/non-ascii.c b/lib/non-ascii.c index 205ff04ba..ed1461807 100644 --- a/lib/non-ascii.c +++ b/lib/non-ascii.c @@ -51,7 +51,7 @@ * Curl_convert_clone() returns a malloced copy of the source string (if * returning CURLE_OK), with the data converted to network format. */ -CURLcode Curl_convert_clone(struct SessionHandle *data, +CURLcode Curl_convert_clone(struct Curl_easy *data, const char *indata, size_t insize, char **outbuf) @@ -79,7 +79,7 @@ CURLcode Curl_convert_clone(struct SessionHandle *data, * Curl_convert_to_network() is an internal function for performing ASCII * conversions on non-ASCII platforms. It convers the buffer _in place_. */ -CURLcode Curl_convert_to_network(struct SessionHandle *data, +CURLcode Curl_convert_to_network(struct Curl_easy *data, char *buffer, size_t length) { if(data->set.convtonetwork) { @@ -139,7 +139,7 @@ CURLcode Curl_convert_to_network(struct SessionHandle *data, * Curl_convert_from_network() is an internal function for performing ASCII * conversions on non-ASCII platforms. It convers the buffer _in place_. */ -CURLcode Curl_convert_from_network(struct SessionHandle *data, +CURLcode Curl_convert_from_network(struct Curl_easy *data, char *buffer, size_t length) { if(data->set.convfromnetwork) { @@ -199,7 +199,7 @@ CURLcode Curl_convert_from_network(struct SessionHandle *data, * Curl_convert_from_utf8() is an internal function for performing UTF-8 * conversions on non-ASCII platforms. */ -CURLcode Curl_convert_from_utf8(struct SessionHandle *data, +CURLcode Curl_convert_from_utf8(struct Curl_easy *data, char *buffer, size_t length) { if(data->set.convfromutf8) { @@ -261,9 +261,9 @@ CURLcode Curl_convert_from_utf8(struct SessionHandle *data, } /* - * Init conversion stuff for a SessionHandle + * Init conversion stuff for a Curl_easy */ -void Curl_convert_init(struct SessionHandle *data) +void Curl_convert_init(struct Curl_easy *data) { #if defined(CURL_DOES_CONVERSIONS) && defined(HAVE_ICONV) /* conversion descriptors for iconv calls */ @@ -276,9 +276,9 @@ void Curl_convert_init(struct SessionHandle *data) } /* - * Setup conversion stuff for a SessionHandle + * Setup conversion stuff for a Curl_easy */ -void Curl_convert_setup(struct SessionHandle *data) +void Curl_convert_setup(struct Curl_easy *data) { data->inbound_cd = iconv_open(CURL_ICONV_CODESET_OF_HOST, CURL_ICONV_CODESET_OF_NETWORK); @@ -289,10 +289,10 @@ void Curl_convert_setup(struct SessionHandle *data) } /* - * Close conversion stuff for a SessionHandle + * Close conversion stuff for a Curl_easy */ -void Curl_convert_close(struct SessionHandle *data) +void Curl_convert_close(struct Curl_easy *data) { #ifdef HAVE_ICONV /* close iconv conversion descriptors */ @@ -314,7 +314,7 @@ void Curl_convert_close(struct SessionHandle *data) * Curl_convert_form() is used from http.c, this converts any form items that need to be sent in the network encoding. Returns CURLE_OK on success. */ -CURLcode Curl_convert_form(struct SessionHandle *data, struct FormData *form) +CURLcode Curl_convert_form(struct Curl_easy *data, struct FormData *form) { CURLcode result; diff --git a/lib/non-ascii.h b/lib/non-ascii.h index f3e2049e4..e27f1f41f 100644 --- a/lib/non-ascii.h +++ b/lib/non-ascii.h @@ -33,22 +33,22 @@ * * If no conversion was needed *outbuf may be NULL. */ -CURLcode Curl_convert_clone(struct SessionHandle *data, +CURLcode Curl_convert_clone(struct Curl_easy *data, const char *indata, size_t insize, char **outbuf); -void Curl_convert_init(struct SessionHandle *data); -void Curl_convert_setup(struct SessionHandle *data); -void Curl_convert_close(struct SessionHandle *data); +void Curl_convert_init(struct Curl_easy *data); +void Curl_convert_setup(struct Curl_easy *data); +void Curl_convert_close(struct Curl_easy *data); -CURLcode Curl_convert_to_network(struct SessionHandle *data, +CURLcode Curl_convert_to_network(struct Curl_easy *data, char *buffer, size_t length); -CURLcode Curl_convert_from_network(struct SessionHandle *data, +CURLcode Curl_convert_from_network(struct Curl_easy *data, char *buffer, size_t length); -CURLcode Curl_convert_from_utf8(struct SessionHandle *data, +CURLcode Curl_convert_from_utf8(struct Curl_easy *data, char *buffer, size_t length); -CURLcode Curl_convert_form(struct SessionHandle *data, struct FormData *form); +CURLcode Curl_convert_form(struct Curl_easy *data, struct FormData *form); #else #define Curl_convert_clone(a,b,c,d) ((void)a, CURLE_OK) #define Curl_convert_init(x) Curl_nop_stmt diff --git a/lib/nwlib.c b/lib/nwlib.c index 7feb8fc3b..42b6aa0da 100644 --- a/lib/nwlib.c +++ b/lib/nwlib.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2012, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -58,26 +58,26 @@ rtag_t gAllocTag = (rtag_t) NULL; NXMutex_t *gLibLock = (NXMutex_t *) NULL; /* internal library function prototypes... */ -int DisposeLibraryData( void * ); -void DisposeThreadData( void * ); -int GetOrSetUpData( int id, libdata_t **data, libthreaddata_t **threaddata ); - - -int _NonAppStart( void *NLMHandle, - void *errorScreen, - const char *cmdLine, - const char *loadDirPath, - size_t uninitializedDataLength, - void *NLMFileHandle, - int (*readRoutineP)( int conn, - void *fileHandle, size_t offset, - size_t nbytes, - size_t *bytesRead, - void *buffer ), +int DisposeLibraryData(void *); +void DisposeThreadData(void *); +int GetOrSetUpData(int id, libdata_t **data, libthreaddata_t **threaddata); + + +int _NonAppStart(void *NLMHandle, + void *errorScreen, + const char *cmdLine, + const char *loadDirPath, + size_t uninitializedDataLength, + void *NLMFileHandle, + int (*readRoutineP)(int conn, + void *fileHandle, size_t offset, + size_t nbytes, + size_t *bytesRead, + void *buffer), size_t customDataOffset, size_t customDataSize, int messageCount, - const char **messages ) + const char **messages) { NX_LOCK_INFO_ALLOC(liblock, "Per-Application Data Lock", 0); @@ -132,7 +132,7 @@ int _NonAppStart( void *NLMHandle, * Here we clean up any resources we allocated. Resource tags is a big part * of what we created, but NetWare doesn't ask us to free those. */ -void _NonAppStop( void ) +void _NonAppStop(void) { (void) unregister_library(gLibId); NXMutexFree(gLibLock); @@ -149,13 +149,13 @@ void _NonAppStop( void ) * we return a non-zero value. Right now, there isn't any reason not to allow * it. */ -int _NonAppCheckUnload( void ) +int _NonAppCheckUnload(void) { return 0; } int GetOrSetUpData(int id, libdata_t **appData, - libthreaddata_t **threadData ) + libthreaddata_t **threadData) { int err; libdata_t *app_data; @@ -277,7 +277,7 @@ int GetOrSetUpData(int id, libdata_t **appData, return err; } -int DisposeLibraryData( void *data ) +int DisposeLibraryData(void *data) { if(data) { void *tenbytes = ((libdata_t *) data)->tenbytes; @@ -289,7 +289,7 @@ int DisposeLibraryData( void *data ) return 0; } -void DisposeThreadData( void *data ) +void DisposeThreadData(void *data) { if(data) { void *twentybytes = ((libthreaddata_t *) data)->twentybytes; @@ -303,7 +303,7 @@ void DisposeThreadData( void *data ) /* For native CLib-based NLM seems we can do a bit more simple. */ #include -int main ( void ) +int main (void) { /* initialize any globals here... */ diff --git a/lib/nwos.c b/lib/nwos.c index 28137e919..385f9c8ad 100644 --- a/lib/nwos.c +++ b/lib/nwos.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -26,7 +26,7 @@ #ifdef __NOVELL_LIBC__ /* For native LibC-based NLM we need to do nothing. */ -int netware_init ( void ) +int netware_init (void) { return 0; } @@ -45,7 +45,7 @@ NETDB_DEFINE_CONTEXT #include NETINET_DEFINE_CONTEXT -int netware_init ( void ) +int netware_init (void) { int rc = 0; unsigned int myHandle = GetNLMHandle(); @@ -72,13 +72,13 @@ int netware_init ( void ) } /* dummy function to satisfy newer prelude */ -int __init_environment ( void ) +int __init_environment (void) { return 0; } /* dummy function to satisfy newer prelude */ -int __deinit_environment ( void ) +int __deinit_environment (void) { return 0; } diff --git a/lib/openldap.c b/lib/openldap.c index 7241bb906..4b8cfb9c2 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2010, Howard Chu, - * Copyright (C) 2011 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2011 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -46,9 +46,8 @@ #include "curl_ldap.h" #include "curl_base64.h" #include "connect.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -151,7 +150,7 @@ static CURLcode ldap_setup_connection(struct connectdata *conn) { ldapconninfo *li; LDAPURLDesc *lud; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; int rc, proto; CURLcode status; @@ -189,7 +188,7 @@ static Sockbuf_IO ldapsb_tls; static CURLcode ldap_connect(struct connectdata *conn, bool *done) { ldapconninfo *li = conn->proto.generic; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int rc, proto = LDAP_VERSION3; char hosturl[1024]; char *ptr; @@ -227,7 +226,7 @@ static CURLcode ldap_connect(struct connectdata *conn, bool *done) static CURLcode ldap_connecting(struct connectdata *conn, bool *done) { ldapconninfo *li = conn->proto.generic; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; LDAPMessage *msg = NULL; struct timeval tv = {0, 1}, *tvp; int rc, err; @@ -353,7 +352,7 @@ static CURLcode ldap_do(struct connectdata *conn, bool *done) int rc = 0; LDAPURLDesc *ludp = NULL; int msgid; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; connkeep(conn, "OpenLDAP do"); @@ -416,7 +415,7 @@ static ssize_t ldap_recv(struct connectdata *conn, int sockindex, char *buf, size_t len, CURLcode *err) { ldapconninfo *li = conn->proto.generic; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; ldapreqinfo *lr = data->req.protop; int rc, ret; LDAPMessage *msg = NULL; diff --git a/lib/pingpong.c b/lib/pingpong.c index 5fea5dee7..92ff84ba3 100644 --- a/lib/pingpong.c +++ b/lib/pingpong.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -34,10 +34,10 @@ #include "multiif.h" #include "non-ascii.h" #include "vtls/vtls.h" -#include "curl_printf.h" +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" #ifdef USE_PINGPONG @@ -47,7 +47,7 @@ long Curl_pp_state_timeout(struct pingpong *pp) { struct connectdata *conn = pp->conn; - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; long timeout_ms; /* in milliseconds */ long timeout2_ms; /* in milliseconds */ long response_time= (data->set.server_response_timeout)? @@ -85,10 +85,10 @@ CURLcode Curl_pp_statemach(struct pingpong *pp, bool block) int rc; long interval_ms; long timeout_ms = Curl_pp_state_timeout(pp); - struct SessionHandle *data=conn->data; + struct Curl_easy *data=conn->data; CURLcode result = CURLE_OK; - if(timeout_ms <=0 ) { + if(timeout_ms <=0) { failf(data, "server response timeout"); return CURLE_OPERATION_TIMEDOUT; /* already too little time */ } @@ -165,7 +165,7 @@ CURLcode Curl_pp_vsendf(struct pingpong *pp, char *s; CURLcode result; struct connectdata *conn = pp->conn; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; #ifdef HAVE_GSSAPI enum protection_level data_sec = conn->data_prot; @@ -271,7 +271,7 @@ CURLcode Curl_pp_readresp(curl_socket_t sockfd, ssize_t gotbytes; char *ptr; struct connectdata *conn = pp->conn; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; char * const buf = data->state.buffer; CURLcode result = CURLE_OK; diff --git a/lib/pipeline.c b/lib/pipeline.c index 95b89b54b..bd902d9a3 100644 --- a/lib/pipeline.c +++ b/lib/pipeline.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2013, Linus Nielsen Feltzing, - * Copyright (C) 2013-2015, Daniel Stenberg, , et al. + * Copyright (C) 2013-2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -57,7 +57,7 @@ static void server_blacklist_llist_dtor(void *user, void *element) free(element); } -bool Curl_pipeline_penalized(struct SessionHandle *data, +bool Curl_pipeline_penalized(struct Curl_easy *data, struct connectdata *conn) { if(data) { @@ -70,7 +70,7 @@ bool Curl_pipeline_penalized(struct SessionHandle *data, /* Find the head of the recv pipe, if any */ if(conn->recv_pipe && conn->recv_pipe->head) { - struct SessionHandle *recv_handle = conn->recv_pipe->head->ptr; + struct Curl_easy *recv_handle = conn->recv_pipe->head->ptr; recv_size = recv_handle->req.size; @@ -91,7 +91,7 @@ bool Curl_pipeline_penalized(struct SessionHandle *data, return FALSE; } -static CURLcode addHandleToPipeline(struct SessionHandle *data, +static CURLcode addHandleToPipeline(struct Curl_easy *data, struct curl_llist *pipeline) { if(!Curl_llist_insert_next(pipeline, pipeline->tail, data)) @@ -100,7 +100,7 @@ static CURLcode addHandleToPipeline(struct SessionHandle *data, } -CURLcode Curl_add_handle_to_pipeline(struct SessionHandle *handle, +CURLcode Curl_add_handle_to_pipeline(struct Curl_easy *handle, struct connectdata *conn) { struct curl_llist_element *sendhead = conn->send_pipe->head; @@ -114,7 +114,7 @@ CURLcode Curl_add_handle_to_pipeline(struct SessionHandle *handle, if(pipeline == conn->send_pipe && sendhead != conn->send_pipe->head) { /* this is a new one as head, expire it */ Curl_pipeline_leave_write(conn); /* not in use yet */ - Curl_expire(conn->send_pipe->head->ptr, 1); + Curl_expire(conn->send_pipe->head->ptr, 0); } #if 0 /* enable for pipeline debugging */ @@ -130,7 +130,7 @@ CURLcode Curl_add_handle_to_pipeline(struct SessionHandle *handle, checked to update what sockets it acts on. */ -void Curl_move_handle_from_send_to_recv_pipe(struct SessionHandle *handle, +void Curl_move_handle_from_send_to_recv_pipe(struct Curl_easy *handle, struct connectdata *conn) { struct curl_llist_element *curr; @@ -149,7 +149,7 @@ void Curl_move_handle_from_send_to_recv_pipe(struct SessionHandle *handle, infof(conn->data, "%p is at send pipe head B!\n", (void *)conn->send_pipe->head->ptr); #endif - Curl_expire(conn->send_pipe->head->ptr, 1); + Curl_expire(conn->send_pipe->head->ptr, 0); } /* The receiver's list is not really interesting here since either this @@ -162,7 +162,7 @@ void Curl_move_handle_from_send_to_recv_pipe(struct SessionHandle *handle, } } -bool Curl_pipeline_site_blacklisted(struct SessionHandle *handle, +bool Curl_pipeline_site_blacklisted(struct Curl_easy *handle, struct connectdata *conn) { if(handle->multi) { @@ -254,7 +254,7 @@ CURLMcode Curl_pipeline_set_site_blacklist(char **sites, return CURLM_OK; } -bool Curl_pipeline_server_blacklisted(struct SessionHandle *handle, +bool Curl_pipeline_server_blacklisted(struct Curl_easy *handle, char *server_name) { if(handle->multi && server_name) { @@ -299,11 +299,16 @@ CURLMcode Curl_pipeline_set_server_blacklist(char **servers, char *server_name; server_name = strdup(*servers); - if(!server_name) + if(!server_name) { + Curl_llist_destroy(new_list, NULL); return CURLM_OUT_OF_MEMORY; + } - if(!Curl_llist_insert_next(new_list, new_list->tail, server_name)) + if(!Curl_llist_insert_next(new_list, new_list->tail, server_name)) { + Curl_llist_destroy(new_list, NULL); + Curl_safefree(server_name); return CURLM_OUT_OF_MEMORY; + } servers++; } @@ -320,7 +325,7 @@ CURLMcode Curl_pipeline_set_server_blacklist(char **servers, return CURLM_OK; } -static bool pipe_head(struct SessionHandle *data, +static bool pipe_head(struct Curl_easy *data, struct curl_llist *pipeline) { if(pipeline) { @@ -332,14 +337,14 @@ static bool pipe_head(struct SessionHandle *data, } /* returns TRUE if the given handle is head of the recv pipe */ -bool Curl_recvpipe_head(struct SessionHandle *data, +bool Curl_recvpipe_head(struct Curl_easy *data, struct connectdata *conn) { return pipe_head(data, conn->recv_pipe); } /* returns TRUE if the given handle is head of the send pipe */ -bool Curl_sendpipe_head(struct SessionHandle *data, +bool Curl_sendpipe_head(struct Curl_easy *data, struct connectdata *conn) { return pipe_head(data, conn->send_pipe); @@ -353,7 +358,7 @@ bool Curl_sendpipe_head(struct SessionHandle *data, * If not available, return FALSE. */ -bool Curl_pipeline_checkget_write(struct SessionHandle *data, +bool Curl_pipeline_checkget_write(struct Curl_easy *data, struct connectdata *conn) { if(conn->bits.multiplex) @@ -376,7 +381,7 @@ bool Curl_pipeline_checkget_write(struct SessionHandle *data, * If not available, return FALSE. */ -bool Curl_pipeline_checkget_read(struct SessionHandle *data, +bool Curl_pipeline_checkget_read(struct Curl_easy *data, struct connectdata *conn) { if(conn->bits.multiplex) @@ -413,7 +418,7 @@ void print_pipeline(struct connectdata *conn) { struct curl_llist_element *curr; struct connectbundle *cb_ptr; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; cb_ptr = conn->bundle; diff --git a/lib/pipeline.h b/lib/pipeline.h index a39dfa8de..a64f71025 100644 --- a/lib/pipeline.h +++ b/lib/pipeline.h @@ -23,34 +23,34 @@ * ***************************************************************************/ -CURLcode Curl_add_handle_to_pipeline(struct SessionHandle *handle, +CURLcode Curl_add_handle_to_pipeline(struct Curl_easy *handle, struct connectdata *conn); -void Curl_move_handle_from_send_to_recv_pipe(struct SessionHandle *handle, +void Curl_move_handle_from_send_to_recv_pipe(struct Curl_easy *handle, struct connectdata *conn); -bool Curl_pipeline_penalized(struct SessionHandle *data, +bool Curl_pipeline_penalized(struct Curl_easy *data, struct connectdata *conn); -bool Curl_pipeline_site_blacklisted(struct SessionHandle *handle, +bool Curl_pipeline_site_blacklisted(struct Curl_easy *handle, struct connectdata *conn); CURLMcode Curl_pipeline_set_site_blacklist(char **sites, struct curl_llist **list_ptr); -bool Curl_pipeline_server_blacklisted(struct SessionHandle *handle, +bool Curl_pipeline_server_blacklisted(struct Curl_easy *handle, char *server_name); CURLMcode Curl_pipeline_set_server_blacklist(char **servers, struct curl_llist **list_ptr); -bool Curl_pipeline_checkget_write(struct SessionHandle *data, +bool Curl_pipeline_checkget_write(struct Curl_easy *data, struct connectdata *conn); -bool Curl_pipeline_checkget_read(struct SessionHandle *data, +bool Curl_pipeline_checkget_read(struct Curl_easy *data, struct connectdata *conn); void Curl_pipeline_leave_write(struct connectdata *conn); void Curl_pipeline_leave_read(struct connectdata *conn); -bool Curl_recvpipe_head(struct SessionHandle *data, +bool Curl_recvpipe_head(struct Curl_easy *data, struct connectdata *conn); -bool Curl_sendpipe_head(struct SessionHandle *data, +bool Curl_sendpipe_head(struct Curl_easy *data, struct connectdata *conn); #endif /* HEADER_CURL_PIPELINE_H */ diff --git a/lib/pop3.c b/lib/pop3.c index 823761d2e..591e877f5 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -83,9 +83,9 @@ #include "curl_sasl.h" #include "curl_md5.h" #include "warnless.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* Local API functions */ @@ -597,7 +597,7 @@ static CURLcode pop3_perform_authentication(struct connectdata *conn) static CURLcode pop3_perform_command(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct POP3 *pop3 = data->req.protop; const char *command = NULL; @@ -653,7 +653,7 @@ static CURLcode pop3_state_servergreet_resp(struct connectdata *conn, pop3state instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct pop3_conn *pop3c = &conn->proto.pop3c; const char *line = data->state.buffer; size_t len = strlen(line); @@ -704,7 +704,7 @@ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code, pop3state instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct pop3_conn *pop3c = &conn->proto.pop3c; const char *line = data->state.buffer; size_t len = strlen(line); @@ -795,7 +795,7 @@ static CURLcode pop3_state_starttls_resp(struct connectdata *conn, pop3state instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -819,7 +819,7 @@ static CURLcode pop3_state_auth_resp(struct connectdata *conn, pop3state instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct pop3_conn *pop3c = &conn->proto.pop3c; saslprogress progress; @@ -859,7 +859,7 @@ static CURLcode pop3_state_apop_resp(struct connectdata *conn, int pop3code, pop3state instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -880,7 +880,7 @@ static CURLcode pop3_state_user_resp(struct connectdata *conn, int pop3code, pop3state instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -903,7 +903,7 @@ static CURLcode pop3_state_pass_resp(struct connectdata *conn, int pop3code, pop3state instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -924,7 +924,7 @@ static CURLcode pop3_state_command_resp(struct connectdata *conn, pop3state instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct POP3 *pop3 = data->req.protop; struct pop3_conn *pop3c = &conn->proto.pop3c; struct pingpong *pp = &pop3c->pp; @@ -1078,12 +1078,12 @@ static CURLcode pop3_block_statemach(struct connectdata *conn) return result; } -/* Allocate and initialize the POP3 struct for the current SessionHandle if +/* Allocate and initialize the POP3 struct for the current Curl_easy if required */ static CURLcode pop3_init(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct POP3 *pop3; pop3 = data->req.protop = calloc(sizeof(struct POP3), 1); @@ -1160,16 +1160,12 @@ static CURLcode pop3_done(struct connectdata *conn, CURLcode status, bool premature) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct POP3 *pop3 = data->req.protop; (void)premature; if(!pop3) - /* When the easy handle is removed from the multi interface while libcurl - is still trying to resolve the host name, the POP3 struct is not yet - initialized. However, the removal action calls Curl_done() which in - turn calls this function, so we simply return success. */ return CURLE_OK; if(status) { @@ -1328,7 +1324,7 @@ static CURLcode pop3_regular_transfer(struct connectdata *conn, { CURLcode result = CURLE_OK; bool connected = FALSE; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Make sure size is unknown at this point */ data->req.size = -1; @@ -1351,7 +1347,7 @@ static CURLcode pop3_regular_transfer(struct connectdata *conn, static CURLcode pop3_setup_connection(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Initialise the POP3 layer */ CURLcode result = pop3_init(conn); @@ -1458,7 +1454,7 @@ static CURLcode pop3_parse_url_options(struct connectdata *conn) static CURLcode pop3_parse_url_path(struct connectdata *conn) { /* The POP3 struct is already initialised in pop3_connect() */ - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct POP3 *pop3 = data->req.protop; const char *path = data->state.path; @@ -1475,7 +1471,7 @@ static CURLcode pop3_parse_url_path(struct connectdata *conn) static CURLcode pop3_parse_custom_request(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct POP3 *pop3 = data->req.protop; const char *custom = data->set.str[STRING_CUSTOMREQUEST]; @@ -1497,7 +1493,7 @@ CURLcode Curl_pop3_write(struct connectdata *conn, char *str, size_t nread) { /* This code could be made into a special function in the handler struct */ CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SingleRequest *k = &data->req; struct pop3_conn *pop3c = &conn->proto.pop3c; diff --git a/lib/pop3.h b/lib/pop3.h index 2d9610168..a8e697cde 100644 --- a/lib/pop3.h +++ b/lib/pop3.h @@ -45,9 +45,9 @@ typedef enum { POP3_LAST /* never used */ } pop3state; -/* This POP3 struct is used in the SessionHandle. All POP3 data that is +/* This POP3 struct is used in the Curl_easy. All POP3 data that is connection-oriented must be in pop3_conn to properly deal with the fact that - perhaps the SessionHandle is changed between the times the connection is + perhaps the Curl_easy is changed between the times the connection is used. */ struct POP3 { curl_pp_transfer transfer; diff --git a/lib/progress.c b/lib/progress.c index 713ab0852..0f67ef250 100644 --- a/lib/progress.c +++ b/lib/progress.c @@ -133,7 +133,7 @@ static char *max5data(curl_off_t bytes, char *max5) int Curl_pgrsDone(struct connectdata *conn) { int rc; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; data->progress.lastshow=0; rc = Curl_pgrsUpdate(conn); /* the final (forced) update */ if(rc) @@ -150,7 +150,7 @@ int Curl_pgrsDone(struct connectdata *conn) } /* reset all times except redirect, and reset the known transfer sizes */ -void Curl_pgrsResetTimesSizes(struct SessionHandle *data) +void Curl_pgrsResetTimesSizes(struct Curl_easy *data) { data->progress.t_nslookup = 0.0; data->progress.t_connect = 0.0; @@ -161,7 +161,7 @@ void Curl_pgrsResetTimesSizes(struct SessionHandle *data) Curl_pgrsSetUploadSize(data, -1); } -void Curl_pgrsTime(struct SessionHandle *data, timerid timer) +void Curl_pgrsTime(struct Curl_easy *data, timerid timer) { struct timeval now = Curl_tvnow(); @@ -212,25 +212,100 @@ void Curl_pgrsTime(struct SessionHandle *data, timerid timer) } } -void Curl_pgrsStartNow(struct SessionHandle *data) +void Curl_pgrsStartNow(struct Curl_easy *data) { data->progress.speeder_c = 0; /* reset the progress meter display */ data->progress.start = Curl_tvnow(); + data->progress.ul_limit_start.tv_sec = 0; + data->progress.ul_limit_start.tv_usec = 0; + data->progress.dl_limit_start.tv_sec = 0; + data->progress.dl_limit_start.tv_usec = 0; /* clear all bits except HIDE and HEADERS_OUT */ data->progress.flags &= PGRS_HIDE|PGRS_HEADERS_OUT; } -void Curl_pgrsSetDownloadCounter(struct SessionHandle *data, curl_off_t size) +/* + * This is used to handle speed limits, calculating how much milliseconds we + * need to wait until we're back under the speed limit, if needed. + * + * The way it works is by having a "starting point" (time & amount of data + * transfered by then) used in the speed computation, to be used instead of the + * start of the transfer. + * This starting point is regularly moved as transfer goes on, to keep getting + * accurate values (instead of average over the entire tranfer). + * + * This function takes the current amount of data transfered, the amount at the + * starting point, the limit (in bytes/s), the time of the starting point and + * the current time. + * + * Returns -1 if no waiting is needed (not enough data transfered since + * starting point yet), 0 when no waiting is needed but the starting point + * should be reset (to current), or the number of milliseconds to wait to get + * back under the speed limit. + */ +long Curl_pgrsLimitWaitTime(curl_off_t cursize, + curl_off_t startsize, + curl_off_t limit, + struct timeval start, + struct timeval now) +{ + curl_off_t size = cursize - startsize; + long minimum, actual; + + /* we don't have a starting point yet -- return 0 so it gets (re)set */ + if(start.tv_sec == 0 && start.tv_usec == 0) + return 0; + + /* not enough data yet */ + if(size < limit) + return -1; + + minimum = (long) (CURL_OFF_T_C(1000) * size / limit); + actual = Curl_tvdiff(now, start); + + if(actual < minimum) + return minimum - actual; + else + return 0; +} + +void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size) { + struct timeval now = Curl_tvnow(); + data->progress.downloaded = size; + + /* download speed limit */ + if((data->set.max_recv_speed > 0) && + (Curl_pgrsLimitWaitTime(data->progress.downloaded, + data->progress.dl_limit_size, + data->set.max_recv_speed, + data->progress.dl_limit_start, + now) == 0)) { + data->progress.dl_limit_start = now; + data->progress.dl_limit_size = size; + } } -void Curl_pgrsSetUploadCounter(struct SessionHandle *data, curl_off_t size) +void Curl_pgrsSetUploadCounter(struct Curl_easy *data, curl_off_t size) { + struct timeval now = Curl_tvnow(); + data->progress.uploaded = size; + + /* upload speed limit */ + if((data->set.max_send_speed > 0) && + (Curl_pgrsLimitWaitTime(data->progress.uploaded, + data->progress.ul_limit_size, + data->set.max_send_speed, + data->progress.ul_limit_start, + now) == 0)) { + data->progress.ul_limit_start = now; + data->progress.ul_limit_size = size; + } } -void Curl_pgrsSetDownloadSize(struct SessionHandle *data, curl_off_t size) +void Curl_pgrsSetDownloadSize(struct Curl_easy *data, curl_off_t size) { if(size >= 0) { data->progress.size_dl = size; @@ -242,7 +317,7 @@ void Curl_pgrsSetDownloadSize(struct SessionHandle *data, curl_off_t size) } } -void Curl_pgrsSetUploadSize(struct SessionHandle *data, curl_off_t size) +void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size) { if(size >= 0) { data->progress.size_ul = size; @@ -269,7 +344,7 @@ int Curl_pgrsUpdate(struct connectdata *conn) curl_off_t total_transfer; curl_off_t total_expected_transfer; curl_off_t timespent; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int nowindex = data->progress.speeder_c% CURR_TIME; int checkindex; int countindex; /* amount of seconds stored in the speeder array */ diff --git a/lib/progress.h b/lib/progress.h index ea00afa91..155ff04fe 100644 --- a/lib/progress.h +++ b/lib/progress.h @@ -41,15 +41,19 @@ typedef enum { } timerid; int Curl_pgrsDone(struct connectdata *); -void Curl_pgrsStartNow(struct SessionHandle *data); -void Curl_pgrsSetDownloadSize(struct SessionHandle *data, curl_off_t size); -void Curl_pgrsSetUploadSize(struct SessionHandle *data, curl_off_t size); -void Curl_pgrsSetDownloadCounter(struct SessionHandle *data, curl_off_t size); -void Curl_pgrsSetUploadCounter(struct SessionHandle *data, curl_off_t size); +void Curl_pgrsStartNow(struct Curl_easy *data); +void Curl_pgrsSetDownloadSize(struct Curl_easy *data, curl_off_t size); +void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size); +void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size); +void Curl_pgrsSetUploadCounter(struct Curl_easy *data, curl_off_t size); int Curl_pgrsUpdate(struct connectdata *); -void Curl_pgrsResetTimesSizes(struct SessionHandle *data); -void Curl_pgrsTime(struct SessionHandle *data, timerid timer); - +void Curl_pgrsResetTimesSizes(struct Curl_easy *data); +void Curl_pgrsTime(struct Curl_easy *data, timerid timer); +long Curl_pgrsLimitWaitTime(curl_off_t cursize, + curl_off_t startsize, + curl_off_t limit, + struct timeval start, + struct timeval now); /* Don't show progress for sizes smaller than: */ #define LEAST_SIZE_PROGRESS BUFSIZE diff --git a/lib/rtsp.c b/lib/rtsp.c index 24bf801d9..ed3fd64c7 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -36,9 +36,8 @@ #include "rawstr.h" #include "select.h" #include "connect.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" - -/* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -74,7 +73,7 @@ static int rtsp_getsock_do(struct connectdata *conn, * data is parsed and k->str is moved up * readmore: whether or not the RTP parser needs more data right away */ -static CURLcode rtsp_rtp_readwrite(struct SessionHandle *data, +static CURLcode rtsp_rtp_readwrite(struct Curl_easy *data, struct connectdata *conn, ssize_t *nread, bool *readmore); @@ -159,7 +158,7 @@ bool Curl_rtsp_connisdead(struct connectdata *check) } else if((sval & CURL_CSELECT_IN) && check->data) { /* readable with no error. could be closed or could be alive but we can - only check if we have a proper SessionHandle for the connection */ + only check if we have a proper Curl_easy for the connection */ curl_socket_t connectinfo = Curl_getconnectinfo(check->data, &check); if(connectinfo != CURL_SOCKET_BAD) ret_val = FALSE; @@ -171,7 +170,7 @@ bool Curl_rtsp_connisdead(struct connectdata *check) static CURLcode rtsp_connect(struct connectdata *conn, bool *done) { CURLcode httpStatus; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; httpStatus = Curl_http_connect(conn, done); @@ -197,7 +196,7 @@ static CURLcode rtsp_disconnect(struct connectdata *conn, bool dead) static CURLcode rtsp_done(struct connectdata *conn, CURLcode status, bool premature) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct RTSP *rtsp = data->req.protop; CURLcode httpStatus; long CSeq_sent; @@ -231,7 +230,7 @@ static CURLcode rtsp_done(struct connectdata *conn, static CURLcode rtsp_do(struct connectdata *conn, bool *done) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result=CURLE_OK; Curl_RtspReq rtspreq = data->set.rtspreq; struct RTSP *rtsp = data->req.protop; @@ -601,7 +600,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done) } -static CURLcode rtsp_rtp_readwrite(struct SessionHandle *data, +static CURLcode rtsp_rtp_readwrite(struct Curl_easy *data, struct connectdata *conn, ssize_t *nread, bool *readmore) { @@ -732,7 +731,7 @@ static CURLcode rtsp_rtp_readwrite(struct SessionHandle *data, static CURLcode rtp_client_write(struct connectdata *conn, char *ptr, size_t len) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; size_t wrote; curl_write_callback writeit; @@ -760,7 +759,7 @@ CURLcode rtp_client_write(struct connectdata *conn, char *ptr, size_t len) CURLcode Curl_rtsp_parseheader(struct connectdata *conn, char *header) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; long CSeq = 0; if(checkprefix("CSeq:", header)) { @@ -797,19 +796,15 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, } } else { - /* If the Session ID is not set, and we find it in a response, then - set it */ - - /* The session ID can be an alphanumeric or a 'safe' character + /* If the Session ID is not set, and we find it in a response, then set + * it. * - * RFC 2326 15.1 Base Syntax: - * safe = "\$" | "-" | "_" | "." | "+" - * */ + * Allow any non whitespace content, up to the field seperator or end of + * line. RFC 2326 isn't 100% clear on the session ID and for example + * gstreamer does url-encoded session ID's not covered by the standard. + */ char *end = start; - while(*end && - (ISALNUM(*end) || *end == '-' || *end == '_' || *end == '.' || - *end == '+' || - (*end == '\\' && *(end + 1) && *(end + 1) == '$' && (++end, 1)))) + while(*end && *end != ';' && !ISSPACE(*end)) end++; /* Copy the id substring into a new buffer */ diff --git a/lib/security.c b/lib/security.c index 014bbf1b8..a0bcaeaee 100644 --- a/lib/security.c +++ b/lib/security.c @@ -476,7 +476,7 @@ Curl_sec_request_prot(struct connectdata *conn, const char *level) static CURLcode choose_mech(struct connectdata *conn) { int ret; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; void *tmp_allocation; const struct Curl_sec_client_mech *mech = &Curl_krb5_client_mech; diff --git a/lib/sendf.c b/lib/sendf.c index ea04ae83e..210179734 100644 --- a/lib/sendf.c +++ b/lib/sendf.c @@ -31,10 +31,11 @@ #include "ssh.h" #include "multiif.h" #include "non-ascii.h" -#include "curl_printf.h" #include "strerror.h" +#include "select.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -45,7 +46,7 @@ * blocks of data. Remaining, bare CRs are changed to LFs. The possibly new * size of the data is returned. */ -static size_t convert_lineends(struct SessionHandle *data, +static size_t convert_lineends(struct Curl_easy *data, char *startPtr, size_t size) { char *inPtr, *outPtr; @@ -120,9 +121,93 @@ static size_t convert_lineends(struct SessionHandle *data, } #endif /* CURL_DO_LINEEND_CONV */ +#ifdef USE_RECV_BEFORE_SEND_WORKAROUND +static void pre_receive_plain(struct connectdata *conn, int num) +{ + const curl_socket_t sockfd = conn->sock[num]; + struct postponed_data * const psnd = &(conn->postponed[num]); + size_t bytestorecv = psnd->allocated_size - psnd->recv_size; + /* WinSock will destroy unread received data if send() is + failed. + To avoid lossage of received data, recv() must be + performed before every send() if any incoming data is + available. However, skip this, if buffer is already full. */ + if((conn->handler->protocol&PROTO_FAMILY_HTTP) != 0 && + conn->recv[num] == Curl_recv_plain && + (!psnd->buffer || bytestorecv)) { + const int readymask = Curl_socket_check(sockfd, CURL_SOCKET_BAD, + CURL_SOCKET_BAD, 0); + if(readymask != -1 && (readymask & CURL_CSELECT_IN) != 0) { + /* Have some incoming data */ + if(!psnd->buffer) { + /* Use buffer double default size for intermediate buffer */ + psnd->allocated_size = 2 * BUFSIZE; + psnd->buffer = malloc(psnd->allocated_size); + psnd->recv_size = 0; + psnd->recv_processed = 0; +#ifdef DEBUGBUILD + psnd->bindsock = sockfd; /* Used only for DEBUGASSERT */ +#endif /* DEBUGBUILD */ + bytestorecv = psnd->allocated_size; + } + if(psnd->buffer) { + ssize_t recvedbytes; + DEBUGASSERT(psnd->bindsock == sockfd); + recvedbytes = sread(sockfd, psnd->buffer + psnd->recv_size, + bytestorecv); + if(recvedbytes > 0) + psnd->recv_size += recvedbytes; + } + else + psnd->allocated_size = 0; + } + } +} + +static ssize_t get_pre_recved(struct connectdata *conn, int num, char *buf, + size_t len) +{ + struct postponed_data * const psnd = &(conn->postponed[num]); + size_t copysize; + if(!psnd->buffer) + return 0; + + DEBUGASSERT(psnd->allocated_size > 0); + DEBUGASSERT(psnd->recv_size <= psnd->allocated_size); + DEBUGASSERT(psnd->recv_processed <= psnd->recv_size); + /* Check and process data that already received and storied in internal + intermediate buffer */ + if(psnd->recv_size > psnd->recv_processed) { + DEBUGASSERT(psnd->bindsock == conn->sock[num]); + copysize = CURLMIN(len, psnd->recv_size - psnd->recv_processed); + memcpy(buf, psnd->buffer + psnd->recv_processed, copysize); + psnd->recv_processed += copysize; + } + else + copysize = 0; /* buffer was allocated, but nothing was received */ + + /* Free intermediate buffer if it has no unprocessed data */ + if(psnd->recv_processed == psnd->recv_size) { + free(psnd->buffer); + psnd->buffer = NULL; + psnd->allocated_size = 0; + psnd->recv_size = 0; + psnd->recv_processed = 0; +#ifdef DEBUGBUILD + psnd->bindsock = CURL_SOCKET_BAD; +#endif /* DEBUGBUILD */ + } + return (ssize_t)copysize; +} +#else /* ! USE_RECV_BEFORE_SEND_WORKAROUND */ +/* Use "do-nothing" macros instead of functions when workaround not used */ +#define pre_receive_plain(c,n) do {} WHILE_FALSE +#define get_pre_recved(c,n,b,l) 0 +#endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */ + /* Curl_infof() is for info message along the way */ -void Curl_infof(struct SessionHandle *data, const char *fmt, ...) +void Curl_infof(struct Curl_easy *data, const char *fmt, ...) { if(data && data->set.verbose) { va_list ap; @@ -140,7 +225,7 @@ void Curl_infof(struct SessionHandle *data, const char *fmt, ...) * The message SHALL NOT include any LF or CR. */ -void Curl_failf(struct SessionHandle *data, const char *fmt, ...) +void Curl_failf(struct Curl_easy *data, const char *fmt, ...) { va_list ap; size_t len; @@ -168,7 +253,7 @@ void Curl_failf(struct SessionHandle *data, const char *fmt, ...) CURLcode Curl_sendf(curl_socket_t sockfd, struct connectdata *conn, const char *fmt, ...) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; ssize_t bytes_written; size_t write_len; CURLcode result = CURLE_OK; @@ -254,7 +339,23 @@ ssize_t Curl_send_plain(struct connectdata *conn, int num, const void *mem, size_t len, CURLcode *code) { curl_socket_t sockfd = conn->sock[num]; - ssize_t bytes_written = swrite(sockfd, mem, len); + ssize_t bytes_written; + /* WinSock will destroy unread received data if send() is + failed. + To avoid lossage of received data, recv() must be + performed before every send() if any incoming data is + available. */ + pre_receive_plain(conn, num); + +#ifdef MSG_FASTOPEN /* Linux */ + if(conn->bits.tcp_fastopen) { + bytes_written = sendto(sockfd, mem, len, MSG_FASTOPEN, + conn->ip_addr->ai_addr, conn->ip_addr->ai_addrlen); + conn->bits.tcp_fastopen = FALSE; + } + else +#endif + bytes_written = swrite(sockfd, mem, len); *code = CURLE_OK; if(-1 == bytes_written) { @@ -268,7 +369,8 @@ ssize_t Curl_send_plain(struct connectdata *conn, int num, /* errno may be EWOULDBLOCK or on some systems EAGAIN when it returned due to its inability to send off data without blocking. We therefor treat both error codes the same here */ - (EWOULDBLOCK == err) || (EAGAIN == err) || (EINTR == err) + (EWOULDBLOCK == err) || (EAGAIN == err) || (EINTR == err) || + (EINPROGRESS == err) #endif ) { /* this is just a case of EWOULDBLOCK */ @@ -311,7 +413,16 @@ ssize_t Curl_recv_plain(struct connectdata *conn, int num, char *buf, size_t len, CURLcode *code) { curl_socket_t sockfd = conn->sock[num]; - ssize_t nread = sread(sockfd, buf, len); + ssize_t nread; + /* Check and return data that already received and storied in internal + intermediate buffer */ + nread = get_pre_recved(conn, num, buf, len); + if(nread > 0) { + *code = CURLE_OK; + return nread; + } + + nread = sread(sockfd, buf, len); *code = CURLE_OK; if(-1 == nread) { @@ -341,7 +452,7 @@ ssize_t Curl_recv_plain(struct connectdata *conn, int num, char *buf, return nread; } -static CURLcode pausewrite(struct SessionHandle *data, +static CURLcode pausewrite(struct Curl_easy *data, int type, /* what type of data */ const char *ptr, size_t len) @@ -380,7 +491,7 @@ CURLcode Curl_client_chop_write(struct connectdata *conn, char * ptr, size_t len) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_write_callback writeheader = NULL; curl_write_callback writebody = NULL; @@ -487,7 +598,7 @@ CURLcode Curl_client_write(struct connectdata *conn, char *ptr, size_t len) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(0 == len) len = strlen(ptr); @@ -607,7 +718,7 @@ CURLcode Curl_read(struct connectdata *conn, /* connection data */ } /* return 0 on success */ -static int showit(struct SessionHandle *data, curl_infotype type, +static int showit(struct Curl_easy *data, curl_infotype type, char *ptr, size_t size) { static const char s_infotype[CURLINFO_END][3] = { @@ -676,7 +787,7 @@ static int showit(struct SessionHandle *data, curl_infotype type, return 0; } -int Curl_debug(struct SessionHandle *data, curl_infotype type, +int Curl_debug(struct Curl_easy *data, curl_infotype type, char *ptr, size_t size, struct connectdata *conn) { diff --git a/lib/sendf.h b/lib/sendf.h index 48e9444c6..a951a0b4f 100644 --- a/lib/sendf.h +++ b/lib/sendf.h @@ -26,8 +26,8 @@ CURLcode Curl_sendf(curl_socket_t sockfd, struct connectdata *, const char *fmt, ...); -void Curl_infof(struct SessionHandle *, const char *fmt, ...); -void Curl_failf(struct SessionHandle *, const char *fmt, ...); +void Curl_infof(struct Curl_easy *, const char *fmt, ...); +void Curl_failf(struct Curl_easy *, const char *fmt, ...); #if defined(CURL_DISABLE_VERBOSE_STRINGS) @@ -84,7 +84,7 @@ CURLcode Curl_write_plain(struct connectdata *conn, ssize_t *written); /* the function used to output verbose information */ -int Curl_debug(struct SessionHandle *handle, curl_infotype type, +int Curl_debug(struct Curl_easy *handle, curl_infotype type, char *data, size_t size, struct connectdata *conn); diff --git a/lib/share.c b/lib/share.c index 01503e06e..5b3957fcf 100644 --- a/lib/share.c +++ b/lib/share.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -31,7 +31,7 @@ /* The last #include file should be: */ #include "memdebug.h" -CURLSH * +struct Curl_share * curl_share_init(void) { struct Curl_share *share = calloc(1, sizeof(struct Curl_share)); @@ -49,9 +49,8 @@ curl_share_init(void) #undef curl_share_setopt CURLSHcode -curl_share_setopt(CURLSH *sh, CURLSHoption option, ...) +curl_share_setopt(struct Curl_share *share, CURLSHoption option, ...) { - struct Curl_share *share = (struct Curl_share *)sh; va_list param; int type; curl_lock_function lockfunc; @@ -71,14 +70,14 @@ curl_share_setopt(CURLSH *sh, CURLSHoption option, ...) /* this is a type this share will share */ type = va_arg(param, int); share->specifier |= (1<cookies) { - share->cookies = Curl_cookie_init(NULL, NULL, NULL, TRUE ); + share->cookies = Curl_cookie_init(NULL, NULL, NULL, TRUE); if(!share->cookies) res = CURLSHE_NOMEM; } @@ -114,7 +113,7 @@ curl_share_setopt(CURLSH *sh, CURLSHoption option, ...) /* this is a type this share will no longer share */ type = va_arg(param, int); share->specifier &= ~(1<share; @@ -231,7 +228,7 @@ Curl_share_lock(struct SessionHandle *data, curl_lock_data type, } CURLSHcode -Curl_share_unlock(struct SessionHandle *data, curl_lock_data type) +Curl_share_unlock(struct Curl_easy *data, curl_lock_data type) { struct Curl_share *share = data->share; diff --git a/lib/share.h b/lib/share.h index d23d3a040..e689ff2d2 100644 --- a/lib/share.h +++ b/lib/share.h @@ -54,8 +54,8 @@ struct Curl_share { long sessionage; }; -CURLSHcode Curl_share_lock (struct SessionHandle *, curl_lock_data, +CURLSHcode Curl_share_lock (struct Curl_easy *, curl_lock_data, curl_lock_access); -CURLSHcode Curl_share_unlock (struct SessionHandle *, curl_lock_data); +CURLSHcode Curl_share_unlock (struct Curl_easy *, curl_lock_data); #endif /* HEADER_CURL_SHARE_H */ diff --git a/lib/sigpipe.h b/lib/sigpipe.h index 6559c7424..800f9d3b4 100644 --- a/lib/sigpipe.h +++ b/lib/sigpipe.h @@ -38,10 +38,10 @@ struct sigpipe_ignore { * internals, and then sigpipe_restore() will restore the situation when we * return from libcurl again. */ -static void sigpipe_ignore(struct SessionHandle *data, +static void sigpipe_ignore(struct Curl_easy *data, struct sigpipe_ignore *ig) { - /* get a local copy of no_signal because the SessionHandle might not be + /* get a local copy of no_signal because the Curl_easy might not be around when we restore */ ig->no_signal = data->set.no_signal; if(!data->set.no_signal) { diff --git a/lib/slist.c b/lib/slist.c index 37ce97cbd..e5adc0e71 100644 --- a/lib/slist.c +++ b/lib/slist.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2013, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -22,6 +22,8 @@ #include "curl_setup.h" +#include + #include "slist.h" /* The last #include files should be: */ diff --git a/lib/smb.c b/lib/smb.c index 2c33c1174..56a38c2f2 100644 --- a/lib/smb.c +++ b/lib/smb.c @@ -905,7 +905,6 @@ static CURLcode smb_disconnect(struct connectdata *conn, bool dead) /* smb_done is not always called, so cleanup the request */ if(req) { Curl_safefree(req->share); - Curl_safefree(conn->data->req.protop); } return CURLE_OK; @@ -930,7 +929,7 @@ static int smb_getsock(struct connectdata *conn, curl_socket_t *socks, static CURLcode smb_parse_url_path(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct smb_request *req = data->req.protop; char *path; char *slash; diff --git a/lib/smtp.c b/lib/smtp.c index 83e51bf80..d203b5323 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -82,9 +82,9 @@ #include "curl_gethostname.h" #include "curl_sasl.h" #include "warnless.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* Local API functions */ @@ -292,7 +292,7 @@ static void smtp_get_message(char *buffer, char** outptr) /* Find the end of the message */ for(len = strlen(message); len--;) if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' && - message[len] != '\t') + message[len] != '\t') break; /* Terminate the message */ @@ -490,7 +490,7 @@ static CURLcode smtp_perform_authentication(struct connectdata *conn) /* Check we have enough data to authenticate with, and the server supports authentiation, and end the connect phase if not */ if(!smtpc->auth_supported || - !Curl_sasl_can_authenticate(&smtpc->sasl, conn)) { + !Curl_sasl_can_authenticate(&smtpc->sasl, conn)) { state(conn, SMTP_STOP); return result; } @@ -520,15 +520,15 @@ static CURLcode smtp_perform_authentication(struct connectdata *conn) static CURLcode smtp_perform_command(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp = data->req.protop; /* Send the command */ if(smtp->rcpt) result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s %s", - smtp->custom && smtp->custom[0] != '\0' ? - smtp->custom : "VRFY", - smtp->rcpt->data); + smtp->custom && smtp->custom[0] != '\0' ? + smtp->custom : "VRFY", + smtp->rcpt->data); else result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", smtp->custom && smtp->custom[0] != '\0' ? @@ -552,7 +552,7 @@ static CURLcode smtp_perform_mail(struct connectdata *conn) char *auth = NULL; char *size = NULL; CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Calculate the FROM parameter */ if(!data->set.str[STRING_MAIL_FROM]) @@ -627,16 +627,16 @@ static CURLcode smtp_perform_mail(struct connectdata *conn) static CURLcode smtp_perform_rcpt_to(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp = data->req.protop; /* Send the RCPT TO command */ if(smtp->rcpt->data[0] == '<') result = Curl_pp_sendf(&conn->proto.smtpc.pp, "RCPT TO:%s", - smtp->rcpt->data); + smtp->rcpt->data); else result = Curl_pp_sendf(&conn->proto.smtpc.pp, "RCPT TO:<%s>", - smtp->rcpt->data); + smtp->rcpt->data); if(!result) state(conn, SMTP_RCPT); @@ -668,7 +668,7 @@ static CURLcode smtp_state_servergreet_resp(struct connectdata *conn, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -688,7 +688,7 @@ static CURLcode smtp_state_starttls_resp(struct connectdata *conn, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -711,7 +711,7 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct smtp_conn *smtpc = &conn->proto.smtpc; const char *line = data->state.buffer; size_t len = strlen(line); @@ -806,7 +806,7 @@ static CURLcode smtp_state_helo_resp(struct connectdata *conn, int smtpcode, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -827,7 +827,7 @@ static CURLcode smtp_state_auth_resp(struct connectdata *conn, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct smtp_conn *smtpc = &conn->proto.smtpc; saslprogress progress; @@ -855,7 +855,7 @@ static CURLcode smtp_state_command_resp(struct connectdata *conn, int smtpcode, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp = data->req.protop; char *line = data->state.buffer; size_t len = strlen(line); @@ -901,7 +901,7 @@ static CURLcode smtp_state_mail_resp(struct connectdata *conn, int smtpcode, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -921,7 +921,7 @@ static CURLcode smtp_state_rcpt_resp(struct connectdata *conn, int smtpcode, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp = data->req.protop; (void)instate; /* no use for this yet */ @@ -953,7 +953,7 @@ static CURLcode smtp_state_data_resp(struct connectdata *conn, int smtpcode, smtpstate instate) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; (void)instate; /* no use for this yet */ @@ -998,7 +998,7 @@ static CURLcode smtp_statemach_act(struct connectdata *conn) { CURLcode result = CURLE_OK; curl_socket_t sock = conn->sock[FIRSTSOCKET]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int smtpcode; struct smtp_conn *smtpc = &conn->proto.smtpc; struct pingpong *pp = &smtpc->pp; @@ -1108,12 +1108,12 @@ static CURLcode smtp_block_statemach(struct connectdata *conn) return result; } -/* Allocate and initialize the SMTP struct for the current SessionHandle if +/* Allocate and initialize the SMTP struct for the current Curl_easy if required */ static CURLcode smtp_init(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp; smtp = data->req.protop = calloc(sizeof(struct SMTP), 1); @@ -1194,7 +1194,7 @@ static CURLcode smtp_done(struct connectdata *conn, CURLcode status, bool premature) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp = data->req.protop; struct pingpong *pp = &conn->proto.smtpc.pp; char *eob; @@ -1204,10 +1204,6 @@ static CURLcode smtp_done(struct connectdata *conn, CURLcode status, (void)premature; if(!smtp || !pp->conn) - /* When the easy handle is removed from the multi interface while libcurl - is still trying to resolve the host name, the SMTP struct is not yet - initialized. However, the removal action calls Curl_done() which in - turn calls this function, so we simply return success. */ return CURLE_OK; if(status) { @@ -1262,8 +1258,7 @@ static CURLcode smtp_done(struct connectdata *conn, CURLcode status, TODO: when the multi interface is used, this _really_ should be using the smtp_multi_statemach function but we have no general support for - non-blocking DONE operations, not in the multi state machine and with - Curl_done() invokes on several places in the code! + non-blocking DONE operations! */ result = smtp_block_statemach(conn); } @@ -1289,7 +1284,7 @@ static CURLcode smtp_perform(struct connectdata *conn, bool *connected, { /* This is SMTP and no proxy */ CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp = data->req.protop; DEBUGF(infof(conn->data, "DO phase starts\n")); @@ -1428,7 +1423,7 @@ static CURLcode smtp_regular_transfer(struct connectdata *conn, { CURLcode result = CURLE_OK; bool connected = FALSE; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* Make sure size is unknown at this point */ data->req.size = -1; @@ -1451,7 +1446,7 @@ static CURLcode smtp_regular_transfer(struct connectdata *conn, static CURLcode smtp_setup_connection(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result; /* Clear the TLS upgraded flag */ @@ -1510,7 +1505,7 @@ static CURLcode smtp_parse_url_options(struct connectdata *conn) const char *value; while(*ptr && *ptr != '=') - ptr++; + ptr++; value = ptr + 1; @@ -1539,7 +1534,7 @@ static CURLcode smtp_parse_url_options(struct connectdata *conn) static CURLcode smtp_parse_url_path(struct connectdata *conn) { /* The SMTP struct is already initialised in smtp_connect() */ - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct smtp_conn *smtpc = &conn->proto.smtpc; const char *path = data->state.path; char localhost[HOSTNAME_MAX + 1]; @@ -1565,7 +1560,7 @@ static CURLcode smtp_parse_url_path(struct connectdata *conn) static CURLcode smtp_parse_custom_request(struct connectdata *conn) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp = data->req.protop; const char *custom = data->set.str[STRING_CUSTOMREQUEST]; @@ -1586,7 +1581,7 @@ CURLcode Curl_smtp_escape_eob(struct connectdata *conn, const ssize_t nread) */ ssize_t i; ssize_t si; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SMTP *smtp = data->req.protop; char *scratch = data->state.scratch; char *newscratch = NULL; diff --git a/lib/smtp.h b/lib/smtp.h index 6ebec1839..b67340a40 100644 --- a/lib/smtp.h +++ b/lib/smtp.h @@ -47,9 +47,9 @@ typedef enum { SMTP_LAST /* never used */ } smtpstate; -/* This SMTP struct is used in the SessionHandle. All SMTP data that is +/* This SMTP struct is used in the Curl_easy. All SMTP data that is connection-oriented must be in smtp_conn to properly deal with the fact that - perhaps the SessionHandle is changed between the times the connection is + perhaps the Curl_easy is changed between the times the connection is used. */ struct SMTP { curl_pp_transfer transfer; diff --git a/lib/socks.c b/lib/socks.c index e7d42e77b..1c01a0b93 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -119,7 +119,7 @@ CURLcode Curl_SOCKS4(const char *proxy_name, int result; CURLcode code; curl_socket_t sock = conn->sock[sockindex]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(Curl_timeleft(data, NULL, TRUE) < 0) { /* time-out, bail out, go home */ @@ -170,24 +170,26 @@ CURLcode Curl_SOCKS4(const char *proxy_name, hp=dns->addr; if(hp) { char buf[64]; - unsigned short ip[4]; Curl_printable_address(hp, buf, sizeof(buf)); - if(4 == sscanf( buf, "%hu.%hu.%hu.%hu", - &ip[0], &ip[1], &ip[2], &ip[3])) { - /* Set DSTIP */ - socksreq[4] = (unsigned char)ip[0]; - socksreq[5] = (unsigned char)ip[1]; - socksreq[6] = (unsigned char)ip[2]; - socksreq[7] = (unsigned char)ip[3]; + if(hp->ai_family == AF_INET) { + struct sockaddr_in *saddr_in; + + saddr_in = (struct sockaddr_in*)(void*)hp->ai_addr; + socksreq[4] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[0]; + socksreq[5] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[1]; + socksreq[6] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[2]; + socksreq[7] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[3]; + + infof(data, "SOCKS4 connect to IPv4 %s (locally resolved)\n", buf); } - else + else { hp = NULL; /* fail! */ - infof(data, "SOCKS4 connect to %s (locally resolved)\n", buf); + failf(data, "SOCKS4 connection to %s not supported\n", buf); + } Curl_resolv_unlock(data, dns); /* not used anymore from now on */ - } if(!hp) { failf(data, "Failed to resolve \"%s\" for SOCKS4 connect.", @@ -374,7 +376,7 @@ CURLcode Curl_SOCKS5(const char *proxy_name, int result; CURLcode code; curl_socket_t sock = conn->sock[sockindex]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; long timeout; bool socks5_resolve_local = (conn->proxytype == CURLPROXY_SOCKS5)?TRUE:FALSE; const size_t hostname_len = strlen(hostname); @@ -429,6 +431,8 @@ CURLcode Curl_SOCKS5(const char *proxy_name, (void)curlx_nonblock(sock, FALSE); + infof(data, "SOCKS5 communication to %s:%d\n", hostname, remote_port); + code = Curl_write_plain(conn, sock, (char *)socksreq, (2 + (int)socksreq[1]), &written); if(code || (written != (2 + (int)socksreq[1]))) { @@ -594,34 +598,40 @@ CURLcode Curl_SOCKS5(const char *proxy_name, if(dns) hp=dns->addr; if(hp) { - struct sockaddr_in *saddr_in; -#ifdef ENABLE_IPV6 - struct sockaddr_in6 *saddr_in6; -#endif int i; + char buf[64]; + Curl_printable_address(hp, buf, sizeof(buf)); if(hp->ai_family == AF_INET) { + struct sockaddr_in *saddr_in; socksreq[len++] = 1; /* ATYP: IPv4 = 1 */ saddr_in = (struct sockaddr_in*)(void*)hp->ai_addr; for(i = 0; i < 4; i++) { socksreq[len++] = ((unsigned char*)&saddr_in->sin_addr.s_addr)[i]; - infof(data, "%d\n", socksreq[len-1]); } + + infof(data, "SOCKS5 connect to IPv4 %s (locally resolved)\n", buf); } #ifdef ENABLE_IPV6 else if(hp->ai_family == AF_INET6) { + struct sockaddr_in6 *saddr_in6; socksreq[len++] = 4; /* ATYP: IPv6 = 4 */ saddr_in6 = (struct sockaddr_in6*)(void*)hp->ai_addr; for(i = 0; i < 16; i++) { socksreq[len++] = ((unsigned char*)&saddr_in6->sin6_addr.s6_addr)[i]; } + + infof(data, "SOCKS5 connect to IPv6 %s (locally resolved)\n", buf); } #endif - else + else { hp = NULL; /* fail! */ + failf(data, "SOCKS5 connection to %s not supported\n", buf); + } + Curl_resolv_unlock(data, dns); /* not used anymore from now on */ } if(!hp) { @@ -668,39 +678,6 @@ CURLcode Curl_SOCKS5(const char *proxy_name, "SOCKS5 reply has wrong version, version should be 5."); return CURLE_COULDNT_CONNECT; } - if(socksreq[1] != 0) { /* Anything besides 0 is an error */ - if(socksreq[3] == 1) { - failf(data, - "Can't complete SOCKS5 connection to %d.%d.%d.%d:%d. (%d)", - (unsigned char)socksreq[4], (unsigned char)socksreq[5], - (unsigned char)socksreq[6], (unsigned char)socksreq[7], - (((unsigned char)socksreq[8] << 8) | (unsigned char)socksreq[9]), - (unsigned char)socksreq[1]); - } - else if(socksreq[3] == 3) { - failf(data, - "Can't complete SOCKS5 connection to %s:%d. (%d)", - hostname, - (((unsigned char)socksreq[8] << 8) | (unsigned char)socksreq[9]), - (unsigned char)socksreq[1]); - } - else if(socksreq[3] == 4) { - failf(data, - "Can't complete SOCKS5 connection to %02x%02x:%02x%02x:" - "%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%d. (%d)", - (unsigned char)socksreq[4], (unsigned char)socksreq[5], - (unsigned char)socksreq[6], (unsigned char)socksreq[7], - (unsigned char)socksreq[8], (unsigned char)socksreq[9], - (unsigned char)socksreq[10], (unsigned char)socksreq[11], - (unsigned char)socksreq[12], (unsigned char)socksreq[13], - (unsigned char)socksreq[14], (unsigned char)socksreq[15], - (unsigned char)socksreq[16], (unsigned char)socksreq[17], - (unsigned char)socksreq[18], (unsigned char)socksreq[19], - (((unsigned char)socksreq[8] << 8) | (unsigned char)socksreq[9]), - (unsigned char)socksreq[1]); - } - return CURLE_COULDNT_CONNECT; - } /* Fix: in general, returned BND.ADDR is variable length parameter by RFC 1928, so the reply packet should be read until the end to avoid errors at @@ -735,10 +712,9 @@ CURLcode Curl_SOCKS5(const char *proxy_name, /* decrypt_gssapi_blockread already read the whole packet */ #endif if(len > 10) { - len -= 10; result = Curl_blockread_all(conn, sock, (char *)&socksreq[10], - len, &actualread); - if(result || (len != actualread)) { + len - 10, &actualread); + if(result || ((len - 10) != actualread)) { failf(data, "Failed to receive SOCKS5 connect request ack."); return CURLE_COULDNT_CONNECT; } @@ -747,6 +723,49 @@ CURLcode Curl_SOCKS5(const char *proxy_name, } #endif + if(socksreq[1] != 0) { /* Anything besides 0 is an error */ + if(socksreq[3] == 1) { + failf(data, + "Can't complete SOCKS5 connection to %d.%d.%d.%d:%d. (%d)", + (unsigned char)socksreq[4], (unsigned char)socksreq[5], + (unsigned char)socksreq[6], (unsigned char)socksreq[7], + (((unsigned char)socksreq[8] << 8) | + (unsigned char)socksreq[9]), + (unsigned char)socksreq[1]); + } + else if(socksreq[3] == 3) { + unsigned char port_upper = (unsigned char)socksreq[len - 2]; + socksreq[len - 2] = 0; + failf(data, + "Can't complete SOCKS5 connection to %s:%d. (%d)", + (char *)&socksreq[5], + ((port_upper << 8) | + (unsigned char)socksreq[len - 1]), + (unsigned char)socksreq[1]); + socksreq[len - 2] = port_upper; + } + else if(socksreq[3] == 4) { + failf(data, + "Can't complete SOCKS5 connection to %02x%02x:%02x%02x:" + "%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%d. (%d)", + (unsigned char)socksreq[4], (unsigned char)socksreq[5], + (unsigned char)socksreq[6], (unsigned char)socksreq[7], + (unsigned char)socksreq[8], (unsigned char)socksreq[9], + (unsigned char)socksreq[10], (unsigned char)socksreq[11], + (unsigned char)socksreq[12], (unsigned char)socksreq[13], + (unsigned char)socksreq[14], (unsigned char)socksreq[15], + (unsigned char)socksreq[16], (unsigned char)socksreq[17], + (unsigned char)socksreq[18], (unsigned char)socksreq[19], + (((unsigned char)socksreq[20] << 8) | + (unsigned char)socksreq[21]), + (unsigned char)socksreq[1]); + } + return CURLE_COULDNT_CONNECT; + } + else { + infof(data, "SOCKS5 request granted.\n"); + } + (void)curlx_nonblock(sock, TRUE); return CURLE_OK; /* Proxy was successful! */ } diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 09457aecd..369245a61 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2009, 2011, Markus Moeller, - * Copyright (C) 2012 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -32,9 +32,10 @@ #include "timeval.h" #include "socks.h" #include "warnless.h" + +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" static gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT; @@ -42,7 +43,7 @@ static gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT; /* * Helper GSS-API error functions. */ -static int check_gss_err(struct SessionHandle *data, +static int check_gss_err(struct Curl_easy *data, OM_uint32 major_status, OM_uint32 minor_status, const char* function) @@ -101,7 +102,7 @@ static int check_gss_err(struct SessionHandle *data, CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_socket_t sock = conn->sock[sockindex]; CURLcode code; ssize_t actualread; @@ -120,7 +121,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, unsigned short us_length; char *user=NULL; unsigned char socksreq[4]; /* room for GSS-API exchange header only */ - char *serviceptr = data->set.str[STRING_SOCKS5_GSSAPI_SERVICE]; + const char *serviceptr = data->set.str[STRING_PROXY_SERVICE_NAME] ? + data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; /* GSS-API request looks like * +----+------+-----+----------------+ diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 356772e1f..605349038 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2016, Daniel Stenberg, , et al. * Copyright (C) 2009, 2011, Markus Moeller, * * This software is licensed as described in the file COPYING, which @@ -34,9 +34,10 @@ #include "curl_sspi.h" #include "curl_multibyte.h" #include "warnless.h" +#include "strdup.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* @@ -61,7 +62,7 @@ static int check_sspi_err(struct connectdata *conn, CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_socket_t sock = conn->sock[sockindex]; CURLcode code; ssize_t actualread; @@ -70,7 +71,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, /* Needs GSS-API authentication */ SECURITY_STATUS status; unsigned long sspi_ret_flags = 0; - int gss_enc; + unsigned char gss_enc; SecBuffer sspi_send_token, sspi_recv_token, sspi_w_token[3]; SecBufferDesc input_desc, output_desc, wrap_desc; SecPkgContext_Sizes sspi_sizes; @@ -83,7 +84,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, unsigned short us_length; unsigned long qop; unsigned char socksreq[4]; /* room for GSS-API exchange header only */ - char *service = data->set.str[STRING_SOCKS5_GSSAPI_SERVICE]; + const char *service = data->set.str[STRING_PROXY_SERVICE_NAME] ? + data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; /* GSS-API request looks like * +----+------+-----+----------------+ @@ -95,10 +97,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, /* prepare service name */ if(strchr(service, '/')) { - service_name = malloc(strlen(service)); + service_name = strdup(service); if(!service_name) return CURLE_OUT_OF_MEMORY; - memcpy(service_name, service, strlen(service)); } else { service_name = malloc(strlen(service) + strlen(conn->proxy.name) + 2); diff --git a/lib/speedcheck.c b/lib/speedcheck.c index 4706d2dff..13c34af96 100644 --- a/lib/speedcheck.c +++ b/lib/speedcheck.c @@ -28,12 +28,12 @@ #include "multiif.h" #include "speedcheck.h" -void Curl_speedinit(struct SessionHandle *data) +void Curl_speedinit(struct Curl_easy *data) { memset(&data->state.keeps_speed, 0, sizeof(struct timeval)); } -CURLcode Curl_speedcheck(struct SessionHandle *data, +CURLcode Curl_speedcheck(struct Curl_easy *data, struct timeval now) { if((data->progress.current_speed >= 0) && diff --git a/lib/speedcheck.h b/lib/speedcheck.h index e1921d66b..7dbe3d6d7 100644 --- a/lib/speedcheck.h +++ b/lib/speedcheck.h @@ -26,8 +26,8 @@ #include "timeval.h" -void Curl_speedinit(struct SessionHandle *data); -CURLcode Curl_speedcheck(struct SessionHandle *data, +void Curl_speedinit(struct Curl_easy *data); +CURLcode Curl_speedcheck(struct Curl_easy *data, struct timeval now); #endif /* HEADER_CURL_SPEEDCHECK_H */ diff --git a/lib/splay.h b/lib/splay.h index 1af9414de..427bfc8eb 100644 --- a/lib/splay.h +++ b/lib/splay.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1997 - 2011, Daniel Stenberg, , et al. + * Copyright (C) 1997 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -55,7 +55,7 @@ int Curl_splayremovebyaddr(struct Curl_tree *t, #define Curl_splaycomparekeys(i,j) ( ((i.tv_sec) < (j.tv_sec)) ? -1 : \ ( ((i.tv_sec) > (j.tv_sec)) ? 1 : \ ( ((i.tv_usec) < (j.tv_usec)) ? -1 : \ - ( ((i.tv_usec) > (j.tv_usec)) ? 1 : 0 )))) + ( ((i.tv_usec) > (j.tv_usec)) ? 1 : 0)))) #ifdef DEBUGBUILD void Curl_splayprint(struct Curl_tree * t, int d, char output); diff --git a/lib/ssh.c b/lib/ssh.c index e63446bed..e361df301 100644 --- a/lib/ssh.c +++ b/lib/ssh.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -83,9 +83,10 @@ #include "multiif.h" #include "select.h" #include "warnless.h" + +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" #ifdef WIN32 @@ -101,6 +102,11 @@ have their definition hidden well */ #endif +#if LIBSSH2_VERSION_NUM >= 0x010206 +/* libssh2_sftp_statvfs and friends were added in 1.2.6 */ +#define HAS_STATVFS_SUPPORT 1 +#endif + #define sftp_libssh2_last_error(s) curlx_ultosi(libssh2_sftp_last_error(s)) #define sftp_libssh2_realpath(s,p,t,m) \ @@ -362,6 +368,9 @@ static void state(struct connectdata *conn, sshstate nowstate) "SSH_SFTP_QUOTE_RENAME", "SSH_SFTP_QUOTE_RMDIR", "SSH_SFTP_QUOTE_UNLINK", + "SSH_SFTP_QUOTE_STATVFS", + "SSH_SFTP_GETINFO", + "SSH_SFTP_FILETIME", "SSH_SFTP_TRANS_INIT", "SSH_SFTP_UPLOAD_INIT", "SSH_SFTP_CREATE_DIRS_INIT", @@ -404,7 +413,7 @@ static CURLcode ssh_getworkingpath(struct connectdata *conn, char **path) /* returns the allocated real path to work with */ { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; char *real_path = NULL; char *working_path; int working_path_len; @@ -414,7 +423,7 @@ static CURLcode ssh_getworkingpath(struct connectdata *conn, if(!working_path) return CURLE_OUT_OF_MEMORY; - /* Check for /~/ , indicating relative to the user's home directory */ + /* Check for /~/, indicating relative to the user's home directory */ if(conn->handler->protocol & CURLPROTO_SCP) { real_path = malloc(working_path_len+1); if(real_path == NULL) { @@ -464,7 +473,7 @@ static CURLcode ssh_getworkingpath(struct connectdata *conn, } #ifdef HAVE_LIBSSH2_KNOWNHOST_API -static int sshkeycallback(CURL *easy, +static int sshkeycallback(struct Curl_easy *easy, const struct curl_khkey *knownkey, /* known */ const struct curl_khkey *foundkey, /* found */ enum curl_khmatch match, @@ -513,7 +522,7 @@ static CURLcode ssh_knownhost(struct connectdata *conn) CURLcode result = CURLE_OK; #ifdef HAVE_LIBSSH2_KNOWNHOST_API - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; if(data->set.str[STRING_SSH_KNOWNHOSTS]) { /* we're asked to verify the host against a file */ @@ -648,7 +657,7 @@ static CURLcode ssh_knownhost(struct connectdata *conn) static CURLcode ssh_check_fingerprint(struct connectdata *conn) { struct ssh_conn *sshc = &conn->proto.sshc; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; const char *pubkey_md5 = data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5]; char md5buffer[33]; int i; @@ -699,7 +708,7 @@ static CURLcode ssh_check_fingerprint(struct connectdata *conn) static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct SSHPROTO *sftp_scp = data->req.protop; struct ssh_conn *sshc = &conn->proto.sshc; curl_socket_t sock = conn->sock[FIRSTSOCKET]; @@ -1152,8 +1161,13 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) else { /* Return the error type */ err = sftp_libssh2_last_error(sshc->sftp_session); - result = sftp_libssh2_error_to_CURLE(err); - sshc->actualcode = result?result:CURLE_SSH; + if(err) + result = sftp_libssh2_error_to_CURLE(err); + else + /* in this case, the error wasn't in the SFTP level but for example + a time-out or similar */ + result = CURLE_SSH; + sshc->actualcode = result; DEBUGF(infof(data, "error = %d makes libcurl = %d\n", err, (int)result)); state(conn, SSH_STOP); @@ -1183,7 +1197,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) state(conn, SSH_SFTP_QUOTE); } else { - state(conn, SSH_SFTP_TRANS_INIT); + state(conn, SSH_SFTP_GETINFO); } break; @@ -1361,6 +1375,12 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) state(conn, SSH_SFTP_QUOTE_UNLINK); break; } +#ifdef HAS_STATVFS_SUPPORT + else if(curl_strnequal(cmd, "statvfs ", 8)) { + state(conn, SSH_SFTP_QUOTE_STATVFS); + break; + } +#endif failf(data, "Unknown SFTP command"); Curl_safefree(sshc->quote_path1); @@ -1372,7 +1392,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) } } if(!sshc->quote_item) { - state(conn, SSH_SFTP_TRANS_INIT); + state(conn, SSH_SFTP_GETINFO); } break; @@ -1391,7 +1411,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) sshc->nextstate = SSH_NO_STATE; } else { - state(conn, SSH_SFTP_TRANS_INIT); + state(conn, SSH_SFTP_GETINFO); } } break; @@ -1611,6 +1631,88 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) state(conn, SSH_SFTP_NEXT_QUOTE); break; +#ifdef HAS_STATVFS_SUPPORT + case SSH_SFTP_QUOTE_STATVFS: + { + LIBSSH2_SFTP_STATVFS statvfs; + rc = libssh2_sftp_statvfs(sshc->sftp_session, sshc->quote_path1, + curlx_uztoui(strlen(sshc->quote_path1)), + &statvfs); + + if(rc == LIBSSH2_ERROR_EAGAIN) { + break; + } + else if(rc != 0 && !sshc->acceptfail) { + err = sftp_libssh2_last_error(sshc->sftp_session); + Curl_safefree(sshc->quote_path1); + failf(data, "statvfs command failed: %s", sftp_libssh2_strerror(err)); + state(conn, SSH_SFTP_CLOSE); + sshc->nextstate = SSH_NO_STATE; + sshc->actualcode = CURLE_QUOTE_ERROR; + break; + } + else if(rc == 0) { + char *tmp = aprintf("statvfs:\n" + "f_bsize: %llu\n" "f_frsize: %llu\n" + "f_blocks: %llu\n" "f_bfree: %llu\n" + "f_bavail: %llu\n" "f_files: %llu\n" + "f_ffree: %llu\n" "f_favail: %llu\n" + "f_fsid: %llu\n" "f_flag: %llu\n" + "f_namemax: %llu\n", + statvfs.f_bsize, statvfs.f_frsize, + statvfs.f_blocks, statvfs.f_bfree, + statvfs.f_bavail, statvfs.f_files, + statvfs.f_ffree, statvfs.f_favail, + statvfs.f_fsid, statvfs.f_flag, + statvfs.f_namemax); + if(!tmp) { + result = CURLE_OUT_OF_MEMORY; + state(conn, SSH_SFTP_CLOSE); + sshc->nextstate = SSH_NO_STATE; + break; + } + + result = Curl_client_write(conn, CLIENTWRITE_HEADER, tmp, strlen(tmp)); + free(tmp); + if(result) { + state(conn, SSH_SFTP_CLOSE); + sshc->nextstate = SSH_NO_STATE; + sshc->actualcode = result; + } + } + state(conn, SSH_SFTP_NEXT_QUOTE); + break; + } +#endif + case SSH_SFTP_GETINFO: + { + if(data->set.get_filetime) { + state(conn, SSH_SFTP_FILETIME); + } + else { + state(conn, SSH_SFTP_TRANS_INIT); + } + break; + } + + case SSH_SFTP_FILETIME: + { + LIBSSH2_SFTP_ATTRIBUTES attrs; + + rc = libssh2_sftp_stat_ex(sshc->sftp_session, sftp_scp->path, + curlx_uztoui(strlen(sftp_scp->path)), + LIBSSH2_SFTP_STAT, &attrs); + if(rc == LIBSSH2_ERROR_EAGAIN) { + break; + } + else if(rc == 0) { + data->info.filetime = (long)attrs.mtime; + } + + state(conn, SSH_SFTP_TRANS_INIT); + break; + } + case SSH_SFTP_TRANS_INIT: if(data->set.upload) state(conn, SSH_SFTP_UPLOAD_INIT); @@ -1793,7 +1895,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) /* since we don't really wait for anything at this point, we want the state machine to move on as soon as possible so we set a very short timeout here */ - Curl_expire(data, 1); + Curl_expire(data, 0); state(conn, SSH_STOP); } @@ -2722,7 +2824,7 @@ static CURLcode ssh_block_statemach(struct connectdata *conn, { struct ssh_conn *sshc = &conn->proto.sshc; CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; while((sshc->state != SSH_STOP) && !result) { bool block; @@ -2796,7 +2898,7 @@ static CURLcode ssh_connect(struct connectdata *conn, bool *done) #endif struct ssh_conn *ssh; CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* initialize per-handle data if not already */ if(!data->req.protop) @@ -2922,7 +3024,7 @@ static CURLcode ssh_do(struct connectdata *conn, bool *done) { CURLcode result; bool connected = 0; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssh_conn *sshc = &conn->proto.sshc; *done = FALSE; /* default to false */ @@ -2955,8 +3057,6 @@ static CURLcode scp_disconnect(struct connectdata *conn, bool dead_connection) struct ssh_conn *ssh = &conn->proto.sshc; (void) dead_connection; - Curl_safefree(conn->data->req.protop); - if(ssh->ssh_session) { /* only if there's a session still around to use! */ @@ -2980,8 +3080,7 @@ static CURLcode ssh_done(struct connectdata *conn, CURLcode status) TODO: when the multi interface is used, this _really_ should be using the ssh_multi_statemach function but we have no general support for - non-blocking DONE operations, not in the multi state machine and with - Curl_done() invokes on several places in the code! + non-blocking DONE operations! */ result = ssh_block_statemach(conn, FALSE); } @@ -3010,7 +3109,6 @@ static CURLcode scp_done(struct connectdata *conn, CURLcode status, } -/* return number of received (decrypted) bytes */ static ssize_t scp_send(struct connectdata *conn, int sockindex, const void *mem, size_t len, CURLcode *err) { @@ -3035,10 +3133,6 @@ static ssize_t scp_send(struct connectdata *conn, int sockindex, return nwrite; } -/* - * If the read would block (EWOULDBLOCK) we return -1. Otherwise we return - * a regular CURLcode value. - */ static ssize_t scp_recv(struct connectdata *conn, int sockindex, char *mem, size_t len, CURLcode *err) { @@ -3119,8 +3213,6 @@ static CURLcode sftp_disconnect(struct connectdata *conn, bool dead_connection) DEBUGF(infof(conn->data, "SSH DISCONNECT starts now\n")); - Curl_safefree(conn->data->req.protop); - if(conn->proto.sshc.ssh_session) { /* only if there's a session still around to use! */ state(conn, SSH_SFTP_SHUTDOWN); diff --git a/lib/ssh.h b/lib/ssh.h index 6a5e73139..b350dcf3a 100644 --- a/lib/ssh.h +++ b/lib/ssh.h @@ -66,6 +66,9 @@ typedef enum { SSH_SFTP_QUOTE_RENAME, SSH_SFTP_QUOTE_RMDIR, SSH_SFTP_QUOTE_UNLINK, + SSH_SFTP_QUOTE_STATVFS, + SSH_SFTP_GETINFO, + SSH_SFTP_FILETIME, SSH_SFTP_TRANS_INIT, SSH_SFTP_UPLOAD_INIT, SSH_SFTP_CREATE_DIRS_INIT, @@ -95,7 +98,7 @@ typedef enum { } sshstate; /* this struct is used in the HandleData struct which is part of the - SessionHandle, which means this is used on a per-easy handle basis. + Curl_easy, which means this is used on a per-easy handle basis. Everything that is strictly related to a connection is banned from this struct. */ struct SSHPROTO { diff --git a/lib/strdup.c b/lib/strdup.c index 30a42f3d9..23f554e51 100644 --- a/lib/strdup.c +++ b/lib/strdup.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -19,7 +19,11 @@ * KIND, either express or implied. * ***************************************************************************/ + #include "curl_setup.h" + +#include + #include "strdup.h" #include "curl_memory.h" diff --git a/lib/strerror.c b/lib/strerror.c index d222a1fc0..0e268d5e3 100644 --- a/lib/strerror.c +++ b/lib/strerror.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2004 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2004 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -44,9 +44,9 @@ #endif #include "strerror.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" const char * @@ -305,6 +305,9 @@ curl_easy_strerror(CURLcode error) case CURLE_SSL_INVALIDCERTSTATUS: return "SSL server certificate status verification FAILED"; + case CURLE_HTTP2_STREAM: + return "Stream error in the HTTP/2 framing layer"; + /* error codes not used by current libcurl */ case CURLE_OBSOLETE20: case CURLE_OBSOLETE24: @@ -1076,14 +1079,13 @@ const char *Curl_sspi_strerror (struct connectdata *conn, int err) strncpy(outbuf, txt, outmax); else if(err == SEC_E_ILLEGAL_MESSAGE) snprintf(outbuf, outmax, - "SEC_E_ILLEGAL_MESSAGE (0x%04X%04X) - This error usually occurs " + "SEC_E_ILLEGAL_MESSAGE (0x%08X) - This error usually occurs " "when a fatal SSL/TLS alert is received (e.g. handshake failed). " "More detail may be available in the Windows System event log.", - (err >> 16) & 0xffff, err & 0xffff); + err); else { str = txtbuf; - snprintf(txtbuf, sizeof(txtbuf), "%s (0x%04X%04X)", - txt, (err >> 16) & 0xffff, err & 0xffff); + snprintf(txtbuf, sizeof(txtbuf), "%s (0x%08X)", txt, err); txtbuf[sizeof(txtbuf)-1] = '\0'; #ifdef _WIN32_WCE diff --git a/lib/system_win32.c b/lib/system_win32.c new file mode 100644 index 000000000..effc3f2bc --- /dev/null +++ b/lib/system_win32.c @@ -0,0 +1,297 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2016, Steve Holme, . + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(WIN32) + +#include +#include "system_win32.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +#if defined(USE_WINDOWS_SSPI) || (!defined(CURL_DISABLE_TELNET) && \ + defined(USE_WINSOCK)) + + +#if !defined(LOAD_WITH_ALTERED_SEARCH_PATH) +#define LOAD_WITH_ALTERED_SEARCH_PATH 0x00000008 +#endif + +#if !defined(LOAD_LIBRARY_SEARCH_SYSTEM32) +#define LOAD_LIBRARY_SEARCH_SYSTEM32 0x00000800 +#endif + +/* We use our own typedef here since some headers might lack these */ +typedef HMODULE (APIENTRY *LOADLIBRARYEX_FN)(LPCTSTR, HANDLE, DWORD); + +/* See function definitions in winbase.h */ +#ifdef UNICODE +# ifdef _WIN32_WCE +# define LOADLIBARYEX L"LoadLibraryExW" +# else +# define LOADLIBARYEX "LoadLibraryExW" +# endif +#else +# define LOADLIBARYEX "LoadLibraryExA" +#endif + +#endif /* USE_WINDOWS_SSPI || (!CURL_DISABLE_TELNET && USE_WINSOCK) */ + +/* + * Curl_verify_windows_version() + * + * This is used to verify if we are running on a specific windows version. + * + * Parameters: + * + * majorVersion [in] - The major version number. + * minorVersion [in] - The minor version number. + * platform [in] - The optional platform identifer. + * condition [in] - The test condition used to specifier whether we are + * checking a version less then, equal to or greater than + * what is specified in the major and minor version + * numbers. + * + * Returns TRUE if matched; otherwise FALSE. + */ +bool Curl_verify_windows_version(const unsigned int majorVersion, + const unsigned int minorVersion, + const PlatformIdentifier platform, + const VersionCondition condition) +{ + bool matched = FALSE; + +#if !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \ + (_WIN32_WINNT < _WIN32_WINNT_WIN2K) + OSVERSIONINFO osver; + + memset(&osver, 0, sizeof(osver)); + osver.dwOSVersionInfoSize = sizeof(osver); + + /* Find out Windows version */ + if(GetVersionEx(&osver)) { + /* Verify the Operating System version number */ + switch(condition) { + case VERSION_LESS_THAN: + if(osver.dwMajorVersion < majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion < minorVersion)) + matched = TRUE; + break; + + case VERSION_LESS_THAN_EQUAL: + if(osver.dwMajorVersion <= majorVersion && + osver.dwMinorVersion <= minorVersion) + matched = TRUE; + break; + + case VERSION_EQUAL: + if(osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion == minorVersion) + matched = TRUE; + break; + + case VERSION_GREATER_THAN_EQUAL: + if(osver.dwMajorVersion >= majorVersion && + osver.dwMinorVersion >= minorVersion) + matched = TRUE; + break; + + case VERSION_GREATER_THAN: + if(osver.dwMajorVersion > majorVersion || + (osver.dwMajorVersion == majorVersion && + osver.dwMinorVersion > minorVersion)) + matched = TRUE; + break; + } + + /* Verify the platform identifier (if necessary) */ + if(matched) { + switch(platform) { + case PLATFORM_WINDOWS: + if(osver.dwPlatformId != VER_PLATFORM_WIN32_WINDOWS) + matched = FALSE; + break; + + case PLATFORM_WINNT: + if(osver.dwPlatformId != VER_PLATFORM_WIN32_NT) + matched = FALSE; + + default: /* like platform == PLATFORM_DONT_CARE */ + break; + } + } + } +#else + ULONGLONG cm = 0; + OSVERSIONINFOEX osver; + BYTE majorCondition; + BYTE minorCondition; + BYTE spMajorCondition; + BYTE spMinorCondition; + + switch(condition) { + case VERSION_LESS_THAN: + majorCondition = VER_LESS; + minorCondition = VER_LESS; + spMajorCondition = VER_LESS_EQUAL; + spMinorCondition = VER_LESS_EQUAL; + break; + + case VERSION_LESS_THAN_EQUAL: + majorCondition = VER_LESS_EQUAL; + minorCondition = VER_LESS_EQUAL; + spMajorCondition = VER_LESS_EQUAL; + spMinorCondition = VER_LESS_EQUAL; + break; + + case VERSION_EQUAL: + majorCondition = VER_EQUAL; + minorCondition = VER_EQUAL; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + case VERSION_GREATER_THAN_EQUAL: + majorCondition = VER_GREATER_EQUAL; + minorCondition = VER_GREATER_EQUAL; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + case VERSION_GREATER_THAN: + majorCondition = VER_GREATER; + minorCondition = VER_GREATER; + spMajorCondition = VER_GREATER_EQUAL; + spMinorCondition = VER_GREATER_EQUAL; + break; + + default: + return FALSE; + } + + memset(&osver, 0, sizeof(osver)); + osver.dwOSVersionInfoSize = sizeof(osver); + osver.dwMajorVersion = majorVersion; + osver.dwMinorVersion = minorVersion; + if(platform == PLATFORM_WINDOWS) + osver.dwPlatformId = VER_PLATFORM_WIN32_WINDOWS; + else if(platform == PLATFORM_WINNT) + osver.dwPlatformId = VER_PLATFORM_WIN32_NT; + + cm = VerSetConditionMask(cm, VER_MAJORVERSION, majorCondition); + cm = VerSetConditionMask(cm, VER_MINORVERSION, minorCondition); + cm = VerSetConditionMask(cm, VER_SERVICEPACKMAJOR, spMajorCondition); + cm = VerSetConditionMask(cm, VER_SERVICEPACKMINOR, spMinorCondition); + if(platform != PLATFORM_DONT_CARE) + cm = VerSetConditionMask(cm, VER_PLATFORMID, VER_EQUAL); + + if(VerifyVersionInfo(&osver, (VER_MAJORVERSION | VER_MINORVERSION | + VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR), + cm)) + matched = TRUE; +#endif + + return matched; +} + +#if defined(USE_WINDOWS_SSPI) || (!defined(CURL_DISABLE_TELNET) && \ + defined(USE_WINSOCK)) + +/* + * Curl_load_library() + * + * This is used to dynamically load DLLs using the most secure method available + * for the version of Windows that we are running on. + * + * Parameters: + * + * filename [in] - The filename or full path of the DLL to load. If only the + * filename is passed then the DLL will be loaded from the + * Windows system directory. + * + * Returns the handle of the module on success; otherwise NULL. + */ +HMODULE Curl_load_library(LPCTSTR filename) +{ + HMODULE hModule = NULL; + LOADLIBRARYEX_FN pLoadLibraryEx = NULL; + + /* Get a handle to kernel32 so we can access it's functions at runtime */ + HMODULE hKernel32 = GetModuleHandle(TEXT("kernel32")); + if(!hKernel32) + return NULL; + + /* Attempt to find LoadLibraryEx() which is only available on Windows 2000 + and above */ + pLoadLibraryEx = (LOADLIBRARYEX_FN) GetProcAddress(hKernel32, LOADLIBARYEX); + + /* Detect if there's already a path in the filename and load the library if + there is. Note: Both back slashes and forward slashes have been supported + since the earlier days of DOS at an API level although they are not + supported by command prompt */ + if(_tcspbrk(filename, TEXT("\\/"))) { + /** !checksrc! disable BANNEDFUNC 1 **/ + hModule = pLoadLibraryEx ? + pLoadLibraryEx(filename, NULL, LOAD_WITH_ALTERED_SEARCH_PATH) : + LoadLibrary(filename); + } + /* Detect if KB2533623 is installed, as LOAD_LIBARY_SEARCH_SYSTEM32 is only + supported on Windows Vista, Windows Server 2008, Windows 7 and Windows + Server 2008 R2 with this patch or natively on Windows 8 and above */ + else if(pLoadLibraryEx && GetProcAddress(hKernel32, "AddDllDirectory")) { + /* Load the DLL from the Windows system directory */ + hModule = pLoadLibraryEx(filename, NULL, LOAD_LIBRARY_SEARCH_SYSTEM32); + } + else { + /* Attempt to get the Windows system path */ + UINT systemdirlen = GetSystemDirectory(NULL, 0); + if(systemdirlen) { + /* Allocate space for the full DLL path (Room for the null terminator + is included in systemdirlen) */ + size_t filenamelen = _tcslen(filename); + TCHAR *path = malloc(sizeof(TCHAR) * (systemdirlen + 1 + filenamelen)); + if(path && GetSystemDirectory(path, systemdirlen)) { + /* Calculate the full DLL path */ + _tcscpy(path + _tcslen(path), TEXT("\\")); + _tcscpy(path + _tcslen(path), filename); + + /* Load the DLL from the Windows system directory */ + /** !checksrc! disable BANNEDFUNC 1 **/ + hModule = pLoadLibraryEx ? + pLoadLibraryEx(path, NULL, LOAD_WITH_ALTERED_SEARCH_PATH) : + LoadLibrary(path); + + } + free(path); + } + } + + return hModule; +} + +#endif /* USE_WINDOWS_SSPI || (!CURL_DISABLE_TELNET && USE_WINSOCK) */ + +#endif /* WIN32 */ diff --git a/lib/system_win32.h b/lib/system_win32.h new file mode 100644 index 000000000..1e772856b --- /dev/null +++ b/lib/system_win32.h @@ -0,0 +1,61 @@ +#ifndef HEADER_CURL_SYSTEM_WIN32_H +#define HEADER_CURL_SYSTEM_WIN32_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2016, Steve Holme, . + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(WIN32) + +/* Version condition */ +typedef enum { + VERSION_LESS_THAN, + VERSION_LESS_THAN_EQUAL, + VERSION_EQUAL, + VERSION_GREATER_THAN_EQUAL, + VERSION_GREATER_THAN +} VersionCondition; + +/* Platform identifier */ +typedef enum { + PLATFORM_DONT_CARE, + PLATFORM_WINDOWS, + PLATFORM_WINNT +} PlatformIdentifier; + +/* This is used to verify if we are running on a specific windows version */ +bool Curl_verify_windows_version(const unsigned int majorVersion, + const unsigned int minorVersion, + const PlatformIdentifier platform, + const VersionCondition condition); + +#if defined(USE_WINDOWS_SSPI) || (!defined(CURL_DISABLE_TELNET) && \ + defined(USE_WINSOCK)) + +/* This is used to dynamically load DLLs */ +HMODULE Curl_load_library(LPCTSTR filename); + +#endif /* USE_WINDOWS_SSPI || (!CURL_DISABLE_TELNET && USE_WINSOCK) */ + +#endif /* WIN32 */ + +#endif /* HEADER_CURL_SYSTEM_WIN32_H */ diff --git a/lib/telnet.c b/lib/telnet.c index 4ebc49252..cc705cfc6 100644 --- a/lib/telnet.c +++ b/lib/telnet.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -51,7 +51,7 @@ #include "telnet.h" #include "connect.h" #include "progress.h" -#include "curl_printf.h" +#include "system_win32.h" #define TELOPTS #define TELCMDS @@ -62,7 +62,8 @@ #include "rawstr.h" #include "warnless.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -91,7 +92,7 @@ #ifdef USE_WINSOCK typedef FARPROC WSOCK2_FUNC; -static CURLcode check_wsock2 ( struct SessionHandle *data ); +static CURLcode check_wsock2 (struct Curl_easy *data); #endif static @@ -100,7 +101,7 @@ CURLcode telrcv(struct connectdata *, ssize_t count); /* Number of bytes received */ #ifndef CURL_DISABLE_VERBOSE_STRINGS -static void printoption(struct SessionHandle *data, +static void printoption(struct Curl_easy *data, const char *direction, int cmd, int option); #endif @@ -110,7 +111,7 @@ static void send_negotiation(struct connectdata *, int cmd, int option); static void set_local_option(struct connectdata *, int cmd, int option); static void set_remote_option(struct connectdata *, int cmd, int option); -static void printsub(struct SessionHandle *data, +static void printsub(struct Curl_easy *data, int direction, unsigned char *pointer, size_t length); static void suboption(struct connectdata *); @@ -198,7 +199,7 @@ const struct Curl_handler Curl_handler_telnet = { #ifdef USE_WINSOCK static CURLcode -check_wsock2 ( struct SessionHandle *data ) +check_wsock2(struct Curl_easy *data) { int err; WORD wVersionRequested; @@ -305,7 +306,7 @@ static void negotiate(struct connectdata *conn) } #ifndef CURL_DISABLE_VERBOSE_STRINGS -static void printoption(struct SessionHandle *data, +static void printoption(struct Curl_easy *data, const char *direction, int cmd, int option) { const char *fmt; @@ -346,7 +347,7 @@ static void send_negotiation(struct connectdata *conn, int cmd, int option) unsigned char buf[3]; ssize_t bytes_written; int err; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; buf[0] = CURL_IAC; buf[1] = (unsigned char)cmd; @@ -702,7 +703,7 @@ void rec_dont(struct connectdata *conn, int option) } -static void printsub(struct SessionHandle *data, +static void printsub(struct Curl_easy *data, int direction, /* '<' or '>' */ unsigned char *pointer, /* where suboption data is */ size_t length) /* length of suboption data */ @@ -821,7 +822,7 @@ static CURLcode check_telnet_options(struct connectdata *conn) struct curl_slist *beg; char option_keyword[128] = ""; char option_arg[256] = ""; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct TELNET *tn = (struct TELNET *)conn->data->req.protop; CURLcode result = CURLE_OK; int binary_option; @@ -931,7 +932,7 @@ static void suboption(struct connectdata *conn) int err; char varname[128] = ""; char varval[128] = ""; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct TELNET *tn = (struct TELNET *)data->req.protop; printsub(data, '<', (unsigned char *)tn->subbuffer, CURL_SB_LEN(tn)+2); @@ -1006,7 +1007,7 @@ static void sendsuboption(struct connectdata *conn, int option) unsigned short x, y; unsigned char*uc1, *uc2; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct TELNET *tn = (struct TELNET *)data->req.protop; switch (option) { @@ -1064,7 +1065,7 @@ CURLcode telrcv(struct connectdata *conn, CURLcode result; int in = 0; int startwrite=-1; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct TELNET *tn = (struct TELNET *)data->req.protop; #define startskipping() \ @@ -1281,7 +1282,7 @@ static CURLcode telnet_done(struct connectdata *conn, static CURLcode telnet_do(struct connectdata *conn, bool *done) { CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_socket_t sockfd = conn->sock[FIRSTSOCKET]; #ifdef USE_WINSOCK HMODULE wsock2; @@ -1334,7 +1335,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool *done) /* OK, so we have WinSock 2.0. We need to dynamically */ /* load ws2_32.dll and get the function pointers we need. */ - wsock2 = LoadLibrary(TEXT("WS2_32.DLL")); + wsock2 = Curl_load_library(TEXT("WS2_32.DLL")); if(wsock2 == NULL) { failf(data, "failed to load WS2_32.DLL (%d)", ERRNO); return CURLE_FAILED_INIT; diff --git a/lib/tftp.c b/lib/tftp.c index f44733944..c97039620 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -57,10 +57,10 @@ #include "url.h" #include "rawstr.h" #include "speedcheck.h" -#include "curl_printf.h" #include "select.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -312,14 +312,14 @@ static const char *tftp_option_get(const char *buf, size_t len, { size_t loc; - loc = Curl_strnlen( buf, len ); + loc = Curl_strnlen(buf, len); loc++; /* NULL term */ if(loc >= len) return NULL; *option = buf; - loc += Curl_strnlen( buf+loc, len-loc ); + loc += Curl_strnlen(buf+loc, len-loc); loc++; /* NULL term */ if(loc > len) @@ -333,7 +333,7 @@ static CURLcode tftp_parse_option_ack(tftp_state_data_t *state, const char *ptr, int len) { const char *tmp = ptr; - struct SessionHandle *data = state->conn->data; + struct Curl_easy *data = state->conn->data; /* if OACK doesn't contain blksize option, the default (512) must be used */ state->blksize = TFTP_BLKSIZE_DEFAULT; @@ -352,7 +352,7 @@ static CURLcode tftp_parse_option_ack(tftp_state_data_t *state, if(checkprefix(option, TFTP_OPTION_BLKSIZE)) { long blksize; - blksize = strtol( value, NULL, 10 ); + blksize = strtol(value, NULL, 10); if(!blksize) { failf(data, "invalid blocksize value in OACK packet"); @@ -384,7 +384,7 @@ static CURLcode tftp_parse_option_ack(tftp_state_data_t *state, else if(checkprefix(option, TFTP_OPTION_TSIZE)) { long tsize = 0; - tsize = strtol( value, NULL, 10 ); + tsize = strtol(value, NULL, 10); infof(data, "%s (%ld)\n", "tsize parsed from OACK", tsize); /* tsize should be ignored on upload: Who cares about the size of the @@ -405,7 +405,7 @@ static CURLcode tftp_parse_option_ack(tftp_state_data_t *state, static size_t tftp_option_add(tftp_state_data_t *state, size_t csize, char *buf, const char *option) { - if(( strlen(option) + csize + 1 ) > (size_t)state->blksize) + if(( strlen(option) + csize + 1) > (size_t)state->blksize) return 0; strcpy(buf, option); return strlen(option) + 1; @@ -416,7 +416,7 @@ static CURLcode tftp_connect_for_tx(tftp_state_data_t *state, { CURLcode result; #ifndef CURL_DISABLE_VERBOSE_STRINGS - struct SessionHandle *data = state->conn->data; + struct Curl_easy *data = state->conn->data; infof(data, "%s\n", "Connected for transmit"); #endif @@ -432,7 +432,7 @@ static CURLcode tftp_connect_for_rx(tftp_state_data_t *state, { CURLcode result; #ifndef CURL_DISABLE_VERBOSE_STRINGS - struct SessionHandle *data = state->conn->data; + struct Curl_easy *data = state->conn->data; infof(data, "%s\n", "Connected for receive"); #endif @@ -450,7 +450,7 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event) const char *mode = "octet"; char *filename; char buf[64]; - struct SessionHandle *data = state->conn->data; + struct Curl_easy *data = state->conn->data; CURLcode result = CURLE_OK; /* Set ascii mode if -B flag was used */ @@ -514,7 +514,7 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event) (char *)state->spacket.data+sbytes, TFTP_OPTION_BLKSIZE); sbytes += tftp_option_add(state, sbytes, - (char *)state->spacket.data+sbytes, buf ); + (char *)state->spacket.data+sbytes, buf); /* add timeout option */ snprintf(buf, sizeof(buf), "%d", state->retry_time); @@ -522,7 +522,7 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event) (char *)state->spacket.data+sbytes, TFTP_OPTION_INTERVAL); sbytes += tftp_option_add(state, sbytes, - (char *)state->spacket.data+sbytes, buf ); + (char *)state->spacket.data+sbytes, buf); } /* the typecase for the 3rd argument is mostly for systems that do @@ -581,7 +581,7 @@ static CURLcode tftp_rx(tftp_state_data_t *state, tftp_event_t event) { ssize_t sbytes; int rblock; - struct SessionHandle *data = state->conn->data; + struct Curl_easy *data = state->conn->data; switch(event) { @@ -700,11 +700,12 @@ static CURLcode tftp_rx(tftp_state_data_t *state, tftp_event_t event) **********************************************************/ static CURLcode tftp_tx(tftp_state_data_t *state, tftp_event_t event) { - struct SessionHandle *data = state->conn->data; + struct Curl_easy *data = state->conn->data; ssize_t sbytes; int rblock; CURLcode result = CURLE_OK; struct SingleRequest *k = &data->req; + int cb; /* Bytes currently read */ switch(event) { @@ -762,9 +763,20 @@ static CURLcode tftp_tx(tftp_state_data_t *state, tftp_event_t event) return CURLE_OK; } - result = Curl_fillreadbuffer(state->conn, state->blksize, &state->sbytes); - if(result) - return result; + /* TFTP considers data block size < 512 bytes as an end of session. So + * in some cases we must wait for additional data to build full (512 bytes) + * data block. + * */ + state->sbytes = 0; + state->conn->data->req.upload_fromhere = (char *)state->spacket.data+4; + do { + result = Curl_fillreadbuffer(state->conn, state->blksize - state->sbytes, + &cb); + if(result) + return result; + state->sbytes += cb; + state->conn->data->req.upload_fromhere += cb; + } while(state->sbytes < state->blksize && cb != 0); sbytes = sendto(state->sockfd, (void *) state->spacket.data, 4 + state->sbytes, SEND_4TH_ARG, @@ -889,7 +901,7 @@ static CURLcode tftp_state_machine(tftp_state_data_t *state, tftp_event_t event) { CURLcode result = CURLE_OK; - struct SessionHandle *data = state->conn->data; + struct Curl_easy *data = state->conn->data; switch(state->state) { case TFTP_STATE_START: @@ -960,7 +972,7 @@ static CURLcode tftp_connect(struct connectdata *conn, bool *done) /* alloc pkt buffers based on specified blksize */ if(conn->data->set.tftp_blksize) { blksize = (int)conn->data->set.tftp_blksize; - if(blksize > TFTP_BLKSIZE_MAX || blksize < TFTP_BLKSIZE_MIN ) + if(blksize > TFTP_BLKSIZE_MAX || blksize < TFTP_BLKSIZE_MIN) return CURLE_TFTP_ILLEGAL; } @@ -1081,7 +1093,7 @@ static CURLcode tftp_receive_packet(struct connectdata *conn) struct Curl_sockaddr_storage fromaddr; curl_socklen_t fromlen; CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; tftp_state_data_t *state = (tftp_state_data_t *)conn->proto.tftpc; struct SingleRequest *k = &data->req; @@ -1200,7 +1212,7 @@ static CURLcode tftp_multi_statemach(struct connectdata *conn, bool *done) int rc; tftp_event_t event; CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; tftp_state_data_t *state = (tftp_state_data_t *)conn->proto.tftpc; long timeout_ms = tftp_state_timeout(conn, &event); @@ -1342,7 +1354,7 @@ static CURLcode tftp_do(struct connectdata *conn, bool *done) static CURLcode tftp_setup_connection(struct connectdata * conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; char * type; char command; diff --git a/lib/transfer.c b/lib/transfer.c index 7481e0c8a..2fad6f32f 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -75,9 +75,10 @@ #include "multiif.h" #include "connect.h" #include "non-ascii.h" -#include "curl_printf.h" +#include "http2.h" -/* The last #include files should be: */ +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" #include "memdebug.h" @@ -87,7 +88,7 @@ */ CURLcode Curl_fillreadbuffer(struct connectdata *conn, int bytes, int *nreadp) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; size_t buffersize = (size_t)bytes; int nread; #ifdef CURL_DOES_CONVERSIONS @@ -242,7 +243,7 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn, int bytes, int *nreadp) */ CURLcode Curl_readrewind(struct connectdata *conn) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; conn->bits.rewindaftersend = FALSE; /* we rewind now */ @@ -352,7 +353,7 @@ static void read_rewind(struct connectdata *conn, * Check to see if CURLOPT_TIMECONDITION was met by comparing the time of the * remote document with the time provided by CURLOPT_TIMEVAL */ -bool Curl_meets_timecondition(struct SessionHandle *data, time_t timeofdoc) +bool Curl_meets_timecondition(struct Curl_easy *data, time_t timeofdoc) { if((timeofdoc == 0) || (data->set.timevalue == 0)) return TRUE; @@ -384,11 +385,15 @@ bool Curl_meets_timecondition(struct SessionHandle *data, time_t timeofdoc) * Go ahead and do a read if we have a readable socket or if * the stream was rewound (in which case we have data in a * buffer) + * + * return '*comeback' TRUE if we didn't properly drain the socket so this + * function should get called again without select() or similar in between! */ -static CURLcode readwrite_data(struct SessionHandle *data, +static CURLcode readwrite_data(struct Curl_easy *data, struct connectdata *conn, struct SingleRequest *k, - int *didwhat, bool *done) + int *didwhat, bool *done, + bool *comeback) { CURLcode result = CURLE_OK; ssize_t nread; /* number of bytes read */ @@ -398,6 +403,7 @@ static CURLcode readwrite_data(struct SessionHandle *data, int maxloops = 100; *done = FALSE; + *comeback = FALSE; /* This is where we loop until we have read everything there is to read or we get a CURLE_AGAIN */ @@ -694,7 +700,7 @@ static CURLcode readwrite_data(struct SessionHandle *data, } nread = (ssize_t) (k->maxdownload - k->bytecount); - if(nread < 0 ) /* this should be unusual */ + if(nread < 0) /* this should be unusual */ nread = 0; k->keepon &= ~KEEP_RECV; /* we're done reading */ @@ -779,7 +785,7 @@ static CURLcode readwrite_data(struct SessionHandle *data, return result; } - } /* if(! header and data to read ) */ + } /* if(!header and data to read) */ if(conn->handler->readwrite && (excess > 0 && !conn->bits.stream_was_rewound)) { @@ -804,8 +810,14 @@ static CURLcode readwrite_data(struct SessionHandle *data, } while(data_pending(conn) && maxloops--); + if(maxloops <= 0) { + /* we mark it as read-again-please */ + conn->cselect_bits = CURL_CSELECT_IN; + *comeback = TRUE; + } + if(((k->keepon & (KEEP_RECV|KEEP_SEND)) == KEEP_SEND) && - conn->bits.close ) { + conn->bits.close) { /* When we've read the entire thing and the close bit is set, the server may now close the connection. If there's now any kind of sending going on from our side, we need to stop that immediately. */ @@ -816,10 +828,26 @@ static CURLcode readwrite_data(struct SessionHandle *data, return CURLE_OK; } +static CURLcode done_sending(struct connectdata *conn, + struct SingleRequest *k) +{ + k->keepon &= ~KEEP_SEND; /* we're done writing */ + + Curl_http2_done_sending(conn); + + if(conn->bits.rewindaftersend) { + CURLcode result = Curl_readrewind(conn); + if(result) + return result; + } + return CURLE_OK; +} + + /* * Send data to upload to the server, when the socket is writable. */ -static CURLcode readwrite_upload(struct SessionHandle *data, +static CURLcode readwrite_upload(struct Curl_easy *data, struct connectdata *conn, struct SingleRequest *k, int *didwhat) @@ -887,14 +915,9 @@ static CURLcode readwrite_upload(struct SessionHandle *data, break; } else if(nread<=0) { - /* done */ - k->keepon &= ~KEEP_SEND; /* we're done writing */ - - if(conn->bits.rewindaftersend) { - result = Curl_readrewind(conn); - if(result) - return result; - } + result = done_sending(conn, k); + if(result) + return result; break; } @@ -1004,8 +1027,9 @@ static CURLcode readwrite_upload(struct SessionHandle *data, data->req.upload_present = 0; /* no more bytes left */ if(k->upload_done) { - /* switch off writing, we're done! */ - k->keepon &= ~KEEP_SEND; /* we're done writing */ + result = done_sending(conn, k); + if(result) + return result; } } @@ -1019,10 +1043,14 @@ static CURLcode readwrite_upload(struct SessionHandle *data, /* * Curl_readwrite() is the low-level function to be called when data is to * be read and written to/from the connection. + * + * return '*comeback' TRUE if we didn't properly drain the socket so this + * function should get called again without select() or similar in between! */ CURLcode Curl_readwrite(struct connectdata *conn, - struct SessionHandle *data, - bool *done) + struct Curl_easy *data, + bool *done, + bool *comeback) { struct SingleRequest *k = &data->req; CURLcode result; @@ -1067,7 +1095,7 @@ CURLcode Curl_readwrite(struct connectdata *conn, if((k->keepon & KEEP_RECV) && ((select_res & CURL_CSELECT_IN) || conn->bits.stream_was_rewound)) { - result = readwrite_data(data, conn, k, &didwhat, done); + result = readwrite_data(data, conn, k, &didwhat, done, comeback); if(result || *done) return result; } @@ -1198,7 +1226,7 @@ int Curl_single_getsock(const struct connectdata *conn, of sockets */ int numsocks) { - const struct SessionHandle *data = conn->data; + const struct Curl_easy *data = conn->data; int bitmap = GETSOCK_BLANK; unsigned sockindex = 0; @@ -1239,63 +1267,9 @@ int Curl_single_getsock(const struct connectdata *conn, return bitmap; } -/* - * Determine optimum sleep time based on configured rate, current rate, - * and packet size. - * Returns value in milliseconds. - * - * The basic idea is to adjust the desired rate up/down in this method - * based on whether we are running too slow or too fast. Then, calculate - * how many milliseconds to wait for the next packet to achieve this new - * rate. - */ -long Curl_sleep_time(curl_off_t rate_bps, curl_off_t cur_rate_bps, - int pkt_size) -{ - curl_off_t min_sleep = 0; - curl_off_t rv = 0; - - if(rate_bps == 0) - return 0; - - /* If running faster than about .1% of the desired speed, slow - * us down a bit. Use shift instead of division as the 0.1% - * cutoff is arbitrary anyway. - */ - if(cur_rate_bps > (rate_bps + (rate_bps >> 10))) { - /* running too fast, decrease target rate by 1/64th of rate */ - rate_bps -= rate_bps >> 6; - min_sleep = 1; - } - else if(cur_rate_bps < (rate_bps - (rate_bps >> 10))) { - /* running too slow, increase target rate by 1/64th of rate */ - rate_bps += rate_bps >> 6; - } - - /* Determine number of milliseconds to wait until we do - * the next packet at the adjusted rate. We should wait - * longer when using larger packets, for instance. - */ - rv = ((curl_off_t)(pkt_size * 1000) / rate_bps); - - /* Catch rounding errors and always slow down at least 1ms if - * we are running too fast. - */ - if(rv < min_sleep) - rv = min_sleep; - - /* Bound value to fit in 'long' on 32-bit platform. That's - * plenty long enough anyway! - */ - if(rv > 0x7fffffff) - rv = 0x7fffffff; - - return (long)rv; -} - /* Curl_init_CONNECT() gets called each time the handle switches to CONNECT which means this gets called once for each subsequent redirect etc */ -void Curl_init_CONNECT(struct SessionHandle *data) +void Curl_init_CONNECT(struct Curl_easy *data) { data->state.fread_func = data->set.fread_func_set; data->state.in = data->set.in_set; @@ -1306,7 +1280,7 @@ void Curl_init_CONNECT(struct SessionHandle *data) * once for one transfer no matter if it has redirects or do multi-pass * authentication etc. */ -CURLcode Curl_pretransfer(struct SessionHandle *data) +CURLcode Curl_pretransfer(struct Curl_easy *data) { CURLcode result; if(!data->change.url) { @@ -1375,6 +1349,16 @@ CURLcode Curl_pretransfer(struct SessionHandle *data) consider to be fine */ data->state.authhost.picked &= data->state.authhost.want; data->state.authproxy.picked &= data->state.authproxy.want; + + if(data->set.wildcardmatch) { + struct WildcardData *wc = &data->wildcard; + if(!wc->filelist) { + result = Curl_wildcard_init(wc); /* init wildcard structures */ + if(result) + return CURLE_OUT_OF_MEMORY; + } + } + } return result; @@ -1383,7 +1367,7 @@ CURLcode Curl_pretransfer(struct SessionHandle *data) /* * Curl_posttransfer() is called immediately after a transfer ends */ -CURLcode Curl_posttransfer(struct SessionHandle *data) +CURLcode Curl_posttransfer(struct Curl_easy *data) { #if defined(HAVE_SIGNAL) && defined(SIGPIPE) && !defined(HAVE_MSG_NOSIGNAL) /* restore the signal handler for SIGPIPE before we get back */ @@ -1640,7 +1624,7 @@ static char *concat_url(const char *base, const char *relurl) * Curl_follow() handles the URL redirect magic. Pass in the 'newurl' string * as given by the remote server and set up the new URL to request. */ -CURLcode Curl_follow(struct SessionHandle *data, +CURLcode Curl_follow(struct Curl_easy *data, char *newurl, /* this 'newurl' is the Location: string, and it must be malloc()ed before passed here */ @@ -1838,70 +1822,13 @@ CURLcode Curl_follow(struct SessionHandle *data, #endif /* CURL_DISABLE_HTTP */ } -CURLcode -Curl_reconnect_request(struct connectdata **connp) -{ - CURLcode result = CURLE_OK; - struct connectdata *conn = *connp; - struct SessionHandle *data = conn->data; - - /* This was a re-use of a connection and we got a write error in the - * DO-phase. Then we DISCONNECT this connection and have another attempt to - * CONNECT and then DO again! The retry cannot possibly find another - * connection to re-use, since we only keep one possible connection for - * each. */ - - infof(data, "Re-used connection seems dead, get a new one\n"); - - connclose(conn, "Reconnect dead connection"); /* enforce close */ - result = Curl_done(&conn, result, FALSE); /* we are so done with this */ - - /* conn may no longer be a good pointer, clear it to avoid mistakes by - parent functions */ - *connp = NULL; - - /* - * According to bug report #1330310. We need to check for CURLE_SEND_ERROR - * here as well. I figure this could happen when the request failed on a FTP - * connection and thus Curl_done() itself tried to use the connection - * (again). Slight Lack of feedback in the report, but I don't think this - * extra check can do much harm. - */ - if(!result || (CURLE_SEND_ERROR == result)) { - bool async; - bool protocol_done = TRUE; - - /* Now, redo the connect and get a new connection */ - result = Curl_connect(data, connp, &async, &protocol_done); - if(!result) { - /* We have connected or sent away a name resolve query fine */ - - conn = *connp; /* setup conn to again point to something nice */ - if(async) { - /* Now, if async is TRUE here, we need to wait for the name - to resolve */ - result = Curl_resolver_wait_resolv(conn, NULL); - if(result) - return result; - - /* Resolved, continue with the connection */ - result = Curl_async_resolved(conn, &protocol_done); - if(result) - return result; - } - } - } - - return result; -} - /* Returns CURLE_OK *and* sets '*url' if a request retry is wanted. NOTE: that the *url is malloc()ed. */ CURLcode Curl_retry_request(struct connectdata *conn, char **url) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; *url = NULL; @@ -1912,13 +1839,12 @@ CURLcode Curl_retry_request(struct connectdata *conn, return CURLE_OK; if((data->req.bytecount + data->req.headerbytecount == 0) && - conn->bits.reuse && - !data->set.opt_no_body && - (data->set.rtspreq != RTSPREQ_RECEIVE)) { - /* We got no data, we attempted to re-use a connection and yet we want a - "body". This might happen if the connection was left alive when we were - done using it before, but that was closed when we wanted to read from - it again. Bad luck. Retry the same request on a fresh connect! */ + conn->bits.reuse && + (data->set.rtspreq != RTSPREQ_RECEIVE)) { + /* We didn't get a single byte when we attempted to re-use a + connection. This might happen if the connection was left alive when we + were done using it before, but that was closed when we wanted to use it + again. Bad luck. Retry the same request on a fresh connect! */ infof(conn->data, "Connection died, retrying a fresh connect\n"); *url = strdup(conn->data->change.url); if(!*url) @@ -1957,7 +1883,7 @@ Curl_setup_transfer( curl_off_t *writecountp /* return number of bytes written or NULL */ ) { - struct SessionHandle *data; + struct Curl_easy *data; struct SingleRequest *k; DEBUGASSERT(conn != NULL); diff --git a/lib/transfer.h b/lib/transfer.h index 52b762abf..518967260 100644 --- a/lib/transfer.h +++ b/lib/transfer.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -22,11 +22,11 @@ * ***************************************************************************/ -void Curl_init_CONNECT(struct SessionHandle *data); +void Curl_init_CONNECT(struct Curl_easy *data); -CURLcode Curl_pretransfer(struct SessionHandle *data); +CURLcode Curl_pretransfer(struct Curl_easy *data); CURLcode Curl_second_connect(struct connectdata *conn); -CURLcode Curl_posttransfer(struct SessionHandle *data); +CURLcode Curl_posttransfer(struct Curl_easy *data); typedef enum { FOLLOW_NONE, /* not used within the function, just a placeholder to @@ -38,20 +38,18 @@ typedef enum { FOLLOW_LAST /* never used */ } followtype; -CURLcode Curl_follow(struct SessionHandle *data, char *newurl, +CURLcode Curl_follow(struct Curl_easy *data, char *newurl, followtype type); - - CURLcode Curl_readwrite(struct connectdata *conn, - struct SessionHandle *data, bool *done); + struct Curl_easy *data, bool *done, + bool *comeback); int Curl_single_getsock(const struct connectdata *conn, curl_socket_t *socks, int numsocks); CURLcode Curl_readrewind(struct connectdata *conn); CURLcode Curl_fillreadbuffer(struct connectdata *conn, int bytes, int *nreadp); -CURLcode Curl_reconnect_request(struct connectdata **connp); CURLcode Curl_retry_request(struct connectdata *conn, char **url); -bool Curl_meets_timecondition(struct SessionHandle *data, time_t timeofdoc); +bool Curl_meets_timecondition(struct Curl_easy *data, time_t timeofdoc); /* This sets up a forthcoming transfer */ void @@ -66,8 +64,5 @@ Curl_setup_transfer (struct connectdata *data, curl_off_t *writecountp /* return number of bytes written */ ); -long Curl_sleep_time(curl_off_t rate_bps, curl_off_t cur_rate_bps, - int pkt_size); - #endif /* HEADER_CURL_TRANSFER_H */ diff --git a/lib/url.c b/lib/url.c index d165d9c0a..f355c7a22 100644 --- a/lib/url.c +++ b/lib/url.c @@ -119,7 +119,7 @@ bool curl_win32_idn_to_ascii(const char *in, char **out); #include "url.h" #include "connect.h" #include "inet_ntop.h" -#include "curl_ntlm.h" +#include "http_ntlm.h" #include "curl_ntlm_wb.h" #include "socks.h" #include "curl_rtmp.h" @@ -130,21 +130,19 @@ bool curl_win32_idn_to_ascii(const char *in, char **out); #include "pipeline.h" #include "dotdot.h" #include "strdup.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* Local static prototypes */ static struct connectdata * -find_oldest_idle_connection(struct SessionHandle *data); -static struct connectdata * -find_oldest_idle_connection_in_bundle(struct SessionHandle *data, +find_oldest_idle_connection_in_bundle(struct Curl_easy *data, struct connectbundle *bundle); static void conn_free(struct connectdata *conn); static void free_fixed_hostname(struct hostname *host); static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke); -static CURLcode parse_url_login(struct SessionHandle *data, +static CURLcode parse_url_login(struct Curl_easy *data, struct connectdata *conn, char **userptr, char **passwdptr, char **optionsptr); @@ -279,7 +277,7 @@ static const struct Curl_handler Curl_handler_dummy = { PROTOPT_NONE /* flags */ }; -void Curl_freeset(struct SessionHandle *data) +void Curl_freeset(struct Curl_easy *data) { /* Free all dynamic strings stored in the data->set substructure. */ enum dupstring i; @@ -357,7 +355,7 @@ static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp) return result; } -CURLcode Curl_dupset(struct SessionHandle *dst, struct SessionHandle *src) +CURLcode Curl_dupset(struct Curl_easy *dst, struct Curl_easy *src) { CURLcode result = CURLE_OK; enum dupstring i; @@ -400,14 +398,14 @@ CURLcode Curl_dupset(struct SessionHandle *dst, struct SessionHandle *src) * when curl_easy_perform() is invoked. */ -CURLcode Curl_close(struct SessionHandle *data) +CURLcode Curl_close(struct Curl_easy *data) { struct Curl_multi *m; if(!data) return CURLE_OK; - Curl_expire(data, 0); /* shut off timers */ + Curl_expire_clear(data); /* shut off timers */ m = data->multi; @@ -486,14 +484,20 @@ CURLcode Curl_close(struct SessionHandle *data) Curl_share_unlock(data, CURL_LOCK_DATA_SHARE); } + if(data->set.wildcardmatch) { + /* destruct wildcard structures if it is needed */ + struct WildcardData *wc = &data->wildcard; + Curl_wildcard_dtor(wc); + } + Curl_freeset(data); free(data); return CURLE_OK; } /* - * Initialize the UserDefined fields within a SessionHandle. - * This may be safely called on a new or existing SessionHandle. + * Initialize the UserDefined fields within a Curl_easy. + * This may be safely called on a new or existing Curl_easy. */ CURLcode Curl_init_userdefined(struct UserDefined *set) { @@ -573,23 +577,6 @@ CURLcode Curl_init_userdefined(struct UserDefined *set) * seem not to follow rfc1961 section 4.3/4.4 */ set->socks5_gssapi_nec = FALSE; - /* set default GSS-API service name */ - result = setstropt(&set->str[STRING_SOCKS5_GSSAPI_SERVICE], - CURL_DEFAULT_SOCKS5_GSSAPI_SERVICE); - if(result) - return result; - - /* set default negotiate proxy service name */ - result = setstropt(&set->str[STRING_PROXY_SERVICE_NAME], - CURL_DEFAULT_PROXY_SERVICE_NAME); - if(result) - return result; - - /* set default negotiate service name */ - result = setstropt(&set->str[STRING_SERVICE_NAME], - CURL_DEFAULT_SERVICE_NAME); - if(result) - return result; #endif /* This is our preferred CA cert bundle/path since install time */ @@ -614,6 +601,8 @@ CURLcode Curl_init_userdefined(struct UserDefined *set) set->tcp_keepalive = FALSE; set->tcp_keepintvl = 60; set->tcp_keepidle = 60; + set->tcp_fastopen = FALSE; + set->tcp_nodelay = TRUE; set->ssl_enable_npn = TRUE; set->ssl_enable_alpn = TRUE; @@ -633,16 +622,16 @@ CURLcode Curl_init_userdefined(struct UserDefined *set) * @return CURLcode */ -CURLcode Curl_open(struct SessionHandle **curl) +CURLcode Curl_open(struct Curl_easy **curl) { CURLcode result; - struct SessionHandle *data; + struct Curl_easy *data; /* Very simple start-up: alloc the struct, init it with zeroes and return */ - data = calloc(1, sizeof(struct SessionHandle)); + data = calloc(1, sizeof(struct Curl_easy)); if(!data) { /* this is a very serious error */ - DEBUGF(fprintf(stderr, "Error: calloc of SessionHandle failed\n")); + DEBUGF(fprintf(stderr, "Error: calloc of Curl_easy failed\n")); return CURLE_OUT_OF_MEMORY; } @@ -696,7 +685,7 @@ CURLcode Curl_open(struct SessionHandle **curl) return result; } -CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, +CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option, va_list param) { char *argptr; @@ -713,7 +702,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, case CURLOPT_DNS_USE_GLOBAL_CACHE: /* remember we want this enabled */ arg = va_arg(param, long); - data->set.global_dns_cache = (0 != arg)?TRUE:FALSE; + data->set.global_dns_cache = (0 != arg) ? TRUE : FALSE; break; case CURLOPT_SSL_CIPHER_LIST: /* set a list of cipher we want to use in the SSL connection */ @@ -748,33 +737,33 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * When this transfer is done, it must not be left to be reused by a * subsequent transfer but shall be closed immediately. */ - data->set.reuse_forbid = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.reuse_forbid = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FRESH_CONNECT: /* * This transfer shall not use a previously cached connection but * should be made with a fresh new connect! */ - data->set.reuse_fresh = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.reuse_fresh = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_VERBOSE: /* * Verbose means infof() calls that give a lot of information about * the connection and transfer procedures as well as internal choices. */ - data->set.verbose = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.verbose = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_HEADER: /* * Set to include the header in the general data output stream. */ - data->set.include_header = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.include_header = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_NOPROGRESS: /* * Shut off the internal supported progress meter */ - data->set.hide_progress = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.hide_progress = (0 != va_arg(param, long)) ? TRUE : FALSE; if(data->set.hide_progress) data->progress.flags |= PGRS_HIDE; else @@ -784,14 +773,14 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* * Do not include the body part in the output data stream. */ - data->set.opt_no_body = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.opt_no_body = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FAILONERROR: /* * Don't output the >=400 error code HTML-page, but instead only * return error. */ - data->set.http_fail_on_error = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.http_fail_on_error = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_UPLOAD: case CURLOPT_PUT: @@ -799,7 +788,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * We want to sent data to the remote host. If this is HTTP, that equals * using the PUT request. */ - data->set.upload = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.upload = (0 != va_arg(param, long)) ? TRUE : FALSE; if(data->set.upload) { /* If this is HTTP, PUT is what's needed to "upload" */ data->set.httpreq = HTTPREQ_PUT; @@ -815,7 +804,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * Try to get the file time of the remote document. The time will * later (possibly) become available using curl_easy_getinfo(). */ - data->set.get_filetime = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.get_filetime = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FTP_CREATE_MISSING_DIRS: /* @@ -843,7 +832,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * Option that specifies how quickly an server response must be obtained * before it is considered failure. For pingpong protocols. */ - data->set.server_response_timeout = va_arg( param , long ) * 1000; + data->set.server_response_timeout = va_arg(param, long) * 1000; break; case CURLOPT_TFTP_NO_OPTIONS: /* @@ -863,13 +852,13 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * An option that changes the command to one that asks for a list * only, no file info details. */ - data->set.ftp_list_only = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ftp_list_only = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_APPEND: /* * We want to upload and append to an existing file. */ - data->set.ftp_append = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ftp_append = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FTP_FILEMETHOD: /* @@ -897,7 +886,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * * Transfer using ASCII (instead of BINARY). */ - data->set.prefer_ascii = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.prefer_ascii = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_TIMECONDITION: /* @@ -930,7 +919,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* * Switch on automatic referer that gets set if curl follows locations. */ - data->set.http_auto_referer = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.http_auto_referer = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_ACCEPT_ENCODING: @@ -950,14 +939,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, break; case CURLOPT_TRANSFER_ENCODING: - data->set.http_transfer_encoding = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.http_transfer_encoding = (0 != va_arg(param, long)) ? + TRUE : FALSE; break; case CURLOPT_FOLLOWLOCATION: /* * Follow Location: header hints on a HTTP-server. */ - data->set.http_follow_location = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.http_follow_location = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_UNRESTRICTED_AUTH: @@ -966,7 +956,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * hostname changed. */ data->set.http_disable_hostname_check_before_authentication = - (0 != va_arg(param, long))?TRUE:FALSE; + (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_MAXREDIRS: @@ -1227,7 +1217,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * We run mostly with the original cookie spec, as hardly anyone implements * anything else. */ - data->set.cookiesession = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.cookiesession = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_COOKIELIST: @@ -1326,7 +1316,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* the DIGEST_IE bit is only used to set a special marker, for all the rest we need to handle it as normal DIGEST */ - data->state.authhost.iestyle = (auth & CURLAUTH_DIGEST_IE)?TRUE:FALSE; + data->state.authhost.iestyle = (auth & CURLAUTH_DIGEST_IE) ? TRUE : FALSE; if(auth & CURLAUTH_DIGEST_IE) { auth |= CURLAUTH_DIGEST; /* set standard digest bit */ @@ -1389,7 +1379,8 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* * Tunnel operations through the proxy instead of normal proxy use */ - data->set.tunnel_thru_httpproxy = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.tunnel_thru_httpproxy = (0 != va_arg(param, long)) ? + TRUE : FALSE; break; case CURLOPT_PROXYPORT: @@ -1415,7 +1406,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* the DIGEST_IE bit is only used to set a special marker, for all the rest we need to handle it as normal DIGEST */ - data->state.authproxy.iestyle = (auth & CURLAUTH_DIGEST_IE)?TRUE:FALSE; + data->state.authproxy.iestyle = (auth & CURLAUTH_DIGEST_IE) ? TRUE : FALSE; if(auth & CURLAUTH_DIGEST_IE) { auth |= CURLAUTH_DIGEST; /* set standard digest bit */ @@ -1490,32 +1481,28 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, #endif /* CURL_DISABLE_PROXY */ #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - case CURLOPT_SOCKS5_GSSAPI_SERVICE: + case CURLOPT_SOCKS5_GSSAPI_NEC: /* - * Set GSS-API service name + * Set flag for NEC SOCK5 support */ - result = setstropt(&data->set.str[STRING_SOCKS5_GSSAPI_SERVICE], - va_arg(param, char *)); + data->set.socks5_gssapi_nec = (0 != va_arg(param, long)) ? TRUE : FALSE; break; + case CURLOPT_SOCKS5_GSSAPI_SERVICE: case CURLOPT_PROXY_SERVICE_NAME: /* - * Set negotiate proxy service name + * Set proxy authentication service name for Kerberos 5 and SPNEGO */ result = setstropt(&data->set.str[STRING_PROXY_SERVICE_NAME], va_arg(param, char *)); break; +#endif - case CURLOPT_SOCKS5_GSSAPI_NEC: - /* - * set flag for nec socks5 support - */ - data->set.socks5_gssapi_nec = (0 != va_arg(param, long))?TRUE:FALSE; - break; - +#if !defined(CURL_DISABLE_CRYPTO_AUTH) || defined(USE_KERBEROS5) || \ + defined(USE_SPNEGO) case CURLOPT_SERVICE_NAME: /* - * Set negotiate service identity + * Set authentication service name for DIGEST-MD5, Kerberos 5 and SPNEGO */ result = setstropt(&data->set.str[STRING_SERVICE_NAME], va_arg(param, char *)); @@ -1549,20 +1536,19 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, */ result = setstropt(&data->set.str[STRING_FTPPORT], va_arg(param, char *)); - data->set.ftp_use_port = (NULL != data->set.str[STRING_FTPPORT]) ? - TRUE:FALSE; + data->set.ftp_use_port = (data->set.str[STRING_FTPPORT]) ? TRUE : FALSE; break; case CURLOPT_FTP_USE_EPRT: - data->set.ftp_use_eprt = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ftp_use_eprt = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FTP_USE_EPSV: - data->set.ftp_use_epsv = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ftp_use_epsv = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FTP_USE_PRET: - data->set.ftp_use_pret = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ftp_use_pret = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FTP_SSL_CCC: @@ -1574,7 +1560,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * Enable or disable FTP_SKIP_PASV_IP, which will disable/enable the * bypass of the IP address in PASV responses. */ - data->set.ftp_skip_ip = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ftp_skip_ip = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_READDATA: @@ -1982,7 +1968,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* * Kludgy option to enable CRLF conversions. Subject for removal. */ - data->set.crlf = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.crlf = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_INTERFACE: @@ -2011,7 +1997,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, */ result = setstropt(&data->set.str[STRING_KRB_LEVEL], va_arg(param, char *)); - data->set.krb = (NULL != data->set.str[STRING_KRB_LEVEL])?TRUE:FALSE; + data->set.krb = (data->set.str[STRING_KRB_LEVEL]) ? TRUE : FALSE; break; case CURLOPT_GSSAPI_DELEGATION: /* @@ -2023,7 +2009,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* * Enable peer SSL verifying. */ - data->set.ssl.verifypeer = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ssl.verifypeer = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_SSL_VERIFYHOST: /* @@ -2041,7 +2027,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, return CURLE_BAD_FUNCTION_ARGUMENT; } - data->set.ssl.verifyhost = (0 != arg)?TRUE:FALSE; + data->set.ssl.verifyhost = (0 != arg) ? TRUE : FALSE; break; case CURLOPT_SSL_VERIFYSTATUS: /* @@ -2052,7 +2038,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, break; } - data->set.ssl.verifystatus = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ssl.verifystatus = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_SSL_CTX_FUNCTION: #ifdef have_curlssl_ssl_ctx @@ -2083,22 +2069,26 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, break; } - data->set.ssl.falsestart = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ssl.falsestart = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_CERTINFO: #ifdef have_curlssl_certinfo - data->set.ssl.certinfo = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ssl.certinfo = (0 != va_arg(param, long)) ? TRUE : FALSE; #else result = CURLE_NOT_BUILT_IN; #endif break; case CURLOPT_PINNEDPUBLICKEY: +#ifdef have_curlssl_pinnedpubkey /* only by supported backends */ /* * Set pinned public key for SSL connection. * Specify file name of the public key in DER format. */ result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY], va_arg(param, char *)); +#else + result = CURLE_NOT_BUILT_IN; +#endif break; case CURLOPT_CAINFO: /* @@ -2150,7 +2140,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, */ data->set.buffer_size = va_arg(param, long); - if((data->set.buffer_size> (BUFSIZE -1 )) || + if((data->set.buffer_size> (BUFSIZE -1)) || (data->set.buffer_size < 1)) data->set.buffer_size = 0; /* huge internal default */ @@ -2161,7 +2151,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * The application asks not to set any signal() or alarm() handlers, * even when using a timeout. */ - data->set.no_signal = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.no_signal = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_SHARE: @@ -2277,7 +2267,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, * Enable or disable TCP_NODELAY, which will disable/enable the Nagle * algorithm */ - data->set.tcp_nodelay = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.tcp_nodelay = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FTP_ACCOUNT: @@ -2286,14 +2276,14 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, break; case CURLOPT_IGNORE_CONTENT_LENGTH: - data->set.ignorecl = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ignorecl = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_CONNECT_ONLY: /* * No data transfer, set up connection and let application use the socket */ - data->set.connect_only = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.connect_only = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_FTP_ALTERNATIVE_TO_USER: @@ -2346,7 +2336,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, break; case CURLOPT_SSL_SESSIONID_CACHE: - data->set.ssl.sessionid = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ssl.sessionid = (0 != va_arg(param, long)) ? TRUE : FALSE; break; #ifdef USE_LIBSSH2 @@ -2407,14 +2397,14 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, /* * disable libcurl transfer encoding is used */ - data->set.http_te_skip = (0 == va_arg(param, long))?TRUE:FALSE; + data->set.http_te_skip = (0 == va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_HTTP_CONTENT_DECODING: /* * raw data passed to the application when content encoding is used */ - data->set.http_ce_skip = (0 == va_arg(param, long))?TRUE:FALSE; + data->set.http_ce_skip = (0 == va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_NEW_FILE_PERMS: @@ -2594,7 +2584,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, break; case CURLOPT_WILDCARDMATCH: - data->set.wildcardmatch = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.wildcardmatch = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_CHUNK_BGN_FUNCTION: data->set.chunk_bgn = va_arg(param, curl_chunk_bgn_callback); @@ -2645,7 +2635,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, break; case CURLOPT_TCP_KEEPALIVE: - data->set.tcp_keepalive = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.tcp_keepalive = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_TCP_KEEPIDLE: data->set.tcp_keepidle = va_arg(param, long); @@ -2653,11 +2643,18 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, case CURLOPT_TCP_KEEPINTVL: data->set.tcp_keepintvl = va_arg(param, long); break; + case CURLOPT_TCP_FASTOPEN: +#if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN) + data->set.tcp_fastopen = (0 != va_arg(param, long))?TRUE:FALSE; +#else + result = CURLE_NOT_BUILT_IN; +#endif + break; case CURLOPT_SSL_ENABLE_NPN: - data->set.ssl_enable_npn = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ssl_enable_npn = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_SSL_ENABLE_ALPN: - data->set.ssl_enable_alpn = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.ssl_enable_alpn = (0 != va_arg(param, long)) ? TRUE : FALSE; break; #ifdef USE_UNIX_SOCKETS @@ -2668,10 +2665,10 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, #endif case CURLOPT_PATH_AS_IS: - data->set.path_as_is = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.path_as_is = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_PIPEWAIT: - data->set.pipewait = (0 != va_arg(param, long))?TRUE:FALSE; + data->set.pipewait = (0 != va_arg(param, long)) ? TRUE : FALSE; break; case CURLOPT_STREAM_WEIGHT: #ifndef USE_NGHTTP2 @@ -2688,7 +2685,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, #ifndef USE_NGHTTP2 return CURLE_NOT_BUILT_IN; #else - struct SessionHandle *dep = va_arg(param, struct SessionHandle *); + struct Curl_easy *dep = va_arg(param, struct Curl_easy *); if(dep && GOOD_EASY_HANDLE(dep)) { data->set.stream_depends_on = dep; data->set.stream_depends_e = (option == CURLOPT_STREAM_DEPENDS_E); @@ -2696,6 +2693,9 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, break; #endif } + case CURLOPT_CONNECT_TO: + data->set.connect_to = va_arg(param, struct curl_slist *); + break; default: /* unknown tag and its companion, just ignore: */ result = CURLE_UNKNOWN_OPTION; @@ -2705,6 +2705,45 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, return result; } +#ifdef USE_RECV_BEFORE_SEND_WORKAROUND +static void conn_reset_postponed_data(struct connectdata *conn, int num) +{ + struct postponed_data * const psnd = &(conn->postponed[num]); + if(psnd->buffer) { + DEBUGASSERT(psnd->allocated_size > 0); + DEBUGASSERT(psnd->recv_size <= psnd->allocated_size); + DEBUGASSERT(psnd->recv_size ? + (psnd->recv_processed < psnd->recv_size) : + (psnd->recv_processed == 0)); + DEBUGASSERT(psnd->bindsock != CURL_SOCKET_BAD); + free(psnd->buffer); + psnd->buffer = NULL; + psnd->allocated_size = 0; + psnd->recv_size = 0; + psnd->recv_processed = 0; +#ifdef DEBUGBUILD + psnd->bindsock = CURL_SOCKET_BAD; /* used only for DEBUGASSERT */ +#endif /* DEBUGBUILD */ + } + else { + DEBUGASSERT (psnd->allocated_size == 0); + DEBUGASSERT (psnd->recv_size == 0); + DEBUGASSERT (psnd->recv_processed == 0); + DEBUGASSERT (psnd->bindsock == CURL_SOCKET_BAD); + } +} + +static void conn_reset_all_postponed_data(struct connectdata *conn) +{ + conn_reset_postponed_data(conn, 0); + conn_reset_postponed_data(conn, 1); +} +#else /* ! USE_RECV_BEFORE_SEND_WORKAROUND */ +/* Use "do-nothing" macros instead of functions when workaround not used */ +#define conn_reset_postponed_data(c,n) do {} WHILE_FALSE +#define conn_reset_all_postponed_data(c) do {} WHILE_FALSE +#endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */ + static void conn_free(struct connectdata *conn) { if(!conn) @@ -2751,9 +2790,12 @@ static void conn_free(struct connectdata *conn) Curl_safefree(conn->allocptr.rtsp_transport); Curl_safefree(conn->trailer); Curl_safefree(conn->host.rawalloc); /* host name buffer */ + Curl_safefree(conn->conn_to_host.rawalloc); /* host name buffer */ Curl_safefree(conn->proxy.rawalloc); /* proxy name buffer */ Curl_safefree(conn->master_buffer); + conn_reset_all_postponed_data(conn); + Curl_llist_destroy(conn->send_pipe, NULL); Curl_llist_destroy(conn->recv_pipe, NULL); @@ -2771,14 +2813,14 @@ static void conn_free(struct connectdata *conn) * primary connection, like when freeing room in the connection cache or * killing of a dead old connection. * - * This function MUST NOT reset state in the SessionHandle struct if that + * This function MUST NOT reset state in the Curl_easy struct if that * isn't strictly bound to the life-time of *this* particular connection. * */ CURLcode Curl_disconnect(struct connectdata *conn, bool dead_connection) { - struct SessionHandle *data; + struct Curl_easy *data; if(!conn) return CURLE_OK; /* this is closed and fine already */ data = conn->data; @@ -2788,6 +2830,17 @@ CURLcode Curl_disconnect(struct connectdata *conn, bool dead_connection) return CURLE_OK; } + /* + * If this connection isn't marked to force-close, leave it open if there + * are other users of it + */ + if(!conn->bits.close && + (conn->send_pipe->size + conn->recv_pipe->size)) { + DEBUGF(infof(data, "Curl_disconnect, usecounter: %d\n", + conn->send_pipe->size + conn->recv_pipe->size)); + return CURLE_OK; + } + if(conn->dns_entry != NULL) { Curl_resolv_unlock(data, conn->dns_entry); conn->dns_entry = NULL; @@ -2809,6 +2862,7 @@ CURLcode Curl_disconnect(struct connectdata *conn, bool dead_connection) Curl_conncache_remove_conn(data->state.conn_cache, conn); free_fixed_hostname(&conn->host); + free_fixed_hostname(&conn->conn_to_host); free_fixed_hostname(&conn->proxy); Curl_ssl_close(conn, FIRSTSOCKET); @@ -2846,7 +2900,7 @@ static bool SocketIsDead(curl_socket_t sock) * IsPipeliningPossible() returns TRUE if the options set would allow * pipelining/multiplexing and the connection is using a HTTP protocol. */ -static bool IsPipeliningPossible(const struct SessionHandle *handle, +static bool IsPipeliningPossible(const struct Curl_easy *handle, const struct connectdata *conn) { /* If a HTTP protocol and pipelining is enabled */ @@ -2867,7 +2921,7 @@ static bool IsPipeliningPossible(const struct SessionHandle *handle, return FALSE; } -int Curl_removeHandleFromPipeline(struct SessionHandle *handle, +int Curl_removeHandleFromPipeline(struct Curl_easy *handle, struct curl_llist *pipeline) { if(pipeline) { @@ -2893,18 +2947,18 @@ static void Curl_printPipeline(struct curl_llist *pipeline) curr = pipeline->head; while(curr) { - struct SessionHandle *data = (struct SessionHandle *) curr->ptr; + struct Curl_easy *data = (struct Curl_easy *) curr->ptr; infof(data, "Handle in pipeline: %s\n", data->state.path); curr = curr->next; } } #endif -static struct SessionHandle* gethandleathead(struct curl_llist *pipeline) +static struct Curl_easy* gethandleathead(struct curl_llist *pipeline) { struct curl_llist_element *curr = pipeline->head; if(curr) { - return (struct SessionHandle *) curr->ptr; + return (struct Curl_easy *) curr->ptr; } return NULL; @@ -2912,7 +2966,7 @@ static struct SessionHandle* gethandleathead(struct curl_llist *pipeline) /* remove the specified connection from all (possible) pipelines and related queues */ -void Curl_getoff_all_pipelines(struct SessionHandle *data, +void Curl_getoff_all_pipelines(struct Curl_easy *data, struct connectdata *conn) { bool recv_head = (conn->readchannel_inuse && @@ -2936,7 +2990,7 @@ static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke) curr = pipeline->head; while(curr) { struct curl_llist_element *next = curr->next; - struct SessionHandle *data = (struct SessionHandle *) curr->ptr; + struct Curl_easy *data = (struct Curl_easy *) curr->ptr; #ifdef DEBUGBUILD /* debug-only code */ if(data->magic != CURLEASY_MAGIC_NUMBER) { @@ -2960,8 +3014,8 @@ static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke) * Returns the pointer to the oldest idle connection, or NULL if none was * found. */ -static struct connectdata * -find_oldest_idle_connection(struct SessionHandle *data) +struct connectdata * +Curl_oldest_idle_connection(struct Curl_easy *data) { struct conncache *bc = data->state.conn_cache; struct curl_hash_iterator iter; @@ -3013,7 +3067,7 @@ find_oldest_idle_connection(struct SessionHandle *data) * found. */ static struct connectdata * -find_oldest_idle_connection_in_bundle(struct SessionHandle *data, +find_oldest_idle_connection_in_bundle(struct Curl_easy *data, struct connectbundle *bundle) { struct curl_llist_element *curr; @@ -3053,7 +3107,7 @@ find_oldest_idle_connection_in_bundle(struct SessionHandle *data, * Returns TRUE if the connection actually was dead and disconnected. */ static bool disconnect_if_dead(struct connectdata *conn, - struct SessionHandle *data) + struct Curl_easy *data) { size_t pipeLen = conn->send_pipe->size + conn->recv_pipe->size; if(!pipeLen && !conn->inuse) { @@ -3087,7 +3141,7 @@ static bool disconnect_if_dead(struct connectdata *conn, static int call_disconnect_if_dead(struct connectdata *conn, void *param) { - struct SessionHandle* data = (struct SessionHandle*)param; + struct Curl_easy* data = (struct Curl_easy*)param; disconnect_if_dead(conn, data); return 0; /* continue iteration */ } @@ -3097,7 +3151,7 @@ static int call_disconnect_if_dead(struct connectdata *conn, * closes and removes them. * The cleanup is done at most once per second. */ -static void prune_dead_connections(struct SessionHandle *data) +static void prune_dead_connections(struct Curl_easy *data) { struct timeval now = Curl_tvnow(); long elapsed = Curl_tvdiff(now, data->state.conn_cache->last_cleanup); @@ -3129,7 +3183,7 @@ static size_t max_pipeline_length(struct Curl_multi *multi) * the pipelining strategy wants to open a new connection instead of reusing. */ static bool -ConnectionExists(struct SessionHandle *data, +ConnectionExists(struct Curl_easy *data, struct connectdata *needle, struct connectdata **usethis, bool *force_reuse, @@ -3168,9 +3222,15 @@ ConnectionExists(struct SessionHandle *data, max_pipeline_length(data->multi):0; size_t best_pipe_len = max_pipe_len; struct curl_llist_element *curr; + const char *hostname; + + if(needle->bits.conn_to_host) + hostname = needle->conn_to_host.name; + else + hostname = needle->host.name; infof(data, "Found bundle for host %s: %p [%s]\n", - needle->host.name, (void *)bundle, + hostname, (void *)bundle, (bundle->multiuse== BUNDLE_PIPELINING? "can pipeline": (bundle->multiuse== BUNDLE_MULTIPLEX? @@ -3207,8 +3267,8 @@ ConnectionExists(struct SessionHandle *data, size_t pipeLen; /* - * Note that if we use a HTTP proxy, we check connections to that - * proxy and not to the actual remote server. + * Note that if we use a HTTP proxy in normal mode (no tunneling), we + * check connections to that proxy and not to the actual remote server. */ check = curr->ptr; curr = curr->next; @@ -3222,8 +3282,8 @@ ConnectionExists(struct SessionHandle *data, if(!check->bits.multiplex) { /* If not multiplexing, make sure the pipe has only GET requests */ - struct SessionHandle* sh = gethandleathead(check->send_pipe); - struct SessionHandle* rh = gethandleathead(check->recv_pipe); + struct Curl_easy* sh = gethandleathead(check->send_pipe); + struct Curl_easy* rh = gethandleathead(check->recv_pipe); if(sh) { if(!IsPipeliningPossible(sh, check)) continue; @@ -3289,6 +3349,25 @@ ConnectionExists(struct SessionHandle *data, /* don't do mixed proxy and non-proxy connections */ continue; + if(needle->bits.proxy && + (needle->proxytype != check->proxytype || + needle->bits.httpproxy != check->bits.httpproxy || + needle->bits.tunnel_proxy != check->bits.tunnel_proxy || + !Curl_raw_equal(needle->proxy.name, check->proxy.name) || + needle->port != check->port)) + /* don't mix connections that use different proxies */ + continue; + + if(needle->bits.conn_to_host != check->bits.conn_to_host) + /* don't mix connections that use the "connect to host" feature and + * connections that don't use this feature */ + continue; + + if(needle->bits.conn_to_port != check->bits.conn_to_port) + /* don't mix connections that use the "connect to port" feature and + * connections that don't use this feature */ + continue; + if(!canPipeline && check->inuse) /* this request can't be pipelined but the checked connection is already in use so we skip it */ @@ -3324,17 +3403,18 @@ ConnectionExists(struct SessionHandle *data, } } - if(!needle->bits.httpproxy || needle->handler->flags&PROTOPT_SSL || - (needle->bits.httpproxy && check->bits.httpproxy && - needle->bits.tunnel_proxy && check->bits.tunnel_proxy && - Curl_raw_equal(needle->proxy.name, check->proxy.name) && - (needle->port == check->port))) { + if(!needle->bits.httpproxy || (needle->handler->flags&PROTOPT_SSL) || + (needle->bits.httpproxy && needle->bits.tunnel_proxy)) { /* The requested connection does not use a HTTP proxy or it uses SSL or it is a non-SSL protocol tunneled over the same HTTP proxy name and port number */ if((Curl_raw_equal(needle->handler->scheme, check->handler->scheme) || (get_protocol_family(check->handler->protocol) == needle->handler->protocol && check->tls_upgraded)) && + (!needle->bits.conn_to_host || Curl_raw_equal( + needle->conn_to_host.name, check->conn_to_host.name)) && + (!needle->bits.conn_to_port || + needle->conn_to_port == check->conn_to_port) && Curl_raw_equal(needle->host.name, check->host.name) && needle->remote_port == check->remote_port) { /* The schemes match or the the protocol family is the same and the @@ -3363,16 +3443,10 @@ ConnectionExists(struct SessionHandle *data, match = TRUE; } } - else { /* The requested needle connection is using a proxy, - is the checked one using the same host, port and type? */ - if(check->bits.proxy && - (needle->proxytype == check->proxytype) && - (needle->bits.tunnel_proxy == check->bits.tunnel_proxy) && - Curl_raw_equal(needle->proxy.name, check->proxy.name) && - needle->port == check->port) { - /* This is the same proxy connection, use it! */ - match = TRUE; - } + else { + /* The requested connection is using the same HTTP proxy in normal + mode (no tunneling) */ + match = TRUE; } if(match) { @@ -3394,6 +3468,10 @@ ConnectionExists(struct SessionHandle *data, /* Same for Proxy NTLM authentication */ if(wantProxyNTLMhttp) { + /* Both check->proxyuser and check->proxypasswd can be NULL */ + if(!check->proxyuser || !check->proxypasswd) + continue; + if(!strequal(needle->proxyuser, check->proxyuser) || !strequal(needle->proxypasswd, check->proxypasswd)) continue; @@ -3493,38 +3571,6 @@ ConnectionExists(struct SessionHandle *data, return FALSE; /* no matching connecting exists */ } -/* Mark the connection as 'idle', or close it if the cache is full. - Returns TRUE if the connection is kept, or FALSE if it was closed. */ -static bool -ConnectionDone(struct SessionHandle *data, struct connectdata *conn) -{ - /* data->multi->maxconnects can be negative, deal with it. */ - size_t maxconnects = - (data->multi->maxconnects < 0) ? data->multi->num_easy * 4: - data->multi->maxconnects; - struct connectdata *conn_candidate = NULL; - - /* Mark the current connection as 'unused' */ - conn->inuse = FALSE; - - if(maxconnects > 0 && - data->state.conn_cache->num_connections > maxconnects) { - infof(data, "Connection cache is full, closing the oldest one.\n"); - - conn_candidate = find_oldest_idle_connection(data); - - if(conn_candidate) { - /* Set the connection's owner correctly */ - conn_candidate->data = data; - - /* the winner gets the honour of being disconnected */ - (void)Curl_disconnect(conn_candidate, /* dead_connection */ FALSE); - } - } - - return (conn_candidate == conn) ? FALSE : TRUE; -} - /* after a TCP connection to the proxy has been verified, this function does the next magic step. @@ -3544,16 +3590,27 @@ CURLcode Curl_connected_proxy(struct connectdata *conn, case CURLPROXY_SOCKS5: case CURLPROXY_SOCKS5_HOSTNAME: return Curl_SOCKS5(conn->proxyuser, conn->proxypasswd, - conn->host.name, conn->remote_port, + conn->bits.conn_to_host ? conn->conn_to_host.name : + conn->host.name, + conn->bits.conn_to_port ? conn->conn_to_port : + conn->remote_port, FIRSTSOCKET, conn); case CURLPROXY_SOCKS4: - return Curl_SOCKS4(conn->proxyuser, conn->host.name, - conn->remote_port, FIRSTSOCKET, conn, FALSE); + return Curl_SOCKS4(conn->proxyuser, + conn->bits.conn_to_host ? conn->conn_to_host.name : + conn->host.name, + conn->bits.conn_to_port ? conn->conn_to_port : + conn->remote_port, + FIRSTSOCKET, conn, FALSE); case CURLPROXY_SOCKS4A: - return Curl_SOCKS4(conn->proxyuser, conn->host.name, - conn->remote_port, FIRSTSOCKET, conn, TRUE); + return Curl_SOCKS4(conn->proxyuser, + conn->bits.conn_to_host ? conn->conn_to_host.name : + conn->host.name, + conn->bits.conn_to_port ? conn->conn_to_port : + conn->remote_port, + FIRSTSOCKET, conn, TRUE); #endif /* CURL_DISABLE_PROXY */ case CURLPROXY_HTTP: @@ -3711,7 +3768,7 @@ static bool is_ASCII_name(const char *hostname) /* * Check if characters in hostname is allowed in Top Level Domain. */ -static bool tld_check_name(struct SessionHandle *data, +static bool tld_check_name(struct Curl_easy *data, const char *ace_hostname) { size_t err_pos; @@ -3728,17 +3785,16 @@ static bool tld_check_name(struct SessionHandle *data, if(rc != IDNA_SUCCESS) return FALSE; + /* Warning: err_pos receives "the decoded character offset rather than the + byte position in the string." And as of libidn 1.32 that character offset + is for UTF-8, even if the passed in string is another locale. */ rc = tld_check_lz(uc_name, &err_pos, NULL); #ifndef CURL_DISABLE_VERBOSE_STRINGS #ifdef HAVE_TLD_STRERROR if(rc != TLD_SUCCESS) tld_errmsg = tld_strerror((Tld_rc)rc); #endif - if(rc == TLD_INVALID) - infof(data, "WARNING: %s; pos %u = `%c'/0x%02X\n", - tld_errmsg, err_pos, uc_name[err_pos], - uc_name[err_pos] & 255); - else if(rc != TLD_SUCCESS) + if(rc != TLD_SUCCESS) infof(data, "WARNING: TLD check for %s failed; %s\n", uc_name, tld_errmsg); #endif /* CURL_DISABLE_VERBOSE_STRINGS */ @@ -3754,7 +3810,7 @@ static bool tld_check_name(struct SessionHandle *data, /* * Perform any necessary IDN conversion of hostname */ -static void fix_hostname(struct SessionHandle *data, +static void fix_hostname(struct Curl_easy *data, struct connectdata *conn, struct hostname *host) { size_t len; @@ -3843,7 +3899,7 @@ static void llist_dtor(void *user, void *element) /* * Allocate and initialize a new connectdata object. */ -static struct connectdata *allocate_conn(struct SessionHandle *data) +static struct connectdata *allocate_conn(struct Curl_easy *data) { struct connectdata *conn = calloc(1, sizeof(struct connectdata)); if(!conn) @@ -3862,6 +3918,10 @@ static struct connectdata *allocate_conn(struct SessionHandle *data) conn->connection_id = -1; /* no ID */ conn->port = -1; /* unknown at this point */ conn->remote_port = -1; /* unknown */ +#if defined(USE_RECV_BEFORE_SEND_WORKAROUND) && defined(DEBUGBUILD) + conn->postponed[0].bindsock = CURL_SOCKET_BAD; /* no file descriptor */ + conn->postponed[1].bindsock = CURL_SOCKET_BAD; /* no file descriptor */ +#endif /* USE_RECV_BEFORE_SEND_WORKAROUND && DEBUGBUILD */ /* Default protocol-independent behavior doesn't support persistent connections, so we set this to force-close. Protocols that support @@ -3872,7 +3932,7 @@ static struct connectdata *allocate_conn(struct SessionHandle *data) conn->created = Curl_tvnow(); conn->data = data; /* Setup the association between this connection - and the SessionHandle */ + and the Curl_easy */ conn->proxytype = data->set.proxytype; /* type */ @@ -3888,17 +3948,18 @@ static struct connectdata *allocate_conn(struct SessionHandle *data) /* note that these two proxy bits are now just on what looks to be requested, they may be altered down the road */ conn->bits.proxy = (data->set.str[STRING_PROXY] && - *data->set.str[STRING_PROXY])?TRUE:FALSE; + *data->set.str[STRING_PROXY]) ? TRUE : FALSE; conn->bits.httpproxy = (conn->bits.proxy && (conn->proxytype == CURLPROXY_HTTP || - conn->proxytype == CURLPROXY_HTTP_1_0))?TRUE:FALSE; - conn->bits.proxy_user_passwd = - (NULL != data->set.str[STRING_PROXYUSERNAME])?TRUE:FALSE; + conn->proxytype == CURLPROXY_HTTP_1_0)) ? + TRUE : FALSE; + conn->bits.proxy_user_passwd = (data->set.str[STRING_PROXYUSERNAME]) ? + TRUE : FALSE; conn->bits.tunnel_proxy = data->set.tunnel_thru_httpproxy; #endif /* CURL_DISABLE_PROXY */ - conn->bits.user_passwd = (NULL != data->set.str[STRING_USERNAME])?TRUE:FALSE; + conn->bits.user_passwd = (data->set.str[STRING_USERNAME]) ? TRUE : FALSE; conn->bits.ftp_use_epsv = data->set.ftp_use_epsv; conn->bits.ftp_use_eprt = data->set.ftp_use_eprt; @@ -3943,7 +4004,7 @@ static struct connectdata *allocate_conn(struct SessionHandle *data) conn->localport = data->set.localport; /* the close socket stuff needs to be copied to the connection struct as - it may live on without (this specific) SessionHandle */ + it may live on without (this specific) Curl_easy */ conn->fclosesocket = data->set.fclosesocket; conn->closesocket_client = data->set.closesocket_client; @@ -3962,7 +4023,7 @@ static struct connectdata *allocate_conn(struct SessionHandle *data) return NULL; } -static CURLcode findprotocol(struct SessionHandle *data, +static CURLcode findprotocol(struct Curl_easy *data, struct connectdata *conn, const char *protostr) { @@ -4007,7 +4068,7 @@ static CURLcode findprotocol(struct SessionHandle *data, /* * Parse URL and fill in the relevant members of the connection struct. */ -static CURLcode parseurlandfillconn(struct SessionHandle *data, +static CURLcode parseurlandfillconn(struct Curl_easy *data, struct connectdata *conn, bool *prot_missing, char **userp, char **passwdp, @@ -4092,12 +4153,17 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data, } else { /* clear path */ + char slashbuf[4]; path[0]=0; - if(2 > sscanf(data->change.url, - "%15[^\n:]://%[^\n/?]%[^\n]", - protobuf, - conn->host.name, path)) { + rc = sscanf(data->change.url, + "%15[^\n:]:%3[/]%[^\n/?]%[^\n]", + protobuf, slashbuf, conn->host.name, path); + if(2 == rc) { + failf(data, "Bad URL"); + return CURLE_URL_MALFORMAT; + } + if(3 > rc) { /* * The URL was badly formatted, let's try the browser-style _without_ @@ -4148,8 +4214,23 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data, *prot_missing = TRUE; /* not given in URL */ } - else + else { + size_t s = strlen(slashbuf); protop = protobuf; + if(s != 2) { + infof(data, "Unwillingly accepted illegal URL using %d slash%s!\n", + s, s>1?"es":""); + + if(data->change.url_alloc) + free(data->change.url); + /* repair the URL to use two slashes */ + data->change.url = aprintf("%s://%s%s", + protobuf, conn->host.name, path); + if(!data->change.url) + return CURLE_OUT_OF_MEMORY; + data->change.url_alloc = TRUE; + } + } } /* We search for '?' in the host name (but only on the right side of a @@ -4355,7 +4436,7 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data, * If we're doing a resumed transfer, we need to setup our stuff * properly. */ -static CURLcode setup_range(struct SessionHandle *data) +static CURLcode setup_range(struct Curl_easy *data) { struct UrlState *s = &data->state; s->resume_from = data->set.set_resume_from; @@ -4368,7 +4449,7 @@ static CURLcode setup_range(struct SessionHandle *data) else s->range = strdup(data->set.str[STRING_SET_RANGE]); - s->rangestringalloc = (s->range)?TRUE:FALSE; + s->rangestringalloc = (s->range) ? TRUE : FALSE; if(!s->range) return CURLE_OUT_OF_MEMORY; @@ -4387,7 +4468,7 @@ static CURLcode setup_range(struct SessionHandle *data) * setup_connection_internals() - * * Setup connection internals specific to the requested protocol in the - * SessionHandle. This is inited and setup before the connection is made but + * Curl_easy. This is inited and setup before the connection is made but * is about the particular protocol that is to be used. * * This MUST get called after proxy magic has been figured out. @@ -4396,7 +4477,7 @@ static CURLcode setup_connection_internals(struct connectdata *conn) { const struct Curl_handler * p; CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; /* in some case in the multi state-machine, we go back to the CONNECT state and then a second (or third or...) call to this function will be made @@ -4427,20 +4508,15 @@ static CURLcode setup_connection_internals(struct connectdata *conn) was very likely already set to the proxy port */ conn->port = p->defport; - /* only if remote_port was not already parsed off the URL we use the - default port number */ - if(conn->remote_port < 0) - conn->remote_port = (unsigned short)conn->given->defport; - return CURLE_OK; } /* * Curl_free_request_state() should free temp data that was allocated in the - * SessionHandle for this single request. + * Curl_easy for this single request. */ -void Curl_free_request_state(struct SessionHandle *data) +void Curl_free_request_state(struct Curl_easy *data) { Curl_safefree(data->req.protop); Curl_safefree(data->req.newurl); @@ -4614,7 +4690,7 @@ static char *detect_proxy(struct connectdata *conn) * host name, so that we can re-use an existing connection * that may exist registered to the same proxy host. */ -static CURLcode parse_proxy(struct SessionHandle *data, +static CURLcode parse_proxy(struct Curl_easy *data, struct connectdata *conn, char *proxy) { char *prox_portno; @@ -4641,7 +4717,13 @@ static CURLcode parse_proxy(struct SessionHandle *data, conn->proxytype = CURLPROXY_SOCKS4A; else if(checkprefix("socks4", proxy) || checkprefix("socks", proxy)) conn->proxytype = CURLPROXY_SOCKS4; - /* Any other xxx:// : change to http proxy */ + else if(checkprefix("http:", proxy)) + ; /* leave it as HTTP or HTTP/1.0 */ + else { + /* Any other xxx:// reject! */ + failf(data, "Unsupported proxy scheme for \'%s\'", proxy); + return CURLE_COULDNT_CONNECT; + } } else proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */ @@ -4706,7 +4788,7 @@ static CURLcode parse_proxy(struct SessionHandle *data, if(strncmp("%25", ptr, 3)) infof(data, "Please URL encode %% as %%25, see RFC 6874.\n"); ptr++; - /* Allow unresered characters as defined in RFC 3986 */ + /* Allow unreserved characters as defined in RFC 3986 */ while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') || (*ptr == '.') || (*ptr == '_') || (*ptr == '~'))) ptr++; @@ -4733,7 +4815,7 @@ static CURLcode parse_proxy(struct SessionHandle *data, /* now set the local port number */ port = strtol(prox_portno, &endp, 10); if((endp && *endp && (*endp != '/') && (*endp != ' ')) || - (port >= 65536) ) { + (port < 0) || (port > 65535)) { /* meant to detect for example invalid IPv6 numerical addresses without brackets: "2a00:fac0:a000::7:13". Accept a trailing slash only because we then allow "URL style" with the number followed by a @@ -4756,7 +4838,7 @@ static CURLcode parse_proxy(struct SessionHandle *data, a slash so we strip everything from the first slash */ atsign = strchr(proxyptr, '/'); if(atsign) - *atsign = 0x0; /* cut off path part from host name */ + *atsign = '\0'; /* cut off path part from host name */ if(data->set.proxyport) /* None given in the proxy string, then get the default one if it is @@ -4777,7 +4859,7 @@ static CURLcode parse_proxy(struct SessionHandle *data, /* * Extract the user and password from the authentication string */ -static CURLcode parse_proxy_auth(struct SessionHandle *data, +static CURLcode parse_proxy_auth(struct Curl_easy *data, struct connectdata *conn) { char proxyuser[MAX_CURL_USER_LENGTH]=""; @@ -4822,7 +4904,7 @@ static CURLcode parse_proxy_auth(struct SessionHandle *data, * options - non-zero length if defined * conn->host.name - remove user name and password */ -static CURLcode parse_url_login(struct SessionHandle *data, +static CURLcode parse_url_login(struct Curl_easy *data, struct connectdata *conn, char **user, char **passwd, char **options) { @@ -5061,7 +5143,7 @@ static CURLcode parse_login_details(const char *login, const size_t len, * * The port number embedded in the URL is replaced, if necessary. *************************************************************/ -static CURLcode parse_remote_port(struct SessionHandle *data, +static CURLcode parse_remote_port(struct Curl_easy *data, struct connectdata *conn) { char *portptr; @@ -5160,6 +5242,12 @@ static CURLcode parse_remote_port(struct SessionHandle *data, use the default port. Firefox and Chrome both do that. */ *portptr = '\0'; } + + /* only if remote_port was not already parsed off the URL we use the + default port number */ + if(conn->remote_port < 0) + conn->remote_port = (unsigned short)conn->given->defport; + return CURLE_OK; } @@ -5167,7 +5255,7 @@ static CURLcode parse_remote_port(struct SessionHandle *data, * Override the login details from the URL with that in the CURLOPT_USERPWD * option or a .netrc file, if applicable. */ -static CURLcode override_login(struct SessionHandle *data, +static CURLcode override_login(struct Curl_easy *data, struct connectdata *conn, char **userp, char **passwdp, char **optionsp) { @@ -5202,7 +5290,7 @@ static CURLcode override_login(struct SessionHandle *data, DOT_CHAR "netrc file; using defaults\n", conn->host.name); } - else if(ret < 0 ) { + else if(ret < 0) { return CURLE_OUT_OF_MEMORY; } else { @@ -5265,10 +5353,218 @@ static CURLcode set_login(struct connectdata *conn, return result; } +/* + * Parses a "host:port" string to connect to. + * The hostname and the port may be empty; in this case, NULL is returned for + * the hostname and -1 for the port. + */ +static CURLcode parse_connect_to_host_port(struct Curl_easy *data, + const char *host, + char **hostname_result, + int *port_result) +{ + char *host_dup; + char *hostptr; + char *host_portno; + char *portptr; + int port = -1; + + *hostname_result = NULL; + *port_result = -1; + + if(!host || !*host) + return CURLE_OK; + + host_dup = strdup(host); + if(!host_dup) + return CURLE_OUT_OF_MEMORY; + + hostptr = host_dup; + + /* start scanning for port number at this point */ + portptr = hostptr; + + /* detect and extract RFC6874-style IPv6-addresses */ + if(*hostptr == '[') { + char *ptr = ++hostptr; /* advance beyond the initial bracket */ + while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.'))) + ptr++; + if(*ptr == '%') { + /* There might be a zone identifier */ + if(strncmp("%25", ptr, 3)) + infof(data, "Please URL encode %% as %%25, see RFC 6874.\n"); + ptr++; + /* Allow unreserved characters as defined in RFC 3986 */ + while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') || + (*ptr == '.') || (*ptr == '_') || (*ptr == '~'))) + ptr++; + } + if(*ptr == ']') + /* yeps, it ended nicely with a bracket as well */ + *ptr++ = '\0'; + else + infof(data, "Invalid IPv6 address format\n"); + portptr = ptr; + /* Note that if this didn't end with a bracket, we still advanced the + * hostptr first, but I can't see anything wrong with that as no host + * name nor a numeric can legally start with a bracket. + */ + } + + /* Get port number off server.com:1080 */ + host_portno = strchr(portptr, ':'); + if(host_portno) { + char *endp = NULL; + *host_portno = '\0'; /* cut off number from host name */ + host_portno++; + if(*host_portno) { + long portparse = strtol(host_portno, &endp, 10); + if((endp && *endp) || (portparse < 0) || (portparse > 65535)) { + infof(data, "No valid port number in connect to host string (%s)\n", + host_portno); + hostptr = NULL; + port = -1; + } + else + port = (int)portparse; /* we know it will fit */ + } + } + + /* now, clone the cleaned host name */ + if(hostptr) { + *hostname_result = strdup(hostptr); + if(!*hostname_result) { + free(host_dup); + return CURLE_OUT_OF_MEMORY; + } + } + + *port_result = port; + + free(host_dup); + return CURLE_OK; +} + +/* + * Parses one "connect to" string in the form: + * "HOST:PORT:CONNECT-TO-HOST:CONNECT-TO-PORT". + */ +static CURLcode parse_connect_to_string(struct Curl_easy *data, + struct connectdata *conn, + const char *conn_to_host, + char **host_result, + int *port_result) +{ + CURLcode result = CURLE_OK; + const char *ptr = conn_to_host; + int host_match = FALSE; + int port_match = FALSE; + + if(*ptr == ':') { + /* an empty hostname always matches */ + host_match = TRUE; + ptr++; + } + else { + /* check whether the URL's hostname matches */ + size_t hostname_to_match_len; + char *hostname_to_match = aprintf("%s%s%s", + conn->bits.ipv6_ip ? "[" : "", + conn->host.name, + conn->bits.ipv6_ip ? "]" : ""); + if(!hostname_to_match) + return CURLE_OUT_OF_MEMORY; + hostname_to_match_len = strlen(hostname_to_match); + host_match = curl_strnequal(ptr, hostname_to_match, hostname_to_match_len); + free(hostname_to_match); + ptr += hostname_to_match_len; + + host_match = host_match && *ptr == ':'; + ptr++; + } + + if(host_match) { + if(*ptr == ':') { + /* an empty port always matches */ + port_match = TRUE; + ptr++; + } + else { + /* check whether the URL's port matches */ + char *ptr_next = strchr(ptr, ':'); + if(ptr_next) { + char *endp = NULL; + long port_to_match = strtol(ptr, &endp, 10); + if((endp == ptr_next) && (port_to_match == conn->remote_port)) { + port_match = TRUE; + ptr = ptr_next + 1; + } + } + } + } + + if(host_match && port_match) { + /* parse the hostname and port to connect to */ + result = parse_connect_to_host_port(data, ptr, host_result, port_result); + } + + return result; +} + +/* + * Processes all strings in the "connect to" slist, and uses the "connect + * to host" and "connect to port" of the first string that matches. + */ +static CURLcode parse_connect_to_slist(struct Curl_easy *data, + struct connectdata *conn, + struct curl_slist *conn_to_host) +{ + CURLcode result = CURLE_OK; + char *host = NULL; + int port = 0; + + while(conn_to_host && !host) { + result = parse_connect_to_string(data, conn, conn_to_host->data, + &host, &port); + if(result) + return result; + + if(host && *host) { + bool ipv6host; + conn->conn_to_host.rawalloc = host; + conn->conn_to_host.name = host; + conn->bits.conn_to_host = TRUE; + + ipv6host = strchr(host, ':') != NULL; + infof(data, "Connecting to hostname: %s%s%s\n", + ipv6host ? "[" : "", host, ipv6host ? "]" : ""); + } + else { + /* no "connect to host" */ + conn->bits.conn_to_host = FALSE; + free(host); + } + + if(port >= 0) { + conn->conn_to_port = port; + conn->bits.conn_to_port = TRUE; + infof(data, "Connecting to port: %d\n", port); + } + else { + /* no "connect to port" */ + conn->bits.conn_to_port = FALSE; + } + + conn_to_host = conn_to_host->next; + } + + return result; +} + /************************************************************* * Resolve the address of the server or proxy *************************************************************/ -static CURLcode resolve_server(struct SessionHandle *data, +static CURLcode resolve_server(struct Curl_easy *data, struct connectdata *conn, bool *async) { @@ -5316,12 +5612,21 @@ static CURLcode resolve_server(struct SessionHandle *data, else #endif if(!conn->proxy.name || !*conn->proxy.name) { + struct hostname *connhost; + if(conn->bits.conn_to_host) + connhost = &conn->conn_to_host; + else + connhost = &conn->host; + /* If not connecting via a proxy, extract the port from the URL, if it is * there, thus overriding any defaults that might have been set above. */ - conn->port = conn->remote_port; /* it is the same port */ + if(conn->bits.conn_to_port) + conn->port = conn->conn_to_port; + else + conn->port = conn->remote_port; /* it is the same port */ /* Resolve target host right on */ - rc = Curl_resolv_timeout(conn, conn->host.name, (int)conn->port, + rc = Curl_resolv_timeout(conn, connhost->name, (int)conn->port, &hostaddr, timeout_ms); if(rc == CURLRESOLV_PENDING) *async = TRUE; @@ -5330,7 +5635,7 @@ static CURLcode resolve_server(struct SessionHandle *data, result = CURLE_OPERATION_TIMEDOUT; else if(!hostaddr) { - failf(data, "Couldn't resolve host '%s'", conn->host.dispname); + failf(data, "Couldn't resolve host '%s'", connhost->dispname); result = CURLE_COULDNT_RESOLVE_HOST; /* don't return yet, we need to clean up the timeout first */ } @@ -5405,12 +5710,21 @@ static void reuse_conn(struct connectdata *old_conn, /* host can change, when doing keepalive with a proxy or if the case is different this time etc */ free_fixed_hostname(&conn->host); + free_fixed_hostname(&conn->conn_to_host); Curl_safefree(conn->host.rawalloc); + Curl_safefree(conn->conn_to_host.rawalloc); conn->host=old_conn->host; + conn->bits.conn_to_host = old_conn->bits.conn_to_host; + conn->conn_to_host = old_conn->conn_to_host; + conn->bits.conn_to_port = old_conn->bits.conn_to_port; + conn->conn_to_port = old_conn->conn_to_port; /* persist connection info in session handle */ Curl_persistconninfo(conn); + conn_reset_all_postponed_data(old_conn); /* free buffers */ + conn_reset_all_postponed_data(conn); /* reset unprocessed data */ + /* re-use init */ conn->bits.reuse = TRUE; /* yes, we're re-using here */ @@ -5445,7 +5759,7 @@ static void reuse_conn(struct connectdata *old_conn, * *NOTE* this function assigns the conn->data pointer! */ -static CURLcode create_conn(struct SessionHandle *data, +static CURLcode create_conn(struct Curl_easy *data, struct connectdata **in_connect, bool *async) { @@ -5714,13 +6028,48 @@ static CURLcode create_conn(struct SessionHandle *data, if(result) goto out; + /************************************************************* + * Process the "connect to" linked list of hostname/port mappings. + * Do this after the remote port number has been fixed in the URL. + *************************************************************/ + result = parse_connect_to_slist(data, conn, data->set.connect_to); + if(result) + goto out; + /************************************************************* * IDN-fix the hostnames *************************************************************/ fix_hostname(data, conn, &conn->host); + if(conn->bits.conn_to_host) + fix_hostname(data, conn, &conn->conn_to_host); if(conn->proxy.name && *conn->proxy.name) fix_hostname(data, conn, &conn->proxy); + /************************************************************* + * Check whether the host and the "connect to host" are equal. + * Do this after the hostnames have been IDN-fixed . + *************************************************************/ + if(conn->bits.conn_to_host && + Curl_raw_equal(conn->conn_to_host.name, conn->host.name)) { + conn->bits.conn_to_host = FALSE; + } + + /************************************************************* + * Check whether the port and the "connect to port" are equal. + * Do this after the remote port number has been fixed in the URL. + *************************************************************/ + if(conn->bits.conn_to_port && conn->conn_to_port == conn->remote_port) { + conn->bits.conn_to_port = FALSE; + } + + /************************************************************* + * If the "connect to" feature is used with an HTTP proxy, + * we set the tunnel_proxy bit. + *************************************************************/ + if((conn->bits.conn_to_host || conn->bits.conn_to_port) && + conn->bits.httpproxy) + conn->bits.tunnel_proxy = TRUE; + /************************************************************* * Setup internals depending on protocol. Needs to be done after * we figured out what/if proxy to use. @@ -5734,6 +6083,8 @@ static CURLcode create_conn(struct SessionHandle *data, conn->recv[SECONDARYSOCKET] = Curl_recv_plain; conn->send[SECONDARYSOCKET] = Curl_send_plain; + conn->bits.tcp_fastopen = data->set.tcp_fastopen; + /*********************************************************************** * file: is a special case in that it doesn't need a network connection ***********************************************************************/ @@ -5780,7 +6131,7 @@ static CURLcode create_conn(struct SessionHandle *data, strings in the session handle strings array! Keep in mind that the pointers in the master copy are pointing to strings - that will be freed as part of the SessionHandle struct, but all cloned + that will be freed as part of the Curl_easy struct, but all cloned copies will be separately allocated. */ data->set.ssl.CApath = data->set.str[STRING_SSL_CAPATH]; @@ -5790,6 +6141,7 @@ static CURLcode create_conn(struct SessionHandle *data, data->set.ssl.random_file = data->set.str[STRING_SSL_RANDOM_FILE]; data->set.ssl.egdsocket = data->set.str[STRING_SSL_EGDSOCKET]; data->set.ssl.cipher_list = data->set.str[STRING_SSL_CIPHER_LIST]; + data->set.ssl.clientcert = data->set.str[STRING_CERT]; #ifdef USE_TLS_SRP data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME]; data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD]; @@ -5860,6 +6212,15 @@ static CURLcode create_conn(struct SessionHandle *data, connections we are allowed to open. */ struct connectbundle *bundle = NULL; + if(conn->handler->flags & PROTOPT_ALPN_NPN) { + /* The protocol wants it, so set the bits if enabled in the easy handle + (default) */ + if(data->set.ssl_enable_alpn) + conn->bits.tls_enable_alpn = TRUE; + if(data->set.ssl_enable_npn) + conn->bits.tls_enable_npn = TRUE; + } + if(waitpipe) /* There is a connection that *might* become usable for pipelining "soon", and we wait for that */ @@ -5892,7 +6253,7 @@ static CURLcode create_conn(struct SessionHandle *data, struct connectdata *conn_candidate; /* The cache is full. Let's see if we can kill a connection. */ - conn_candidate = find_oldest_idle_connection(data); + conn_candidate = Curl_oldest_idle_connection(data); if(conn_candidate) { /* Set the connection's owner correctly, then kill it */ @@ -5990,7 +6351,7 @@ CURLcode Curl_setup_conn(struct connectdata *conn, bool *protocol_done) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; Curl_pgrsTime(data, TIMER_NAMELOOKUP); @@ -6064,7 +6425,7 @@ CURLcode Curl_setup_conn(struct connectdata *conn, return result; } -CURLcode Curl_connect(struct SessionHandle *data, +CURLcode Curl_connect(struct Curl_easy *data, struct connectdata **in_connect, bool *asyncp, bool *protocol_done) @@ -6104,146 +6465,17 @@ CURLcode Curl_connect(struct SessionHandle *data, return result; } -CURLcode Curl_done(struct connectdata **connp, - CURLcode status, /* an error if this is called after an - error was detected */ - bool premature) -{ - CURLcode result; - struct connectdata *conn; - struct SessionHandle *data; - - DEBUGASSERT(*connp); - - conn = *connp; - data = conn->data; - - DEBUGF(infof(data, "Curl_done\n")); - - if(data->state.done) - /* Stop if Curl_done() has already been called */ - return CURLE_OK; - - Curl_getoff_all_pipelines(data, conn); - - /* Cleanup possible redirect junk */ - free(data->req.newurl); - data->req.newurl = NULL; - free(data->req.location); - data->req.location = NULL; - - switch(status) { - case CURLE_ABORTED_BY_CALLBACK: - case CURLE_READ_ERROR: - case CURLE_WRITE_ERROR: - /* When we're aborted due to a callback return code it basically have to - be counted as premature as there is trouble ahead if we don't. We have - many callbacks and protocols work differently, we could potentially do - this more fine-grained in the future. */ - premature = TRUE; - default: - break; - } - - /* this calls the protocol-specific function pointer previously set */ - if(conn->handler->done) - result = conn->handler->done(conn, status, premature); - else - result = status; - - if(CURLE_ABORTED_BY_CALLBACK != result) { - /* avoid this if we already aborted by callback to avoid this calling - another callback */ - CURLcode rc = Curl_pgrsDone(conn); - if(!result && rc) - result = CURLE_ABORTED_BY_CALLBACK; - } - - if((!premature && - conn->send_pipe->size + conn->recv_pipe->size != 0 && - !data->set.reuse_forbid && - !conn->bits.close)) { - /* Stop if pipeline is not empty and we do not have to close - connection. */ - DEBUGF(infof(data, "Connection still in use, no more Curl_done now!\n")); - return CURLE_OK; - } - - data->state.done = TRUE; /* called just now! */ - Curl_resolver_cancel(conn); - - if(conn->dns_entry) { - Curl_resolv_unlock(data, conn->dns_entry); /* done with this */ - conn->dns_entry = NULL; - } - - /* if the transfer was completed in a paused state there can be buffered - data left to write and then kill */ - free(data->state.tempwrite); - data->state.tempwrite = NULL; - - /* if data->set.reuse_forbid is TRUE, it means the libcurl client has - forced us to close this connection. This is ignored for requests taking - place in a NTLM authentication handshake - - if conn->bits.close is TRUE, it means that the connection should be - closed in spite of all our efforts to be nice, due to protocol - restrictions in our or the server's end - - if premature is TRUE, it means this connection was said to be DONE before - the entire request operation is complete and thus we can't know in what - state it is for re-using, so we're forced to close it. In a perfect world - we can add code that keep track of if we really must close it here or not, - but currently we have no such detail knowledge. - */ - - if((data->set.reuse_forbid -#if defined(USE_NTLM) - && !(conn->ntlm.state == NTLMSTATE_TYPE2 || - conn->proxyntlm.state == NTLMSTATE_TYPE2) -#endif - ) || conn->bits.close || premature) { - CURLcode res2 = Curl_disconnect(conn, premature); /* close connection */ - - /* If we had an error already, make sure we return that one. But - if we got a new error, return that. */ - if(!result && res2) - result = res2; - } - else { - /* the connection is no longer in use */ - if(ConnectionDone(data, conn)) { - /* remember the most recently used connection */ - data->state.lastconnect = conn; - - infof(data, "Connection #%ld to host %s left intact\n", - conn->connection_id, - conn->bits.httpproxy?conn->proxy.dispname:conn->host.dispname); - } - else - data->state.lastconnect = NULL; - } - - *connp = NULL; /* to make the caller of this function better detect that - this was either closed or handed over to the connection - cache here, and therefore cannot be used from this point on - */ - Curl_free_request_state(data); - - return result; -} - /* * Curl_init_do() inits the readwrite session. This is inited each time (in * the DO function before the protocol-specific DO functions are invoked) for - * a transfer, sometimes multiple times on the same SessionHandle. Make sure + * a transfer, sometimes multiple times on the same Curl_easy. Make sure * nothing in here depends on stuff that are setup dynamically for the * transfer. * * Allow this function to get called with 'conn' set to NULL. */ -CURLcode Curl_init_do(struct SessionHandle *data, struct connectdata *conn) +CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn) { struct SingleRequest *k = &data->req; @@ -6251,7 +6483,7 @@ CURLcode Curl_init_do(struct SessionHandle *data, struct connectdata *conn) conn->bits.do_more = FALSE; /* by default there's no curl_do_more() to * use */ - data->state.done = FALSE; /* Curl_done() is not called yet */ + data->state.done = FALSE; /* *_done() is not called yet */ data->state.expect100header = FALSE; if(data->set.opt_no_body) @@ -6284,85 +6516,6 @@ CURLcode Curl_init_do(struct SessionHandle *data, struct connectdata *conn) return CURLE_OK; } -/* - * do_complete is called when the DO actions are complete. - * - * We init chunking and trailer bits to their default values here immediately - * before receiving any header data for the current request in the pipeline. - */ -static void do_complete(struct connectdata *conn) -{ - conn->data->req.chunk=FALSE; - conn->data->req.maxfd = (conn->sockfd>conn->writesockfd? - conn->sockfd:conn->writesockfd)+1; - Curl_pgrsTime(conn->data, TIMER_PRETRANSFER); -} - -CURLcode Curl_do(struct connectdata **connp, bool *done) -{ - CURLcode result=CURLE_OK; - struct connectdata *conn = *connp; - struct SessionHandle *data = conn->data; - - if(conn->handler->do_it) { - /* generic protocol-specific function pointer set in curl_connect() */ - result = conn->handler->do_it(conn, done); - - /* This was formerly done in transfer.c, but we better do it here */ - if((CURLE_SEND_ERROR == result) && conn->bits.reuse) { - /* - * If the connection is using an easy handle, call reconnect - * to re-establish the connection. Otherwise, let the multi logic - * figure out how to re-establish the connection. - */ - if(!data->multi) { - result = Curl_reconnect_request(connp); - - if(!result) { - /* ... finally back to actually retry the DO phase */ - conn = *connp; /* re-assign conn since Curl_reconnect_request - creates a new connection */ - result = conn->handler->do_it(conn, done); - } - } - else - return result; - } - - if(!result && *done) - /* do_complete must be called after the protocol-specific DO function */ - do_complete(conn); - } - return result; -} - -/* - * Curl_do_more() is called during the DO_MORE multi state. It is basically a - * second stage DO state which (wrongly) was introduced to support FTP's - * second connection. - * - * TODO: A future libcurl should be able to work away this state. - * - * 'complete' can return 0 for incomplete, 1 for done and -1 for go back to - * DOING state there's more work to do! - */ - -CURLcode Curl_do_more(struct connectdata *conn, int *complete) -{ - CURLcode result=CURLE_OK; - - *complete = 0; - - if(conn->handler->do_more) - result = conn->handler->do_more(conn, complete); - - if(!result && (*complete == 1)) - /* do_complete must be called after the protocol-specific DO function */ - do_complete(conn); - - return result; -} - /* * get_protocol_family() * @@ -6387,7 +6540,7 @@ unsigned int get_protocol_family(unsigned int protocol) case CURLPROTO_FTP: case CURLPROTO_FTPS: - family = CURLPROTO_IMAP; + family = CURLPROTO_FTP; break; case CURLPROTO_SCP: @@ -6404,7 +6557,7 @@ unsigned int get_protocol_family(unsigned int protocol) case CURLPROTO_LDAP: case CURLPROTO_LDAPS: - family = CURLPROTO_IMAP; + family = CURLPROTO_LDAP; break; case CURLPROTO_DICT: diff --git a/lib/url.h b/lib/url.h index bb85e9bb3..90d9db3c3 100644 --- a/lib/url.h +++ b/lib/url.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -27,26 +27,23 @@ * Prototypes for library-wide functions provided by url.c */ -CURLcode Curl_init_do(struct SessionHandle *data, struct connectdata *conn); -CURLcode Curl_open(struct SessionHandle **curl); +CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn); +CURLcode Curl_open(struct Curl_easy **curl); CURLcode Curl_init_userdefined(struct UserDefined *set); -CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, +CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option, va_list arg); -CURLcode Curl_dupset(struct SessionHandle * dst, struct SessionHandle * src); -void Curl_freeset(struct SessionHandle * data); -CURLcode Curl_close(struct SessionHandle *data); /* opposite of curl_open() */ -CURLcode Curl_connect(struct SessionHandle *, struct connectdata **, +CURLcode Curl_dupset(struct Curl_easy * dst, struct Curl_easy * src); +void Curl_freeset(struct Curl_easy * data); +CURLcode Curl_close(struct Curl_easy *data); /* opposite of curl_open() */ +CURLcode Curl_connect(struct Curl_easy *, struct connectdata **, bool *async, bool *protocol_connect); -CURLcode Curl_do(struct connectdata **, bool *done); -CURLcode Curl_do_more(struct connectdata *, int *completed); -CURLcode Curl_done(struct connectdata **, CURLcode, bool premature); CURLcode Curl_disconnect(struct connectdata *, bool dead_connection); CURLcode Curl_protocol_connect(struct connectdata *conn, bool *done); CURLcode Curl_protocol_connecting(struct connectdata *conn, bool *done); CURLcode Curl_protocol_doing(struct connectdata *conn, bool *done); CURLcode Curl_setup_conn(struct connectdata *conn, bool *protocol_done); -void Curl_free_request_state(struct SessionHandle *data); +void Curl_free_request_state(struct Curl_easy *data); int Curl_protocol_getsock(struct connectdata *conn, curl_socket_t *socks, @@ -55,24 +52,21 @@ int Curl_doing_getsock(struct connectdata *conn, curl_socket_t *socks, int numsocks); -bool Curl_isPipeliningEnabled(const struct SessionHandle *handle); -CURLcode Curl_addHandleToPipeline(struct SessionHandle *handle, +bool Curl_isPipeliningEnabled(const struct Curl_easy *handle); +CURLcode Curl_addHandleToPipeline(struct Curl_easy *handle, struct curl_llist *pipeline); -int Curl_removeHandleFromPipeline(struct SessionHandle *handle, +int Curl_removeHandleFromPipeline(struct Curl_easy *handle, struct curl_llist *pipeline); +struct connectdata * +Curl_oldest_idle_connection(struct Curl_easy *data); /* remove the specified connection from all (possible) pipelines and related queues */ -void Curl_getoff_all_pipelines(struct SessionHandle *data, +void Curl_getoff_all_pipelines(struct Curl_easy *data, struct connectdata *conn); -void Curl_close_connections(struct SessionHandle *data); +void Curl_close_connections(struct Curl_easy *data); #define CURL_DEFAULT_PROXY_PORT 1080 /* default proxy port unless specified */ -#define CURL_DEFAULT_SOCKS5_GSSAPI_SERVICE "rcmd" /* default socks5 gssapi - service */ -#define CURL_DEFAULT_PROXY_SERVICE_NAME "HTTP" /* default negotiate proxy - service */ -#define CURL_DEFAULT_SERVICE_NAME "HTTP" /* default negotiate service */ CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex); diff --git a/lib/urldata.h b/lib/urldata.h index f832ea886..3ac050b53 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -208,14 +208,13 @@ #define CURLEASY_MAGIC_NUMBER 0xc0dedbadU #define GOOD_EASY_HANDLE(x) \ - ((x) && (((struct SessionHandle *)(x))->magic == CURLEASY_MAGIC_NUMBER)) + ((x) && ((x)->magic == CURLEASY_MAGIC_NUMBER)) /* Some convenience macros to get the larger/smaller value out of two given. We prefix with CURL to prevent name collisions. */ #define CURLMAX(x,y) ((x)>(y)?(x):(y)) #define CURLMIN(x,y) ((x)<(y)?(x):(y)) - #ifdef HAVE_GSSAPI /* Types needed for krb5-ftp connections */ struct krb5buffer { @@ -242,7 +241,6 @@ struct curl_schannel_cred { CredHandle cred_handle; TimeStamp time_stamp; int refcount; - bool cached; }; struct curl_schannel_ctxt { @@ -290,7 +288,6 @@ struct ssl_connect_data { mbedtls_ctr_drbg_context ctr_drbg; mbedtls_entropy_context entropy; mbedtls_ssl_context ssl; - mbedtls_ssl_session ssn; int server_fd; mbedtls_x509_crt cacert; mbedtls_x509_crt clicert; @@ -302,7 +299,6 @@ struct ssl_connect_data { ctr_drbg_context ctr_drbg; entropy_context entropy; ssl_context ssl; - ssl_session ssn; int server_fd; x509_crt cacert; x509_crt clicert; @@ -314,7 +310,7 @@ struct ssl_connect_data { #elif defined(USE_NSS) PRFileDesc *handle; char *client_nickname; - struct SessionHandle *data; + struct Curl_easy *data; struct curl_llist *obj_list; PK11GenericObject *obj_clicert; #elif defined(USE_GSKIT) @@ -334,6 +330,7 @@ struct ssl_connect_data { CURLcode recv_unrecoverable_err; /* schannel_recv had an unrecoverable err */ bool recv_sspi_close_notify; /* true if connection closed by close_notify */ bool recv_connection_closed; /* true if connection closed, regardless how */ + bool use_alpn; /* true if ALPN is used for this connection */ #elif defined(USE_DARWINSSL) SSLContextRef ssl_ctx; curl_socket_t ssl_sockfd; @@ -355,6 +352,7 @@ struct ssl_config_data { char *CAfile; /* certificate to verify peer against */ const char *CRLfile; /* CRL to check certificate revocation */ const char *issuercert;/* optional issuer certificate filename */ + char *clientcert; char *random_file; /* path to file containing "random" data */ char *egdsocket; /* path to file containing the EGD daemon socket */ char *cipher_list; /* list of ciphers to use */ @@ -375,10 +373,12 @@ struct ssl_config_data { /* information stored about one single SSL session */ struct curl_ssl_session { char *name; /* host name for which this ID was used */ + char *conn_to_host; /* host name for the connection (may be NULL) */ void *sessionid; /* as returned from the SSL layer */ size_t idsize; /* if known, otherwise 0 */ long age; /* just a number, the higher the more recent */ - int remote_port; /* remote port to connect to */ + int remote_port; /* remote port */ + int conn_to_port; /* remote port for the connection (may be -1) */ struct ssl_config_data ssl_config; /* setup for this session */ }; @@ -464,7 +464,7 @@ struct negotiatedata { #ifdef HAVE_GSSAPI OM_uint32 status; gss_ctx_id_t context; - gss_name_t server_name; + gss_name_t spn; gss_buffer_desc output_token; #else #ifdef USE_WINDOWS_SSPI @@ -473,7 +473,7 @@ struct negotiatedata { CtxtHandle *context; SEC_WINNT_AUTH_IDENTITY identity; SEC_WINNT_AUTH_IDENTITY *p_identity; - TCHAR *server_name; + TCHAR *spn; size_t token_max; BYTE *output_token; size_t output_token_length; @@ -490,6 +490,10 @@ struct ConnectBits { /* always modify bits.close with the connclose() and connkeep() macros! */ bool close; /* if set, we close the connection after this request */ bool reuse; /* if set, this is a re-used connection */ + bool conn_to_host; /* if set, this connection has a "connect to host" + that overrides the host in the URL */ + bool conn_to_port; /* if set, this connection has a "connect to port" + that overrides the port in the URL (remote port) */ bool proxy; /* if set, this transfer is done through a proxy - any type */ bool httpproxy; /* if set, this transfer is done through a http proxy */ bool user_passwd; /* do we use user+password for this connection? */ @@ -538,6 +542,10 @@ struct ConnectBits { connection */ bool type_set; /* type= was used in the URL */ bool multiplex; /* connection is multiplexed */ + + bool tcp_fastopen; /* use TCP Fast Open */ + bool tls_enable_npn; /* TLS NPN extension? */ + bool tls_enable_alpn; /* TLS ALPN extension? */ }; struct hostname { @@ -611,9 +619,9 @@ enum upgrade101 { }; /* - * Request specific data in the easy handle (SessionHandle). Previously, + * Request specific data in the easy handle (Curl_easy). Previously, * these members were on the connectdata struct but since a conn struct may - * now be shared between different SessionHandles, we store connection-specific + * now be shared between different Curl_easys, we store connection-specific * data here. This struct only keeps stuff that's interesting for *this* * request, as it will be cleared between multiple ones */ @@ -784,7 +792,7 @@ struct Curl_handler { /* If used, this function gets called from transfer.c:readwrite_data() to allow the protocol to do extra reads/writes */ - CURLcode (*readwrite)(struct SessionHandle *data, struct connectdata *conn, + CURLcode (*readwrite)(struct Curl_easy *data, struct connectdata *conn, ssize_t *nread, bool *readmore); long defport; /* Default port. */ @@ -809,7 +817,8 @@ struct Curl_handler { url query strings (?foo=bar) ! */ #define PROTOPT_CREDSPERREQUEST (1<<7) /* requires login credentials per request instead of per connection */ - +#define PROTOPT_ALPN_NPN (1<<8) /* set ALPN and/or NPN for this */ +#define PROTOPT_STREAM (1<<9) /* a protocol with individual logical streams */ /* return the count of bytes sent, or -1 on error */ typedef ssize_t (Curl_send)(struct connectdata *conn, /* connection data */ @@ -825,15 +834,29 @@ typedef ssize_t (Curl_recv)(struct connectdata *conn, /* connection data */ size_t len, /* max amount to read */ CURLcode *err); /* error to return */ +#ifdef USE_RECV_BEFORE_SEND_WORKAROUND +struct postponed_data { + char *buffer; /* Temporal store for received data during + sending, must be freed */ + size_t allocated_size; /* Size of temporal store */ + size_t recv_size; /* Size of received data during sending */ + size_t recv_processed; /* Size of processed part of postponed data */ +#ifdef DEBUGBUILD + curl_socket_t bindsock;/* Structure must be bound to specific socket, + used only for DEBUGASSERT */ +#endif /* DEBUGBUILD */ +}; +#endif /* USE_RECV_BEFORE_SEND_WORKAROUND */ + /* * The connectdata struct contains all fields and variables that should be * unique for an entire connection. */ struct connectdata { - /* 'data' is the CURRENT SessionHandle using this connection -- take great + /* 'data' is the CURRENT Curl_easy using this connection -- take great caution that this might very well vary between different times this connection is used! */ - struct SessionHandle *data; + struct Curl_easy *data; /* chunk is for HTTP chunked encoding, but is in the general connectdata struct only because we can do just about any protocol through a HTTP proxy @@ -874,10 +897,14 @@ struct connectdata { int socktype; /* SOCK_STREAM or SOCK_DGRAM */ struct hostname host; + struct hostname conn_to_host; /* the host to connect to. valid only if + bits.conn_to_host is set */ struct hostname proxy; long port; /* which port to use locally */ - int remote_port; /* what remote port to connect to, not the proxy port! */ + int remote_port; /* the remote port, not the proxy port! */ + int conn_to_port; /* the remote port to connect to. valid only if + bits.conn_to_port is set */ /* 'primary_ip' and 'primary_port' get filled with peer's numerical ip address and port number whenever an outgoing connection is @@ -919,6 +946,9 @@ struct connectdata { Curl_recv *recv[2]; Curl_send *send[2]; +#ifdef USE_RECV_BEFORE_SEND_WORKAROUND + struct postponed_data postponed[2]; /* two buffers for two sockets */ +#endif /* USE_RECV_BEFORE_SEND_WORKAROUND */ struct ssl_connect_data ssl[2]; /* this is for ssl-stuff */ struct ssl_config_data ssl_config; bool tls_upgraded; @@ -937,7 +967,7 @@ struct connectdata { const struct Curl_handler *handler; /* Connection's protocol handler */ const struct Curl_handler *given; /* The protocol first given */ - long ip_version; /* copied from the SessionHandle at creation time */ + long ip_version; /* copied from the Curl_easy at creation time */ /**** curl_get() phase fields */ @@ -1076,7 +1106,7 @@ struct connectdata { * Struct to keep statistical and informational data. */ struct PureInfo { - int httpcode; /* Recent HTTP, FTP, or RTSP response code */ + int httpcode; /* Recent HTTP, FTP, RTSP or SMTP response code */ int httpproxycode; /* response code from proxy when received separate */ int httpversion; /* the http version number X.Y = X*10+Y */ long filetime; /* If requested, this is might get set. Set to -1 if the time @@ -1143,6 +1173,14 @@ struct Progress { struct timeval t_startsingle; struct timeval t_startop; struct timeval t_acceptdata; + + /* upload speed limit */ + struct timeval ul_limit_start; + curl_off_t ul_limit_size; + /* download speed limit */ + struct timeval dl_limit_start; + curl_off_t dl_limit_size; + #define CURR_TIME (5+1) /* 6 entries for 5 seconds */ curl_off_t speeder[ CURR_TIME ]; @@ -1180,7 +1218,7 @@ typedef enum { /* * Values that are generated, temporary or calculated internally for a * "session handle" must be defined within the 'struct UrlState'. This struct - * will be used within the SessionHandle struct. When the 'SessionHandle' + * will be used within the Curl_easy struct. When the 'Curl_easy' * struct is cloned, this data MUST NOT be copied. * * Remember that any "state" information goes globally for the curl handle. @@ -1226,11 +1264,13 @@ struct UrlState { bytes / second */ bool this_is_a_follow; /* this is a followed Location: request */ - char *first_host; /* if set, this should be the host name that we will + char *first_host; /* host name of the first (not followed) request. + if set, this should be the host name that we will sent authorization to, no else. Used to make Location: following not keep sending user+password... This is strdup() data. */ + int first_remote_port; /* remote port of the first (not followed) request */ struct curl_ssl_session *session; /* array of 'max_ssl_sessions' size */ long sessionage; /* number of the most recent session */ char *tempwrite; /* allocated buffer to keep data in when a write @@ -1314,17 +1354,17 @@ struct UrlState { curl_off_t infilesize; /* size of file to upload, -1 means unknown. Copied from set.filesize at start of operation */ - int drain; /* Increased when this stream has data to read, even if its - socket not necessarily is readable. Decreased when - checked. */ - bool done; /* set to FALSE when Curl_do() is called and set to TRUE when - Curl_done() is called, to prevent Curl_done() to get invoked - twice when the multi interface is used. */ + size_t drain; /* Increased when this stream has data to read, even if its + socket is not necessarily is readable. Decreased when + checked. */ + bool done; /* set to FALSE when Curl_init_do() is called and set to TRUE + when multi_done() is called, to prevent multi_done() to get + invoked twice when the multi interface is used. */ curl_read_callback fread_func; /* read callback/function */ void *in; /* CURLOPT_READDATA */ - struct SessionHandle *stream_depends_on; + struct Curl_easy *stream_depends_on; bool stream_depends_e; /* set or don't set the Exclusive bit */ int stream_weight; }; @@ -1407,8 +1447,10 @@ enum dupstring { STRING_SSH_KNOWNHOSTS, /* file name of knownhosts file */ #endif #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - STRING_SOCKS5_GSSAPI_SERVICE, /* GSSAPI service name */ STRING_PROXY_SERVICE_NAME, /* Proxy service name */ +#endif +#if !defined(CURL_DISABLE_CRYPTO_AUTH) || defined(USE_KERBEROS5) || \ + defined(USE_SPNEGO) STRING_SERVICE_NAME, /* Service name */ #endif STRING_MAIL_FROM, @@ -1526,6 +1568,8 @@ struct UserDefined { struct curl_slist *telnet_options; /* linked list of telnet options */ struct curl_slist *resolve; /* list of names to add/remove from DNS cache */ + struct curl_slist *connect_to; /* list of host:port mappings to override + the hostname and port to connect to */ curl_TimeCond timecondition; /* kind of time/date comparison */ time_t timevalue; /* what time to compare with */ Curl_HttpReq httpreq; /* what kind of HTTP request (if any) is this */ @@ -1573,7 +1617,6 @@ struct UserDefined { bool http_set_referer; /* is a custom referer used */ bool http_auto_referer; /* set "correct" referer when following location: */ bool opt_no_body; /* as set with CURLOPT_NOBODY */ - bool set_port; /* custom port number used */ bool upload; /* upload request */ enum CURL_NETRC_OPTION use_netrc; /* defined in include/curl.h */ @@ -1613,7 +1656,7 @@ struct UserDefined { long allowed_protocols; long redir_protocols; #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - long socks5_gssapi_nec; /* flag to support nec socks5 server */ + bool socks5_gssapi_nec; /* Flag to support NEC SOCKS5 server */ #endif struct curl_slist *mail_rcpt; /* linked list of mail recipients */ bool sasl_ir; /* Enable/disable SASL initial response */ @@ -1635,17 +1678,18 @@ struct UserDefined { bool tcp_keepalive; /* use TCP keepalives */ long tcp_keepidle; /* seconds in idle before sending keepalive probe */ long tcp_keepintvl; /* seconds between TCP keepalive probes */ + bool tcp_fastopen; /* use TCP Fast Open */ size_t maxconnects; /* Max idle connections in the connection cache */ - bool ssl_enable_npn; /* TLS NPN extension? */ - bool ssl_enable_alpn; /* TLS ALPN extension? */ + bool ssl_enable_npn; /* TLS NPN extension? */ + bool ssl_enable_alpn; /* TLS ALPN extension? */ bool path_as_is; /* allow dotdots? */ bool pipewait; /* wait for pipe/multiplex status before starting a new connection */ long expect_100_timeout; /* in milliseconds */ - struct SessionHandle *stream_depends_on; + struct Curl_easy *stream_depends_on; bool stream_depends_e; /* set or don't set the Exclusive bit */ int stream_weight; }; @@ -1670,10 +1714,10 @@ struct Names { * 'struct UrlState' instead. */ -struct SessionHandle { +struct Curl_easy { /* first, two fields for the linked list of these */ - struct SessionHandle *next; - struct SessionHandle *prev; + struct Curl_easy *next; + struct Curl_easy *prev; struct connectdata *easy_conn; /* the "unit's" connection */ diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c new file mode 100644 index 000000000..4e906bc07 --- /dev/null +++ b/lib/vauth/cleartext.c @@ -0,0 +1,157 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC4616 PLAIN authentication + * Draft LOGIN SASL Mechanism + * + ***************************************************************************/ + +#include "curl_setup.h" + +#include +#include "urldata.h" + +#include "vauth/vauth.h" +#include "curl_base64.h" +#include "curl_md5.h" +#include "warnless.h" +#include "strtok.h" +#include "strequal.h" +#include "rawstr.h" +#include "sendf.h" +#include "curl_printf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_create_plain_message() + * + * This is used to generate an already encoded PLAIN message ready + * for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name. + * passdwp [in] - The user's password. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + char **outptr, size_t *outlen) +{ + CURLcode result; + char *plainauth; + size_t ulen; + size_t plen; + + ulen = strlen(userp); + plen = strlen(passwdp); + + plainauth = malloc(2 * ulen + plen + 2); + if(!plainauth) { + *outlen = 0; + *outptr = NULL; + return CURLE_OUT_OF_MEMORY; + } + + /* Calculate the reply */ + memcpy(plainauth, userp, ulen); + plainauth[ulen] = '\0'; + memcpy(plainauth + ulen + 1, userp, ulen); + plainauth[2 * ulen + 1] = '\0'; + memcpy(plainauth + 2 * ulen + 2, passwdp, plen); + + /* Base64 encode the reply */ + result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr, + outlen); + free(plainauth); + + return result; +} + +/* + * Curl_auth_create_login_message() + * + * This is used to generate an already encoded LOGIN message containing the + * user name or password ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * valuep [in] - The user name or user's password. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_login_message(struct Curl_easy *data, + const char *valuep, char **outptr, + size_t *outlen) +{ + size_t vlen = strlen(valuep); + + if(!vlen) { + /* Calculate an empty reply */ + *outptr = strdup("="); + if(*outptr) { + *outlen = (size_t) 1; + return CURLE_OK; + } + + *outlen = 0; + return CURLE_OUT_OF_MEMORY; + } + + /* Base64 encode the value */ + return Curl_base64_encode(data, valuep, vlen, outptr, outlen); +} + +/* + * Curl_auth_create_external_message() + * + * This is used to generate an already encoded EXTERNAL message containing + * the user name ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * user [in] - The user name. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_external_message(struct Curl_easy *data, + const char *user, char **outptr, + size_t *outlen) +{ + /* This is the same formatting as the login message */ + return Curl_auth_create_login_message(data, user, outptr, outlen); +} diff --git a/lib/vauth/cram.c b/lib/vauth/cram.c new file mode 100644 index 000000000..3074a163a --- /dev/null +++ b/lib/vauth/cram.c @@ -0,0 +1,138 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC2195 CRAM-MD5 authentication + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if !defined(CURL_DISABLE_CRYPTO_AUTH) + +#include +#include "urldata.h" + +#include "vauth/vauth.h" +#include "curl_base64.h" +#include "curl_hmac.h" +#include "curl_md5.h" +#include "warnless.h" +#include "curl_printf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_decode_cram_md5_message() + * + * This is used to decode an already encoded CRAM-MD5 challenge message. + * + * Parameters: + * + * chlg64 [in] - The base64 encoded challenge message. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_decode_cram_md5_message(const char *chlg64, char **outptr, + size_t *outlen) +{ + CURLcode result = CURLE_OK; + size_t chlg64len = strlen(chlg64); + + *outptr = NULL; + *outlen = 0; + + /* Decode the challenge if necessary */ + if(chlg64len && *chlg64 != '=') + result = Curl_base64_decode(chlg64, (unsigned char **) outptr, outlen); + + return result; +} + +/* + * Curl_auth_create_cram_md5_message() + * + * This is used to generate an already encoded CRAM-MD5 response message ready + * for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * chlg [in] - The challenge. + * userp [in] - The user name. + * passdwp [in] - The user's password. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_cram_md5_message(struct Curl_easy *data, + const char *chlg, + const char *userp, + const char *passwdp, + char **outptr, size_t *outlen) +{ + CURLcode result = CURLE_OK; + size_t chlglen = 0; + HMAC_context *ctxt; + unsigned char digest[MD5_DIGEST_LEN]; + char *response; + + if(chlg) + chlglen = strlen(chlg); + + /* Compute the digest using the password as the key */ + ctxt = Curl_HMAC_init(Curl_HMAC_MD5, + (const unsigned char *) passwdp, + curlx_uztoui(strlen(passwdp))); + if(!ctxt) + return CURLE_OUT_OF_MEMORY; + + /* Update the digest with the given challenge */ + if(chlglen > 0) + Curl_HMAC_update(ctxt, (const unsigned char *) chlg, + curlx_uztoui(chlglen)); + + /* Finalise the digest */ + Curl_HMAC_final(ctxt, digest); + + /* Generate the response */ + response = aprintf( + "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + userp, digest[0], digest[1], digest[2], digest[3], digest[4], + digest[5], digest[6], digest[7], digest[8], digest[9], digest[10], + digest[11], digest[12], digest[13], digest[14], digest[15]); + if(!response) + return CURLE_OUT_OF_MEMORY; + + /* Base64 encode the response */ + result = Curl_base64_encode(data, response, 0, outptr, outlen); + + free(response); + + return result; +} + +#endif /* !CURL_DISABLE_CRYPTO_AUTH */ diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c new file mode 100644 index 000000000..f4898404f --- /dev/null +++ b/lib/vauth/digest.c @@ -0,0 +1,897 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC2831 DIGEST-MD5 authentication + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if !defined(CURL_DISABLE_CRYPTO_AUTH) + +#include + +#include "vauth/vauth.h" +#include "vauth/digest.h" +#include "urldata.h" +#include "curl_base64.h" +#include "curl_hmac.h" +#include "curl_md5.h" +#include "vtls/vtls.h" +#include "warnless.h" +#include "strtok.h" +#include "rawstr.h" +#include "non-ascii.h" /* included for Curl_convert_... prototypes */ +#include "curl_printf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +#if !defined(USE_WINDOWS_SSPI) +#define DIGEST_QOP_VALUE_AUTH (1 << 0) +#define DIGEST_QOP_VALUE_AUTH_INT (1 << 1) +#define DIGEST_QOP_VALUE_AUTH_CONF (1 << 2) + +#define DIGEST_QOP_VALUE_STRING_AUTH "auth" +#define DIGEST_QOP_VALUE_STRING_AUTH_INT "auth-int" +#define DIGEST_QOP_VALUE_STRING_AUTH_CONF "auth-conf" + +/* The CURL_OUTPUT_DIGEST_CONV macro below is for non-ASCII machines. + It converts digest text to ASCII so the MD5 will be correct for + what ultimately goes over the network. +*/ +#define CURL_OUTPUT_DIGEST_CONV(a, b) \ + result = Curl_convert_to_network(a, (char *)b, strlen((const char*)b)); \ + if(result) { \ + free(b); \ + return result; \ + } +#endif /* !USE_WINDOWS_SSPI */ + +bool Curl_auth_digest_get_pair(const char *str, char *value, char *content, + const char **endptr) +{ + int c; + bool starts_with_quote = FALSE; + bool escape = FALSE; + + for(c = DIGEST_MAX_VALUE_LENGTH - 1; (*str && (*str != '=') && c--);) + *value++ = *str++; + *value = 0; + + if('=' != *str++) + /* eek, no match */ + return FALSE; + + if('\"' == *str) { + /* This starts with a quote so it must end with one as well! */ + str++; + starts_with_quote = TRUE; + } + + for(c = DIGEST_MAX_CONTENT_LENGTH - 1; *str && c--; str++) { + switch(*str) { + case '\\': + if(!escape) { + /* possibly the start of an escaped quote */ + escape = TRUE; + *content++ = '\\'; /* Even though this is an escape character, we still + store it as-is in the target buffer */ + continue; + } + break; + + case ',': + if(!starts_with_quote) { + /* This signals the end of the content if we didn't get a starting + quote and then we do "sloppy" parsing */ + c = 0; /* the end */ + continue; + } + break; + + case '\r': + case '\n': + /* end of string */ + c = 0; + continue; + + case '\"': + if(!escape && starts_with_quote) { + /* end of string */ + c = 0; + continue; + } + break; + } + + escape = FALSE; + *content++ = *str; + } + + *content = 0; + *endptr = str; + + return TRUE; +} + +#if !defined(USE_WINDOWS_SSPI) +/* Convert md5 chunk to RFC2617 (section 3.1.3) -suitable ascii string*/ +static void auth_digest_md5_to_ascii(unsigned char *source, /* 16 bytes */ + unsigned char *dest) /* 33 bytes */ +{ + int i; + for(i = 0; i < 16; i++) + snprintf((char *) &dest[i * 2], 3, "%02x", source[i]); +} + +/* Perform quoted-string escaping as described in RFC2616 and its errata */ +static char *auth_digest_string_quoted(const char *source) +{ + char *dest, *d; + const char *s = source; + size_t n = 1; /* null terminator */ + + /* Calculate size needed */ + while(*s) { + ++n; + if(*s == '"' || *s == '\\') { + ++n; + } + ++s; + } + + dest = malloc(n); + if(dest) { + s = source; + d = dest; + while(*s) { + if(*s == '"' || *s == '\\') { + *d++ = '\\'; + } + *d++ = *s++; + } + *d = 0; + } + + return dest; +} + +/* Retrieves the value for a corresponding key from the challenge string + * returns TRUE if the key could be found, FALSE if it does not exists + */ +static bool auth_digest_get_key_value(const char *chlg, + const char *key, + char *value, + size_t max_val_len, + char end_char) +{ + char *find_pos; + size_t i; + + find_pos = strstr(chlg, key); + if(!find_pos) + return FALSE; + + find_pos += strlen(key); + + for(i = 0; *find_pos && *find_pos != end_char && i < max_val_len - 1; ++i) + value[i] = *find_pos++; + value[i] = '\0'; + + return TRUE; +} + +static CURLcode auth_digest_get_qop_values(const char *options, int *value) +{ + char *tmp; + char *token; + char *tok_buf; + + /* Initialise the output */ + *value = 0; + + /* Tokenise the list of qop values. Use a temporary clone of the buffer since + strtok_r() ruins it. */ + tmp = strdup(options); + if(!tmp) + return CURLE_OUT_OF_MEMORY; + + token = strtok_r(tmp, ",", &tok_buf); + while(token != NULL) { + if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH)) + *value |= DIGEST_QOP_VALUE_AUTH; + else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_INT)) + *value |= DIGEST_QOP_VALUE_AUTH_INT; + else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_CONF)) + *value |= DIGEST_QOP_VALUE_AUTH_CONF; + + token = strtok_r(NULL, ",", &tok_buf); + } + + free(tmp); + + return CURLE_OK; +} + +/* + * auth_decode_digest_md5_message() + * + * This is used internally to decode an already encoded DIGEST-MD5 challenge + * message into the seperate attributes. + * + * Parameters: + * + * chlg64 [in] - The base64 encoded challenge message. + * nonce [in/out] - The buffer where the nonce will be stored. + * nlen [in] - The length of the nonce buffer. + * realm [in/out] - The buffer where the realm will be stored. + * rlen [in] - The length of the realm buffer. + * alg [in/out] - The buffer where the algorithm will be stored. + * alen [in] - The length of the algorithm buffer. + * qop [in/out] - The buffer where the qop-options will be stored. + * qlen [in] - The length of the qop buffer. + * + * Returns CURLE_OK on success. + */ +static CURLcode auth_decode_digest_md5_message(const char *chlg64, + char *nonce, size_t nlen, + char *realm, size_t rlen, + char *alg, size_t alen, + char *qop, size_t qlen) +{ + CURLcode result = CURLE_OK; + unsigned char *chlg = NULL; + size_t chlglen = 0; + size_t chlg64len = strlen(chlg64); + + /* Decode the base-64 encoded challenge message */ + if(chlg64len && *chlg64 != '=') { + result = Curl_base64_decode(chlg64, &chlg, &chlglen); + if(result) + return result; + } + + /* Ensure we have a valid challenge message */ + if(!chlg) + return CURLE_BAD_CONTENT_ENCODING; + + /* Retrieve nonce string from the challenge */ + if(!auth_digest_get_key_value((char *) chlg, "nonce=\"", nonce, nlen, + '\"')) { + free(chlg); + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Retrieve realm string from the challenge */ + if(!auth_digest_get_key_value((char *) chlg, "realm=\"", realm, rlen, + '\"')) { + /* Challenge does not have a realm, set empty string [RFC2831] page 6 */ + strcpy(realm, ""); + } + + /* Retrieve algorithm string from the challenge */ + if(!auth_digest_get_key_value((char *) chlg, "algorithm=", alg, alen, ',')) { + free(chlg); + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Retrieve qop-options string from the challenge */ + if(!auth_digest_get_key_value((char *) chlg, "qop=\"", qop, qlen, '\"')) { + free(chlg); + return CURLE_BAD_CONTENT_ENCODING; + } + + free(chlg); + + return CURLE_OK; +} + +/* + * Curl_auth_is_digest_supported() + * + * This is used to evaluate if DIGEST is supported. + * + * Parameters: None + * + * Returns TRUE as DIGEST as handled by libcurl. + */ +bool Curl_auth_is_digest_supported(void) +{ + return TRUE; +} + +/* + * Curl_auth_create_digest_md5_message() + * + * This is used to generate an already encoded DIGEST-MD5 response message + * ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * chlg64 [in] - The base64 encoded challenge message. + * userp [in] - The user name. + * passdwp [in] - The user's password. + * service [in] - The service type such as http, smtp, pop or imap. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, + const char *chlg64, + const char *userp, + const char *passwdp, + const char *service, + char **outptr, size_t *outlen) +{ + CURLcode result = CURLE_OK; + size_t i; + MD5_context *ctxt; + char *response = NULL; + unsigned char digest[MD5_DIGEST_LEN]; + char HA1_hex[2 * MD5_DIGEST_LEN + 1]; + char HA2_hex[2 * MD5_DIGEST_LEN + 1]; + char resp_hash_hex[2 * MD5_DIGEST_LEN + 1]; + char nonce[64]; + char realm[128]; + char algorithm[64]; + char qop_options[64]; + int qop_values; + char cnonce[33]; + unsigned int entropy[4]; + char nonceCount[] = "00000001"; + char method[] = "AUTHENTICATE"; + char qop[] = DIGEST_QOP_VALUE_STRING_AUTH; + char *spn = NULL; + + /* Decode the challange message */ + result = auth_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), + realm, sizeof(realm), + algorithm, sizeof(algorithm), + qop_options, sizeof(qop_options)); + if(result) + return result; + + /* We only support md5 sessions */ + if(strcmp(algorithm, "md5-sess") != 0) + return CURLE_BAD_CONTENT_ENCODING; + + /* Get the qop-values from the qop-options */ + result = auth_digest_get_qop_values(qop_options, &qop_values); + if(result) + return result; + + /* We only support auth quality-of-protection */ + if(!(qop_values & DIGEST_QOP_VALUE_AUTH)) + return CURLE_BAD_CONTENT_ENCODING; + + /* Generate 16 bytes of random data */ + entropy[0] = Curl_rand(data); + entropy[1] = Curl_rand(data); + entropy[2] = Curl_rand(data); + entropy[3] = Curl_rand(data); + + /* Convert the random data into a 32 byte hex string */ + snprintf(cnonce, sizeof(cnonce), "%08x%08x%08x%08x", + entropy[0], entropy[1], entropy[2], entropy[3]); + + /* So far so good, now calculate A1 and H(A1) according to RFC 2831 */ + ctxt = Curl_MD5_init(Curl_DIGEST_MD5); + if(!ctxt) + return CURLE_OUT_OF_MEMORY; + + Curl_MD5_update(ctxt, (const unsigned char *) userp, + curlx_uztoui(strlen(userp))); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + Curl_MD5_update(ctxt, (const unsigned char *) realm, + curlx_uztoui(strlen(realm))); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + Curl_MD5_update(ctxt, (const unsigned char *) passwdp, + curlx_uztoui(strlen(passwdp))); + Curl_MD5_final(ctxt, digest); + + ctxt = Curl_MD5_init(Curl_DIGEST_MD5); + if(!ctxt) + return CURLE_OUT_OF_MEMORY; + + Curl_MD5_update(ctxt, (const unsigned char *) digest, MD5_DIGEST_LEN); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + Curl_MD5_update(ctxt, (const unsigned char *) nonce, + curlx_uztoui(strlen(nonce))); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + Curl_MD5_update(ctxt, (const unsigned char *) cnonce, + curlx_uztoui(strlen(cnonce))); + Curl_MD5_final(ctxt, digest); + + /* Convert calculated 16 octet hex into 32 bytes string */ + for(i = 0; i < MD5_DIGEST_LEN; i++) + snprintf(&HA1_hex[2 * i], 3, "%02x", digest[i]); + + /* Generate our SPN */ + spn = Curl_auth_build_spn(service, realm, NULL); + if(!spn) + return CURLE_OUT_OF_MEMORY; + + /* Calculate H(A2) */ + ctxt = Curl_MD5_init(Curl_DIGEST_MD5); + if(!ctxt) { + free(spn); + + return CURLE_OUT_OF_MEMORY; + } + + Curl_MD5_update(ctxt, (const unsigned char *) method, + curlx_uztoui(strlen(method))); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + Curl_MD5_update(ctxt, (const unsigned char *) spn, + curlx_uztoui(strlen(spn))); + Curl_MD5_final(ctxt, digest); + + for(i = 0; i < MD5_DIGEST_LEN; i++) + snprintf(&HA2_hex[2 * i], 3, "%02x", digest[i]); + + /* Now calculate the response hash */ + ctxt = Curl_MD5_init(Curl_DIGEST_MD5); + if(!ctxt) { + free(spn); + + return CURLE_OUT_OF_MEMORY; + } + + Curl_MD5_update(ctxt, (const unsigned char *) HA1_hex, 2 * MD5_DIGEST_LEN); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + Curl_MD5_update(ctxt, (const unsigned char *) nonce, + curlx_uztoui(strlen(nonce))); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + + Curl_MD5_update(ctxt, (const unsigned char *) nonceCount, + curlx_uztoui(strlen(nonceCount))); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + Curl_MD5_update(ctxt, (const unsigned char *) cnonce, + curlx_uztoui(strlen(cnonce))); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + Curl_MD5_update(ctxt, (const unsigned char *) qop, + curlx_uztoui(strlen(qop))); + Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); + + Curl_MD5_update(ctxt, (const unsigned char *) HA2_hex, 2 * MD5_DIGEST_LEN); + Curl_MD5_final(ctxt, digest); + + for(i = 0; i < MD5_DIGEST_LEN; i++) + snprintf(&resp_hash_hex[2 * i], 3, "%02x", digest[i]); + + /* Generate the response */ + response = aprintf("username=\"%s\",realm=\"%s\",nonce=\"%s\"," + "cnonce=\"%s\",nc=\"%s\",digest-uri=\"%s\",response=%s," + "qop=%s", + userp, realm, nonce, + cnonce, nonceCount, spn, resp_hash_hex, qop); + free(spn); + if(!response) + return CURLE_OUT_OF_MEMORY; + + /* Base64 encode the response */ + result = Curl_base64_encode(data, response, 0, outptr, outlen); + + free(response); + + return result; +} + +/* + * Curl_auth_decode_digest_http_message() + * + * This is used to decode a HTTP DIGEST challenge message into the seperate + * attributes. + * + * Parameters: + * + * chlg [in] - The challenge message. + * digest [in/out] - The digest data struct being used and modified. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_decode_digest_http_message(const char *chlg, + struct digestdata *digest) +{ + bool before = FALSE; /* got a nonce before */ + bool foundAuth = FALSE; + bool foundAuthInt = FALSE; + char *token = NULL; + char *tmp = NULL; + + /* If we already have received a nonce, keep that in mind */ + if(digest->nonce) + before = TRUE; + + /* Clean up any former leftovers and initialise to defaults */ + Curl_auth_digest_cleanup(digest); + + for(;;) { + char value[DIGEST_MAX_VALUE_LENGTH]; + char content[DIGEST_MAX_CONTENT_LENGTH]; + + /* Pass all additional spaces here */ + while(*chlg && ISSPACE(*chlg)) + chlg++; + + /* Extract a value=content pair */ + if(Curl_auth_digest_get_pair(chlg, value, content, &chlg)) { + if(Curl_raw_equal(value, "nonce")) { + free(digest->nonce); + digest->nonce = strdup(content); + if(!digest->nonce) + return CURLE_OUT_OF_MEMORY; + } + else if(Curl_raw_equal(value, "stale")) { + if(Curl_raw_equal(content, "true")) { + digest->stale = TRUE; + digest->nc = 1; /* we make a new nonce now */ + } + } + else if(Curl_raw_equal(value, "realm")) { + free(digest->realm); + digest->realm = strdup(content); + if(!digest->realm) + return CURLE_OUT_OF_MEMORY; + } + else if(Curl_raw_equal(value, "opaque")) { + free(digest->opaque); + digest->opaque = strdup(content); + if(!digest->opaque) + return CURLE_OUT_OF_MEMORY; + } + else if(Curl_raw_equal(value, "qop")) { + char *tok_buf; + /* Tokenize the list and choose auth if possible, use a temporary + clone of the buffer since strtok_r() ruins it */ + tmp = strdup(content); + if(!tmp) + return CURLE_OUT_OF_MEMORY; + + token = strtok_r(tmp, ",", &tok_buf); + while(token != NULL) { + if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH)) { + foundAuth = TRUE; + } + else if(Curl_raw_equal(token, DIGEST_QOP_VALUE_STRING_AUTH_INT)) { + foundAuthInt = TRUE; + } + token = strtok_r(NULL, ",", &tok_buf); + } + + free(tmp); + + /* Select only auth or auth-int. Otherwise, ignore */ + if(foundAuth) { + free(digest->qop); + digest->qop = strdup(DIGEST_QOP_VALUE_STRING_AUTH); + if(!digest->qop) + return CURLE_OUT_OF_MEMORY; + } + else if(foundAuthInt) { + free(digest->qop); + digest->qop = strdup(DIGEST_QOP_VALUE_STRING_AUTH_INT); + if(!digest->qop) + return CURLE_OUT_OF_MEMORY; + } + } + else if(Curl_raw_equal(value, "algorithm")) { + free(digest->algorithm); + digest->algorithm = strdup(content); + if(!digest->algorithm) + return CURLE_OUT_OF_MEMORY; + + if(Curl_raw_equal(content, "MD5-sess")) + digest->algo = CURLDIGESTALGO_MD5SESS; + else if(Curl_raw_equal(content, "MD5")) + digest->algo = CURLDIGESTALGO_MD5; + else + return CURLE_BAD_CONTENT_ENCODING; + } + else { + /* Unknown specifier, ignore it! */ + } + } + else + break; /* We're done here */ + + /* Pass all additional spaces here */ + while(*chlg && ISSPACE(*chlg)) + chlg++; + + /* Allow the list to be comma-separated */ + if(',' == *chlg) + chlg++; + } + + /* We had a nonce since before, and we got another one now without + 'stale=true'. This means we provided bad credentials in the previous + request */ + if(before && !digest->stale) + return CURLE_BAD_CONTENT_ENCODING; + + /* We got this header without a nonce, that's a bad Digest line! */ + if(!digest->nonce) + return CURLE_BAD_CONTENT_ENCODING; + + return CURLE_OK; +} + +/* + * Curl_auth_create_digest_http_message() + * + * This is used to generate a HTTP DIGEST response message ready for sending + * to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name. + * passdwp [in] - The user's password. + * request [in] - The HTTP request. + * uripath [in] - The path of the HTTP uri. + * digest [in/out] - The digest data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + const unsigned char *request, + const unsigned char *uripath, + struct digestdata *digest, + char **outptr, size_t *outlen) +{ + CURLcode result; + unsigned char md5buf[16]; /* 16 bytes/128 bits */ + unsigned char request_digest[33]; + unsigned char *md5this; + unsigned char ha1[33]; /* 32 digits and 1 zero byte */ + unsigned char ha2[33]; /* 32 digits and 1 zero byte */ + char cnoncebuf[33]; + char *cnonce = NULL; + size_t cnonce_sz = 0; + char *userp_quoted; + char *response = NULL; + char *tmp = NULL; + + if(!digest->nc) + digest->nc = 1; + + if(!digest->cnonce) { + snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x%08x%08x", + Curl_rand(data), Curl_rand(data), + Curl_rand(data), Curl_rand(data)); + + result = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf), + &cnonce, &cnonce_sz); + if(result) + return result; + + digest->cnonce = cnonce; + } + + /* + If the algorithm is "MD5" or unspecified (which then defaults to MD5): + + A1 = unq(username-value) ":" unq(realm-value) ":" passwd + + If the algorithm is "MD5-sess" then: + + A1 = H(unq(username-value) ":" unq(realm-value) ":" passwd) ":" + unq(nonce-value) ":" unq(cnonce-value) + */ + + md5this = (unsigned char *) + aprintf("%s:%s:%s", userp, digest->realm, passwdp); + if(!md5this) + return CURLE_OUT_OF_MEMORY; + + CURL_OUTPUT_DIGEST_CONV(data, md5this); /* convert on non-ASCII machines */ + Curl_md5it(md5buf, md5this); + free(md5this); + auth_digest_md5_to_ascii(md5buf, ha1); + + if(digest->algo == CURLDIGESTALGO_MD5SESS) { + /* nonce and cnonce are OUTSIDE the hash */ + tmp = aprintf("%s:%s:%s", ha1, digest->nonce, digest->cnonce); + if(!tmp) + return CURLE_OUT_OF_MEMORY; + + CURL_OUTPUT_DIGEST_CONV(data, tmp); /* Convert on non-ASCII machines */ + Curl_md5it(md5buf, (unsigned char *) tmp); + free(tmp); + auth_digest_md5_to_ascii(md5buf, ha1); + } + + /* + If the "qop" directive's value is "auth" or is unspecified, then A2 is: + + A2 = Method ":" digest-uri-value + + If the "qop" value is "auth-int", then A2 is: + + A2 = Method ":" digest-uri-value ":" H(entity-body) + + (The "Method" value is the HTTP request method as specified in section + 5.1.1 of RFC 2616) + */ + + md5this = (unsigned char *) aprintf("%s:%s", request, uripath); + + if(digest->qop && Curl_raw_equal(digest->qop, "auth-int")) { + /* We don't support auth-int for PUT or POST at the moment. + TODO: replace md5 of empty string with entity-body for PUT/POST */ + unsigned char *md5this2 = (unsigned char *) + aprintf("%s:%s", md5this, "d41d8cd98f00b204e9800998ecf8427e"); + free(md5this); + md5this = md5this2; + } + + if(!md5this) + return CURLE_OUT_OF_MEMORY; + + CURL_OUTPUT_DIGEST_CONV(data, md5this); /* convert on non-ASCII machines */ + Curl_md5it(md5buf, md5this); + free(md5this); + auth_digest_md5_to_ascii(md5buf, ha2); + + if(digest->qop) { + md5this = (unsigned char *) aprintf("%s:%s:%08x:%s:%s:%s", + ha1, + digest->nonce, + digest->nc, + digest->cnonce, + digest->qop, + ha2); + } + else { + md5this = (unsigned char *) aprintf("%s:%s:%s", + ha1, + digest->nonce, + ha2); + } + + if(!md5this) + return CURLE_OUT_OF_MEMORY; + + CURL_OUTPUT_DIGEST_CONV(data, md5this); /* convert on non-ASCII machines */ + Curl_md5it(md5buf, md5this); + free(md5this); + auth_digest_md5_to_ascii(md5buf, request_digest); + + /* For test case 64 (snooped from a Mozilla 1.3a request) + + Authorization: Digest username="testuser", realm="testrealm", \ + nonce="1053604145", uri="/64", response="c55f7f30d83d774a3d2dcacf725abaca" + + Digest parameters are all quoted strings. Username which is provided by + the user will need double quotes and backslashes within it escaped. For + the other fields, this shouldn't be an issue. realm, nonce, and opaque + are copied as is from the server, escapes and all. cnonce is generated + with web-safe characters. uri is already percent encoded. nc is 8 hex + characters. algorithm and qop with standard values only contain web-safe + characters. + */ + userp_quoted = auth_digest_string_quoted(userp); + if(!userp_quoted) + return CURLE_OUT_OF_MEMORY; + + if(digest->qop) { + response = aprintf("username=\"%s\", " + "realm=\"%s\", " + "nonce=\"%s\", " + "uri=\"%s\", " + "cnonce=\"%s\", " + "nc=%08x, " + "qop=%s, " + "response=\"%s\"", + userp_quoted, + digest->realm, + digest->nonce, + uripath, + digest->cnonce, + digest->nc, + digest->qop, + request_digest); + + if(Curl_raw_equal(digest->qop, "auth")) + digest->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0 + padded which tells to the server how many times you are + using the same nonce in the qop=auth mode */ + } + else { + response = aprintf("username=\"%s\", " + "realm=\"%s\", " + "nonce=\"%s\", " + "uri=\"%s\", " + "response=\"%s\"", + userp_quoted, + digest->realm, + digest->nonce, + uripath, + request_digest); + } + free(userp_quoted); + if(!response) + return CURLE_OUT_OF_MEMORY; + + /* Add the optional fields */ + if(digest->opaque) { + /* Append the opaque */ + tmp = aprintf("%s, opaque=\"%s\"", response, digest->opaque); + free(response); + if(!tmp) + return CURLE_OUT_OF_MEMORY; + + response = tmp; + } + + if(digest->algorithm) { + /* Append the algorithm */ + tmp = aprintf("%s, algorithm=\"%s\"", response, digest->algorithm); + free(response); + if(!tmp) + return CURLE_OUT_OF_MEMORY; + + response = tmp; + } + + /* Return the output */ + *outptr = response; + *outlen = strlen(response); + + return CURLE_OK; +} + +/* + * Curl_auth_digest_cleanup() + * + * This is used to clean up the digest specific data. + * + * Parameters: + * + * digest [in/out] - The digest data struct being cleaned up. + * + */ +void Curl_auth_digest_cleanup(struct digestdata *digest) +{ + Curl_safefree(digest->nonce); + Curl_safefree(digest->cnonce); + Curl_safefree(digest->realm); + Curl_safefree(digest->opaque); + Curl_safefree(digest->qop); + Curl_safefree(digest->algorithm); + + digest->nc = 0; + digest->algo = CURLDIGESTALGO_MD5; /* default algorithm */ + digest->stale = FALSE; /* default means normal, not stale */ +} +#endif /* !USE_WINDOWS_SSPI */ + +#endif /* CURL_DISABLE_CRYPTO_AUTH */ diff --git a/lib/vauth/digest.h b/lib/vauth/digest.h new file mode 100644 index 000000000..5722dcece --- /dev/null +++ b/lib/vauth/digest.h @@ -0,0 +1,43 @@ +#ifndef HEADER_CURL_DIGEST_H +#define HEADER_CURL_DIGEST_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include + +#if !defined(CURL_DISABLE_CRYPTO_AUTH) + +#define DIGEST_MAX_VALUE_LENGTH 256 +#define DIGEST_MAX_CONTENT_LENGTH 1024 + +enum { + CURLDIGESTALGO_MD5, + CURLDIGESTALGO_MD5SESS +}; + +/* This is used to extract the realm from a challenge message */ +bool Curl_auth_digest_get_pair(const char *str, char *value, char *content, + const char **endptr); + +#endif + +#endif /* HEADER_CURL_DIGEST_H */ diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c new file mode 100644 index 000000000..1cc704d58 --- /dev/null +++ b/lib/vauth/digest_sspi.c @@ -0,0 +1,554 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2014 - 2016, Steve Holme, . + * Copyright (C) 2015, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC2831 DIGEST-MD5 authentication + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(USE_WINDOWS_SSPI) && !defined(CURL_DISABLE_CRYPTO_AUTH) + +#include + +#include "vauth/vauth.h" +#include "vauth/digest.h" +#include "urldata.h" +#include "curl_base64.h" +#include "warnless.h" +#include "curl_multibyte.h" +#include "sendf.h" +#include "strdup.h" +#include "rawstr.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* +* Curl_auth_is_digest_supported() +* +* This is used to evaluate if DIGEST is supported. +* +* Parameters: None +* +* Returns TRUE if DIGEST is supported by Windows SSPI. +*/ +bool Curl_auth_is_digest_supported(void) +{ + PSecPkgInfo SecurityPackage; + SECURITY_STATUS status; + + /* Query the security package for Digest */ + status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST), + &SecurityPackage); + + return (status == SEC_E_OK ? TRUE : FALSE); +} + +/* + * Curl_auth_create_digest_md5_message() + * + * This is used to generate an already encoded DIGEST-MD5 response message + * ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * chlg64 [in] - The base64 encoded challenge message. + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * service [in] - The service type such as http, smtp, pop or imap. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, + const char *chlg64, + const char *userp, + const char *passwdp, + const char *service, + char **outptr, size_t *outlen) +{ + CURLcode result = CURLE_OK; + TCHAR *spn = NULL; + size_t chlglen = 0; + size_t token_max = 0; + unsigned char *input_token = NULL; + unsigned char *output_token = NULL; + CredHandle credentials; + CtxtHandle context; + PSecPkgInfo SecurityPackage; + SEC_WINNT_AUTH_IDENTITY identity; + SEC_WINNT_AUTH_IDENTITY *p_identity; + SecBuffer chlg_buf; + SecBuffer resp_buf; + SecBufferDesc chlg_desc; + SecBufferDesc resp_desc; + SECURITY_STATUS status; + unsigned long attrs; + TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ + + /* Decode the base-64 encoded challenge message */ + if(strlen(chlg64) && *chlg64 != '=') { + result = Curl_base64_decode(chlg64, &input_token, &chlglen); + if(result) + return result; + } + + /* Ensure we have a valid challenge message */ + if(!input_token) { + infof(data, "DIGEST-MD5 handshake failure (empty challenge message)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Query the security package for DigestSSP */ + status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST), + &SecurityPackage); + if(status != SEC_E_OK) { + free(input_token); + + return CURLE_NOT_BUILT_IN; + } + + token_max = SecurityPackage->cbMaxToken; + + /* Release the package buffer as it is not required anymore */ + s_pSecFn->FreeContextBuffer(SecurityPackage); + + /* Allocate our response buffer */ + output_token = malloc(token_max); + if(!output_token) { + free(input_token); + + return CURLE_OUT_OF_MEMORY; + } + + /* Generate our SPN */ + spn = Curl_auth_build_spn(service, data->easy_conn->host.name, NULL); + if(!spn) { + free(output_token); + free(input_token); + + return CURLE_OUT_OF_MEMORY; + } + + if(userp && *userp) { + /* Populate our identity structure */ + result = Curl_create_sspi_identity(userp, passwdp, &identity); + if(result) { + free(spn); + free(output_token); + free(input_token); + + return result; + } + + /* Allow proper cleanup of the identity structure */ + p_identity = &identity; + } + else + /* Use the current Windows user */ + p_identity = NULL; + + /* Acquire our credentials handle */ + status = s_pSecFn->AcquireCredentialsHandle(NULL, + (TCHAR *) TEXT(SP_NAME_DIGEST), + SECPKG_CRED_OUTBOUND, NULL, + p_identity, NULL, NULL, + &credentials, &expiry); + + if(status != SEC_E_OK) { + Curl_sspi_free_identity(p_identity); + free(spn); + free(output_token); + free(input_token); + + return CURLE_LOGIN_DENIED; + } + + /* Setup the challenge "input" security buffer */ + chlg_desc.ulVersion = SECBUFFER_VERSION; + chlg_desc.cBuffers = 1; + chlg_desc.pBuffers = &chlg_buf; + chlg_buf.BufferType = SECBUFFER_TOKEN; + chlg_buf.pvBuffer = input_token; + chlg_buf.cbBuffer = curlx_uztoul(chlglen); + + /* Setup the response "output" security buffer */ + resp_desc.ulVersion = SECBUFFER_VERSION; + resp_desc.cBuffers = 1; + resp_desc.pBuffers = &resp_buf; + resp_buf.BufferType = SECBUFFER_TOKEN; + resp_buf.pvBuffer = output_token; + resp_buf.cbBuffer = curlx_uztoul(token_max); + + /* Generate our response message */ + status = s_pSecFn->InitializeSecurityContext(&credentials, NULL, spn, + 0, 0, 0, &chlg_desc, 0, + &context, &resp_desc, &attrs, + &expiry); + + if(status == SEC_I_COMPLETE_NEEDED || + status == SEC_I_COMPLETE_AND_CONTINUE) + s_pSecFn->CompleteAuthToken(&credentials, &resp_desc); + else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) { + s_pSecFn->FreeCredentialsHandle(&credentials); + Curl_sspi_free_identity(p_identity); + free(spn); + free(output_token); + free(input_token); + + return CURLE_RECV_ERROR; + } + + /* Base64 encode the response */ + result = Curl_base64_encode(data, (char *) output_token, resp_buf.cbBuffer, + outptr, outlen); + + /* Free our handles */ + s_pSecFn->DeleteSecurityContext(&context); + s_pSecFn->FreeCredentialsHandle(&credentials); + + /* Free the identity structure */ + Curl_sspi_free_identity(p_identity); + + /* Free the SPN */ + free(spn); + + /* Free the response buffer */ + free(output_token); + + /* Free the decoded challenge message */ + free(input_token); + + return result; +} + +/* + * Curl_override_sspi_http_realm() + * + * This is used to populate the domain in a SSPI identity structure + * The realm is extracted from the challenge message and used as the + * domain if it is not already explicitly set. + * + * Parameters: + * + * chlg [in] - The challenge message. + * identity [in/out] - The identity structure. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_override_sspi_http_realm(const char *chlg, + SEC_WINNT_AUTH_IDENTITY *identity) +{ + xcharp_u domain, dup_domain; + + /* If domain is blank or unset, check challenge message for realm */ + if(!identity->Domain || !identity->DomainLength) { + for(;;) { + char value[DIGEST_MAX_VALUE_LENGTH]; + char content[DIGEST_MAX_CONTENT_LENGTH]; + + /* Pass all additional spaces here */ + while(*chlg && ISSPACE(*chlg)) + chlg++; + + /* Extract a value=content pair */ + if(Curl_auth_digest_get_pair(chlg, value, content, &chlg)) { + if(Curl_raw_equal(value, "realm")) { + + /* Setup identity's domain and length */ + domain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *) content); + if(!domain.tchar_ptr) + return CURLE_OUT_OF_MEMORY; + + dup_domain.tchar_ptr = _tcsdup(domain.tchar_ptr); + if(!dup_domain.tchar_ptr) { + Curl_unicodefree(domain.tchar_ptr); + return CURLE_OUT_OF_MEMORY; + } + + free(identity->Domain); + identity->Domain = dup_domain.tbyte_ptr; + identity->DomainLength = curlx_uztoul(_tcslen(dup_domain.tchar_ptr)); + dup_domain.tchar_ptr = NULL; + + Curl_unicodefree(domain.tchar_ptr); + } + else { + /* Unknown specifier, ignore it! */ + } + } + else + break; /* We're done here */ + + /* Pass all additional spaces here */ + while(*chlg && ISSPACE(*chlg)) + chlg++; + + /* Allow the list to be comma-separated */ + if(',' == *chlg) + chlg++; + } + } + + return CURLE_OK; +} + +/* + * Curl_auth_decode_digest_http_message() + * + * This is used to decode a HTTP DIGEST challenge message into the seperate + * attributes. + * + * Parameters: + * + * chlg [in] - The challenge message. + * digest [in/out] - The digest data struct being used and modified. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_decode_digest_http_message(const char *chlg, + struct digestdata *digest) +{ + size_t chlglen = strlen(chlg); + + /* We had an input token before and we got another one now. This means we + provided bad credentials in the previous request. */ + if(digest->input_token) + return CURLE_BAD_CONTENT_ENCODING; + + /* Simply store the challenge for use later */ + digest->input_token = (BYTE *) Curl_memdup(chlg, chlglen); + if(!digest->input_token) + return CURLE_OUT_OF_MEMORY; + + digest->input_token_len = chlglen; + + return CURLE_OK; +} + +/* + * Curl_auth_create_digest_http_message() + * + * This is used to generate a HTTP DIGEST response message ready for sending + * to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * request [in] - The HTTP request. + * uripath [in] - The path of the HTTP uri. + * digest [in/out] - The digest data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + const unsigned char *request, + const unsigned char *uripath, + struct digestdata *digest, + char **outptr, size_t *outlen) +{ + size_t token_max; + CredHandle credentials; + CtxtHandle context; + char *resp; + BYTE *output_token; + PSecPkgInfo SecurityPackage; + SEC_WINNT_AUTH_IDENTITY identity; + SEC_WINNT_AUTH_IDENTITY *p_identity; + SecBuffer chlg_buf[3]; + SecBuffer resp_buf; + SecBufferDesc chlg_desc; + SecBufferDesc resp_desc; + SECURITY_STATUS status; + unsigned long attrs; + TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ + TCHAR *spn; + + (void) data; + + /* Query the security package for DigestSSP */ + status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST), + &SecurityPackage); + if(status != SEC_E_OK) + return CURLE_NOT_BUILT_IN; + + token_max = SecurityPackage->cbMaxToken; + + /* Release the package buffer as it is not required anymore */ + s_pSecFn->FreeContextBuffer(SecurityPackage); + + if(userp && *userp) { + /* Populate our identity structure */ + if(Curl_create_sspi_identity(userp, passwdp, &identity)) + return CURLE_OUT_OF_MEMORY; + + /* Populate our identity domain */ + if(Curl_override_sspi_http_realm((const char*) digest->input_token, + &identity)) + return CURLE_OUT_OF_MEMORY; + + /* Allow proper cleanup of the identity structure */ + p_identity = &identity; + } + else + /* Use the current Windows user */ + p_identity = NULL; + + /* Acquire our credentials handle */ + status = s_pSecFn->AcquireCredentialsHandle(NULL, + (TCHAR *) TEXT(SP_NAME_DIGEST), + SECPKG_CRED_OUTBOUND, NULL, + p_identity, NULL, NULL, + &credentials, &expiry); + if(status != SEC_E_OK) { + Curl_sspi_free_identity(p_identity); + + return CURLE_LOGIN_DENIED; + } + + /* Allocate the output buffer according to the max token size as indicated + by the security package */ + output_token = malloc(token_max); + if(!output_token) { + s_pSecFn->FreeCredentialsHandle(&credentials); + + Curl_sspi_free_identity(p_identity); + + return CURLE_OUT_OF_MEMORY; + } + + /* Setup the challenge "input" security buffer if present */ + chlg_desc.ulVersion = SECBUFFER_VERSION; + chlg_desc.cBuffers = 3; + chlg_desc.pBuffers = chlg_buf; + chlg_buf[0].BufferType = SECBUFFER_TOKEN; + chlg_buf[0].pvBuffer = digest->input_token; + chlg_buf[0].cbBuffer = curlx_uztoul(digest->input_token_len); + chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS; + chlg_buf[1].pvBuffer = (void *) request; + chlg_buf[1].cbBuffer = curlx_uztoul(strlen((const char *) request)); + chlg_buf[2].BufferType = SECBUFFER_PKG_PARAMS; + chlg_buf[2].pvBuffer = NULL; + chlg_buf[2].cbBuffer = 0; + + /* Setup the response "output" security buffer */ + resp_desc.ulVersion = SECBUFFER_VERSION; + resp_desc.cBuffers = 1; + resp_desc.pBuffers = &resp_buf; + resp_buf.BufferType = SECBUFFER_TOKEN; + resp_buf.pvBuffer = output_token; + resp_buf.cbBuffer = curlx_uztoul(token_max); + + spn = Curl_convert_UTF8_to_tchar((char *) uripath); + if(!spn) { + s_pSecFn->FreeCredentialsHandle(&credentials); + + Curl_sspi_free_identity(p_identity); + free(output_token); + + return CURLE_OUT_OF_MEMORY; + } + + /* Generate our reponse message */ + status = s_pSecFn->InitializeSecurityContext(&credentials, NULL, + spn, + ISC_REQ_USE_HTTP_STYLE, 0, 0, + &chlg_desc, 0, &context, + &resp_desc, &attrs, &expiry); + Curl_unicodefree(spn); + + if(status == SEC_I_COMPLETE_NEEDED || + status == SEC_I_COMPLETE_AND_CONTINUE) + s_pSecFn->CompleteAuthToken(&credentials, &resp_desc); + else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) { + s_pSecFn->FreeCredentialsHandle(&credentials); + + Curl_sspi_free_identity(p_identity); + free(output_token); + + return CURLE_OUT_OF_MEMORY; + } + + resp = malloc(resp_buf.cbBuffer + 1); + if(!resp) { + s_pSecFn->DeleteSecurityContext(&context); + s_pSecFn->FreeCredentialsHandle(&credentials); + + Curl_sspi_free_identity(p_identity); + free(output_token); + + return CURLE_OUT_OF_MEMORY; + } + + /* Copy the generated reponse */ + memcpy(resp, resp_buf.pvBuffer, resp_buf.cbBuffer); + resp[resp_buf.cbBuffer] = 0x00; + + /* Return the response */ + *outptr = resp; + *outlen = resp_buf.cbBuffer; + + /* Free our handles */ + s_pSecFn->DeleteSecurityContext(&context); + s_pSecFn->FreeCredentialsHandle(&credentials); + + /* Free the identity structure */ + Curl_sspi_free_identity(p_identity); + + /* Free the response buffer */ + free(output_token); + + return CURLE_OK; +} + +/* + * Curl_auth_digest_cleanup() + * + * This is used to clean up the digest specific data. + * + * Parameters: + * + * digest [in/out] - The digest data struct being cleaned up. + * + */ +void Curl_auth_digest_cleanup(struct digestdata *digest) +{ + /* Free the input token */ + Curl_safefree(digest->input_token); + + /* Reset any variables */ + digest->input_token_len = 0; +} + +#endif /* USE_WINDOWS_SSPI && !CURL_DISABLE_CRYPTO_AUTH */ diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c new file mode 100644 index 000000000..c754fae45 --- /dev/null +++ b/lib/vauth/krb5_gssapi.c @@ -0,0 +1,401 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2014 - 2016, Steve Holme, . + * Copyright (C) 2015, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(HAVE_GSSAPI) && defined(USE_KERBEROS5) + +#include + +#include "vauth/vauth.h" +#include "curl_sasl.h" +#include "urldata.h" +#include "curl_base64.h" +#include "curl_gssapi.h" +#include "sendf.h" +#include "curl_printf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_is_gssapi_supported() + * + * This is used to evaluate if GSSAPI (Kerberos V5) is supported. + * + * Parameters: None + * + * Returns TRUE if Kerberos V5 is supported by the GSS-API library. + */ +bool Curl_auth_is_gssapi_supported(void) +{ + return TRUE; +} + +/* + * Curl_auth_create_gssapi_user_message() + * + * This is used to generate an already encoded GSSAPI (Kerberos V5) user token + * message ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name. + * passdwp [in] - The user's password. + * service [in] - The service type such as http, smtp, pop or imap. + * host [in[ - The host name. + * mutual_auth [in] - Flag specifing whether or not mutual authentication + * is enabled. + * chlg64 [in] - Pointer to the optional base64 encoded challenge + * message. + * krb5 [in/out] - The Kerberos 5 data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + const char *service, + const char *host, + const bool mutual_auth, + const char *chlg64, + struct kerberos5data *krb5, + char **outptr, size_t *outlen) +{ + CURLcode result = CURLE_OK; + size_t chlglen = 0; + unsigned char *chlg = NULL; + OM_uint32 major_status; + OM_uint32 minor_status; + OM_uint32 unused_status; + gss_buffer_desc spn_token = GSS_C_EMPTY_BUFFER; + gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; + gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; + + (void) userp; + (void) passwdp; + + if(!krb5->spn) { + /* Generate our SPN */ + char *spn = Curl_auth_build_spn(service, NULL, host); + if(!spn) + return CURLE_OUT_OF_MEMORY; + + /* Populate the SPN structure */ + spn_token.value = spn; + spn_token.length = strlen(spn); + + /* Import the SPN */ + major_status = gss_import_name(&minor_status, &spn_token, + GSS_C_NT_HOSTBASED_SERVICE, &krb5->spn); + if(GSS_ERROR(major_status)) { + Curl_gss_log_error(data, "gss_import_name() failed: ", + major_status, minor_status); + + free(spn); + + return CURLE_OUT_OF_MEMORY; + } + + free(spn); + } + + if(chlg64 && *chlg64) { + /* Decode the base-64 encoded challenge message */ + if(*chlg64 != '=') { + result = Curl_base64_decode(chlg64, &chlg, &chlglen); + if(result) + return result; + } + + /* Ensure we have a valid challenge message */ + if(!chlg) { + infof(data, "GSSAPI handshake failure (empty challenge message)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Setup the challenge "input" security buffer */ + input_token.value = chlg; + input_token.length = chlglen; + } + + major_status = Curl_gss_init_sec_context(data, + &minor_status, + &krb5->context, + krb5->spn, + &Curl_krb5_mech_oid, + GSS_C_NO_CHANNEL_BINDINGS, + &input_token, + &output_token, + mutual_auth, + NULL); + + /* Free the decoded challenge as it is not required anymore */ + free(input_token.value); + + if(GSS_ERROR(major_status)) { + if(output_token.value) + gss_release_buffer(&unused_status, &output_token); + + Curl_gss_log_error(data, "gss_init_sec_context() failed: ", + major_status, minor_status); + + return CURLE_RECV_ERROR; + } + + if(output_token.value && output_token.length) { + /* Base64 encode the response */ + result = Curl_base64_encode(data, (char *) output_token.value, + output_token.length, outptr, outlen); + + gss_release_buffer(&unused_status, &output_token); + } + else if(mutual_auth) { + *outptr = strdup(""); + if(!*outptr) + result = CURLE_OUT_OF_MEMORY; + } + + return result; +} + +/* + * Curl_auth_create_gssapi_security_message() + * + * This is used to generate an already encoded GSSAPI (Kerberos V5) security + * token message ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * chlg64 [in] - Pointer to the optional base64 encoded challenge message. + * krb5 [in/out] - The Kerberos 5 data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, + const char *chlg64, + struct kerberos5data *krb5, + char **outptr, + size_t *outlen) +{ + CURLcode result = CURLE_OK; + size_t chlglen = 0; + size_t messagelen = 0; + unsigned char *chlg = NULL; + unsigned char *message = NULL; + OM_uint32 major_status; + OM_uint32 minor_status; + OM_uint32 unused_status; + gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; + gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; + unsigned int indata = 0; + unsigned int outdata = 0; + gss_qop_t qop = GSS_C_QOP_DEFAULT; + unsigned int sec_layer = 0; + unsigned int max_size = 0; + gss_name_t username = GSS_C_NO_NAME; + gss_buffer_desc username_token; + + /* Decode the base-64 encoded input message */ + if(strlen(chlg64) && *chlg64 != '=') { + result = Curl_base64_decode(chlg64, &chlg, &chlglen); + if(result) + return result; + } + + /* Ensure we have a valid challenge message */ + if(!chlg) { + infof(data, "GSSAPI handshake failure (empty security message)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Get the fully qualified username back from the context */ + major_status = gss_inquire_context(&minor_status, krb5->context, + &username, NULL, NULL, NULL, NULL, + NULL, NULL); + if(GSS_ERROR(major_status)) { + Curl_gss_log_error(data, "gss_inquire_context() failed: ", + major_status, minor_status); + + free(chlg); + + return CURLE_OUT_OF_MEMORY; + } + + /* Convert the username from internal format to a displayable token */ + major_status = gss_display_name(&minor_status, username, + &username_token, NULL); + if(GSS_ERROR(major_status)) { + Curl_gss_log_error(data, "gss_display_name() failed: ", + major_status, minor_status); + + free(chlg); + + return CURLE_OUT_OF_MEMORY; + } + + /* Setup the challenge "input" security buffer */ + input_token.value = chlg; + input_token.length = chlglen; + + /* Decrypt the inbound challenge and obtain the qop */ + major_status = gss_unwrap(&minor_status, krb5->context, &input_token, + &output_token, NULL, &qop); + if(GSS_ERROR(major_status)) { + Curl_gss_log_error(data, "gss_unwrap() failed: ", + major_status, minor_status); + + gss_release_buffer(&unused_status, &username_token); + free(chlg); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Not 4 octets long so fail as per RFC4752 Section 3.1 */ + if(output_token.length != 4) { + infof(data, "GSSAPI handshake failure (invalid security data)\n"); + + gss_release_buffer(&unused_status, &username_token); + free(chlg); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Copy the data out and free the challenge as it is not required anymore */ + memcpy(&indata, output_token.value, 4); + gss_release_buffer(&unused_status, &output_token); + free(chlg); + + /* Extract the security layer */ + sec_layer = indata & 0x000000FF; + if(!(sec_layer & GSSAUTH_P_NONE)) { + infof(data, "GSSAPI handshake failure (invalid security layer)\n"); + + gss_release_buffer(&unused_status, &username_token); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Extract the maximum message size the server can receive */ + max_size = ntohl(indata & 0xFFFFFF00); + if(max_size > 0) { + /* The server has told us it supports a maximum receive buffer, however, as + we don't require one unless we are encrypting data, we tell the server + our receive buffer is zero. */ + max_size = 0; + } + + /* Allocate our message */ + messagelen = sizeof(outdata) + username_token.length + 1; + message = malloc(messagelen); + if(!message) { + gss_release_buffer(&unused_status, &username_token); + + return CURLE_OUT_OF_MEMORY; + } + + /* Populate the message with the security layer, client supported receive + message size and authorization identity including the 0x00 based + terminator. Note: Despite RFC4752 Section 3.1 stating "The authorization + identity is not terminated with the zero-valued (%x00) octet." it seems + necessary to include it. */ + outdata = htonl(max_size) | sec_layer; + memcpy(message, &outdata, sizeof(outdata)); + memcpy(message + sizeof(outdata), username_token.value, + username_token.length); + message[messagelen - 1] = '\0'; + + /* Free the username token as it is not required anymore */ + gss_release_buffer(&unused_status, &username_token); + + /* Setup the "authentication data" security buffer */ + input_token.value = message; + input_token.length = messagelen; + + /* Encrypt the data */ + major_status = gss_wrap(&minor_status, krb5->context, 0, + GSS_C_QOP_DEFAULT, &input_token, NULL, + &output_token); + if(GSS_ERROR(major_status)) { + Curl_gss_log_error(data, "gss_wrap() failed: ", + major_status, minor_status); + + free(message); + + return CURLE_OUT_OF_MEMORY; + } + + /* Base64 encode the response */ + result = Curl_base64_encode(data, (char *) output_token.value, + output_token.length, outptr, outlen); + + /* Free the output buffer */ + gss_release_buffer(&unused_status, &output_token); + + /* Free the message buffer */ + free(message); + + return result; +} + +/* + * Curl_auth_gssapi_cleanup() + * + * This is used to clean up the GSSAPI (Kerberos V5) specific data. + * + * Parameters: + * + * krb5 [in/out] - The Kerberos 5 data struct being cleaned up. + * + */ +void Curl_auth_gssapi_cleanup(struct kerberos5data *krb5) +{ + OM_uint32 minor_status; + + /* Free our security context */ + if(krb5->context != GSS_C_NO_CONTEXT) { + gss_delete_sec_context(&minor_status, &krb5->context, GSS_C_NO_BUFFER); + krb5->context = GSS_C_NO_CONTEXT; + } + + /* Free the SPN */ + if(krb5->spn != GSS_C_NO_NAME) { + gss_release_name(&minor_status, &krb5->spn); + krb5->spn = GSS_C_NO_NAME; + } +} + +#endif /* HAVE_GSSAPI && USE_KERBEROS5 */ diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c new file mode 100644 index 000000000..151794e61 --- /dev/null +++ b/lib/vauth/krb5_sspi.c @@ -0,0 +1,518 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2014 - 2016, Steve Holme, . + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(USE_WINDOWS_SSPI) && defined(USE_KERBEROS5) + +#include + +#include "vauth/vauth.h" +#include "urldata.h" +#include "curl_base64.h" +#include "warnless.h" +#include "curl_multibyte.h" +#include "sendf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_is_gssapi_supported() + * + * This is used to evaluate if GSSAPI (Kerberos V5) is supported. + * + * Parameters: None + * + * Returns TRUE if Kerberos V5 is supported by Windows SSPI. + */ +bool Curl_auth_is_gssapi_supported(void) +{ + PSecPkgInfo SecurityPackage; + SECURITY_STATUS status; + + /* Query the security package for Kerberos */ + status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) + TEXT(SP_NAME_KERBEROS), + &SecurityPackage); + + return (status == SEC_E_OK ? TRUE : FALSE); +} + +/* + * Curl_auth_create_gssapi_user_message() + * + * This is used to generate an already encoded GSSAPI (Kerberos V5) user token + * message ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * service [in] - The service type such as http, smtp, pop or imap. + * host [in] - The host name. + * mutual_auth [in] - Flag specifing whether or not mutual authentication + * is enabled. + * chlg64 [in] - The optional base64 encoded challenge message. + * krb5 [in/out] - The Kerberos 5 data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + const char *service, + const char *host, + const bool mutual_auth, + const char *chlg64, + struct kerberos5data *krb5, + char **outptr, size_t *outlen) +{ + CURLcode result = CURLE_OK; + size_t chlglen = 0; + unsigned char *chlg = NULL; + CtxtHandle context; + PSecPkgInfo SecurityPackage; + SecBuffer chlg_buf; + SecBuffer resp_buf; + SecBufferDesc chlg_desc; + SecBufferDesc resp_desc; + SECURITY_STATUS status; + unsigned long attrs; + TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ + + if(!krb5->spn) { + /* Generate our SPN */ + krb5->spn = Curl_auth_build_spn(service, host, NULL); + if(!krb5->spn) + return CURLE_OUT_OF_MEMORY; + } + + if(!krb5->output_token) { + /* Query the security package for Kerberos */ + status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) + TEXT(SP_NAME_KERBEROS), + &SecurityPackage); + if(status != SEC_E_OK) { + return CURLE_NOT_BUILT_IN; + } + + krb5->token_max = SecurityPackage->cbMaxToken; + + /* Release the package buffer as it is not required anymore */ + s_pSecFn->FreeContextBuffer(SecurityPackage); + + /* Allocate our response buffer */ + krb5->output_token = malloc(krb5->token_max); + if(!krb5->output_token) + return CURLE_OUT_OF_MEMORY; + } + + if(!krb5->credentials) { + /* Do we have credientials to use or are we using single sign-on? */ + if(userp && *userp) { + /* Populate our identity structure */ + result = Curl_create_sspi_identity(userp, passwdp, &krb5->identity); + if(result) + return result; + + /* Allow proper cleanup of the identity structure */ + krb5->p_identity = &krb5->identity; + } + else + /* Use the current Windows user */ + krb5->p_identity = NULL; + + /* Allocate our credentials handle */ + krb5->credentials = malloc(sizeof(CredHandle)); + if(!krb5->credentials) + return CURLE_OUT_OF_MEMORY; + + memset(krb5->credentials, 0, sizeof(CredHandle)); + + /* Acquire our credentials handle */ + status = s_pSecFn->AcquireCredentialsHandle(NULL, + (TCHAR *) + TEXT(SP_NAME_KERBEROS), + SECPKG_CRED_OUTBOUND, NULL, + krb5->p_identity, NULL, NULL, + krb5->credentials, &expiry); + if(status != SEC_E_OK) + return CURLE_LOGIN_DENIED; + + /* Allocate our new context handle */ + krb5->context = malloc(sizeof(CtxtHandle)); + if(!krb5->context) + return CURLE_OUT_OF_MEMORY; + + memset(krb5->context, 0, sizeof(CtxtHandle)); + } + + if(chlg64 && *chlg64) { + /* Decode the base-64 encoded challenge message */ + if(*chlg64 != '=') { + result = Curl_base64_decode(chlg64, &chlg, &chlglen); + if(result) + return result; + } + + /* Ensure we have a valid challenge message */ + if(!chlg) { + infof(data, "GSSAPI handshake failure (empty challenge message)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Setup the challenge "input" security buffer */ + chlg_desc.ulVersion = SECBUFFER_VERSION; + chlg_desc.cBuffers = 1; + chlg_desc.pBuffers = &chlg_buf; + chlg_buf.BufferType = SECBUFFER_TOKEN; + chlg_buf.pvBuffer = chlg; + chlg_buf.cbBuffer = curlx_uztoul(chlglen); + } + + /* Setup the response "output" security buffer */ + resp_desc.ulVersion = SECBUFFER_VERSION; + resp_desc.cBuffers = 1; + resp_desc.pBuffers = &resp_buf; + resp_buf.BufferType = SECBUFFER_TOKEN; + resp_buf.pvBuffer = krb5->output_token; + resp_buf.cbBuffer = curlx_uztoul(krb5->token_max); + + /* Generate our challenge-response message */ + status = s_pSecFn->InitializeSecurityContext(krb5->credentials, + chlg ? krb5->context : NULL, + krb5->spn, + (mutual_auth ? + ISC_REQ_MUTUAL_AUTH : 0), + 0, SECURITY_NATIVE_DREP, + chlg ? &chlg_desc : NULL, 0, + &context, + &resp_desc, &attrs, + &expiry); + + /* Free the decoded challenge as it is not required anymore */ + free(chlg); + + if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) { + return CURLE_RECV_ERROR; + } + + if(memcmp(&context, krb5->context, sizeof(context))) { + s_pSecFn->DeleteSecurityContext(krb5->context); + + memcpy(krb5->context, &context, sizeof(context)); + } + + if(resp_buf.cbBuffer) { + /* Base64 encode the response */ + result = Curl_base64_encode(data, (char *) resp_buf.pvBuffer, + resp_buf.cbBuffer, outptr, outlen); + } + else if(mutual_auth) { + *outptr = strdup(""); + if(!*outptr) + result = CURLE_OUT_OF_MEMORY; + } + + return result; +} + +/* + * Curl_auth_create_gssapi_security_message() + * + * This is used to generate an already encoded GSSAPI (Kerberos V5) security + * token message ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * chlg64 [in] - The optional base64 encoded challenge message. + * krb5 [in/out] - The Kerberos 5 data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, + const char *chlg64, + struct kerberos5data *krb5, + char **outptr, + size_t *outlen) +{ + CURLcode result = CURLE_OK; + size_t offset = 0; + size_t chlglen = 0; + size_t messagelen = 0; + size_t appdatalen = 0; + unsigned char *chlg = NULL; + unsigned char *trailer = NULL; + unsigned char *message = NULL; + unsigned char *padding = NULL; + unsigned char *appdata = NULL; + SecBuffer input_buf[2]; + SecBuffer wrap_buf[3]; + SecBufferDesc input_desc; + SecBufferDesc wrap_desc; + unsigned long indata = 0; + unsigned long outdata = 0; + unsigned long qop = 0; + unsigned long sec_layer = 0; + unsigned long max_size = 0; + SecPkgContext_Sizes sizes; + SecPkgCredentials_Names names; + SECURITY_STATUS status; + char *user_name; + + /* Decode the base-64 encoded input message */ + if(strlen(chlg64) && *chlg64 != '=') { + result = Curl_base64_decode(chlg64, &chlg, &chlglen); + if(result) + return result; + } + + /* Ensure we have a valid challenge message */ + if(!chlg) { + infof(data, "GSSAPI handshake failure (empty security message)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Get our response size information */ + status = s_pSecFn->QueryContextAttributes(krb5->context, + SECPKG_ATTR_SIZES, + &sizes); + if(status != SEC_E_OK) { + free(chlg); + + return CURLE_OUT_OF_MEMORY; + } + + /* Get the fully qualified username back from the context */ + status = s_pSecFn->QueryCredentialsAttributes(krb5->credentials, + SECPKG_CRED_ATTR_NAMES, + &names); + if(status != SEC_E_OK) { + free(chlg); + + return CURLE_RECV_ERROR; + } + + /* Setup the "input" security buffer */ + input_desc.ulVersion = SECBUFFER_VERSION; + input_desc.cBuffers = 2; + input_desc.pBuffers = input_buf; + input_buf[0].BufferType = SECBUFFER_STREAM; + input_buf[0].pvBuffer = chlg; + input_buf[0].cbBuffer = curlx_uztoul(chlglen); + input_buf[1].BufferType = SECBUFFER_DATA; + input_buf[1].pvBuffer = NULL; + input_buf[1].cbBuffer = 0; + + /* Decrypt the inbound challenge and obtain the qop */ + status = s_pSecFn->DecryptMessage(krb5->context, &input_desc, 0, &qop); + if(status != SEC_E_OK) { + infof(data, "GSSAPI handshake failure (empty security message)\n"); + + free(chlg); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Not 4 octets long so fail as per RFC4752 Section 3.1 */ + if(input_buf[1].cbBuffer != 4) { + infof(data, "GSSAPI handshake failure (invalid security data)\n"); + + free(chlg); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Copy the data out and free the challenge as it is not required anymore */ + memcpy(&indata, input_buf[1].pvBuffer, 4); + s_pSecFn->FreeContextBuffer(input_buf[1].pvBuffer); + free(chlg); + + /* Extract the security layer */ + sec_layer = indata & 0x000000FF; + if(!(sec_layer & KERB_WRAP_NO_ENCRYPT)) { + infof(data, "GSSAPI handshake failure (invalid security layer)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Extract the maximum message size the server can receive */ + max_size = ntohl(indata & 0xFFFFFF00); + if(max_size > 0) { + /* The server has told us it supports a maximum receive buffer, however, as + we don't require one unless we are encrypting data, we tell the server + our receive buffer is zero. */ + max_size = 0; + } + + /* Allocate the trailer */ + trailer = malloc(sizes.cbSecurityTrailer); + if(!trailer) + return CURLE_OUT_OF_MEMORY; + + /* Convert the user name to UTF8 when operating with Unicode */ + user_name = Curl_convert_tchar_to_UTF8(names.sUserName); + if(!user_name) { + free(trailer); + + return CURLE_OUT_OF_MEMORY; + } + + /* Allocate our message */ + messagelen = sizeof(outdata) + strlen(user_name) + 1; + message = malloc(messagelen); + if(!message) { + free(trailer); + Curl_unicodefree(user_name); + + return CURLE_OUT_OF_MEMORY; + } + + /* Populate the message with the security layer, client supported receive + message size and authorization identity including the 0x00 based + terminator. Note: Despite RFC4752 Section 3.1 stating "The authorization + identity is not terminated with the zero-valued (%x00) octet." it seems + necessary to include it. */ + outdata = htonl(max_size) | sec_layer; + memcpy(message, &outdata, sizeof(outdata)); + strcpy((char *) message + sizeof(outdata), user_name); + Curl_unicodefree(user_name); + + /* Allocate the padding */ + padding = malloc(sizes.cbBlockSize); + if(!padding) { + free(message); + free(trailer); + + return CURLE_OUT_OF_MEMORY; + } + + /* Setup the "authentication data" security buffer */ + wrap_desc.ulVersion = SECBUFFER_VERSION; + wrap_desc.cBuffers = 3; + wrap_desc.pBuffers = wrap_buf; + wrap_buf[0].BufferType = SECBUFFER_TOKEN; + wrap_buf[0].pvBuffer = trailer; + wrap_buf[0].cbBuffer = sizes.cbSecurityTrailer; + wrap_buf[1].BufferType = SECBUFFER_DATA; + wrap_buf[1].pvBuffer = message; + wrap_buf[1].cbBuffer = curlx_uztoul(messagelen); + wrap_buf[2].BufferType = SECBUFFER_PADDING; + wrap_buf[2].pvBuffer = padding; + wrap_buf[2].cbBuffer = sizes.cbBlockSize; + + /* Encrypt the data */ + status = s_pSecFn->EncryptMessage(krb5->context, KERB_WRAP_NO_ENCRYPT, + &wrap_desc, 0); + if(status != SEC_E_OK) { + free(padding); + free(message); + free(trailer); + + return CURLE_OUT_OF_MEMORY; + } + + /* Allocate the encryption (wrap) buffer */ + appdatalen = wrap_buf[0].cbBuffer + wrap_buf[1].cbBuffer + + wrap_buf[2].cbBuffer; + appdata = malloc(appdatalen); + if(!appdata) { + free(padding); + free(message); + free(trailer); + + return CURLE_OUT_OF_MEMORY; + } + + /* Populate the encryption buffer */ + memcpy(appdata, wrap_buf[0].pvBuffer, wrap_buf[0].cbBuffer); + offset += wrap_buf[0].cbBuffer; + memcpy(appdata + offset, wrap_buf[1].pvBuffer, wrap_buf[1].cbBuffer); + offset += wrap_buf[1].cbBuffer; + memcpy(appdata + offset, wrap_buf[2].pvBuffer, wrap_buf[2].cbBuffer); + + /* Base64 encode the response */ + result = Curl_base64_encode(data, (char *) appdata, appdatalen, outptr, + outlen); + + /* Free all of our local buffers */ + free(appdata); + free(padding); + free(message); + free(trailer); + + return result; +} + +/* + * Curl_auth_gssapi_cleanup() + * + * This is used to clean up the GSSAPI (Kerberos V5) specific data. + * + * Parameters: + * + * krb5 [in/out] - The Kerberos 5 data struct being cleaned up. + * + */ +void Curl_auth_gssapi_cleanup(struct kerberos5data *krb5) +{ + /* Free our security context */ + if(krb5->context) { + s_pSecFn->DeleteSecurityContext(krb5->context); + free(krb5->context); + krb5->context = NULL; + } + + /* Free our credentials handle */ + if(krb5->credentials) { + s_pSecFn->FreeCredentialsHandle(krb5->credentials); + free(krb5->credentials); + krb5->credentials = NULL; + } + + /* Free our identity */ + Curl_sspi_free_identity(krb5->p_identity); + krb5->p_identity = NULL; + + /* Free the SPN and output token */ + Curl_safefree(krb5->spn); + Curl_safefree(krb5->output_token); + + /* Reset any variables */ + krb5->token_max = 0; +} + +#endif /* USE_WINDOWS_SSPI && USE_KERBEROS5*/ diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c new file mode 100644 index 000000000..b484a011a --- /dev/null +++ b/lib/vauth/ntlm.c @@ -0,0 +1,856 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(USE_NTLM) && !defined(USE_WINDOWS_SSPI) + +/* + * NTLM details: + * + * http://davenport.sourceforge.net/ntlm.html + * https://www.innovation.ch/java/ntlm.html + */ + +#define DEBUG_ME 0 + +#include "urldata.h" +#include "non-ascii.h" +#include "sendf.h" +#include "curl_base64.h" +#include "curl_ntlm_core.h" +#include "curl_gethostname.h" +#include "curl_multibyte.h" +#include "warnless.h" + +#include "vtls/vtls.h" + +#ifdef USE_NSS +#include "vtls/nssg.h" /* for Curl_nss_force_init() */ +#endif + +#define BUILDING_CURL_NTLM_MSGS_C +#include "vauth/vauth.h" +#include "vauth/ntlm.h" +#include "curl_endian.h" +#include "curl_printf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* "NTLMSSP" signature is always in ASCII regardless of the platform */ +#define NTLMSSP_SIGNATURE "\x4e\x54\x4c\x4d\x53\x53\x50" + +#define SHORTPAIR(x) ((x) & 0xff), (((x) >> 8) & 0xff) +#define LONGQUARTET(x) ((x) & 0xff), (((x) >> 8) & 0xff), \ + (((x) >> 16) & 0xff), (((x) >> 24) & 0xff) + +#if DEBUG_ME +# define DEBUG_OUT(x) x +static void ntlm_print_flags(FILE *handle, unsigned long flags) +{ + if(flags & NTLMFLAG_NEGOTIATE_UNICODE) + fprintf(handle, "NTLMFLAG_NEGOTIATE_UNICODE "); + if(flags & NTLMFLAG_NEGOTIATE_OEM) + fprintf(handle, "NTLMFLAG_NEGOTIATE_OEM "); + if(flags & NTLMFLAG_REQUEST_TARGET) + fprintf(handle, "NTLMFLAG_REQUEST_TARGET "); + if(flags & (1<<3)) + fprintf(handle, "NTLMFLAG_UNKNOWN_3 "); + if(flags & NTLMFLAG_NEGOTIATE_SIGN) + fprintf(handle, "NTLMFLAG_NEGOTIATE_SIGN "); + if(flags & NTLMFLAG_NEGOTIATE_SEAL) + fprintf(handle, "NTLMFLAG_NEGOTIATE_SEAL "); + if(flags & NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE) + fprintf(handle, "NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE "); + if(flags & NTLMFLAG_NEGOTIATE_LM_KEY) + fprintf(handle, "NTLMFLAG_NEGOTIATE_LM_KEY "); + if(flags & NTLMFLAG_NEGOTIATE_NETWARE) + fprintf(handle, "NTLMFLAG_NEGOTIATE_NETWARE "); + if(flags & NTLMFLAG_NEGOTIATE_NTLM_KEY) + fprintf(handle, "NTLMFLAG_NEGOTIATE_NTLM_KEY "); + if(flags & (1<<10)) + fprintf(handle, "NTLMFLAG_UNKNOWN_10 "); + if(flags & NTLMFLAG_NEGOTIATE_ANONYMOUS) + fprintf(handle, "NTLMFLAG_NEGOTIATE_ANONYMOUS "); + if(flags & NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED) + fprintf(handle, "NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED "); + if(flags & NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED) + fprintf(handle, "NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED "); + if(flags & NTLMFLAG_NEGOTIATE_LOCAL_CALL) + fprintf(handle, "NTLMFLAG_NEGOTIATE_LOCAL_CALL "); + if(flags & NTLMFLAG_NEGOTIATE_ALWAYS_SIGN) + fprintf(handle, "NTLMFLAG_NEGOTIATE_ALWAYS_SIGN "); + if(flags & NTLMFLAG_TARGET_TYPE_DOMAIN) + fprintf(handle, "NTLMFLAG_TARGET_TYPE_DOMAIN "); + if(flags & NTLMFLAG_TARGET_TYPE_SERVER) + fprintf(handle, "NTLMFLAG_TARGET_TYPE_SERVER "); + if(flags & NTLMFLAG_TARGET_TYPE_SHARE) + fprintf(handle, "NTLMFLAG_TARGET_TYPE_SHARE "); + if(flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) + fprintf(handle, "NTLMFLAG_NEGOTIATE_NTLM2_KEY "); + if(flags & NTLMFLAG_REQUEST_INIT_RESPONSE) + fprintf(handle, "NTLMFLAG_REQUEST_INIT_RESPONSE "); + if(flags & NTLMFLAG_REQUEST_ACCEPT_RESPONSE) + fprintf(handle, "NTLMFLAG_REQUEST_ACCEPT_RESPONSE "); + if(flags & NTLMFLAG_REQUEST_NONNT_SESSION_KEY) + fprintf(handle, "NTLMFLAG_REQUEST_NONNT_SESSION_KEY "); + if(flags & NTLMFLAG_NEGOTIATE_TARGET_INFO) + fprintf(handle, "NTLMFLAG_NEGOTIATE_TARGET_INFO "); + if(flags & (1<<24)) + fprintf(handle, "NTLMFLAG_UNKNOWN_24 "); + if(flags & (1<<25)) + fprintf(handle, "NTLMFLAG_UNKNOWN_25 "); + if(flags & (1<<26)) + fprintf(handle, "NTLMFLAG_UNKNOWN_26 "); + if(flags & (1<<27)) + fprintf(handle, "NTLMFLAG_UNKNOWN_27 "); + if(flags & (1<<28)) + fprintf(handle, "NTLMFLAG_UNKNOWN_28 "); + if(flags & NTLMFLAG_NEGOTIATE_128) + fprintf(handle, "NTLMFLAG_NEGOTIATE_128 "); + if(flags & NTLMFLAG_NEGOTIATE_KEY_EXCHANGE) + fprintf(handle, "NTLMFLAG_NEGOTIATE_KEY_EXCHANGE "); + if(flags & NTLMFLAG_NEGOTIATE_56) + fprintf(handle, "NTLMFLAG_NEGOTIATE_56 "); +} + +static void ntlm_print_hex(FILE *handle, const char *buf, size_t len) +{ + const char *p = buf; + + (void) handle; + + fprintf(stderr, "0x"); + while(len-- > 0) + fprintf(stderr, "%02.2x", (unsigned int)*p++); +} +#else +# define DEBUG_OUT(x) Curl_nop_stmt +#endif + +/* + * ntlm_decode_type2_target() + * + * This is used to decode the "target info" in the NTLM type-2 message + * received. + * + * Parameters: + * + * data [in] - The session handle. + * buffer [in] - The decoded type-2 message. + * size [in] - The input buffer size, at least 32 bytes. + * ntlm [in/out] - The NTLM data struct being used and modified. + * + * Returns CURLE_OK on success. + */ +static CURLcode ntlm_decode_type2_target(struct Curl_easy *data, + unsigned char *buffer, + size_t size, + struct ntlmdata *ntlm) +{ + unsigned short target_info_len = 0; + unsigned int target_info_offset = 0; + +#if defined(CURL_DISABLE_VERBOSE_STRINGS) + (void) data; +#endif + + if(size >= 48) { + target_info_len = Curl_read16_le(&buffer[40]); + target_info_offset = Curl_read32_le(&buffer[44]); + if(target_info_len > 0) { + if(((target_info_offset + target_info_len) > size) || + (target_info_offset < 48)) { + infof(data, "NTLM handshake failure (bad type-2 message). " + "Target Info Offset Len is set incorrect by the peer\n"); + return CURLE_BAD_CONTENT_ENCODING; + } + + ntlm->target_info = malloc(target_info_len); + if(!ntlm->target_info) + return CURLE_OUT_OF_MEMORY; + + memcpy(ntlm->target_info, &buffer[target_info_offset], target_info_len); + } + } + + ntlm->target_info_len = target_info_len; + + return CURLE_OK; +} + +/* + NTLM message structure notes: + + A 'short' is a 'network short', a little-endian 16-bit unsigned value. + + A 'long' is a 'network long', a little-endian, 32-bit unsigned value. + + A 'security buffer' represents a triplet used to point to a buffer, + consisting of two shorts and one long: + + 1. A 'short' containing the length of the buffer content in bytes. + 2. A 'short' containing the allocated space for the buffer in bytes. + 3. A 'long' containing the offset to the start of the buffer in bytes, + from the beginning of the NTLM message. +*/ + +/* + * Curl_auth_is_ntlm_supported() + * + * This is used to evaluate if NTLM is supported. + * + * Parameters: None + * + * Returns TRUE as NTLM as handled by libcurl. + */ +bool Curl_auth_is_ntlm_supported(void) +{ + return TRUE; +} + +/* + * Curl_auth_decode_ntlm_type2_message() + * + * This is used to decode an already encoded NTLM type-2 message. The message + * is first decoded from a base64 string into a raw NTLM message and checked + * for validity before the appropriate data for creating a type-3 message is + * written to the given NTLM data structure. + * + * Parameters: + * + * data [in] - The session handle. + * type2msg [in] - The base64 encoded type-2 message. + * ntlm [in/out] - The NTLM data struct being used and modified. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data, + const char *type2msg, + struct ntlmdata *ntlm) +{ + static const char type2_marker[] = { 0x02, 0x00, 0x00, 0x00 }; + + /* NTLM type-2 message structure: + + Index Description Content + 0 NTLMSSP Signature Null-terminated ASCII "NTLMSSP" + (0x4e544c4d53535000) + 8 NTLM Message Type long (0x02000000) + 12 Target Name security buffer + 20 Flags long + 24 Challenge 8 bytes + (32) Context 8 bytes (two consecutive longs) (*) + (40) Target Information security buffer (*) + (48) OS Version Structure 8 bytes (*) + 32 (48) (56) Start of data block (*) + (*) -> Optional + */ + + CURLcode result = CURLE_OK; + unsigned char *type2 = NULL; + size_t type2_len = 0; + +#if defined(USE_NSS) + /* Make sure the crypto backend is initialized */ + result = Curl_nss_force_init(data); + if(result) + return result; +#elif defined(CURL_DISABLE_VERBOSE_STRINGS) + (void)data; +#endif + + /* Decode the base-64 encoded type-2 message */ + if(strlen(type2msg) && *type2msg != '=') { + result = Curl_base64_decode(type2msg, &type2, &type2_len); + if(result) + return result; + } + + /* Ensure we have a valid type-2 message */ + if(!type2) { + infof(data, "NTLM handshake failure (empty type-2 message)\n"); + return CURLE_BAD_CONTENT_ENCODING; + } + + ntlm->flags = 0; + + if((type2_len < 32) || + (memcmp(type2, NTLMSSP_SIGNATURE, 8) != 0) || + (memcmp(type2 + 8, type2_marker, sizeof(type2_marker)) != 0)) { + /* This was not a good enough type-2 message */ + free(type2); + infof(data, "NTLM handshake failure (bad type-2 message)\n"); + return CURLE_BAD_CONTENT_ENCODING; + } + + ntlm->flags = Curl_read32_le(&type2[20]); + memcpy(ntlm->nonce, &type2[24], 8); + + if(ntlm->flags & NTLMFLAG_NEGOTIATE_TARGET_INFO) { + result = ntlm_decode_type2_target(data, type2, type2_len, ntlm); + if(result) { + free(type2); + infof(data, "NTLM handshake failure (bad type-2 message)\n"); + return result; + } + } + + DEBUG_OUT({ + fprintf(stderr, "**** TYPE2 header flags=0x%08.8lx ", ntlm->flags); + ntlm_print_flags(stderr, ntlm->flags); + fprintf(stderr, "\n nonce="); + ntlm_print_hex(stderr, (char *)ntlm->nonce, 8); + fprintf(stderr, "\n****\n"); + fprintf(stderr, "**** Header %s\n ", header); + }); + + free(type2); + + return result; +} + +/* copy the source to the destination and fill in zeroes in every + other destination byte! */ +static void unicodecpy(unsigned char *dest, const char *src, size_t length) +{ + size_t i; + for(i = 0; i < length; i++) { + dest[2 * i] = (unsigned char)src[i]; + dest[2 * i + 1] = '\0'; + } +} + +/* + * Curl_auth_create_ntlm_type1_message() + * + * This is used to generate an already encoded NTLM type-1 message ready for + * sending to the recipient using the appropriate compile time crypto API. + * + * Parameters: + * + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * ntlm [in/out] - The NTLM data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_ntlm_type1_message(const char *userp, + const char *passwdp, + struct ntlmdata *ntlm, + char **outptr, size_t *outlen) +{ + /* NTLM type-1 message structure: + + Index Description Content + 0 NTLMSSP Signature Null-terminated ASCII "NTLMSSP" + (0x4e544c4d53535000) + 8 NTLM Message Type long (0x01000000) + 12 Flags long + (16) Supplied Domain security buffer (*) + (24) Supplied Workstation security buffer (*) + (32) OS Version Structure 8 bytes (*) + (32) (40) Start of data block (*) + (*) -> Optional + */ + + size_t size; + + unsigned char ntlmbuf[NTLM_BUFSIZE]; + const char *host = ""; /* empty */ + const char *domain = ""; /* empty */ + size_t hostlen = 0; + size_t domlen = 0; + size_t hostoff = 0; + size_t domoff = hostoff + hostlen; /* This is 0: remember that host and + domain are empty */ + (void)userp; + (void)passwdp; + + /* Clean up any former leftovers and initialise to defaults */ + Curl_auth_ntlm_cleanup(ntlm); + +#if USE_NTRESPONSES && USE_NTLM2SESSION +#define NTLM2FLAG NTLMFLAG_NEGOTIATE_NTLM2_KEY +#else +#define NTLM2FLAG 0 +#endif + snprintf((char *)ntlmbuf, NTLM_BUFSIZE, + NTLMSSP_SIGNATURE "%c" + "\x01%c%c%c" /* 32-bit type = 1 */ + "%c%c%c%c" /* 32-bit NTLM flag field */ + "%c%c" /* domain length */ + "%c%c" /* domain allocated space */ + "%c%c" /* domain name offset */ + "%c%c" /* 2 zeroes */ + "%c%c" /* host length */ + "%c%c" /* host allocated space */ + "%c%c" /* host name offset */ + "%c%c" /* 2 zeroes */ + "%s" /* host name */ + "%s", /* domain string */ + 0, /* trailing zero */ + 0, 0, 0, /* part of type-1 long */ + + LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM | + NTLMFLAG_REQUEST_TARGET | + NTLMFLAG_NEGOTIATE_NTLM_KEY | + NTLM2FLAG | + NTLMFLAG_NEGOTIATE_ALWAYS_SIGN), + SHORTPAIR(domlen), + SHORTPAIR(domlen), + SHORTPAIR(domoff), + 0, 0, + SHORTPAIR(hostlen), + SHORTPAIR(hostlen), + SHORTPAIR(hostoff), + 0, 0, + host, /* this is empty */ + domain /* this is empty */); + + /* Initial packet length */ + size = 32 + hostlen + domlen; + + DEBUG_OUT({ + fprintf(stderr, "* TYPE1 header flags=0x%02.2x%02.2x%02.2x%02.2x " + "0x%08.8x ", + LONGQUARTET(NTLMFLAG_NEGOTIATE_OEM | + NTLMFLAG_REQUEST_TARGET | + NTLMFLAG_NEGOTIATE_NTLM_KEY | + NTLM2FLAG | + NTLMFLAG_NEGOTIATE_ALWAYS_SIGN), + NTLMFLAG_NEGOTIATE_OEM | + NTLMFLAG_REQUEST_TARGET | + NTLMFLAG_NEGOTIATE_NTLM_KEY | + NTLM2FLAG | + NTLMFLAG_NEGOTIATE_ALWAYS_SIGN); + ntlm_print_flags(stderr, + NTLMFLAG_NEGOTIATE_OEM | + NTLMFLAG_REQUEST_TARGET | + NTLMFLAG_NEGOTIATE_NTLM_KEY | + NTLM2FLAG | + NTLMFLAG_NEGOTIATE_ALWAYS_SIGN); + fprintf(stderr, "\n****\n"); + }); + + /* Return with binary blob encoded into base64 */ + return Curl_base64_encode(NULL, (char *)ntlmbuf, size, outptr, outlen); +} + +/* + * Curl_auth_create_ntlm_type3_message() + * + * This is used to generate an already encoded NTLM type-3 message ready for + * sending to the recipient using the appropriate compile time crypto API. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * ntlm [in/out] - The NTLM data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + struct ntlmdata *ntlm, + char **outptr, size_t *outlen) + +{ + /* NTLM type-3 message structure: + + Index Description Content + 0 NTLMSSP Signature Null-terminated ASCII "NTLMSSP" + (0x4e544c4d53535000) + 8 NTLM Message Type long (0x03000000) + 12 LM/LMv2 Response security buffer + 20 NTLM/NTLMv2 Response security buffer + 28 Target Name security buffer + 36 User Name security buffer + 44 Workstation Name security buffer + (52) Session Key security buffer (*) + (60) Flags long (*) + (64) OS Version Structure 8 bytes (*) + 52 (64) (72) Start of data block + (*) -> Optional + */ + + CURLcode result = CURLE_OK; + size_t size; + unsigned char ntlmbuf[NTLM_BUFSIZE]; + int lmrespoff; + unsigned char lmresp[24]; /* fixed-size */ +#if USE_NTRESPONSES + int ntrespoff; + unsigned int ntresplen = 24; + unsigned char ntresp[24]; /* fixed-size */ + unsigned char *ptr_ntresp = &ntresp[0]; + unsigned char *ntlmv2resp = NULL; +#endif + bool unicode = (ntlm->flags & NTLMFLAG_NEGOTIATE_UNICODE) ? TRUE : FALSE; + char host[HOSTNAME_MAX + 1] = ""; + const char *user; + const char *domain = ""; + size_t hostoff = 0; + size_t useroff = 0; + size_t domoff = 0; + size_t hostlen = 0; + size_t userlen = 0; + size_t domlen = 0; + + user = strchr(userp, '\\'); + if(!user) + user = strchr(userp, '/'); + + if(user) { + domain = userp; + domlen = (user - domain); + user++; + } + else + user = userp; + + if(user) + userlen = strlen(user); + + /* Get the machine's un-qualified host name as NTLM doesn't like the fully + qualified domain name */ + if(Curl_gethostname(host, sizeof(host))) { + infof(data, "gethostname() failed, continuing without!\n"); + hostlen = 0; + } + else { + hostlen = strlen(host); + } + +#if USE_NTRESPONSES && USE_NTLM_V2 + if(ntlm->target_info_len) { + unsigned char ntbuffer[0x18]; + unsigned int entropy[2]; + unsigned char ntlmv2hash[0x18]; + + entropy[0] = Curl_rand(data); + entropy[1] = Curl_rand(data); + + result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer); + if(result) + return result; + + result = Curl_ntlm_core_mk_ntlmv2_hash(user, userlen, domain, domlen, + ntbuffer, ntlmv2hash); + if(result) + return result; + + /* LMv2 response */ + result = Curl_ntlm_core_mk_lmv2_resp(ntlmv2hash, + (unsigned char *)&entropy[0], + &ntlm->nonce[0], lmresp); + if(result) + return result; + + /* NTLMv2 response */ + result = Curl_ntlm_core_mk_ntlmv2_resp(ntlmv2hash, + (unsigned char *)&entropy[0], + ntlm, &ntlmv2resp, &ntresplen); + if(result) + return result; + + ptr_ntresp = ntlmv2resp; + } + else +#endif + +#if USE_NTRESPONSES && USE_NTLM2SESSION + /* We don't support NTLM2 if we don't have USE_NTRESPONSES */ + if(ntlm->flags & NTLMFLAG_NEGOTIATE_NTLM2_KEY) { + unsigned char ntbuffer[0x18]; + unsigned char tmp[0x18]; + unsigned char md5sum[MD5_DIGEST_LENGTH]; + unsigned int entropy[2]; + + /* Need to create 8 bytes random data */ + entropy[0] = Curl_rand(data); + entropy[1] = Curl_rand(data); + + /* 8 bytes random data as challenge in lmresp */ + memcpy(lmresp, entropy, 8); + + /* Pad with zeros */ + memset(lmresp + 8, 0, 0x10); + + /* Fill tmp with challenge(nonce?) + entropy */ + memcpy(tmp, &ntlm->nonce[0], 8); + memcpy(tmp + 8, entropy, 8); + + result = Curl_ssl_md5sum(tmp, 16, md5sum, MD5_DIGEST_LENGTH); + if(!result) + /* We shall only use the first 8 bytes of md5sum, but the des code in + Curl_ntlm_core_lm_resp only encrypt the first 8 bytes */ + result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer); + if(result) + return result; + + Curl_ntlm_core_lm_resp(ntbuffer, md5sum, ntresp); + + /* End of NTLM2 Session code */ + + } + else +#endif + { + +#if USE_NTRESPONSES + unsigned char ntbuffer[0x18]; +#endif + unsigned char lmbuffer[0x18]; + +#if USE_NTRESPONSES + result = Curl_ntlm_core_mk_nt_hash(data, passwdp, ntbuffer); + if(result) + return result; + + Curl_ntlm_core_lm_resp(ntbuffer, &ntlm->nonce[0], ntresp); +#endif + + result = Curl_ntlm_core_mk_lm_hash(data, passwdp, lmbuffer); + if(result) + return result; + + Curl_ntlm_core_lm_resp(lmbuffer, &ntlm->nonce[0], lmresp); + + /* A safer but less compatible alternative is: + * Curl_ntlm_core_lm_resp(ntbuffer, &ntlm->nonce[0], lmresp); + * See http://davenport.sourceforge.net/ntlm.html#ntlmVersion2 */ + } + + if(unicode) { + domlen = domlen * 2; + userlen = userlen * 2; + hostlen = hostlen * 2; + } + + lmrespoff = 64; /* size of the message header */ +#if USE_NTRESPONSES + ntrespoff = lmrespoff + 0x18; + domoff = ntrespoff + ntresplen; +#else + domoff = lmrespoff + 0x18; +#endif + useroff = domoff + domlen; + hostoff = useroff + userlen; + + /* Create the big type-3 message binary blob */ + size = snprintf((char *)ntlmbuf, NTLM_BUFSIZE, + NTLMSSP_SIGNATURE "%c" + "\x03%c%c%c" /* 32-bit type = 3 */ + + "%c%c" /* LanManager length */ + "%c%c" /* LanManager allocated space */ + "%c%c" /* LanManager offset */ + "%c%c" /* 2 zeroes */ + + "%c%c" /* NT-response length */ + "%c%c" /* NT-response allocated space */ + "%c%c" /* NT-response offset */ + "%c%c" /* 2 zeroes */ + + "%c%c" /* domain length */ + "%c%c" /* domain allocated space */ + "%c%c" /* domain name offset */ + "%c%c" /* 2 zeroes */ + + "%c%c" /* user length */ + "%c%c" /* user allocated space */ + "%c%c" /* user offset */ + "%c%c" /* 2 zeroes */ + + "%c%c" /* host length */ + "%c%c" /* host allocated space */ + "%c%c" /* host offset */ + "%c%c" /* 2 zeroes */ + + "%c%c" /* session key length (unknown purpose) */ + "%c%c" /* session key allocated space (unknown purpose) */ + "%c%c" /* session key offset (unknown purpose) */ + "%c%c" /* 2 zeroes */ + + "%c%c%c%c", /* flags */ + + /* domain string */ + /* user string */ + /* host string */ + /* LanManager response */ + /* NT response */ + + 0, /* zero termination */ + 0, 0, 0, /* type-3 long, the 24 upper bits */ + + SHORTPAIR(0x18), /* LanManager response length, twice */ + SHORTPAIR(0x18), + SHORTPAIR(lmrespoff), + 0x0, 0x0, + +#if USE_NTRESPONSES + SHORTPAIR(ntresplen), /* NT-response length, twice */ + SHORTPAIR(ntresplen), + SHORTPAIR(ntrespoff), + 0x0, 0x0, +#else + 0x0, 0x0, + 0x0, 0x0, + 0x0, 0x0, + 0x0, 0x0, +#endif + SHORTPAIR(domlen), + SHORTPAIR(domlen), + SHORTPAIR(domoff), + 0x0, 0x0, + + SHORTPAIR(userlen), + SHORTPAIR(userlen), + SHORTPAIR(useroff), + 0x0, 0x0, + + SHORTPAIR(hostlen), + SHORTPAIR(hostlen), + SHORTPAIR(hostoff), + 0x0, 0x0, + + 0x0, 0x0, + 0x0, 0x0, + 0x0, 0x0, + 0x0, 0x0, + + LONGQUARTET(ntlm->flags)); + + DEBUGASSERT(size == 64); + DEBUGASSERT(size == (size_t)lmrespoff); + + /* We append the binary hashes */ + if(size < (NTLM_BUFSIZE - 0x18)) { + memcpy(&ntlmbuf[size], lmresp, 0x18); + size += 0x18; + } + + DEBUG_OUT({ + fprintf(stderr, "**** TYPE3 header lmresp="); + ntlm_print_hex(stderr, (char *)&ntlmbuf[lmrespoff], 0x18); + }); + +#if USE_NTRESPONSES + if(size < (NTLM_BUFSIZE - ntresplen)) { + DEBUGASSERT(size == (size_t)ntrespoff); + memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen); + size += ntresplen; + } + + DEBUG_OUT({ + fprintf(stderr, "\n ntresp="); + ntlm_print_hex(stderr, (char *)&ntlmbuf[ntrespoff], ntresplen); + }); + + free(ntlmv2resp);/* Free the dynamic buffer allocated for NTLMv2 */ + +#endif + + DEBUG_OUT({ + fprintf(stderr, "\n flags=0x%02.2x%02.2x%02.2x%02.2x 0x%08.8x ", + LONGQUARTET(ntlm->flags), ntlm->flags); + ntlm_print_flags(stderr, ntlm->flags); + fprintf(stderr, "\n****\n"); + }); + + /* Make sure that the domain, user and host strings fit in the + buffer before we copy them there. */ + if(size + userlen + domlen + hostlen >= NTLM_BUFSIZE) { + failf(data, "user + domain + host name too big"); + return CURLE_OUT_OF_MEMORY; + } + + DEBUGASSERT(size == domoff); + if(unicode) + unicodecpy(&ntlmbuf[size], domain, domlen / 2); + else + memcpy(&ntlmbuf[size], domain, domlen); + + size += domlen; + + DEBUGASSERT(size == useroff); + if(unicode) + unicodecpy(&ntlmbuf[size], user, userlen / 2); + else + memcpy(&ntlmbuf[size], user, userlen); + + size += userlen; + + DEBUGASSERT(size == hostoff); + if(unicode) + unicodecpy(&ntlmbuf[size], host, hostlen / 2); + else + memcpy(&ntlmbuf[size], host, hostlen); + + size += hostlen; + + /* Convert domain, user, and host to ASCII but leave the rest as-is */ + result = Curl_convert_to_network(data, (char *)&ntlmbuf[domoff], + size - domoff); + if(result) + return CURLE_CONV_FAILED; + + /* Return with binary blob encoded into base64 */ + result = Curl_base64_encode(NULL, (char *)ntlmbuf, size, outptr, outlen); + + Curl_auth_ntlm_cleanup(ntlm); + + return result; +} + +/* +* Curl_auth_ntlm_cleanup() +* +* This is used to clean up the NTLM specific data. +* +* Parameters: +* +* ntlm [in/out] - The NTLM data struct being cleaned up. +* +*/ +void Curl_auth_ntlm_cleanup(struct ntlmdata *ntlm) +{ + /* Free the target info */ + Curl_safefree(ntlm->target_info); + + /* Reset any variables */ + ntlm->target_info_len = 0; +} + +#endif /* USE_NTLM && !USE_WINDOWS_SSPI */ diff --git a/lib/vauth/ntlm.h b/lib/vauth/ntlm.h new file mode 100644 index 000000000..b14e7a56a --- /dev/null +++ b/lib/vauth/ntlm.h @@ -0,0 +1,143 @@ +#ifndef HEADER_CURL_NTLM_H +#define HEADER_CURL_NTLM_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#ifdef USE_NTLM + +/* NTLM buffer fixed size, large enough for long user + host + domain */ +#define NTLM_BUFSIZE 1024 + +/* Stuff only required for curl_ntlm_msgs.c */ +#ifdef BUILDING_CURL_NTLM_MSGS_C + +/* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */ + +#define NTLMFLAG_NEGOTIATE_UNICODE (1<<0) +/* Indicates that Unicode strings are supported for use in security buffer + data. */ + +#define NTLMFLAG_NEGOTIATE_OEM (1<<1) +/* Indicates that OEM strings are supported for use in security buffer data. */ + +#define NTLMFLAG_REQUEST_TARGET (1<<2) +/* Requests that the server's authentication realm be included in the Type 2 + message. */ + +/* unknown (1<<3) */ +#define NTLMFLAG_NEGOTIATE_SIGN (1<<4) +/* Specifies that authenticated communication between the client and server + should carry a digital signature (message integrity). */ + +#define NTLMFLAG_NEGOTIATE_SEAL (1<<5) +/* Specifies that authenticated communication between the client and server + should be encrypted (message confidentiality). */ + +#define NTLMFLAG_NEGOTIATE_DATAGRAM_STYLE (1<<6) +/* Indicates that datagram authentication is being used. */ + +#define NTLMFLAG_NEGOTIATE_LM_KEY (1<<7) +/* Indicates that the LAN Manager session key should be used for signing and + sealing authenticated communications. */ + +#define NTLMFLAG_NEGOTIATE_NETWARE (1<<8) +/* unknown purpose */ + +#define NTLMFLAG_NEGOTIATE_NTLM_KEY (1<<9) +/* Indicates that NTLM authentication is being used. */ + +/* unknown (1<<10) */ + +#define NTLMFLAG_NEGOTIATE_ANONYMOUS (1<<11) +/* Sent by the client in the Type 3 message to indicate that an anonymous + context has been established. This also affects the response fields. */ + +#define NTLMFLAG_NEGOTIATE_DOMAIN_SUPPLIED (1<<12) +/* Sent by the client in the Type 1 message to indicate that a desired + authentication realm is included in the message. */ + +#define NTLMFLAG_NEGOTIATE_WORKSTATION_SUPPLIED (1<<13) +/* Sent by the client in the Type 1 message to indicate that the client + workstation's name is included in the message. */ + +#define NTLMFLAG_NEGOTIATE_LOCAL_CALL (1<<14) +/* Sent by the server to indicate that the server and client are on the same + machine. Implies that the client may use a pre-established local security + context rather than responding to the challenge. */ + +#define NTLMFLAG_NEGOTIATE_ALWAYS_SIGN (1<<15) +/* Indicates that authenticated communication between the client and server + should be signed with a "dummy" signature. */ + +#define NTLMFLAG_TARGET_TYPE_DOMAIN (1<<16) +/* Sent by the server in the Type 2 message to indicate that the target + authentication realm is a domain. */ + +#define NTLMFLAG_TARGET_TYPE_SERVER (1<<17) +/* Sent by the server in the Type 2 message to indicate that the target + authentication realm is a server. */ + +#define NTLMFLAG_TARGET_TYPE_SHARE (1<<18) +/* Sent by the server in the Type 2 message to indicate that the target + authentication realm is a share. Presumably, this is for share-level + authentication. Usage is unclear. */ + +#define NTLMFLAG_NEGOTIATE_NTLM2_KEY (1<<19) +/* Indicates that the NTLM2 signing and sealing scheme should be used for + protecting authenticated communications. */ + +#define NTLMFLAG_REQUEST_INIT_RESPONSE (1<<20) +/* unknown purpose */ + +#define NTLMFLAG_REQUEST_ACCEPT_RESPONSE (1<<21) +/* unknown purpose */ + +#define NTLMFLAG_REQUEST_NONNT_SESSION_KEY (1<<22) +/* unknown purpose */ + +#define NTLMFLAG_NEGOTIATE_TARGET_INFO (1<<23) +/* Sent by the server in the Type 2 message to indicate that it is including a + Target Information block in the message. */ + +/* unknown (1<24) */ +/* unknown (1<25) */ +/* unknown (1<26) */ +/* unknown (1<27) */ +/* unknown (1<28) */ + +#define NTLMFLAG_NEGOTIATE_128 (1<<29) +/* Indicates that 128-bit encryption is supported. */ + +#define NTLMFLAG_NEGOTIATE_KEY_EXCHANGE (1<<30) +/* Indicates that the client will provide an encrypted master key in + the "Session Key" field of the Type 3 message. */ + +#define NTLMFLAG_NEGOTIATE_56 (1<<31) +/* Indicates that 56-bit encryption is supported. */ + +#endif /* BUILDING_CURL_NTLM_MSGS_C */ + +#endif /* USE_NTLM */ + +#endif /* HEADER_CURL_NTLM_H */ diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c new file mode 100644 index 000000000..c3305176d --- /dev/null +++ b/lib/vauth/ntlm_sspi.c @@ -0,0 +1,335 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(USE_WINDOWS_SSPI) && defined(USE_NTLM) + +#include + +#include "vauth/vauth.h" +#include "urldata.h" +#include "curl_base64.h" +#include "warnless.h" +#include "curl_multibyte.h" +#include "sendf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_is_ntlm_supported() + * + * This is used to evaluate if NTLM is supported. + * + * Parameters: None + * + * Returns TRUE if NTLM is supported by Windows SSPI. + */ +bool Curl_auth_is_ntlm_supported(void) +{ + PSecPkgInfo SecurityPackage; + SECURITY_STATUS status; + + /* Query the security package for NTLM */ + status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM), + &SecurityPackage); + + return (status == SEC_E_OK ? TRUE : FALSE); +} + +/* + * Curl_auth_create_ntlm_type1_message() + * + * This is used to generate an already encoded NTLM type-1 message ready for + * sending to the recipient. + * + * Parameters: + * + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * ntlm [in/out] - The NTLM data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_ntlm_type1_message(const char *userp, + const char *passwdp, + struct ntlmdata *ntlm, + char **outptr, size_t *outlen) +{ + PSecPkgInfo SecurityPackage; + SecBuffer type_1_buf; + SecBufferDesc type_1_desc; + SECURITY_STATUS status; + unsigned long attrs; + TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ + + /* Clean up any former leftovers and initialise to defaults */ + Curl_auth_ntlm_cleanup(ntlm); + + /* Query the security package for NTLM */ + status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM), + &SecurityPackage); + if(status != SEC_E_OK) + return CURLE_NOT_BUILT_IN; + + ntlm->token_max = SecurityPackage->cbMaxToken; + + /* Release the package buffer as it is not required anymore */ + s_pSecFn->FreeContextBuffer(SecurityPackage); + + /* Allocate our output buffer */ + ntlm->output_token = malloc(ntlm->token_max); + if(!ntlm->output_token) + return CURLE_OUT_OF_MEMORY; + + if(userp && *userp) { + CURLcode result; + + /* Populate our identity structure */ + result = Curl_create_sspi_identity(userp, passwdp, &ntlm->identity); + if(result) + return result; + + /* Allow proper cleanup of the identity structure */ + ntlm->p_identity = &ntlm->identity; + } + else + /* Use the current Windows user */ + ntlm->p_identity = NULL; + + /* Allocate our credentials handle */ + ntlm->credentials = malloc(sizeof(CredHandle)); + if(!ntlm->credentials) + return CURLE_OUT_OF_MEMORY; + + memset(ntlm->credentials, 0, sizeof(CredHandle)); + + /* Acquire our credentials handle */ + status = s_pSecFn->AcquireCredentialsHandle(NULL, + (TCHAR *) TEXT(SP_NAME_NTLM), + SECPKG_CRED_OUTBOUND, NULL, + ntlm->p_identity, NULL, NULL, + ntlm->credentials, &expiry); + if(status != SEC_E_OK) + return CURLE_LOGIN_DENIED; + + /* Allocate our new context handle */ + ntlm->context = malloc(sizeof(CtxtHandle)); + if(!ntlm->context) + return CURLE_OUT_OF_MEMORY; + + memset(ntlm->context, 0, sizeof(CtxtHandle)); + + /* Setup the type-1 "output" security buffer */ + type_1_desc.ulVersion = SECBUFFER_VERSION; + type_1_desc.cBuffers = 1; + type_1_desc.pBuffers = &type_1_buf; + type_1_buf.BufferType = SECBUFFER_TOKEN; + type_1_buf.pvBuffer = ntlm->output_token; + type_1_buf.cbBuffer = curlx_uztoul(ntlm->token_max); + + /* Generate our type-1 message */ + status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL, + (TCHAR *) TEXT(""), + 0, 0, SECURITY_NETWORK_DREP, + NULL, 0, + ntlm->context, &type_1_desc, + &attrs, &expiry); + if(status == SEC_I_COMPLETE_NEEDED || + status == SEC_I_COMPLETE_AND_CONTINUE) + s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc); + else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) + return CURLE_RECV_ERROR; + + /* Base64 encode the response */ + return Curl_base64_encode(NULL, (char *) ntlm->output_token, + type_1_buf.cbBuffer, outptr, outlen); +} + +/* + * Curl_auth_decode_ntlm_type2_message() + * + * This is used to decode an already encoded NTLM type-2 message. + * + * Parameters: + * + * data [in] - The session handle. + * type2msg [in] - The base64 encoded type-2 message. + * ntlm [in/out] - The NTLM data struct being used and modified. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data, + const char *type2msg, + struct ntlmdata *ntlm) +{ + CURLcode result = CURLE_OK; + unsigned char *type2 = NULL; + size_t type2_len = 0; + +#if defined(CURL_DISABLE_VERBOSE_STRINGS) + (void) data; +#endif + + /* Decode the base-64 encoded type-2 message */ + if(strlen(type2msg) && *type2msg != '=') { + result = Curl_base64_decode(type2msg, &type2, &type2_len); + if(result) + return result; + } + + /* Ensure we have a valid type-2 message */ + if(!type2) { + infof(data, "NTLM handshake failure (empty type-2 message)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Simply store the challenge for use later */ + ntlm->input_token = type2; + ntlm->input_token_len = type2_len; + + return result; +} + +/* +* Curl_auth_create_ntlm_type3_message() + * Curl_auth_create_ntlm_type3_message() + * + * This is used to generate an already encoded NTLM type-3 message ready for + * sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * ntlm [in/out] - The NTLM data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + struct ntlmdata *ntlm, + char **outptr, size_t *outlen) +{ + CURLcode result = CURLE_OK; + SecBuffer type_2_buf; + SecBuffer type_3_buf; + SecBufferDesc type_2_desc; + SecBufferDesc type_3_desc; + SECURITY_STATUS status; + unsigned long attrs; + TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ + + (void) passwdp; + (void) userp; + + /* Setup the type-2 "input" security buffer */ + type_2_desc.ulVersion = SECBUFFER_VERSION; + type_2_desc.cBuffers = 1; + type_2_desc.pBuffers = &type_2_buf; + type_2_buf.BufferType = SECBUFFER_TOKEN; + type_2_buf.pvBuffer = ntlm->input_token; + type_2_buf.cbBuffer = curlx_uztoul(ntlm->input_token_len); + + /* Setup the type-3 "output" security buffer */ + type_3_desc.ulVersion = SECBUFFER_VERSION; + type_3_desc.cBuffers = 1; + type_3_desc.pBuffers = &type_3_buf; + type_3_buf.BufferType = SECBUFFER_TOKEN; + type_3_buf.pvBuffer = ntlm->output_token; + type_3_buf.cbBuffer = curlx_uztoul(ntlm->token_max); + + /* Generate our type-3 message */ + status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, + ntlm->context, + (TCHAR *) TEXT(""), + 0, 0, SECURITY_NETWORK_DREP, + &type_2_desc, + 0, ntlm->context, + &type_3_desc, + &attrs, &expiry); + if(status != SEC_E_OK) { + infof(data, "NTLM handshake failure (type-3 message): Status=%x\n", + status); + + return CURLE_RECV_ERROR; + } + + /* Base64 encode the response */ + result = Curl_base64_encode(data, (char *) ntlm->output_token, + type_3_buf.cbBuffer, outptr, outlen); + + Curl_auth_ntlm_cleanup(ntlm); + + return result; +} + +/* + * Curl_auth_ntlm_cleanup() + * + * This is used to clean up the NTLM specific data. + * + * Parameters: + * + * ntlm [in/out] - The NTLM data struct being cleaned up. + * + */ +void Curl_auth_ntlm_cleanup(struct ntlmdata *ntlm) +{ + /* Free our security context */ + if(ntlm->context) { + s_pSecFn->DeleteSecurityContext(ntlm->context); + free(ntlm->context); + ntlm->context = NULL; + } + + /* Free our credentials handle */ + if(ntlm->credentials) { + s_pSecFn->FreeCredentialsHandle(ntlm->credentials); + free(ntlm->credentials); + ntlm->credentials = NULL; + } + + /* Free our identity */ + Curl_sspi_free_identity(ntlm->p_identity); + ntlm->p_identity = NULL; + + /* Free the input and output tokens */ + Curl_safefree(ntlm->input_token); + Curl_safefree(ntlm->output_token); + + /* Reset any variables */ + ntlm->token_max = 0; +} + +#endif /* USE_WINDOWS_SSPI && USE_NTLM */ diff --git a/lib/vauth/oauth2.c b/lib/vauth/oauth2.c new file mode 100644 index 000000000..6288f89a3 --- /dev/null +++ b/lib/vauth/oauth2.c @@ -0,0 +1,86 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC6749 OAuth 2.0 Authorization Framework + * + ***************************************************************************/ + +#include "curl_setup.h" + +#include +#include "urldata.h" + +#include "vauth/vauth.h" +#include "curl_base64.h" +#include "warnless.h" +#include "curl_printf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_create_oauth_bearer_message() + * + * This is used to generate an already encoded OAuth 2.0 message ready for + * sending to the recipient. + * + * Parameters: + * + * data[in] - The session handle. + * user[in] - The user name. + * host[in] - The host name(for OAUTHBEARER). + * port[in] - The port(for OAUTHBEARER when not Port 80). + * bearer[in] - The bearer token. + * outptr[in / out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen[out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_oauth_bearer_message(struct Curl_easy *data, + const char *user, + const char *host, + const long port, + const char *bearer, + char **outptr, size_t *outlen) +{ + CURLcode result = CURLE_OK; + char *oauth = NULL; + + /* Generate the message */ + if(host == NULL && (port == 0 || port == 80)) + oauth = aprintf("user=%s\1auth=Bearer %s\1\1", user, bearer); + else if(port == 0 || port == 80) + oauth = aprintf("user=%s\1host=%s\1auth=Bearer %s\1\1", user, host, + bearer); + else + oauth = aprintf("user=%s\1host=%s\1port=%ld\1auth=Bearer %s\1\1", user, + host, port, bearer); + if(!oauth) + return CURLE_OUT_OF_MEMORY; + + /* Base64 encode the reply */ + result = Curl_base64_encode(data, oauth, strlen(oauth), outptr, outlen); + + free(oauth); + + return result; +} diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c new file mode 100644 index 000000000..8840db8fd --- /dev/null +++ b/lib/vauth/spnego_gssapi.c @@ -0,0 +1,274 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC4178 Simple and Protected GSS-API Negotiation Mechanism + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(HAVE_GSSAPI) && defined(USE_SPNEGO) + +#include + +#include "vauth/vauth.h" +#include "urldata.h" +#include "curl_base64.h" +#include "curl_gssapi.h" +#include "warnless.h" +#include "curl_multibyte.h" +#include "sendf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_is_spnego_supported() + * + * This is used to evaluate if SPNEGO (Negotiate) is supported. + * + * Parameters: None + * + * Returns TRUE if Negotiate supported by the GSS-API library. + */ +bool Curl_auth_is_spnego_supported(void) +{ + return TRUE; +} + +/* + * Curl_auth_decode_spnego_message() + * + * This is used to decode an already encoded SPNEGO (Negotiate) challenge + * message. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * service [in] - The service type such as http, smtp, pop or imap. + * host [in] - The host name. + * chlg64 [in] - The optional base64 encoded challenge message. + * nego [in/out] - The Negotiate data struct being used and modified. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, + const char *user, + const char *password, + const char *service, + const char *host, + const char *chlg64, + struct negotiatedata *nego) +{ + CURLcode result = CURLE_OK; + size_t chlglen = 0; + unsigned char *chlg = NULL; + OM_uint32 major_status; + OM_uint32 minor_status; + OM_uint32 unused_status; + gss_buffer_desc spn_token = GSS_C_EMPTY_BUFFER; + gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER; + gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER; + + (void) user; + (void) password; + + if(nego->context && nego->status == GSS_S_COMPLETE) { + /* We finished successfully our part of authentication, but server + * rejected it (since we're again here). Exit with an error since we + * can't invent anything better */ + Curl_auth_spnego_cleanup(nego); + return CURLE_LOGIN_DENIED; + } + + if(!nego->spn) { + /* Generate our SPN */ + char *spn = Curl_auth_build_spn(service, NULL, host); + if(!spn) + return CURLE_OUT_OF_MEMORY; + + /* Populate the SPN structure */ + spn_token.value = spn; + spn_token.length = strlen(spn); + + /* Import the SPN */ + major_status = gss_import_name(&minor_status, &spn_token, + GSS_C_NT_HOSTBASED_SERVICE, + &nego->spn); + if(GSS_ERROR(major_status)) { + Curl_gss_log_error(data, "gss_import_name() failed: ", + major_status, minor_status); + + free(spn); + + return CURLE_OUT_OF_MEMORY; + } + + free(spn); + } + + if(chlg64 && *chlg64) { + /* Decode the base-64 encoded challenge message */ + if(*chlg64 != '=') { + result = Curl_base64_decode(chlg64, &chlg, &chlglen); + if(result) + return result; + } + + /* Ensure we have a valid challenge message */ + if(!chlg) { + infof(data, "SPNEGO handshake failure (empty challenge message)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Setup the challenge "input" security buffer */ + input_token.value = chlg; + input_token.length = chlglen; + } + + /* Generate our challenge-response message */ + major_status = Curl_gss_init_sec_context(data, + &minor_status, + &nego->context, + nego->spn, + &Curl_spnego_mech_oid, + GSS_C_NO_CHANNEL_BINDINGS, + &input_token, + &output_token, + TRUE, + NULL); + + /* Free the decoded challenge as it is not required anymore */ + Curl_safefree(input_token.value); + + nego->status = major_status; + if(GSS_ERROR(major_status)) { + if(output_token.value) + gss_release_buffer(&unused_status, &output_token); + + Curl_gss_log_error(data, "gss_init_sec_context() failed: ", + major_status, minor_status); + + return CURLE_OUT_OF_MEMORY; + } + + if(!output_token.value || !output_token.length) { + if(output_token.value) + gss_release_buffer(&unused_status, &output_token); + + return CURLE_OUT_OF_MEMORY; + } + + nego->output_token = output_token; + + return CURLE_OK; +} + +/* + * Curl_auth_create_spnego_message() + * + * This is used to generate an already encoded SPNEGO (Negotiate) response + * message ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * nego [in/out] - The Negotiate data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_spnego_message(struct Curl_easy *data, + struct negotiatedata *nego, + char **outptr, size_t *outlen) +{ + CURLcode result; + OM_uint32 minor_status; + + /* Base64 encode the already generated response */ + result = Curl_base64_encode(data, + nego->output_token.value, + nego->output_token.length, + outptr, outlen); + + if(result) { + gss_release_buffer(&minor_status, &nego->output_token); + nego->output_token.value = NULL; + nego->output_token.length = 0; + + return result; + } + + if(!*outptr || !*outlen) { + gss_release_buffer(&minor_status, &nego->output_token); + nego->output_token.value = NULL; + nego->output_token.length = 0; + + return CURLE_REMOTE_ACCESS_DENIED; + } + + return CURLE_OK; +} + +/* + * Curl_auth_spnego_cleanup() + * + * This is used to clean up the SPNEGO (Negotiate) specific data. + * + * Parameters: + * + * nego [in/out] - The Negotiate data struct being cleaned up. + * + */ +void Curl_auth_spnego_cleanup(struct negotiatedata *nego) +{ + OM_uint32 minor_status; + + /* Free our security context */ + if(nego->context != GSS_C_NO_CONTEXT) { + gss_delete_sec_context(&minor_status, &nego->context, GSS_C_NO_BUFFER); + nego->context = GSS_C_NO_CONTEXT; + } + + /* Free the output token */ + if(nego->output_token.value) { + gss_release_buffer(&minor_status, &nego->output_token); + nego->output_token.value = NULL; + nego->output_token.length = 0; + + } + + /* Free the SPN */ + if(nego->spn != GSS_C_NO_NAME) { + gss_release_name(&minor_status, &nego->spn); + nego->spn = GSS_C_NO_NAME; + } + + /* Reset any variables */ + nego->status = 0; +} + +#endif /* HAVE_GSSAPI && USE_SPNEGO */ diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c new file mode 100644 index 000000000..672b43fa4 --- /dev/null +++ b/lib/vauth/spnego_sspi.c @@ -0,0 +1,321 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC4178 Simple and Protected GSS-API Negotiation Mechanism + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(USE_WINDOWS_SSPI) && defined(USE_SPNEGO) + +#include + +#include "vauth/vauth.h" +#include "urldata.h" +#include "curl_base64.h" +#include "warnless.h" +#include "curl_multibyte.h" +#include "sendf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_is_spnego_supported() + * + * This is used to evaluate if SPNEGO (Negotiate) is supported. + * + * Parameters: None + * + * Returns TRUE if Negotiate is supported by Windows SSPI. + */ +bool Curl_auth_is_spnego_supported(void) +{ + PSecPkgInfo SecurityPackage; + SECURITY_STATUS status; + + /* Query the security package for Negotiate */ + status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) + TEXT(SP_NAME_NEGOTIATE), + &SecurityPackage); + + return (status == SEC_E_OK ? TRUE : FALSE); +} + +/* + * Curl_auth_decode_spnego_message() + * + * This is used to decode an already encoded SPNEGO (Negotiate) challenge + * message. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name in the format User or Domain\User. + * passdwp [in] - The user's password. + * service [in] - The service type such as http, smtp, pop or imap. + * host [in] - The host name. + * chlg64 [in] - The optional base64 encoded challenge message. + * nego [in/out] - The Negotiate data struct being used and modified. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, + const char *user, + const char *password, + const char *service, + const char *host, + const char *chlg64, + struct negotiatedata *nego) +{ + CURLcode result = CURLE_OK; + size_t chlglen = 0; + unsigned char *chlg = NULL; + PSecPkgInfo SecurityPackage; + SecBuffer chlg_buf; + SecBuffer resp_buf; + SecBufferDesc chlg_desc; + SecBufferDesc resp_desc; + unsigned long attrs; + TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */ + +#if defined(CURL_DISABLE_VERBOSE_STRINGS) + (void) data; +#endif + + if(nego->context && nego->status == SEC_E_OK) { + /* We finished successfully our part of authentication, but server + * rejected it (since we're again here). Exit with an error since we + * can't invent anything better */ + Curl_auth_spnego_cleanup(nego); + return CURLE_LOGIN_DENIED; + } + + if(!nego->spn) { + /* Generate our SPN */ + nego->spn = Curl_auth_build_spn(service, host, NULL); + if(!nego->spn) + return CURLE_OUT_OF_MEMORY; + } + + if(!nego->output_token) { + /* Query the security package for Negotiate */ + nego->status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) + TEXT(SP_NAME_NEGOTIATE), + &SecurityPackage); + if(nego->status != SEC_E_OK) + return CURLE_NOT_BUILT_IN; + + nego->token_max = SecurityPackage->cbMaxToken; + + /* Release the package buffer as it is not required anymore */ + s_pSecFn->FreeContextBuffer(SecurityPackage); + + /* Allocate our output buffer */ + nego->output_token = malloc(nego->token_max); + if(!nego->output_token) + return CURLE_OUT_OF_MEMORY; + } + + if(!nego->credentials) { + /* Do we have credientials to use or are we using single sign-on? */ + if(user && *user) { + /* Populate our identity structure */ + result = Curl_create_sspi_identity(user, password, &nego->identity); + if(result) + return result; + + /* Allow proper cleanup of the identity structure */ + nego->p_identity = &nego->identity; + } + else + /* Use the current Windows user */ + nego->p_identity = NULL; + + /* Allocate our credentials handle */ + nego->credentials = malloc(sizeof(CredHandle)); + if(!nego->credentials) + return CURLE_OUT_OF_MEMORY; + + memset(nego->credentials, 0, sizeof(CredHandle)); + + /* Acquire our credentials handle */ + nego->status = + s_pSecFn->AcquireCredentialsHandle(NULL, + (TCHAR *)TEXT(SP_NAME_NEGOTIATE), + SECPKG_CRED_OUTBOUND, NULL, + nego->p_identity, NULL, NULL, + nego->credentials, &expiry); + if(nego->status != SEC_E_OK) + return CURLE_LOGIN_DENIED; + + /* Allocate our new context handle */ + nego->context = malloc(sizeof(CtxtHandle)); + if(!nego->context) + return CURLE_OUT_OF_MEMORY; + + memset(nego->context, 0, sizeof(CtxtHandle)); + } + + if(chlg64 && *chlg64) { + /* Decode the base-64 encoded challenge message */ + if(*chlg64 != '=') { + result = Curl_base64_decode(chlg64, &chlg, &chlglen); + if(result) + return result; + } + + /* Ensure we have a valid challenge message */ + if(!chlg) { + infof(data, "SPNEGO handshake failure (empty challenge message)\n"); + + return CURLE_BAD_CONTENT_ENCODING; + } + + /* Setup the challenge "input" security buffer */ + chlg_desc.ulVersion = SECBUFFER_VERSION; + chlg_desc.cBuffers = 1; + chlg_desc.pBuffers = &chlg_buf; + chlg_buf.BufferType = SECBUFFER_TOKEN; + chlg_buf.pvBuffer = chlg; + chlg_buf.cbBuffer = curlx_uztoul(chlglen); + } + + /* Setup the response "output" security buffer */ + resp_desc.ulVersion = SECBUFFER_VERSION; + resp_desc.cBuffers = 1; + resp_desc.pBuffers = &resp_buf; + resp_buf.BufferType = SECBUFFER_TOKEN; + resp_buf.pvBuffer = nego->output_token; + resp_buf.cbBuffer = curlx_uztoul(nego->token_max); + + /* Generate our challenge-response message */ + nego->status = s_pSecFn->InitializeSecurityContext(nego->credentials, + chlg ? nego->context : + NULL, + nego->spn, + ISC_REQ_CONFIDENTIALITY, + 0, SECURITY_NATIVE_DREP, + chlg ? &chlg_desc : NULL, + 0, nego->context, + &resp_desc, &attrs, + &expiry); + + /* Free the decoded challenge as it is not required anymore */ + free(chlg); + + if(GSS_ERROR(nego->status)) { + return CURLE_OUT_OF_MEMORY; + } + + if(nego->status == SEC_I_COMPLETE_NEEDED || + nego->status == SEC_I_COMPLETE_AND_CONTINUE) { + nego->status = s_pSecFn->CompleteAuthToken(nego->context, &resp_desc); + if(GSS_ERROR(nego->status)) { + return CURLE_RECV_ERROR; + } + } + + nego->output_token_length = resp_buf.cbBuffer; + + return result; +} + +/* + * Curl_auth_create_spnego_message() + * + * This is used to generate an already encoded SPNEGO (Negotiate) response + * message ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * nego [in/out] - The Negotiate data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_auth_create_spnego_message(struct Curl_easy *data, + struct negotiatedata *nego, + char **outptr, size_t *outlen) +{ + CURLcode result; + + /* Base64 encode the already generated response */ + result = Curl_base64_encode(data, + (const char*) nego->output_token, + nego->output_token_length, + outptr, outlen); + + if(result) + return result; + + if(!*outptr || !*outlen) { + free(*outptr); + return CURLE_REMOTE_ACCESS_DENIED; + } + + return CURLE_OK; +} + +/* + * Curl_auth_spnego_cleanup() + * + * This is used to clean up the SPNEGO (Negotiate) specific data. + * + * Parameters: + * + * nego [in/out] - The Negotiate data struct being cleaned up. + * + */ +void Curl_auth_spnego_cleanup(struct negotiatedata *nego) +{ + /* Free our security context */ + if(nego->context) { + s_pSecFn->DeleteSecurityContext(nego->context); + free(nego->context); + nego->context = NULL; + } + + /* Free our credentials handle */ + if(nego->credentials) { + s_pSecFn->FreeCredentialsHandle(nego->credentials); + free(nego->credentials); + nego->credentials = NULL; + } + + /* Free our identity */ + Curl_sspi_free_identity(nego->p_identity); + nego->p_identity = NULL; + + /* Free the SPN and output token */ + Curl_safefree(nego->spn); + Curl_safefree(nego->output_token); + + /* Reset any variables */ + nego->status = 0; + nego->token_max = 0; +} + +#endif /* USE_WINDOWS_SSPI && USE_SPNEGO */ diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c new file mode 100644 index 000000000..b995f34e2 --- /dev/null +++ b/lib/vauth/vauth.c @@ -0,0 +1,147 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2014 - 2016, Steve Holme, . + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include "curl_setup.h" + +#include + +#include "vauth.h" +#include "curl_multibyte.h" +#include "curl_printf.h" + +/* The last #include files should be: */ +#include "curl_memory.h" +#include "memdebug.h" + +/* + * Curl_auth_build_spn() + * + * This is used to build a SPN string in the following formats: + * + * service/host@realm (Not currently used) + * service/host (Not used by GSS-API) + * service@realm (Not used by Windows SSPI) + * + * Parameters: + * + * service [in] - The service type such as http, smtp, pop or imap. + * host [in] - The host name. + * realm [in] - The realm. + * + * Returns a pointer to the newly allocated SPN. + */ +#if !defined(USE_WINDOWS_SSPI) +char *Curl_auth_build_spn(const char *service, const char *host, + const char *realm) +{ + char *spn = NULL; + + /* Generate our SPN */ + if(host && realm) + spn = aprintf("%s/%s@%s", service, host, realm); + else if(host) + spn = aprintf("%s/%s", service, host); + else if(realm) + spn = aprintf("%s@%s", service, realm); + + /* Return our newly allocated SPN */ + return spn; +} +#else +TCHAR *Curl_auth_build_spn(const char *service, const char *host, + const char *realm) +{ + char *utf8_spn = NULL; + TCHAR *tchar_spn = NULL; + + (void) realm; + + /* Note: We could use DsMakeSPN() or DsClientMakeSpnForTargetServer() rather + than doing this ourselves but the first is only available in Windows XP + and Windows Server 2003 and the latter is only available in Windows 2000 + but not Windows95/98/ME or Windows NT4.0 unless the Active Directory + Client Extensions are installed. As such it is far simpler for us to + formulate the SPN instead. */ + + /* Generate our UTF8 based SPN */ + utf8_spn = aprintf("%s/%s", service, host); + if(!utf8_spn) { + return NULL; + } + + /* Allocate our TCHAR based SPN */ + tchar_spn = Curl_convert_UTF8_to_tchar(utf8_spn); + if(!tchar_spn) { + free(utf8_spn); + + return NULL; + } + + /* Release the UTF8 variant when operating with Unicode */ + Curl_unicodefree(utf8_spn); + + /* Return our newly allocated SPN */ + return tchar_spn; +} +#endif /* USE_WINDOWS_SSPI */ + +/* +* Curl_auth_user_contains_domain() +* +* This is used to test if the specified user contains a Windows domain name as +* follows: +* +* User\Domain (Down-level Logon Name) +* User/Domain (curl Down-level format - for compatibility with existing code) +* User@Domain (User Principal Name) +* +* Note: The user name may be empty when using a GSS-API library or Windows SSPI +* as the user and domain are either obtained from the credientals cache when +* using GSS-API or via the currently logged in user's credientals when using +* Windows SSPI. +* +* Parameters: +* +* user [in] - The user name. +* +* Returns TRUE on success; otherwise FALSE. +*/ +bool Curl_auth_user_contains_domain(const char *user) +{ + bool valid = FALSE; + + if(user && *user) { + /* Check we have a domain name or UPN present */ + char *p = strpbrk(user, "\\/@"); + + valid = (p != NULL && p > user && p < user + strlen(user) - 1 ? TRUE : + FALSE); + } +#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) + else + /* User and domain are obtained from the GSS-API credientials cache or the + currently logged in user from Windows */ + valid = TRUE; +#endif + + return valid; +} diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h new file mode 100644 index 000000000..9d61228c3 --- /dev/null +++ b/lib/vauth/vauth.h @@ -0,0 +1,204 @@ +#ifndef HEADER_CURL_VAUTH_H +#define HEADER_CURL_VAUTH_H +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2014 - 2016, Steve Holme, . + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ + +#include + +struct Curl_easy; + +#if !defined(CURL_DISABLE_CRYPTO_AUTH) +struct digestdata; +#endif + +#if defined(USE_NTLM) +struct ntlmdata; +#endif + +#if defined(USE_KERBEROS5) +struct kerberos5data; +#endif + +#if (defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)) && defined(USE_SPNEGO) +struct negotiatedata; +#endif + +#if defined(USE_WINDOWS_SSPI) +#define GSS_ERROR(status) (status & 0x80000000) +#endif + +/* This is used to build a SPN string */ +#if !defined(USE_WINDOWS_SSPI) +char *Curl_auth_build_spn(const char *service, const char *host, + const char *realm); +#else +TCHAR *Curl_auth_build_spn(const char *service, const char *host, + const char *realm); +#endif + +/* This is used to test if the user contains a Windows domain name */ +bool Curl_auth_user_contains_domain(const char *user); + +/* This is used to generate a base64 encoded PLAIN cleartext message */ +CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + char **outptr, size_t *outlen); + +/* This is used to generate a base64 encoded LOGIN cleartext message */ +CURLcode Curl_auth_create_login_message(struct Curl_easy *data, + const char *valuep, char **outptr, + size_t *outlen); + +/* This is used to generate a base64 encoded EXTERNAL cleartext message */ +CURLcode Curl_auth_create_external_message(struct Curl_easy *data, + const char *user, char **outptr, + size_t *outlen); + +#if !defined(CURL_DISABLE_CRYPTO_AUTH) +/* This is used to decode a CRAM-MD5 challenge message */ +CURLcode Curl_auth_decode_cram_md5_message(const char *chlg64, char **outptr, + size_t *outlen); + +/* This is used to generate a CRAM-MD5 response message */ +CURLcode Curl_auth_create_cram_md5_message(struct Curl_easy *data, + const char *chlg, + const char *userp, + const char *passwdp, + char **outptr, size_t *outlen); + +/* This is used to evaluate if DIGEST is supported */ +bool Curl_auth_is_digest_supported(void); + +/* This is used to generate a base64 encoded DIGEST-MD5 response message */ +CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, + const char *chlg64, + const char *userp, + const char *passwdp, + const char *service, + char **outptr, size_t *outlen); + +/* This is used to decode a HTTP DIGEST challenge message */ +CURLcode Curl_auth_decode_digest_http_message(const char *chlg, + struct digestdata *digest); + +/* This is used to generate a HTTP DIGEST response message */ +CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + const unsigned char *request, + const unsigned char *uri, + struct digestdata *digest, + char **outptr, size_t *outlen); + +/* This is used to clean up the digest specific data */ +void Curl_auth_digest_cleanup(struct digestdata *digest); +#endif /* !CURL_DISABLE_CRYPTO_AUTH */ + +#if defined(USE_NTLM) +/* This is used to evaluate if NTLM is supported */ +bool Curl_auth_is_ntlm_supported(void); + +/* This is used to generate a base64 encoded NTLM type-1 message */ +CURLcode Curl_auth_create_ntlm_type1_message(const char *userp, + const char *passwdp, + struct ntlmdata *ntlm, + char **outptr, + size_t *outlen); + +/* This is used to decode a base64 encoded NTLM type-2 message */ +CURLcode Curl_auth_decode_ntlm_type2_message(struct Curl_easy *data, + const char *type2msg, + struct ntlmdata *ntlm); + +/* This is used to generate a base64 encoded NTLM type-3 message */ +CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + struct ntlmdata *ntlm, + char **outptr, size_t *outlen); + +/* This is used to clean up the NTLM specific data */ +void Curl_auth_ntlm_cleanup(struct ntlmdata *ntlm); +#endif /* USE_NTLM */ + +/* This is used to generate a base64 encoded OAuth 2.0 message */ +CURLcode Curl_auth_create_oauth_bearer_message(struct Curl_easy *data, + const char *user, + const char *host, + const long port, + const char *bearer, + char **outptr, size_t *outlen); +#if defined(USE_KERBEROS5) +/* This is used to evaluate if GSSAPI (Kerberos V5) is supported */ +bool Curl_auth_is_gssapi_supported(void); + +/* This is used to generate a base64 encoded GSSAPI (Kerberos V5) user token + message */ +CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, + const char *userp, + const char *passwdp, + const char *service, + const char *host, + const bool mutual, + const char *chlg64, + struct kerberos5data *krb5, + char **outptr, size_t *outlen); + +/* This is used to generate a base64 encoded GSSAPI (Kerberos V5) security + token message */ +CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data, + const char *input, + struct kerberos5data *krb5, + char **outptr, + size_t *outlen); + +/* This is used to clean up the GSSAPI specific data */ +void Curl_auth_gssapi_cleanup(struct kerberos5data *krb5); +#endif /* USE_KERBEROS5 */ + +#if defined(USE_SPNEGO) +/* This is used to evaluate if SPNEGO (Negotiate) is supported */ +bool Curl_auth_is_spnego_supported(void); + +/* This is used to decode a base64 encoded SPNEGO (Negotiate) challenge + message */ +CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, + const char *user, + const char *passwood, + const char *service, + const char *host, + const char *chlg64, + struct negotiatedata *nego); + +/* This is used to generate a base64 encoded SPNEGO (Negotiate) response + message */ +CURLcode Curl_auth_create_spnego_message(struct Curl_easy *data, + struct negotiatedata *nego, + char **outptr, size_t *outlen); + +/* This is used to clean up the SPNEGO specifiec data */ +void Curl_auth_spnego_cleanup(struct negotiatedata *nego); + +#endif /* USE_SPNEGO */ + +#endif /* HEADER_CURL_VAUTH_H */ diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c index d9c5f9935..b6c69ad51 100644 --- a/lib/vtls/axtls.c +++ b/lib/vtls/axtls.c @@ -6,7 +6,7 @@ * \___|\___/|_| \_\_____| * * Copyright (C) 2010, DirecTV, Contact: Eric Hu, . - * Copyright (C) 2010 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2010 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -137,14 +137,12 @@ static void free_ssl_structs(struct ssl_connect_data *connssl) */ static CURLcode connect_prep(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; SSL_CTX *ssl_ctx; SSL *ssl = NULL; int cert_types[] = {SSL_OBJ_X509_CERT, SSL_OBJ_PKCS12, 0}; int key_types[] = {SSL_OBJ_RSA_KEY, SSL_OBJ_PKCS8, SSL_OBJ_PKCS12, 0}; int i, ssl_fcn_return; - const uint8_t *ssl_sessionid; - size_t ssl_idsize; /* Assuming users will not compile in custom key/cert to axTLS. * Also, even for blocking connects, use axTLS non-blocking feature. @@ -258,14 +256,22 @@ static CURLcode connect_prep(struct connectdata *conn, int sockindex) * 2) setting up callbacks. these seem gnutls specific */ - /* In axTLS, handshaking happens inside ssl_client_new. */ - if(!Curl_ssl_getsessionid(conn, (void **) &ssl_sessionid, &ssl_idsize)) { - /* we got a session id, use it! */ - infof (data, "SSL re-using session ID\n"); - ssl = ssl_client_new(ssl_ctx, conn->sock[sockindex], - ssl_sessionid, (uint8_t)ssl_idsize); + if(conn->ssl_config.sessionid) { + const uint8_t *ssl_sessionid; + size_t ssl_idsize; + + /* In axTLS, handshaking happens inside ssl_client_new. */ + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, (void **) &ssl_sessionid, &ssl_idsize)) { + /* we got a session id, use it! */ + infof (data, "SSL re-using session ID\n"); + ssl = ssl_client_new(ssl_ctx, conn->sock[sockindex], + ssl_sessionid, (uint8_t)ssl_idsize); + } + Curl_ssl_sessionid_unlock(conn); } - else + + if(!ssl) ssl = ssl_client_new(ssl_ctx, conn->sock[sockindex], NULL, 0); conn->ssl[sockindex].ssl = ssl; @@ -278,10 +284,8 @@ static CURLcode connect_prep(struct connectdata *conn, int sockindex) */ static CURLcode connect_finish(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; SSL *ssl = conn->ssl[sockindex].ssl; - const uint8_t *ssl_sessionid; - size_t ssl_idsize; const char *peer_CN; uint32_t dns_altname_index; const char *dns_altname; @@ -379,11 +383,15 @@ static CURLcode connect_finish(struct connectdata *conn, int sockindex) conn->send[sockindex] = axtls_send; /* Put our freshly minted SSL session in cache */ - ssl_idsize = ssl_get_session_id_size(ssl); - ssl_sessionid = ssl_get_session_id(ssl); - if(Curl_ssl_addsessionid(conn, (void *) ssl_sessionid, ssl_idsize) - != CURLE_OK) - infof (data, "failed to add session to cache\n"); + if(conn->ssl_config.sessionid) { + const uint8_t *ssl_sessionid = ssl_get_session_id_size(ssl); + size_t ssl_idsize = ssl_get_session_id(ssl); + Curl_ssl_sessionid_lock(conn); + if(Curl_ssl_addsessionid(conn, (void *) ssl_sessionid, ssl_idsize) + != CURLE_OK) + infof (data, "failed to add session to cache\n"); + Curl_ssl_sessionid_unlock(conn); + } return CURLE_OK; } @@ -464,7 +472,7 @@ Curl_axtls_connect(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode conn_step = connect_prep(conn, sockindex); int ssl_fcn_return; SSL *ssl = conn->ssl[sockindex].ssl; @@ -493,7 +501,7 @@ Curl_axtls_connect(struct connectdata *conn, return map_error_to_curl(ssl_fcn_return); } /* TODO: avoid polling */ - usleep(10000); + Curl_wait_ms(10); } infof (conn->data, "handshake completed successfully\n"); @@ -518,7 +526,7 @@ static ssize_t axtls_send(struct connectdata *conn, infof(conn->data, " axtls_send\n"); - if(rc < 0 ) { + if(rc < 0) { *err = map_error_to_curl(rc); rc = -1; /* generic error code for send failure */ } @@ -554,7 +562,7 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex) */ int retval = 0; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; uint8_t *buf; ssize_t nread; @@ -670,7 +678,7 @@ size_t Curl_axtls_version(char *buffer, size_t size) return snprintf(buffer, size, "axTLS/%s", ssl_version()); } -int Curl_axtls_random(struct SessionHandle *data, +int Curl_axtls_random(struct Curl_easy *data, unsigned char *entropy, size_t length) { diff --git a/lib/vtls/axtls.h b/lib/vtls/axtls.h index b9d441f1a..b16d051aa 100644 --- a/lib/vtls/axtls.h +++ b/lib/vtls/axtls.h @@ -42,7 +42,7 @@ void Curl_axtls_session_free(void *ptr); size_t Curl_axtls_version(char *buffer, size_t size); int Curl_axtls_shutdown(struct connectdata *conn, int sockindex); int Curl_axtls_check_cxn(struct connectdata *conn); -int Curl_axtls_random(struct SessionHandle *data, +int Curl_axtls_random(struct Curl_easy *data, unsigned char *entropy, size_t length); diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index f6b57af68..7994b3eab 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -51,7 +51,6 @@ and that's a problem since options.h hasn't been included yet. */ #include "urldata.h" #include "sendf.h" #include "inet_pton.h" -#include "cyassl.h" #include "vtls.h" #include "parsedate.h" #include "connect.h" /* for the connect timeout */ @@ -69,6 +68,8 @@ and that's a problem since options.h hasn't been included yet. */ #include #include +#include "cyassl.h" + /* The last #include files should be: */ #include "curl_memory.h" #include "memdebug.h" @@ -77,6 +78,38 @@ and that's a problem since options.h hasn't been included yet. */ #define CYASSL_MAX_ERROR_SZ 80 #endif +/* To determine what functions are available we rely on one or both of: + - the user's options.h generated by CyaSSL/wolfSSL + - the symbols detected by curl's configure + Since they are markedly different from one another, and one or the other may + not be available, we do some checking below to bring things in sync. */ + +/* HAVE_ALPN is wolfSSL's build time symbol for enabling ALPN in options.h. */ +#ifndef HAVE_ALPN +#ifdef HAVE_WOLFSSL_USEALPN +#define HAVE_ALPN +#endif +#endif + +/* WOLFSSL_ALLOW_SSLV3 is wolfSSL's build time symbol for enabling SSLv3 in + options.h, but is only seen in >= 3.6.6 since that's when they started + disabling SSLv3 by default. */ +#ifndef WOLFSSL_ALLOW_SSLV3 +#if (LIBCYASSL_VERSION_HEX < 0x03006006) || \ + defined(HAVE_WOLFSSLV3_CLIENT_METHOD) +#define WOLFSSL_ALLOW_SSLV3 +#endif +#endif + +/* HAVE_SUPPORTED_CURVES is wolfSSL's build time symbol for enabling the ECC + supported curve extension in options.h. Note ECC is enabled separately. */ +#ifndef HAVE_SUPPORTED_CURVES +#if defined(HAVE_CYASSL_CTX_USESUPPORTEDCURVE) || \ + defined(HAVE_WOLFSSL_CTX_USESUPPORTEDCURVE) +#define HAVE_SUPPORTED_CURVES +#endif +#endif + static Curl_recv cyassl_recv; static Curl_send cyassl_send; @@ -101,10 +134,9 @@ cyassl_connect_step1(struct connectdata *conn, int sockindex) { char error_buffer[CYASSL_MAX_ERROR_SZ]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data* conssl = &conn->ssl[sockindex]; SSL_METHOD* req_method = NULL; - void* ssl_sessionid = NULL; curl_socket_t sockfd = conn->sock[sockindex]; #ifdef HAVE_SNI bool sni = FALSE; @@ -143,9 +175,7 @@ cyassl_connect_step1(struct connectdata *conn, use_sni(TRUE); break; case CURL_SSLVERSION_SSLv3: - /* before WolfSSL SSLv3 was enabled by default, and starting in WolfSSL - we check for its presence since it is built without it by default */ -#if !defined(WOLFSSL_VERSION) || defined(HAVE_WOLFSSLV3_CLIENT_METHOD) +#ifdef WOLFSSL_ALLOW_SSLV3 req_method = SSLv3_client_method(); use_sni(FALSE); #else @@ -280,6 +310,16 @@ cyassl_connect_step1(struct connectdata *conn, } #endif +#ifdef HAVE_SUPPORTED_CURVES + /* CyaSSL/wolfSSL does not send the supported ECC curves ext automatically: + https://github.com/wolfSSL/wolfssl/issues/366 + The supported curves below are those also supported by OpenSSL 1.0.2 and + in the same order. */ + CyaSSL_CTX_UseSupportedCurve(conssl->ctx, 0x17); /* secp256r1 */ + CyaSSL_CTX_UseSupportedCurve(conssl->ctx, 0x19); /* secp521r1 */ + CyaSSL_CTX_UseSupportedCurve(conssl->ctx, 0x18); /* secp384r1 */ +#endif + /* give application a chance to interfere with SSL set up. */ if(data->set.ssl.fsslctx) { CURLcode result = CURLE_OK; @@ -309,16 +349,51 @@ cyassl_connect_step1(struct connectdata *conn, return CURLE_OUT_OF_MEMORY; } - /* Check if there's a cached ID we can/should use here! */ - if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL)) { - /* we got a session id, use it! */ - if(!SSL_set_session(conssl->handle, ssl_sessionid)) { - failf(data, "SSL: SSL_set_session failed: %s", - ERR_error_string(SSL_get_error(conssl->handle, 0), error_buffer)); +#ifdef HAVE_ALPN + if(conn->bits.tls_enable_alpn) { + char protocols[128]; + *protocols = '\0'; + + /* wolfSSL's ALPN protocol name list format is a comma separated string of + protocols in descending order of preference, eg: "h2,http/1.1" */ + +#ifdef USE_NGHTTP2 + if(data->set.httpversion >= CURL_HTTP_VERSION_2) { + strcpy(protocols + strlen(protocols), NGHTTP2_PROTO_VERSION_ID ","); + infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID); + } +#endif + + strcpy(protocols + strlen(protocols), ALPN_HTTP_1_1); + infof(data, "ALPN, offering %s\n", ALPN_HTTP_1_1); + + if(wolfSSL_UseALPN(conssl->handle, protocols, + (unsigned)strlen(protocols), + WOLFSSL_ALPN_CONTINUE_ON_MISMATCH) != SSL_SUCCESS) { + failf(data, "SSL: failed setting ALPN protocols"); return CURLE_SSL_CONNECT_ERROR; } - /* Informational message */ - infof (data, "SSL re-using session ID\n"); + } +#endif /* HAVE_ALPN */ + + /* Check if there's a cached ID we can/should use here! */ + if(conn->ssl_config.sessionid) { + void *ssl_sessionid = NULL; + + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL)) { + /* we got a session id, use it! */ + if(!SSL_set_session(conssl->handle, ssl_sessionid)) { + Curl_ssl_sessionid_unlock(conn); + failf(data, "SSL: SSL_set_session failed: %s", + ERR_error_string(SSL_get_error(conssl->handle, 0), + error_buffer)); + return CURLE_SSL_CONNECT_ERROR; + } + /* Informational message */ + infof (data, "SSL re-using session ID\n"); + } + Curl_ssl_sessionid_unlock(conn); } /* pass the raw socket into the SSL layer */ @@ -337,7 +412,7 @@ cyassl_connect_step2(struct connectdata *conn, int sockindex) { int ret = -1; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data* conssl = &conn->ssl[sockindex]; conn->recv[sockindex] = cyassl_recv; @@ -413,8 +488,7 @@ cyassl_connect_step2(struct connectdata *conn, } if(data->set.str[STRING_SSL_PINNEDPUBLICKEY]) { -#if defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \ - defined(HAVE_CYASSL_GET_PEER_CERTIFICATE) +#ifdef KEEP_PEER_CERT X509 *x509; const char *x509_der; int x509_der_len; @@ -457,6 +531,41 @@ cyassl_connect_step2(struct connectdata *conn, #endif } +#ifdef HAVE_ALPN + if(conn->bits.tls_enable_alpn) { + int rc; + char *protocol = NULL; + unsigned short protocol_len = 0; + + rc = wolfSSL_ALPN_GetProtocol(conssl->handle, &protocol, &protocol_len); + + if(rc == SSL_SUCCESS) { + infof(data, "ALPN, server accepted to use %.*s\n", protocol_len, + protocol); + + if(protocol_len == ALPN_HTTP_1_1_LENGTH && + !memcmp(protocol, ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH)) + conn->negnpn = CURL_HTTP_VERSION_1_1; +#ifdef USE_NGHTTP2 + else if(data->set.httpversion >= CURL_HTTP_VERSION_2 && + protocol_len == NGHTTP2_PROTO_VERSION_ID_LEN && + !memcmp(protocol, NGHTTP2_PROTO_VERSION_ID, + NGHTTP2_PROTO_VERSION_ID_LEN)) + conn->negnpn = CURL_HTTP_VERSION_2; +#endif + else + infof(data, "ALPN, unrecognized protocol %.*s\n", protocol_len, + protocol); + } + else if(rc == SSL_ALPN_NOT_FOUND) + infof(data, "ALPN, server did not agree to a protocol\n"); + else { + failf(data, "ALPN, failure getting protocol, error %d", rc); + return CURLE_SSL_CONNECT_ERROR; + } + } +#endif /* HAVE_ALPN */ + conssl->connecting_state = ssl_connect_3; infof(data, "SSL connected\n"); @@ -469,32 +578,38 @@ cyassl_connect_step3(struct connectdata *conn, int sockindex) { CURLcode result = CURLE_OK; - void *old_ssl_sessionid=NULL; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - bool incache; - SSL_SESSION *our_ssl_sessionid; DEBUGASSERT(ssl_connect_3 == connssl->connecting_state); - our_ssl_sessionid = SSL_get_session(connssl->handle); + if(conn->ssl_config.sessionid) { + bool incache; + SSL_SESSION *our_ssl_sessionid; + void *old_ssl_sessionid = NULL; + + our_ssl_sessionid = SSL_get_session(connssl->handle); - incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)); - if(incache) { - if(old_ssl_sessionid != our_ssl_sessionid) { - infof(data, "old SSL session ID is stale, removing\n"); - Curl_ssl_delsessionid(conn, old_ssl_sessionid); - incache = FALSE; + Curl_ssl_sessionid_lock(conn); + incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)); + if(incache) { + if(old_ssl_sessionid != our_ssl_sessionid) { + infof(data, "old SSL session ID is stale, removing\n"); + Curl_ssl_delsessionid(conn, old_ssl_sessionid); + incache = FALSE; + } } - } - if(!incache) { - result = Curl_ssl_addsessionid(conn, our_ssl_sessionid, - 0 /* unknown size */); - if(result) { - failf(data, "failed to store ssl session"); - return result; + if(!incache) { + result = Curl_ssl_addsessionid(conn, our_ssl_sessionid, + 0 /* unknown size */); + if(result) { + Curl_ssl_sessionid_unlock(conn); + failf(data, "failed to store ssl session"); + return result; + } } + Curl_ssl_sessionid_unlock(conn); } connssl->connecting_state = ssl_connect_done; @@ -639,7 +754,7 @@ cyassl_connect_common(struct connectdata *conn, bool *done) { CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; curl_socket_t sockfd = conn->sock[sockindex]; long timeout_ms; @@ -770,7 +885,7 @@ Curl_cyassl_connect(struct connectdata *conn, return CURLE_OK; } -int Curl_cyassl_random(struct SessionHandle *data, +int Curl_cyassl_random(struct Curl_easy *data, unsigned char *entropy, size_t length) { diff --git a/lib/vtls/cyassl.h b/lib/vtls/cyassl.h index 52a5e15ae..508dfaaf0 100644 --- a/lib/vtls/cyassl.h +++ b/lib/vtls/cyassl.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -25,6 +25,18 @@ #ifdef USE_CYASSL +/* KEEP_PEER_CERT is a product of the presence of build time symbol + OPENSSL_EXTRA without NO_CERTS, depending on the version. KEEP_PEER_CERT is + in wolfSSL's settings.h, and the latter two are build time symbols in + options.h. */ +#ifndef KEEP_PEER_CERT +#if defined(HAVE_CYASSL_GET_PEER_CERTIFICATE) || \ + defined(HAVE_WOLFSSL_GET_PEER_CERTIFICATE) || \ + (defined(OPENSSL_EXTRA) && !defined(NO_CERTS)) +#define KEEP_PEER_CERT +#endif +#endif + CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex); bool Curl_cyassl_data_pending(const struct connectdata* conn, int connindex); int Curl_cyassl_shutdown(struct connectdata* conn, int sockindex); @@ -39,7 +51,7 @@ int Curl_cyassl_init(void); CURLcode Curl_cyassl_connect_nonblocking(struct connectdata *conn, int sockindex, bool *done); -int Curl_cyassl_random(struct SessionHandle *data, +int Curl_cyassl_random(struct Curl_easy *data, unsigned char *entropy, size_t length); void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */ @@ -53,6 +65,11 @@ void Curl_cyassl_sha256sum(const unsigned char *tmp, /* input */ /* this backend supports CURLOPT_SSL_CTX_* */ #define have_curlssl_ssl_ctx 1 +#ifdef KEEP_PEER_CERT +/* this backend supports CURLOPT_PINNEDPUBLICKEY */ +#define have_curlssl_pinnedpubkey 1 +#endif + /* API setup for CyaSSL */ #define curlssl_init Curl_cyassl_init #define curlssl_cleanup() Curl_nop_stmt diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c index ed587eb37..90119dd50 100644 --- a/lib/vtls/darwinssl.c +++ b/lib/vtls/darwinssl.c @@ -28,7 +28,7 @@ #include "curl_setup.h" -#include "urldata.h" /* for the SessionHandle definition */ +#include "urldata.h" /* for the Curl_easy definition */ #include "curl_base64.h" #include "strtok.h" @@ -781,7 +781,7 @@ CF_INLINE void GetDarwinVersionNumber(int *major, int *minor) int mib[2]; char *os_version; size_t os_version_len; - char *os_version_major, *os_version_minor/*, *os_version_point*/; + char *os_version_major, *os_version_minor; char *tok_buf; /* Get the Darwin kernel version from the kernel using sysctl(): */ @@ -800,7 +800,6 @@ CF_INLINE void GetDarwinVersionNumber(int *major, int *minor) /* Parse the version: */ os_version_major = strtok_r(os_version, ".", &tok_buf); os_version_minor = strtok_r(NULL, ".", &tok_buf); - /*os_version_point = strtok_r(NULL, ".", &tok_buf);*/ *major = atoi(os_version_major); *minor = atoi(os_version_minor); free(os_version); @@ -956,7 +955,7 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath, /* Here we go: */ status = SecPKCS12Import(pkcs_data, options, &items); - if(status == noErr && items && CFArrayGetCount(items)) { + if(status == errSecSuccess && items && CFArrayGetCount(items)) { CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L); const void *temp_identity = CFDictionaryGetValue(identity_and_trust, kSecImportItemIdentity); @@ -1000,7 +999,7 @@ CF_INLINE bool is_file(const char *filename) static CURLcode darwinssl_connect_step1(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_socket_t sockfd = conn->sock[sockindex]; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; #ifdef ENABLE_IPV6 @@ -1010,8 +1009,6 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, #endif /* ENABLE_IPV6 */ size_t all_ciphers_count = 0UL, allowed_ciphers_count = 0UL, i; SSLCipherSuite *all_ciphers = NULL, *allowed_ciphers = NULL; - char *ssl_sessionid; - size_t ssl_sessionid_len; OSStatus err = noErr; #if CURL_BUILD_MAC int darwinver_maj = 0, darwinver_min = 0; @@ -1282,14 +1279,21 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, #if CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS /* Snow Leopard introduced the SSLSetSessionOption() function, but due to a library bug with the way the kSSLSessionOptionBreakOnServerAuth flag - works, it doesn't work as expected under Snow Leopard or Lion. + works, it doesn't work as expected under Snow Leopard, Lion or + Mountain Lion. So we need to call SSLSetEnableCertVerify() on those older cats in order to disable certificate validation if the user turned that off. (SecureTransport will always validate the certificate chain by - default.) */ - /* (Note: Darwin 12.x.x is Mountain Lion.) */ + default.) + Note: + Darwin 11.x.x is Lion (10.7) + Darwin 12.x.x is Mountain Lion (10.8) + Darwin 13.x.x is Mavericks (10.9) + Darwin 14.x.x is Yosemite (10.10) + Darwin 15.x.x is El Capitan (10.11) + */ #if CURL_BUILD_MAC - if(SSLSetSessionOption != NULL && darwinver_maj >= 12) { + if(SSLSetSessionOption != NULL && darwinver_maj >= 13) { #else if(SSLSetSessionOption != NULL) { #endif /* CURL_BUILD_MAC */ @@ -1468,37 +1472,46 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn, #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */ /* Check if there's a cached ID we can/should use here! */ - if(!Curl_ssl_getsessionid(conn, (void **)&ssl_sessionid, - &ssl_sessionid_len)) { - /* we got a session id, use it! */ - err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len); - if(err != noErr) { - failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err); - return CURLE_SSL_CONNECT_ERROR; - } - /* Informational message */ - infof(data, "SSL re-using session ID\n"); - } - /* If there isn't one, then let's make one up! This has to be done prior - to starting the handshake. */ - else { - CURLcode result; - ssl_sessionid = - aprintf("%s:%d:%d:%s:%hu", data->set.str[STRING_SSL_CAFILE], - data->set.ssl.verifypeer, data->set.ssl.verifyhost, - conn->host.name, conn->remote_port); - ssl_sessionid_len = strlen(ssl_sessionid); - - err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len); - if(err != noErr) { - failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err); - return CURLE_SSL_CONNECT_ERROR; + if(conn->ssl_config.sessionid) { + char *ssl_sessionid; + size_t ssl_sessionid_len; + + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, (void **)&ssl_sessionid, + &ssl_sessionid_len)) { + /* we got a session id, use it! */ + err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len); + Curl_ssl_sessionid_unlock(conn); + if(err != noErr) { + failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err); + return CURLE_SSL_CONNECT_ERROR; + } + /* Informational message */ + infof(data, "SSL re-using session ID\n"); } + /* If there isn't one, then let's make one up! This has to be done prior + to starting the handshake. */ + else { + CURLcode result; + ssl_sessionid = + aprintf("%s:%d:%d:%s:%hu", data->set.str[STRING_SSL_CAFILE], + data->set.ssl.verifypeer, data->set.ssl.verifyhost, + conn->host.name, conn->remote_port); + ssl_sessionid_len = strlen(ssl_sessionid); + + err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len); + if(err != noErr) { + Curl_ssl_sessionid_unlock(conn); + failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err); + return CURLE_SSL_CONNECT_ERROR; + } - result = Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_sessionid_len); - if(result) { - failf(data, "failed to store ssl session"); - return result; + result = Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_sessionid_len); + Curl_ssl_sessionid_unlock(conn); + if(result) { + failf(data, "failed to store ssl session"); + return result; + } } } @@ -1620,7 +1633,7 @@ static int read_cert(const char *file, unsigned char **out, size_t *outlen) return 0; } -static int sslerr_to_curlerr(struct SessionHandle *data, int err) +static int sslerr_to_curlerr(struct Curl_easy *data, int err) { switch(err) { case errSSLXCertChainInvalid: @@ -1649,7 +1662,7 @@ static int sslerr_to_curlerr(struct SessionHandle *data, int err) } } -static int append_cert_to_array(struct SessionHandle *data, +static int append_cert_to_array(struct Curl_easy *data, unsigned char *buf, size_t buflen, CFMutableArrayRef array) { @@ -1694,7 +1707,7 @@ static int append_cert_to_array(struct SessionHandle *data, return CURLE_OK; } -static int verify_cert(const char *cafile, struct SessionHandle *data, +static int verify_cert(const char *cafile, struct Curl_easy *data, SSLContextRef ctx) { int n = 0, rc; @@ -1814,7 +1827,7 @@ static int verify_cert(const char *cafile, struct SessionHandle *data, static CURLcode darwinssl_connect_step2(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; OSStatus err; SSLCipherSuite cipher; @@ -1954,7 +1967,7 @@ static CURLcode darwinssl_connect_step3(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; CFStringRef server_cert_summary; char server_cert_summary_c[128]; @@ -2078,7 +2091,7 @@ darwinssl_connect_common(struct connectdata *conn, bool *done) { CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; curl_socket_t sockfd = conn->sock[sockindex]; long timeout_ms; @@ -2233,7 +2246,7 @@ void Curl_darwinssl_close(struct connectdata *conn, int sockindex) int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; ssize_t nread; int what; int rc; @@ -2381,7 +2394,7 @@ static ssize_t darwinssl_send(struct connectdata *conn, size_t len, CURLcode *curlcode) { - /*struct SessionHandle *data = conn->data;*/ + /*struct Curl_easy *data = conn->data;*/ struct ssl_connect_data *connssl = &conn->ssl[sockindex]; size_t processed = 0UL; OSStatus err; @@ -2447,7 +2460,7 @@ static ssize_t darwinssl_recv(struct connectdata *conn, size_t buffersize, CURLcode *curlcode) { - /*struct SessionHandle *data = conn->data;*/ + /*struct Curl_easy *data = conn->data;*/ struct ssl_connect_data *connssl = &conn->ssl[num]; size_t processed = 0UL; OSStatus err = SSLRead(connssl->ssl_ctx, buf, buffersize, &processed); diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index a9a8a9186..55a55ef56 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -163,7 +163,7 @@ static bool is_separator(char c) } -static CURLcode gskit_status(struct SessionHandle *data, int rc, +static CURLcode gskit_status(struct Curl_easy *data, int rc, const char *procname, CURLcode defcode) { /* Process GSKit status and map it to a CURLcode. */ @@ -206,7 +206,7 @@ static CURLcode gskit_status(struct SessionHandle *data, int rc, } -static CURLcode set_enum(struct SessionHandle *data, gsk_handle h, +static CURLcode set_enum(struct Curl_easy *data, gsk_handle h, GSK_ENUM_ID id, GSK_ENUM_VALUE value, bool unsupported_ok) { int rc = gsk_attribute_set_enum(h, id, value); @@ -228,7 +228,7 @@ static CURLcode set_enum(struct SessionHandle *data, gsk_handle h, } -static CURLcode set_buffer(struct SessionHandle *data, gsk_handle h, +static CURLcode set_buffer(struct Curl_easy *data, gsk_handle h, GSK_BUF_ID id, const char *buffer, bool unsupported_ok) { int rc = gsk_attribute_set_buffer(h, id, buffer, 0); @@ -250,7 +250,7 @@ static CURLcode set_buffer(struct SessionHandle *data, gsk_handle h, } -static CURLcode set_numeric(struct SessionHandle *data, +static CURLcode set_numeric(struct Curl_easy *data, gsk_handle h, GSK_NUM_ID id, int value) { int rc = gsk_attribute_set_numeric_value(h, id, value); @@ -270,7 +270,7 @@ static CURLcode set_numeric(struct SessionHandle *data, } -static CURLcode set_callback(struct SessionHandle *data, +static CURLcode set_callback(struct Curl_easy *data, gsk_handle h, GSK_CALLBACK_ID id, void *info) { int rc = gsk_attribute_set_callback(h, id, info); @@ -289,7 +289,7 @@ static CURLcode set_callback(struct SessionHandle *data, } -static CURLcode set_ciphers(struct SessionHandle *data, +static CURLcode set_ciphers(struct Curl_easy *data, gsk_handle h, unsigned int *protoflags) { const char *cipherlist = data->set.str[STRING_SSL_CIPHER_LIST]; @@ -436,7 +436,7 @@ void Curl_gskit_cleanup(void) } -static CURLcode init_environment(struct SessionHandle *data, +static CURLcode init_environment(struct Curl_easy *data, gsk_handle *envir, const char *appid, const char *file, const char *label, const char *password) @@ -502,7 +502,7 @@ static void close_async_handshake(struct ssl_connect_data *connssl) static void close_one(struct ssl_connect_data *conn, - struct SessionHandle *data) + struct Curl_easy *data) { if(conn->handle) { gskit_status(data, gsk_secure_soc_close(&conn->handle), @@ -517,7 +517,7 @@ static void close_one(struct ssl_connect_data *conn, static ssize_t gskit_send(struct connectdata *conn, int sockindex, const void *mem, size_t len, CURLcode *curlcode) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode cc; int written; @@ -536,7 +536,7 @@ static ssize_t gskit_send(struct connectdata *conn, int sockindex, static ssize_t gskit_recv(struct connectdata *conn, int num, char *buf, size_t buffersize, CURLcode *curlcode) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int buffsize; int nread; CURLcode cc; @@ -555,7 +555,7 @@ static ssize_t gskit_recv(struct connectdata *conn, int num, char *buf, static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; gsk_handle envir; CURLcode result; @@ -750,7 +750,7 @@ static CURLcode gskit_connect_step1(struct connectdata *conn, int sockindex) static CURLcode gskit_connect_step2(struct connectdata *conn, int sockindex, bool nonblocking) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; Qso_OverlappedIO_t cstat; long timeout_ms; @@ -801,7 +801,7 @@ static CURLcode gskit_connect_step2(struct connectdata *conn, int sockindex, static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; const gsk_cert_data_elem *cdev; int cdec; @@ -889,7 +889,7 @@ static CURLcode gskit_connect_step3(struct connectdata *conn, int sockindex) static CURLcode gskit_connect_common(struct connectdata *conn, int sockindex, bool nonblocking, bool *done) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; long timeout_ms; Qso_OverlappedIO_t cstat; @@ -976,7 +976,7 @@ CURLcode Curl_gskit_connect(struct connectdata *conn, int sockindex) void Curl_gskit_close(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; if(connssl->use) @@ -987,7 +987,7 @@ void Curl_gskit_close(struct connectdata *conn, int sockindex) int Curl_gskit_shutdown(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; ssize_t nread; int what; int rc; diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 1fef54b48..1c3e6b151 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -201,7 +201,7 @@ int Curl_gtls_cleanup(void) return 1; } -static void showtime(struct SessionHandle *data, +static void showtime(struct Curl_easy *data, const char *text, time_t stamp) { @@ -262,7 +262,7 @@ static CURLcode handshake(struct connectdata *conn, bool duringconnect, bool nonblocking) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; gnutls_session_t session = conn->ssl[sockindex].session; curl_socket_t sockfd = conn->sock[sockindex]; @@ -367,11 +367,9 @@ static CURLcode gtls_connect_step1(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; gnutls_session_t session; int rc; - void *ssl_sessionid; - size_t ssl_idsize; bool sni = TRUE; /* default is SNI enabled */ #ifdef ENABLE_IPV6 struct in6_addr addr; @@ -641,7 +639,7 @@ gtls_connect_step1(struct connectdata *conn, #endif #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { int cur = 0; gnutls_datum_t protocols[2]; @@ -749,19 +747,25 @@ gtls_connect_step1(struct connectdata *conn, /* This might be a reconnect, so we check for a session ID in the cache to speed up things */ + if(conn->ssl_config.sessionid) { + void *ssl_sessionid; + size_t ssl_idsize; - if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, &ssl_idsize)) { - /* we got a session id, use it! */ - gnutls_session_set_data(session, ssl_sessionid, ssl_idsize); + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, &ssl_idsize)) { + /* we got a session id, use it! */ + gnutls_session_set_data(session, ssl_sessionid, ssl_idsize); - /* Informational message */ - infof (data, "SSL re-using session ID\n"); + /* Informational message */ + infof (data, "SSL re-using session ID\n"); + } + Curl_ssl_sessionid_unlock(conn); } return CURLE_OK; } -static CURLcode pkp_pin_peer_pubkey(struct SessionHandle *data, +static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data, gnutls_x509_crt_t cert, const char *pinnedpubkey) { @@ -836,11 +840,9 @@ gtls_connect_step3(struct connectdata *conn, unsigned int bits; time_t certclock; const char *ptr; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; gnutls_session_t session = conn->ssl[sockindex].session; int rc; - bool incache; - void *ssl_sessionid; #ifdef HAS_ALPN gnutls_datum_t proto; #endif @@ -1240,7 +1242,7 @@ gtls_connect_step3(struct connectdata *conn, infof(data, "\t compression: %s\n", ptr); #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { rc = gnutls_alpn_get_selected_protocol(session, &proto); if(rc == 0) { infof(data, "ALPN, server accepted to use %.*s\n", proto.size, @@ -1268,11 +1270,13 @@ gtls_connect_step3(struct connectdata *conn, conn->recv[sockindex] = gtls_recv; conn->send[sockindex] = gtls_send; - { + if(conn->ssl_config.sessionid) { /* we always unconditionally get the session id here, as even if we already got it from the cache and asked to use it in the connection, it might've been rejected and then a new one is in use now and we need to detect that. */ + bool incache; + void *ssl_sessionid; void *connect_sessionid; size_t connect_idsize = 0; @@ -1284,6 +1288,7 @@ gtls_connect_step3(struct connectdata *conn, /* extract session ID to the allocated buffer */ gnutls_session_get_data(session, connect_sessionid, &connect_idsize); + Curl_ssl_sessionid_lock(conn); incache = !(Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL)); if(incache) { /* there was one before in the cache, so instead of risking that the @@ -1293,6 +1298,7 @@ gtls_connect_step3(struct connectdata *conn, /* store this session id */ result = Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize); + Curl_ssl_sessionid_unlock(conn); if(result) { free(connect_sessionid); result = CURLE_OUT_OF_MEMORY; @@ -1381,7 +1387,7 @@ static ssize_t gtls_send(struct connectdata *conn, { ssize_t rc = gnutls_record_send(conn->ssl[sockindex].session, mem, len); - if(rc < 0 ) { + if(rc < 0) { *curlcode = (rc == GNUTLS_E_AGAIN) ? CURLE_AGAIN : CURLE_SEND_ERROR; @@ -1425,7 +1431,7 @@ int Curl_gtls_shutdown(struct connectdata *conn, int sockindex) { ssize_t result; int retval = 0; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int done = 0; char buf[120]; @@ -1538,7 +1544,7 @@ size_t Curl_gtls_version(char *buffer, size_t size) } #ifndef USE_GNUTLS_NETTLE -static int Curl_gtls_seed(struct SessionHandle *data) +static int Curl_gtls_seed(struct Curl_easy *data) { /* we have the "SSL is seeded" boolean static to prevent multiple time-consuming seedings in vain */ @@ -1562,7 +1568,7 @@ static int Curl_gtls_seed(struct SessionHandle *data) #endif /* data might be NULL! */ -int Curl_gtls_random(struct SessionHandle *data, +int Curl_gtls_random(struct Curl_easy *data, unsigned char *entropy, size_t length) { diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h index 965f7cf1f..e0a95a7cc 100644 --- a/lib/vtls/gtls.h +++ b/lib/vtls/gtls.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -41,7 +41,7 @@ void Curl_gtls_close(struct connectdata *conn, int sockindex); void Curl_gtls_session_free(void *ptr); size_t Curl_gtls_version(char *buffer, size_t size); int Curl_gtls_shutdown(struct connectdata *conn, int sockindex); -int Curl_gtls_random(struct SessionHandle *data, +int Curl_gtls_random(struct Curl_easy *data, unsigned char *entropy, size_t length); void Curl_gtls_md5sum(unsigned char *tmp, /* input */ @@ -64,6 +64,9 @@ bool Curl_gtls_cert_status_request(void); /* this backend supports CURLOPT_CERTINFO */ #define have_curlssl_certinfo 1 +/* this backend supports CURLOPT_PINNEDPUBLICKEY */ +#define have_curlssl_pinnedpubkey 1 + /* API setup for GnuTLS */ #define curlssl_init Curl_gtls_init #define curlssl_cleanup Curl_gtls_cleanup diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index f0900a5af..c04fc0385 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -22,7 +22,7 @@ ***************************************************************************/ /* - * Source file for all mbedTSL-specific code for the TLS/SSL layer. No code + * Source file for all mbedTLS-specific code for the TLS/SSL layer. No code * but vtls.c should ever call or use these functions. * */ @@ -53,10 +53,9 @@ #include "rawstr.h" #include "polarssl_threadlock.h" -#define _MPRINTF_REPLACE /* use our functions only */ -#include +/* The last 3 #include files should be in this order */ +#include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" /* apply threading? */ @@ -67,7 +66,7 @@ #if defined(THREADING_SUPPORT) static mbedtls_entropy_context entropy; -static int entropy_init_initialized = 0; +static int entropy_init_initialized = 0; /* start of entropy_init_mutex() */ static void entropy_init_mutex(mbedtls_entropy_context *ctx) @@ -101,14 +100,15 @@ static int entropy_func_mutex(void *data, unsigned char *output, size_t len) #undef MBEDTLS_DEBUG #ifdef MBEDTLS_DEBUG -static void mbedtls_debug(void *context, int level, const char *line) +static void mbed_debug(void *context, int level, const char *f_name, + int line_nb, const char *line) { - struct SessionHandle *data = NULL; + struct Curl_easy *data = NULL; if(!context) return; - data = (struct SessionHandle *)context; + data = (struct Curl_easy *)context; infof(data, "%s", line); (void) level; @@ -131,12 +131,12 @@ static void mbedtls_debug(void *context, int level, const char *line) const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_fr = { /* Hashes from SHA-1 and above */ - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | - MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_RIPEMD160) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | + MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 0xFFFFFFF, /* Any PK alg */ 0xFFFFFFF, /* Any curve */ 1024, /* RSA min key len */ @@ -151,25 +151,17 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_fr = #define PUB_DER_MAX_BYTES (RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \ RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES) -static Curl_recv mbedtls_recv; -static Curl_send mbedtls_send; +static Curl_recv mbed_recv; +static Curl_send mbed_send; static CURLcode -mbedtls_connect_step1(struct connectdata *conn, - int sockindex) +mbed_connect_step1(struct connectdata *conn, + int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data* connssl = &conn->ssl[sockindex]; - bool sni = TRUE; /* default is SNI enabled */ int ret = -1; -#ifdef ENABLE_IPV6 - struct in6_addr addr; -#else - struct in_addr addr; -#endif - void *old_session = NULL; - size_t old_session_size = 0; char errorbuf[128]; errorbuf[0]=0; @@ -178,16 +170,13 @@ mbedtls_connect_step1(struct connectdata *conn, failf(data, "mbedTLS does not support SSLv2"); return CURLE_SSL_CONNECT_ERROR; } - else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) - sni = FALSE; /* SSLv3 has no SNI */ #ifdef THREADING_SUPPORT entropy_init_mutex(&entropy); mbedtls_ctr_drbg_init(&connssl->ctr_drbg); ret = mbedtls_ctr_drbg_seed(&connssl->ctr_drbg, entropy_func_mutex, - &entropy, connssl->ssn.id, - connssl->ssn.id_len); + &entropy, NULL, 0); if(ret) { #ifdef MBEDTLS_ERROR_C mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); @@ -200,8 +189,7 @@ mbedtls_connect_step1(struct connectdata *conn, mbedtls_ctr_drbg_init(&connssl->ctr_drbg); ret = mbedtls_ctr_drbg_seed(&connssl->ctr_drbg, mbedtls_entropy_func, - &connssl->entropy, connssl->ssn.id, - connssl->ssn.id_len); + &connssl->entropy, NULL, 0); if(ret) { #ifdef MBEDTLS_ERROR_C mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); @@ -322,8 +310,8 @@ mbedtls_connect_step1(struct connectdata *conn, } /* new profile with RSA min key len = 1024 ... */ - mbedtls_ssl_conf_cert_profile( &connssl->config, - &mbedtls_x509_crt_profile_fr); + mbedtls_ssl_conf_cert_profile(&connssl->config, + &mbedtls_x509_crt_profile_fr); switch(data->set.ssl.version) { case CURL_SSLVERSION_DEFAULT: @@ -376,13 +364,23 @@ mbedtls_connect_step1(struct connectdata *conn, mbedtls_ssl_conf_ciphersuites(&connssl->config, mbedtls_ssl_list_ciphersuites()); - if(!Curl_ssl_getsessionid(conn, &old_session, &old_session_size)) { - memcpy(&connssl->ssn, old_session, old_session_size); - infof(data, "mbedTLS re-using session\n"); - } - mbedtls_ssl_set_session(&connssl->ssl, - &connssl->ssn); + /* Check if there's a cached ID we can/should use here! */ + if(conn->ssl_config.sessionid) { + void *old_session = NULL; + + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, &old_session, NULL)) { + ret = mbedtls_ssl_set_session(&connssl->ssl, old_session); + if(ret) { + Curl_ssl_sessionid_unlock(conn); + failf(data, "mbedtls_ssl_set_session returned -0x%x", -ret); + return CURLE_SSL_CONNECT_ERROR; + } + infof(data, "mbedTLS re-using session\n"); + } + Curl_ssl_sessionid_unlock(conn); + } mbedtls_ssl_conf_ca_chain(&connssl->config, &connssl->cacert, @@ -392,17 +390,16 @@ mbedtls_connect_step1(struct connectdata *conn, mbedtls_ssl_conf_own_cert(&connssl->config, &connssl->clicert, &connssl->pk); } - if(!Curl_inet_pton(AF_INET, conn->host.name, &addr) && -#ifdef ENABLE_IPV6 - !Curl_inet_pton(AF_INET6, conn->host.name, &addr) && -#endif - sni && mbedtls_ssl_set_hostname(&connssl->ssl, conn->host.name)) { - infof(data, "WARNING: failed to configure " - "server name indication (SNI) TLS extension\n"); + if(mbedtls_ssl_set_hostname(&connssl->ssl, conn->host.name)) { + /* mbedtls_ssl_set_hostname() sets the name to use in CN/SAN checks *and* + the name to set in the SNI extension. So even if curl connects to a + host specified as an IP address, this function must be used. */ + failf(data, "couldn't set hostname in mbedTLS"); + return CURLE_SSL_CONNECT_ERROR; } #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { const char **p = &connssl->protocols[0]; #ifdef USE_NGHTTP2 if(data->set.httpversion >= CURL_HTTP_VERSION_2) @@ -423,7 +420,15 @@ mbedtls_connect_step1(struct connectdata *conn, #endif #ifdef MBEDTLS_DEBUG - mbedtls_ssl_conf_dbg(&connssl->ssl, mbedtls_debug, data); + /* In order to make that work in mbedtls MBEDTLS_DEBUG_C must be defined. */ + mbedtls_ssl_conf_dbg(&connssl->config, mbed_debug, data); + /* - 0 No debug + * - 1 Error + * - 2 State change + * - 3 Informational + * - 4 Verbose + */ + mbedtls_debug_set_threshold(4); #endif connssl->connecting_state = ssl_connect_2; @@ -432,11 +437,11 @@ mbedtls_connect_step1(struct connectdata *conn, } static CURLcode -mbedtls_connect_step2(struct connectdata *conn, - int sockindex) +mbed_connect_step2(struct connectdata *conn, + int sockindex) { int ret; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data* connssl = &conn->ssl[sockindex]; const mbedtls_x509_crt *peercert; @@ -447,8 +452,8 @@ mbedtls_connect_step2(struct connectdata *conn, char errorbuf[128]; errorbuf[0] = 0; - conn->recv[sockindex] = mbedtls_recv; - conn->send[sockindex] = mbedtls_send; + conn->recv[sockindex] = mbed_recv; + conn->send[sockindex] = mbed_send; ret = mbedtls_ssl_handshake(&connssl->ssl); @@ -562,7 +567,7 @@ mbedtls_connect_step2(struct connectdata *conn, } #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { next_protocol = mbedtls_ssl_get_alpn_protocol(&connssl->ssl); if(next_protocol) { @@ -593,42 +598,41 @@ mbedtls_connect_step2(struct connectdata *conn, } static CURLcode -mbedtls_connect_step3(struct connectdata *conn, - int sockindex) +mbed_connect_step3(struct connectdata *conn, + int sockindex) { CURLcode retcode = CURLE_OK; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct SessionHandle *data = conn->data; - void *old_ssl_sessionid = NULL; - mbedtls_ssl_session *our_ssl_sessionid = &conn->ssl[sockindex].ssn; - int incache; + struct Curl_easy *data = conn->data; DEBUGASSERT(ssl_connect_3 == connssl->connecting_state); - /* Save the current session data for possible re-use */ - incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)); - if(incache) { - if(old_ssl_sessionid != our_ssl_sessionid) { - infof(data, "old SSL session ID is stale, removing\n"); - Curl_ssl_delsessionid(conn, old_ssl_sessionid); - incache = FALSE; - } - } - if(!incache) { - void *new_session = malloc(sizeof(mbedtls_ssl_session)); + if(conn->ssl_config.sessionid) { + int ret; + mbedtls_ssl_session *our_ssl_sessionid; + void *old_ssl_sessionid = NULL; - if(new_session) { - memcpy(new_session, our_ssl_sessionid, - sizeof(mbedtls_ssl_session)); + our_ssl_sessionid = malloc(sizeof(mbedtls_ssl_session)); + if(!our_ssl_sessionid) + return CURLE_OUT_OF_MEMORY; - retcode = Curl_ssl_addsessionid(conn, new_session, - sizeof(mbedtls_ssl_session)); - } - else { - retcode = CURLE_OUT_OF_MEMORY; + mbedtls_ssl_session_init(our_ssl_sessionid); + + ret = mbedtls_ssl_get_session(&connssl->ssl, our_ssl_sessionid); + if(ret) { + failf(data, "mbedtls_ssl_get_session returned -0x%x", -ret); + return CURLE_SSL_CONNECT_ERROR; } + /* If there's already a matching session in the cache, delete it */ + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)) + Curl_ssl_delsessionid(conn, old_ssl_sessionid); + + retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid, 0); + Curl_ssl_sessionid_unlock(conn); if(retcode) { + free(our_ssl_sessionid); failf(data, "failed to store ssl session"); return retcode; } @@ -639,11 +643,9 @@ mbedtls_connect_step3(struct connectdata *conn, return CURLE_OK; } -static ssize_t mbedtls_send(struct connectdata *conn, - int sockindex, - const void *mem, - size_t len, - CURLcode *curlcode) +static ssize_t mbed_send(struct connectdata *conn, int sockindex, + const void *mem, size_t len, + CURLcode *curlcode) { int ret = -1; @@ -659,7 +661,7 @@ static ssize_t mbedtls_send(struct connectdata *conn, return ret; } -void Curl_mbedtls_close_all(struct SessionHandle *data) +void Curl_mbedtls_close_all(struct Curl_easy *data) { (void)data; } @@ -678,11 +680,9 @@ void Curl_mbedtls_close(struct connectdata *conn, int sockindex) #endif /* THREADING_SUPPORT */ } -static ssize_t mbedtls_recv(struct connectdata *conn, - int num, - char *buf, - size_t buffersize, - CURLcode *curlcode) +static ssize_t mbed_recv(struct connectdata *conn, int num, + char *buf, size_t buffersize, + CURLcode *curlcode) { int ret = -1; ssize_t len = -1; @@ -707,6 +707,7 @@ static ssize_t mbedtls_recv(struct connectdata *conn, void Curl_mbedtls_session_free(void *ptr) { + mbedtls_ssl_session_free(ptr); free(ptr); } @@ -718,13 +719,13 @@ size_t Curl_mbedtls_version(char *buffer, size_t size) } static CURLcode -mbedtls_connect_common(struct connectdata *conn, - int sockindex, - bool nonblocking, - bool *done) +mbed_connect_common(struct connectdata *conn, + int sockindex, + bool nonblocking, + bool *done) { CURLcode retcode; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; curl_socket_t sockfd = conn->sock[sockindex]; long timeout_ms; @@ -745,7 +746,7 @@ mbedtls_connect_common(struct connectdata *conn, failf(data, "SSL connection timeout"); return CURLE_OPERATION_TIMEDOUT; } - retcode = mbedtls_connect_step1(conn, sockindex); + retcode = mbed_connect_step1(conn, sockindex); if(retcode) return retcode; } @@ -799,7 +800,7 @@ mbedtls_connect_common(struct connectdata *conn, * ensuring that a client using select() or epoll() will always * have a valid fdset to wait on. */ - retcode = mbedtls_connect_step2(conn, sockindex); + retcode = mbed_connect_step2(conn, sockindex); if(retcode || (nonblocking && (ssl_connect_2 == connssl->connecting_state || ssl_connect_2_reading == connssl->connecting_state || @@ -809,15 +810,15 @@ mbedtls_connect_common(struct connectdata *conn, } /* repeat step2 until all transactions are done. */ if(ssl_connect_3==connssl->connecting_state) { - retcode = mbedtls_connect_step3(conn, sockindex); + retcode = mbed_connect_step3(conn, sockindex); if(retcode) return retcode; } if(ssl_connect_done==connssl->connecting_state) { connssl->state = ssl_connection_complete; - conn->recv[sockindex] = mbedtls_recv; - conn->send[sockindex] = mbedtls_send; + conn->recv[sockindex] = mbed_recv; + conn->send[sockindex] = mbed_send; *done = TRUE; } else @@ -834,7 +835,7 @@ Curl_mbedtls_connect_nonblocking(struct connectdata *conn, int sockindex, bool *done) { - return mbedtls_connect_common(conn, sockindex, TRUE, done); + return mbed_connect_common(conn, sockindex, TRUE, done); } @@ -845,7 +846,7 @@ Curl_mbedtls_connect(struct connectdata *conn, CURLcode retcode; bool done = FALSE; - retcode = mbedtls_connect_common(conn, sockindex, FALSE, &done); + retcode = mbed_connect_common(conn, sockindex, FALSE, &done); if(retcode) return retcode; @@ -858,14 +859,21 @@ Curl_mbedtls_connect(struct connectdata *conn, * return 0 error initializing SSL * return 1 SSL initialized successfully */ -int mbedtls_init(void) +int Curl_mbedtls_init(void) { return Curl_polarsslthreadlock_thread_setup(); } -void mbedtls_cleanup(void) +void Curl_mbedtls_cleanup(void) { (void)Curl_polarsslthreadlock_thread_cleanup(); } +int Curl_mbedtls_data_pending(const struct connectdata *conn, int sockindex) +{ + mbedtls_ssl_context *ssl = + (mbedtls_ssl_context *)&conn->ssl[sockindex].ssl; + return ssl->in_msglen != 0; +} + #endif /* USE_MBEDTLS */ diff --git a/lib/vtls/mbedtls.h b/lib/vtls/mbedtls.h index fcf483ff3..1021d5461 100644 --- a/lib/vtls/mbedtls.h +++ b/lib/vtls/mbedtls.h @@ -26,10 +26,12 @@ #ifdef USE_MBEDTLS -/* Called on first use mbedTLS, setup threading if supported */ -int mbedtls_init(void); -void mbedtls_cleanup(void); +#include +/* Called on first use mbedTLS, setup threading if supported */ +int Curl_mbedtls_init(void); +void Curl_mbedtls_cleanup(void); +int Curl_mbedtls_data_pending(const struct connectdata *conn, int sockindex); CURLcode Curl_mbedtls_connect(struct connectdata *conn, int sockindex); @@ -39,7 +41,7 @@ CURLcode Curl_mbedtls_connect_nonblocking(struct connectdata *conn, /* tell mbedTLS to close down all open information regarding connections (and thus session ID caching etc) */ -void Curl_mbedtls_close_all(struct SessionHandle *data); +void Curl_mbedtls_close_all(struct Curl_easy *data); /* close a SSL connection */ void Curl_mbedtls_close(struct connectdata *conn, int sockindex); @@ -48,9 +50,12 @@ void Curl_mbedtls_session_free(void *ptr); size_t Curl_mbedtls_version(char *buffer, size_t size); int Curl_mbedtls_shutdown(struct connectdata *conn, int sockindex); +/* this backends supports CURLOPT_PINNEDPUBLICKEY */ +#define have_curlssl_pinnedpubkey 1 + /* API setup for mbedTLS */ -#define curlssl_init() mbedtls_init() -#define curlssl_cleanup() mbedtls_cleanup() +#define curlssl_init() Curl_mbedtls_init() +#define curlssl_cleanup() Curl_mbedtls_cleanup() #define curlssl_connect Curl_mbedtls_connect #define curlssl_connect_nonblocking Curl_mbedtls_connect_nonblocking #define curlssl_session_free(x) Curl_mbedtls_session_free(x) @@ -62,7 +67,7 @@ int Curl_mbedtls_shutdown(struct connectdata *conn, int sockindex); #define curlssl_engines_list(x) (x=x, (struct curl_slist *)NULL) #define curlssl_version Curl_mbedtls_version #define curlssl_check_cxn(x) (x=x, -1) -#define curlssl_data_pending(x,y) (x=x, y=y, 0) +#define curlssl_data_pending(x,y) Curl_mbedtls_data_pending(x, y) #define CURL_SSL_BACKEND CURLSSLBACKEND_MBEDTLS #define curlssl_sha256sum(a,b,c,d) mbedtls_sha256(a,b,c,0) diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index 3922d9c90..8a4249cba 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -78,13 +78,12 @@ #define SLOTSIZE 13 PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd); - -PRLock * nss_initlock = NULL; -PRLock * nss_crllock = NULL; -struct curl_llist *nss_crl_list = NULL; -NSSInitContext * nss_context = NULL; - -volatile int initialized = 0; +static PRLock *nss_initlock = NULL; +static PRLock *nss_crllock = NULL; +static PRLock *nss_findslot_lock = NULL; +static struct curl_llist *nss_crl_list = NULL; +static NSSInitContext *nss_context = NULL; +static volatile int initialized = 0; typedef struct { const char *name; @@ -183,7 +182,7 @@ static const cipher_s cipherlist[] = { }; static const char* pem_library = "libnsspem.so"; -SECMODModule* mod = NULL; +static SECMODModule* mod = NULL; /* NSPR I/O layer we use to detect blocking direction during SSL handshake */ static PRDescIdentity nspr_io_identity = PR_INVALID_IO_LAYER; @@ -198,12 +197,12 @@ static const char* nss_error_to_name(PRErrorCode code) return "unknown error"; } -static void nss_print_error_message(struct SessionHandle *data, PRUint32 err) +static void nss_print_error_message(struct Curl_easy *data, PRUint32 err) { failf(data, "%s", PR_ErrorToString(err, PR_LANGUAGE_I_DEFAULT)); } -static SECStatus set_ciphers(struct SessionHandle *data, PRFileDesc * model, +static SECStatus set_ciphers(struct Curl_easy *data, PRFileDesc * model, char *cipher_list) { unsigned int i; @@ -319,7 +318,7 @@ static int is_file(const char *filename) * should be later deallocated using free(). If the OOM failure occurs, we * return NULL, too. */ -static char* dup_nickname(struct SessionHandle *data, enum dupstring cert_kind) +static char* dup_nickname(struct Curl_easy *data, enum dupstring cert_kind) { const char *str = data->set.str[cert_kind]; const char *n; @@ -340,6 +339,19 @@ static char* dup_nickname(struct SessionHandle *data, enum dupstring cert_kind) return NULL; } +/* Lock/unlock wrapper for PK11_FindSlotByName() to work around race condition + * in nssSlot_IsTokenPresent() causing spurious SEC_ERROR_NO_TOKEN. For more + * details, go to . + */ +static PK11SlotInfo* nss_find_slot_by_name(const char *slot_name) +{ + PK11SlotInfo *slot; + PR_Lock(nss_initlock); + slot = PK11_FindSlotByName(slot_name); + PR_Unlock(nss_initlock); + return slot; +} + /* Call PK11_CreateGenericObject() with the given obj_class and filename. If * the call succeeds, append the object handle to the list of objects so that * the object can be destroyed in Curl_nss_close(). */ @@ -362,7 +374,7 @@ static CURLcode nss_create_object(struct ssl_connect_data *ssl, if(!slot_name) return CURLE_OUT_OF_MEMORY; - slot = PK11_FindSlotByName(slot_name); + slot = nss_find_slot_by_name(slot_name); free(slot_name); if(!slot) return result; @@ -563,7 +575,7 @@ static CURLcode nss_load_key(struct connectdata *conn, int sockindex, return result; } - slot = PK11_FindSlotByName("PEM Token #1"); + slot = nss_find_slot_by_name("PEM Token #1"); if(!slot) return CURLE_SSL_CERTPROBLEM; @@ -597,7 +609,7 @@ static int display_error(struct connectdata *conn, PRInt32 err, static CURLcode cert_stuff(struct connectdata *conn, int sockindex, char *cert_file, char *key_file) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result; if(cert_file) { @@ -696,7 +708,7 @@ static void HandshakeCallback(PRFileDesc *sock, void *arg) unsigned int buflen; SSLNextProtoState state; - if(!conn->data->set.ssl_enable_npn && !conn->data->set.ssl_enable_alpn) { + if(!conn->bits.tls_enable_npn && !conn->bits.tls_enable_alpn) { return; } @@ -736,7 +748,7 @@ static SECStatus CanFalseStartCallback(PRFileDesc *sock, void *client_data, PRBool *canFalseStart) { struct connectdata *conn = client_data; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; SSLChannelInfo channelInfo; SSLCipherSuiteInfo cipherInfo; @@ -791,7 +803,7 @@ end: } #endif -static void display_cert_info(struct SessionHandle *data, +static void display_cert_info(struct Curl_easy *data, CERTCertificate *cert) { char *subject, *issuer, *common_name; @@ -892,7 +904,7 @@ static CURLcode display_conn_info(struct connectdata *conn, PRFileDesc *sock) static SECStatus BadCertHandler(void *arg, PRFileDesc *sock) { struct connectdata *conn = (struct connectdata *)arg; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; PRErrorCode err = PR_GetError(); CERTCertificate *cert; @@ -950,7 +962,7 @@ static CURLcode cmp_peer_pubkey(struct ssl_connect_data *connssl, const char *pinnedpubkey) { CURLcode result = CURLE_SSL_PINNEDPUBKEYNOTMATCH; - struct SessionHandle *data = connssl->data; + struct Curl_easy *data = connssl->data; CERTCertificate *cert; if(!pinnedpubkey) @@ -1002,18 +1014,18 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock, struct SECKEYPrivateKeyStr **pRetKey) { struct ssl_connect_data *connssl = (struct ssl_connect_data *)arg; - struct SessionHandle *data = connssl->data; + struct Curl_easy *data = connssl->data; const char *nickname = connssl->client_nickname; + static const char pem_slotname[] = "PEM Token #1"; if(connssl->obj_clicert) { /* use the cert/key provided by PEM reader */ - static const char pem_slotname[] = "PEM Token #1"; SECItem cert_der = { 0, NULL, 0 }; void *proto_win = SSL_RevealPinArg(sock); struct CERTCertificateStr *cert; struct SECKEYPrivateKeyStr *key; - PK11SlotInfo *slot = PK11_FindSlotByName(pem_slotname); + PK11SlotInfo *slot = nss_find_slot_by_name(pem_slotname); if(NULL == slot) { failf(data, "NSS: PK11 slot not found: %s", pem_slotname); return SECFailure; @@ -1069,6 +1081,12 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock, if(NULL == nickname) nickname = "[unknown]"; + if(!strncmp(nickname, pem_slotname, sizeof(pem_slotname) - 1U)) { + failf(data, "NSS: refusing previously loaded certificate from file: %s", + nickname); + return SECFailure; + } + if(NULL == *pRetKey) { failf(data, "NSS: private key not found for certificate: %s", nickname); return SECFailure; @@ -1134,7 +1152,7 @@ static PRStatus nspr_io_close(PRFileDesc *fd) } /* data might be NULL */ -static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir) +static CURLcode nss_init_core(struct Curl_easy *data, const char *cert_dir) { NSSInitParameters initparams; @@ -1172,7 +1190,7 @@ static CURLcode nss_init_core(struct SessionHandle *data, const char *cert_dir) } /* data might be NULL */ -static CURLcode nss_init(struct SessionHandle *data) +static CURLcode nss_init(struct Curl_easy *data) { char *cert_dir; struct_stat st; @@ -1243,6 +1261,7 @@ int Curl_nss_init(void) PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256); nss_initlock = PR_NewLock(); nss_crllock = PR_NewLock(); + nss_findslot_lock = PR_NewLock(); } /* We will actually initialize NSS later */ @@ -1251,7 +1270,7 @@ int Curl_nss_init(void) } /* data might be NULL */ -CURLcode Curl_nss_force_init(struct SessionHandle *data) +CURLcode Curl_nss_force_init(struct Curl_easy *data) { CURLcode result; if(!nss_initlock) { @@ -1297,6 +1316,7 @@ void Curl_nss_cleanup(void) PR_DestroyLock(nss_initlock); PR_DestroyLock(nss_crllock); + PR_DestroyLock(nss_findslot_lock); nss_initlock = NULL; initialized = 0; @@ -1397,7 +1417,7 @@ static Curl_send nss_send; static CURLcode nss_load_ca_certificates(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; const char *cafile = data->set.ssl.CAfile; const char *capath = data->set.ssl.CApath; @@ -1447,7 +1467,7 @@ static CURLcode nss_load_ca_certificates(struct connectdata *conn, } static CURLcode nss_init_sslver(SSLVersionRange *sslver, - struct SessionHandle *data) + struct Curl_easy *data) { switch(data->set.ssl.version) { default: @@ -1500,7 +1520,7 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver, } static CURLcode nss_fail_connect(struct ssl_connect_data *connssl, - struct SessionHandle *data, + struct Curl_easy *data, CURLcode curlerr) { PRErrorCode err = 0; @@ -1527,7 +1547,7 @@ static CURLcode nss_fail_connect(struct ssl_connect_data *connssl, /* Switch the SSL socket into non-blocking mode. */ static CURLcode nss_set_nonblock(struct ssl_connect_data *connssl, - struct SessionHandle *data) + struct Curl_easy *data) { static PRSocketOptionData sock_opt; sock_opt.option = PR_SockOpt_Nonblocking; @@ -1546,7 +1566,7 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) PRFileDesc *nspr_io_stub = NULL; PRBool ssl_no_cache; PRBool ssl_cbc_random_iv; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; curl_socket_t sockfd = conn->sock[sockindex]; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; CURLcode result; @@ -1744,14 +1764,14 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) #endif #ifdef SSL_ENABLE_NPN - if(SSL_OptionSet(connssl->handle, SSL_ENABLE_NPN, data->set.ssl_enable_npn - ? PR_TRUE : PR_FALSE) != SECSuccess) + if(SSL_OptionSet(connssl->handle, SSL_ENABLE_NPN, conn->bits.tls_enable_npn + ? PR_TRUE : PR_FALSE) != SECSuccess) goto error; #endif #ifdef SSL_ENABLE_ALPN - if(SSL_OptionSet(connssl->handle, SSL_ENABLE_ALPN, data->set.ssl_enable_alpn - ? PR_TRUE : PR_FALSE) != SECSuccess) + if(SSL_OptionSet(connssl->handle, SSL_ENABLE_ALPN, conn->bits.tls_enable_alpn + ? PR_TRUE : PR_FALSE) != SECSuccess) goto error; #endif @@ -1768,7 +1788,7 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex) #endif #if defined(SSL_ENABLE_NPN) || defined(SSL_ENABLE_ALPN) - if(data->set.ssl_enable_npn || data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_npn || conn->bits.tls_enable_alpn) { int cur = 0; unsigned char protocols[128]; @@ -1815,7 +1835,7 @@ error: static CURLcode nss_do_connect(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; CURLcode result = CURLE_SSL_CONNECT_ERROR; PRUint32 timeout; @@ -1878,7 +1898,7 @@ static CURLcode nss_connect_common(struct connectdata *conn, int sockindex, bool *done) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; const bool blocking = (done == NULL); CURLcode result; @@ -2015,14 +2035,14 @@ size_t Curl_nss_version(char *buffer, size_t size) } /* data might be NULL */ -int Curl_nss_seed(struct SessionHandle *data) +int Curl_nss_seed(struct Curl_easy *data) { /* make sure that NSS is initialized */ return !!Curl_nss_force_init(data); } /* data might be NULL */ -int Curl_nss_random(struct SessionHandle *data, +int Curl_nss_random(struct Curl_easy *data, unsigned char *entropy, size_t length) { diff --git a/lib/vtls/nssg.h b/lib/vtls/nssg.h index 601168c21..ac67e6ab7 100644 --- a/lib/vtls/nssg.h +++ b/lib/vtls/nssg.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -42,12 +42,12 @@ void Curl_nss_cleanup(void); size_t Curl_nss_version(char *buffer, size_t size); int Curl_nss_check_cxn(struct connectdata *cxn); -int Curl_nss_seed(struct SessionHandle *data); +int Curl_nss_seed(struct Curl_easy *data); /* initialize NSS library if not already */ -CURLcode Curl_nss_force_init(struct SessionHandle *data); +CURLcode Curl_nss_force_init(struct Curl_easy *data); -int Curl_nss_random(struct SessionHandle *data, +int Curl_nss_random(struct Curl_easy *data, unsigned char *entropy, size_t length); @@ -74,6 +74,9 @@ bool Curl_nss_false_start(void); /* this backend supports CURLOPT_CERTINFO */ #define have_curlssl_certinfo 1 +/* this backends supports CURLOPT_PINNEDPUBLICKEY */ +#define have_curlssl_pinnedpubkey 1 + /* API setup for NSS */ #define curlssl_init Curl_nss_init #define curlssl_cleanup Curl_nss_cleanup diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index cbf2d2123..0a3e6a3be 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -95,10 +95,6 @@ #if (OPENSSL_VERSION_NUMBER >= 0x10000000L) #define HAVE_ERR_REMOVE_THREAD_STATE 1 -#if (OPENSSL_VERSION_NUMBER >= 0x10100004L) -/* OpenSSL 1.1.0-pre4 removed the argument! */ -#define HAVE_ERR_REMOVE_THREAD_STATE_NOARG 1 -#endif #endif #if !defined(HAVE_SSLV2_CLIENT_METHOD) || \ @@ -109,10 +105,20 @@ #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && /* OpenSSL 1.1.0+ */ \ !defined(LIBRESSL_VERSION_NUMBER) -#define SSLeay_add_ssl_algorithms() SSL_library_init() #define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */ #define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */ +#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ +#define CONST_EXTS const +#define CONST_ASN1_BIT_STRING const +#else +/* For OpenSSL before 1.1.0 */ +#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x) +#define X509_get0_notBefore(x) X509_get_notBefore(x) +#define X509_get0_notAfter(x) X509_get_notAfter(x) +#define CONST_EXTS /* nope */ +#define CONST_ASN1_BIT_STRING /* nope */ +#define OpenSSL_version_num() SSLeay() #endif #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \ @@ -120,6 +126,12 @@ #define HAVE_X509_GET0_SIGNATURE 1 #endif +#if OPENSSL_VERSION_NUMBER >= 0x10002003L && \ + OPENSSL_VERSION_NUMBER <= 0x10002FFFL && \ + !defined(OPENSSL_NO_COMP) +#define HAVE_SSL_COMP_FREE_COMPRESSION_METHODS 1 +#endif + #if (OPENSSL_VERSION_NUMBER < 0x0090808fL) /* not present in older OpenSSL */ #define OPENSSL_load_builtin_modules(x) @@ -178,7 +190,7 @@ static bool rand_enough(int nread) } #endif -static int ossl_seed(struct SessionHandle *data) +static int ossl_seed(struct Curl_easy *data) { char *buf = data->state.buffer; /* point to the big buffer */ int nread=0; @@ -247,7 +259,7 @@ static int ossl_seed(struct SessionHandle *data) return nread; } -static void Curl_ossl_seed(struct SessionHandle *data) +static void Curl_ossl_seed(struct Curl_easy *data) { /* we have the "SSL is seeded" boolean static to prevent multiple time-consuming seedings in vain */ @@ -331,7 +343,7 @@ int cert_stuff(struct connectdata *conn, char *key_file, const char *key_type) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int file_type = do_file_type(cert_type); @@ -664,7 +676,7 @@ static int x509_name_oneline(X509_NAME *a, char *buf, size_t size) /* Return error string for last OpenSSL error */ -static char *SSL_strerror(unsigned long error, char *buf, size_t size) +static char *ossl_strerror(unsigned long error, char *buf, size_t size) { /* OpenSSL 0.9.6 and later has a function named ERR_error_string_n() that takes the size of the buffer as a @@ -703,6 +715,10 @@ int Curl_ossl_init(void) CONF_MFLAGS_DEFAULT_SECTION| CONF_MFLAGS_IGNORE_MISSING_FILE); +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \ + !defined(LIBRESSL_VERSION_NUMBER) + /* OpenSSL 1.1.0+ takes care of initialization itself */ +#else /* Lets get nice error messages */ SSL_load_error_strings(); @@ -711,6 +727,7 @@ int Curl_ossl_init(void) return 0; OpenSSL_add_all_algorithms(); +#endif return 1; } @@ -718,6 +735,11 @@ int Curl_ossl_init(void) /* Global cleanup */ void Curl_ossl_cleanup(void) { +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \ + !defined(LIBRESSL_VERSION_NUMBER) + /* OpenSSL 1.1 deprecates all these cleanup functions and + turns them into no-ops in OpenSSL 1.0 compatibility mode */ +#else /* Free ciphers and digests lists */ EVP_cleanup(); @@ -735,9 +757,7 @@ void Curl_ossl_cleanup(void) ERR_free_strings(); /* Free thread local error state, destroying hash upon zero refcount */ -#ifdef HAVE_ERR_REMOVE_THREAD_STATE_NOARG - ERR_remove_thread_state(); -#elif defined(HAVE_ERR_REMOVE_THREAD_STATE) +#ifdef HAVE_ERR_REMOVE_THREAD_STATE ERR_remove_thread_state(NULL); #else ERR_remove_state(0); @@ -745,10 +765,15 @@ void Curl_ossl_cleanup(void) /* Free all memory allocated by all configuration modules */ CONF_modules_free(); + +#ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS + SSL_COMP_free_compression_methods(); +#endif +#endif } /* - * This function uses SSL_peek to determine connection status. + * This function is used to determine connection status. * * Return codes: * 1 means the connection is still in place @@ -757,22 +782,51 @@ void Curl_ossl_cleanup(void) */ int Curl_ossl_check_cxn(struct connectdata *conn) { - int rc; + /* SSL_peek takes data out of the raw recv buffer without peeking so we use + recv MSG_PEEK instead. Bug #795 */ +#ifdef MSG_PEEK char buf; - - rc = SSL_peek(conn->ssl[FIRSTSOCKET].handle, (void*)&buf, 1); - if(rc > 0) - return 1; /* connection still in place */ - - if(rc == 0) + ssize_t nread; + nread = recv((RECV_TYPE_ARG1)conn->sock[FIRSTSOCKET], (RECV_TYPE_ARG2)&buf, + (RECV_TYPE_ARG3)1, (RECV_TYPE_ARG4)MSG_PEEK); + if(nread == 0) return 0; /* connection has been closed */ - + else if(nread == 1) + return 1; /* connection still in place */ + else if(nread == -1) { + int err = SOCKERRNO; + if(err == EINPROGRESS || +#if defined(EAGAIN) && (EAGAIN != EWOULDBLOCK) + err == EAGAIN || +#endif + err == EWOULDBLOCK) + return 1; /* connection still in place */ + if(err == ECONNRESET || +#ifdef ECONNABORTED + err == ECONNABORTED || +#endif +#ifdef ENETDOWN + err == ENETDOWN || +#endif +#ifdef ENETRESET + err == ENETRESET || +#endif +#ifdef ESHUTDOWN + err == ESHUTDOWN || +#endif +#ifdef ETIMEDOUT + err == ETIMEDOUT || +#endif + err == ENOTCONN) + return 0; /* connection has been closed */ + } +#endif return -1; /* connection status unknown */ } /* Selects an OpenSSL crypto engine */ -CURLcode Curl_ossl_set_engine(struct SessionHandle *data, const char *engine) +CURLcode Curl_ossl_set_engine(struct Curl_easy *data, const char *engine) { #if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H) ENGINE *e; @@ -803,7 +857,7 @@ CURLcode Curl_ossl_set_engine(struct SessionHandle *data, const char *engine) ENGINE_free(e); failf(data, "Failed to initialise SSL Engine '%s':\n%s", - engine, SSL_strerror(ERR_get_error(), buf, sizeof(buf))); + engine, ossl_strerror(ERR_get_error(), buf, sizeof(buf))); return CURLE_SSL_ENGINE_INITFAILED; } data->state.engine = e; @@ -817,7 +871,7 @@ CURLcode Curl_ossl_set_engine(struct SessionHandle *data, const char *engine) /* Sets engine as default for all SSL operations */ -CURLcode Curl_ossl_set_engine_default(struct SessionHandle *data) +CURLcode Curl_ossl_set_engine_default(struct Curl_easy *data) { #ifdef HAVE_OPENSSL_ENGINE_H if(data->state.engine) { @@ -839,7 +893,7 @@ CURLcode Curl_ossl_set_engine_default(struct SessionHandle *data) /* Return list of OpenSSL crypto engine names. */ -struct curl_slist *Curl_ossl_engines_list(struct SessionHandle *data) +struct curl_slist *Curl_ossl_engines_list(struct Curl_easy *data) { struct curl_slist *list = NULL; #if defined(USE_OPENSSL) && defined(HAVE_OPENSSL_ENGINE_H) @@ -888,9 +942,9 @@ int Curl_ossl_shutdown(struct connectdata *conn, int sockindex) { int retval = 0; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct SessionHandle *data = conn->data; - char buf[120]; /* We will use this for the OpenSSL error buffer, so it has - to be at least 120 bytes long. */ + struct Curl_easy *data = conn->data; + char buf[256]; /* We will use this for the OpenSSL error buffer, so it has + to be at least 256 bytes long. */ unsigned long sslerror; ssize_t nread; int buffsize; @@ -939,7 +993,7 @@ int Curl_ossl_shutdown(struct connectdata *conn, int sockindex) /* openssl/ssl.h says "look at error stack/return value/errno" */ sslerror = ERR_get_error(); failf(conn->data, OSSL_PACKAGE " SSL read: %s, errno %d", - ERR_error_string(sslerror, buf), + ossl_strerror(sslerror, buf, sizeof(buf)), SOCKERRNO); done = 1; break; @@ -991,7 +1045,7 @@ void Curl_ossl_session_free(void *ptr) * This function is called when the 'data' struct is going away. Close * down everything and free all resources! */ -void Curl_ossl_close_all(struct SessionHandle *data) +void Curl_ossl_close_all(struct Curl_easy *data) { #ifdef HAVE_OPENSSL_ENGINE_H if(data->state.engine) { @@ -1033,7 +1087,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) bool matched = FALSE; int target = GEN_DNS; /* target type, GEN_DNS or GEN_IPADD */ size_t addrlen = 0; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; STACK_OF(GENERAL_NAME) *altnames; #ifdef ENABLE_IPV6 struct in6_addr addr; @@ -1041,6 +1095,8 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) struct in_addr addr; #endif CURLcode result = CURLE_OK; + bool dNSName = FALSE; /* if a dNSName field exists in the cert */ + bool iPAddress = FALSE; /* if a iPAddress field exists in the cert */ #ifdef ENABLE_IPV6 if(conn->bits.ipv6_ip && @@ -1061,20 +1117,27 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) if(altnames) { int numalts; int i; + bool dnsmatched = FALSE; + bool ipmatched = FALSE; /* get amount of alternatives, RFC2459 claims there MUST be at least one, but we don't depend on it... */ numalts = sk_GENERAL_NAME_num(altnames); - /* loop through all alternatives while none has matched */ - for(i=0; (itype == GEN_DNS) + dNSName = TRUE; + else if(check->type == GEN_IPADD) + iPAddress = TRUE; + /* only check alternatives of the same type the target is */ if(check->type == target) { /* get data and length */ - const char *altptr = (char *)ASN1_STRING_data(check->d.ia5); + const char *altptr = (char *)ASN1_STRING_get0_data(check->d.ia5); size_t altlen = (size_t) ASN1_STRING_length(check->d.ia5); switch(target) { @@ -1093,7 +1156,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) /* if this isn't true, there was an embedded zero in the name string and we cannot match it. */ Curl_cert_hostcheck(altptr, conn->host.name)) { - matched = TRUE; + dnsmatched = TRUE; infof(data, " subjectAltName: host \"%s\" matched cert's \"%s\"\n", conn->host.dispname, altptr); @@ -1104,7 +1167,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) /* compare alternative IP address if the data chunk is the same size our server IP address is */ if((altlen == addrlen) && !memcmp(altptr, &addr, altlen)) { - matched = TRUE; + ipmatched = TRUE; infof(data, " subjectAltName: host \"%s\" matched cert's IP address!\n", conn->host.dispname); @@ -1114,14 +1177,15 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) } } GENERAL_NAMES_free(altnames); + + if(dnsmatched || ipmatched) + matched = TRUE; } if(matched) /* an alternative name matched */ ; - else if(altnames) { - /* an alternative name field existed, but didn't match and then we MUST - fail */ + else if(dNSName || iPAddress) { infof(data, " subjectAltName does not match %s\n", conn->host.dispname); failf(data, "SSL: no alternative certificate subject name matches " "target host name '%s'", conn->host.dispname); @@ -1159,9 +1223,9 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) if(ASN1_STRING_type(tmp) == V_ASN1_UTF8STRING) { j = ASN1_STRING_length(tmp); if(j >= 0) { - peer_CN = OPENSSL_malloc(j+1); + peer_CN = malloc(j+1); if(peer_CN) { - memcpy(peer_CN, ASN1_STRING_data(tmp), j); + memcpy(peer_CN, ASN1_STRING_get0_data(tmp), j); peer_CN[j] = '\0'; } } @@ -1185,7 +1249,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) CURLcode rc = Curl_convert_from_utf8(data, peer_CN, strlen(peer_CN)); /* Curl_convert_from_utf8 calls failf if unsuccessful */ if(rc) { - OPENSSL_free(peer_CN); + free(peer_CN); return rc; } } @@ -1207,7 +1271,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) infof(data, " common name: %s (matched)\n", peer_CN); } if(peer_CN) - OPENSSL_free(peer_CN); + free(peer_CN); } return result; @@ -1221,7 +1285,7 @@ static CURLcode verifystatus(struct connectdata *conn, int i, ocsp_status; const unsigned char *p; CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; OCSP_RESPONSE *rsp = NULL; OCSP_BASICRESP *br = NULL; @@ -1437,7 +1501,7 @@ static void ssl_tls_trace(int direction, int ssl_ver, int content_type, const void *buf, size_t len, SSL *ssl, void *userp) { - struct SessionHandle *data; + struct Curl_easy *data; const char *msg_name, *tls_rt_name; char ssl_buf[1024]; char unknown[32]; @@ -1623,9 +1687,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) { CURLcode result = CURLE_OK; char *ciphers; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; SSL_METHOD_QUAL SSL_METHOD *req_method = NULL; - void *ssl_sessionid = NULL; X509_LOOKUP *lookup = NULL; curl_socket_t sockfd = conn->sock[sockindex]; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; @@ -1837,12 +1900,12 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) SSL_CTX_set_options(connssl->ctx, ctx_options); #ifdef HAS_NPN - if(data->set.ssl_enable_npn) + if(conn->bits.tls_enable_npn) SSL_CTX_set_next_proto_select_cb(connssl->ctx, select_next_proto_cb, conn); #endif #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { int cur = 0; unsigned char protocols[128]; @@ -2041,15 +2104,22 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) #endif /* Check if there's a cached ID we can/should use here! */ - if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL)) { - /* we got a session id, use it! */ - if(!SSL_set_session(connssl->handle, ssl_sessionid)) { - failf(data, "SSL: SSL_set_session failed: %s", - ERR_error_string(ERR_get_error(), NULL)); - return CURLE_SSL_CONNECT_ERROR; + if(conn->ssl_config.sessionid) { + void *ssl_sessionid = NULL; + + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL)) { + /* we got a session id, use it! */ + if(!SSL_set_session(connssl->handle, ssl_sessionid)) { + Curl_ssl_sessionid_unlock(conn); + failf(data, "SSL: SSL_set_session failed: %s", + ERR_error_string(ERR_get_error(), NULL)); + return CURLE_SSL_CONNECT_ERROR; + } + /* Informational message */ + infof (data, "SSL re-using session ID\n"); } - /* Informational message */ - infof (data, "SSL re-using session ID\n"); + Curl_ssl_sessionid_unlock(conn); } /* pass the raw socket into the SSL layers */ @@ -2066,7 +2136,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int err; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; DEBUGASSERT(ssl_connect_2 == connssl->connecting_state @@ -2118,6 +2188,7 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex) lerr = SSL_get_verify_result(connssl->handle); if(lerr != X509_V_OK) { + data->set.ssl.certverifyresult = lerr; snprintf(error_buffer, sizeof(error_buffer), "SSL certificate problem: %s", X509_verify_cert_error_string(lerr)); @@ -2129,7 +2200,7 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex) } else { result = CURLE_SSL_CONNECT_ERROR; - SSL_strerror(errdetail, error_buffer, sizeof(error_buffer)); + ossl_strerror(errdetail, error_buffer, sizeof(error_buffer)); } /* detail is already set to the SSL error above */ @@ -2163,7 +2234,7 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex) /* Sets data and len to negotiated protocol, len is 0 if no protocol was * negotiated */ - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { const unsigned char* neg_protocol; unsigned int len; SSL_get0_alpn_selected(connssl->handle, &neg_protocol, &len); @@ -2214,11 +2285,14 @@ do { \ break; \ } WHILE_FALSE -static void pubkey_show(struct SessionHandle *data, +static void pubkey_show(struct Curl_easy *data, BIO *mem, int num, const char *type, const char *name, +#ifdef HAVE_OPAQUE_RSA_DSA_DH + const +#endif BIGNUM *bn) { char *ptr; @@ -2226,20 +2300,27 @@ static void pubkey_show(struct SessionHandle *data, snprintf(namebuf, sizeof(namebuf), "%s(%s)", type, name); - BN_print(mem, bn); + if(bn) + BN_print(mem, bn); push_certinfo(namebuf, num); } +#ifdef HAVE_OPAQUE_RSA_DSA_DH +#define print_pubkey_BN(_type, _name, _num) \ + pubkey_show(data, mem, _num, #_type, #_name, _name) + +#else #define print_pubkey_BN(_type, _name, _num) \ do { \ if(_type->_name) { \ pubkey_show(data, mem, _num, #_type, #_name, _type->_name); \ } \ } WHILE_FALSE +#endif -static int X509V3_ext(struct SessionHandle *data, +static int X509V3_ext(struct Curl_easy *data, int certnum, - STACK_OF(X509_EXTENSION) *exts) + CONST_EXTS STACK_OF(X509_EXTENSION) *exts) { int i; size_t j; @@ -2297,7 +2378,7 @@ static CURLcode get_cert_chain(struct connectdata *conn, CURLcode result; STACK_OF(X509) *sk; int i; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; int numcerts; BIO *mem; @@ -2321,7 +2402,7 @@ static CURLcode get_cert_chain(struct connectdata *conn, EVP_PKEY *pubkey=NULL; int j; char *ptr; - ASN1_BIT_STRING *psig; + CONST_ASN1_BIT_STRING ASN1_BIT_STRING *psig = NULL; X509_NAME_print_ex(mem, X509_get_subject_name(x), 0, XN_FLAG_ONELINE); push_certinfo("Subject", i); @@ -2341,16 +2422,18 @@ static CURLcode get_cert_chain(struct connectdata *conn, #if defined(HAVE_X509_GET0_SIGNATURE) && defined(HAVE_X509_GET0_EXTENSIONS) { - X509_ALGOR *palg; + const X509_ALGOR *palg = NULL; ASN1_STRING *a = ASN1_STRING_new(); if(a) { X509_get0_signature(&psig, &palg, x); X509_signature_print(mem, palg, a); ASN1_STRING_free(a); - } - i2a_ASN1_OBJECT(mem, palg->algorithm); - push_certinfo("Public Key Algorithm", i); + if(palg) { + i2a_ASN1_OBJECT(mem, palg->algorithm); + push_certinfo("Public Key Algorithm", i); + } + } X509V3_ext(data, i, X509_get0_extensions(x)); } #else @@ -2370,10 +2453,10 @@ static CURLcode get_cert_chain(struct connectdata *conn, } #endif - ASN1_TIME_print(mem, X509_get_notBefore(x)); + ASN1_TIME_print(mem, X509_get0_notBefore(x)); push_certinfo("Start date", i); - ASN1_TIME_print(mem, X509_get_notAfter(x)); + ASN1_TIME_print(mem, X509_get0_notAfter(x)); push_certinfo("Expire date", i); pubkey = X509_get_pubkey(x); @@ -2395,9 +2478,35 @@ static CURLcode get_cert_chain(struct connectdata *conn, #else rsa = pubkey->pkey.rsa; #endif + +#ifdef HAVE_OPAQUE_RSA_DSA_DH + { + const BIGNUM *n; + const BIGNUM *e; + const BIGNUM *d; + const BIGNUM *p; + const BIGNUM *q; + const BIGNUM *dmp1; + const BIGNUM *dmq1; + const BIGNUM *iqmp; + + RSA_get0_key(rsa, &n, &e, &d); + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + BN_print(mem, n); + push_certinfo("RSA Public Key", i); + print_pubkey_BN(rsa, n, i); + print_pubkey_BN(rsa, e, i); + print_pubkey_BN(rsa, d, i); + print_pubkey_BN(rsa, p, i); + print_pubkey_BN(rsa, q, i); + print_pubkey_BN(rsa, dmp1, i); + print_pubkey_BN(rsa, dmq1, i); + print_pubkey_BN(rsa, iqmp, i); + } +#else BIO_printf(mem, "%d", BN_num_bits(rsa->n)); push_certinfo("RSA Public Key", i); - print_pubkey_BN(rsa, n, i); print_pubkey_BN(rsa, e, i); print_pubkey_BN(rsa, d, i); @@ -2406,6 +2515,8 @@ static CURLcode get_cert_chain(struct connectdata *conn, print_pubkey_BN(rsa, dmp1, i); print_pubkey_BN(rsa, dmq1, i); print_pubkey_BN(rsa, iqmp, i); +#endif + break; } case EVP_PKEY_DSA: @@ -2416,11 +2527,30 @@ static CURLcode get_cert_chain(struct connectdata *conn, #else dsa = pubkey->pkey.dsa; #endif +#ifdef HAVE_OPAQUE_RSA_DSA_DH + { + const BIGNUM *p; + const BIGNUM *q; + const BIGNUM *g; + const BIGNUM *priv_key; + const BIGNUM *pub_key; + + DSA_get0_pqg(dsa, &p, &q, &g); + DSA_get0_key(dsa, &pub_key, &priv_key); + + print_pubkey_BN(dsa, p, i); + print_pubkey_BN(dsa, q, i); + print_pubkey_BN(dsa, g, i); + print_pubkey_BN(dsa, priv_key, i); + print_pubkey_BN(dsa, pub_key, i); + } +#else print_pubkey_BN(dsa, p, i); print_pubkey_BN(dsa, q, i); print_pubkey_BN(dsa, g, i); print_pubkey_BN(dsa, priv_key, i); print_pubkey_BN(dsa, pub_key, i); +#endif break; } case EVP_PKEY_DH: @@ -2431,10 +2561,27 @@ static CURLcode get_cert_chain(struct connectdata *conn, #else dh = pubkey->pkey.dh; #endif +#ifdef HAVE_OPAQUE_RSA_DSA_DH + { + const BIGNUM *p; + const BIGNUM *q; + const BIGNUM *g; + const BIGNUM *priv_key; + const BIGNUM *pub_key; + DH_get0_pqg(dh, &p, &q, &g); + DH_get0_key(dh, &pub_key, &priv_key); + print_pubkey_BN(dh, p, i); + print_pubkey_BN(dh, q, i); + print_pubkey_BN(dh, g, i); + print_pubkey_BN(dh, priv_key, i); + print_pubkey_BN(dh, pub_key, i); + } +#else print_pubkey_BN(dh, p, i); print_pubkey_BN(dh, g, i); print_pubkey_BN(dh, priv_key, i); print_pubkey_BN(dh, pub_key, i); +#endif break; } #if 0 @@ -2446,9 +2593,11 @@ static CURLcode get_cert_chain(struct connectdata *conn, EVP_PKEY_free(pubkey); } - for(j = 0; j < psig->length; j++) - BIO_printf(mem, "%02x:", psig->data[j]); - push_certinfo("Signature", i); + if(psig) { + for(j = 0; j < psig->length; j++) + BIO_printf(mem, "%02x:", psig->data[j]); + push_certinfo("Signature", i); + } PEM_write_bio_X509(mem, x); push_certinfo("Cert", i); @@ -2463,7 +2612,7 @@ static CURLcode get_cert_chain(struct connectdata *conn, * Heavily modified from: * https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning#OpenSSL */ -static CURLcode pkp_pin_peer_pubkey(struct SessionHandle *data, X509* cert, +static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert, const char *pinnedpubkey) { /* Scratch */ @@ -2491,7 +2640,7 @@ static CURLcode pkp_pin_peer_pubkey(struct SessionHandle *data, X509* cert, break; /* failed */ /* https://www.openssl.org/docs/crypto/buffer.html */ - buff1 = temp = OPENSSL_malloc(len1); + buff1 = temp = malloc(len1); if(!buff1) break; /* failed */ @@ -2514,7 +2663,7 @@ static CURLcode pkp_pin_peer_pubkey(struct SessionHandle *data, X509* cert, /* https://www.openssl.org/docs/crypto/buffer.html */ if(buff1) - OPENSSL_free(buff1); + free(buff1); return result; } @@ -2534,7 +2683,7 @@ static CURLcode servercert(struct connectdata *conn, CURLcode result = CURLE_OK; int rc; long lerr, len; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; X509 *issuer; FILE *fp; char *buffer = data->state.buffer; @@ -2560,12 +2709,12 @@ static CURLcode servercert(struct connectdata *conn, buffer, BUFSIZE); infof(data, " subject: %s\n", rc?"[NONE]":buffer); - ASN1_TIME_print(mem, X509_get_notBefore(connssl->server_cert)); + ASN1_TIME_print(mem, X509_get0_notBefore(connssl->server_cert)); len = BIO_get_mem_data(mem, (char **) &ptr); infof(data, " start date: %.*s\n", len, ptr); rc = BIO_reset(mem); - ASN1_TIME_print(mem, X509_get_notAfter(connssl->server_cert)); + ASN1_TIME_print(mem, X509_get0_notAfter(connssl->server_cert)); len = BIO_get_mem_data(mem, (char **) &ptr); infof(data, " expire date: %.*s\n", len, ptr); rc = BIO_reset(mem); @@ -2688,43 +2837,49 @@ static CURLcode servercert(struct connectdata *conn, static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex) { CURLcode result = CURLE_OK; - void *old_ssl_sessionid = NULL; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - bool incache; - SSL_SESSION *our_ssl_sessionid; DEBUGASSERT(ssl_connect_3 == connssl->connecting_state); - our_ssl_sessionid = SSL_get1_session(connssl->handle); + if(conn->ssl_config.sessionid) { + bool incache; + SSL_SESSION *our_ssl_sessionid; + void *old_ssl_sessionid = NULL; - /* SSL_get1_session() will increment the reference count and the session - will stay in memory until explicitly freed with SSL_SESSION_free(3), - regardless of its state. */ + our_ssl_sessionid = SSL_get1_session(connssl->handle); - incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)); - if(incache) { - if(old_ssl_sessionid != our_ssl_sessionid) { - infof(data, "old SSL session ID is stale, removing\n"); - Curl_ssl_delsessionid(conn, old_ssl_sessionid); - incache = FALSE; + /* SSL_get1_session() will increment the reference count and the session + will stay in memory until explicitly freed with SSL_SESSION_free(3), + regardless of its state. */ + + Curl_ssl_sessionid_lock(conn); + incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)); + if(incache) { + if(old_ssl_sessionid != our_ssl_sessionid) { + infof(data, "old SSL session ID is stale, removing\n"); + Curl_ssl_delsessionid(conn, old_ssl_sessionid); + incache = FALSE; + } } - } - if(!incache) { - result = Curl_ssl_addsessionid(conn, our_ssl_sessionid, - 0 /* unknown size */); - if(result) { - failf(data, "failed to store ssl session"); - return result; + if(!incache) { + result = Curl_ssl_addsessionid(conn, our_ssl_sessionid, + 0 /* unknown size */); + if(result) { + Curl_ssl_sessionid_unlock(conn); + failf(data, "failed to store ssl session"); + return result; + } } - } - else { - /* Session was incache, so refcount already incremented earlier. - * Avoid further increments with each SSL_get1_session() call. - * This does not free the session as refcount remains > 0 - */ - SSL_SESSION_free(our_ssl_sessionid); + else { + /* Session was incache, so refcount already incremented earlier. + * Avoid further increments with each SSL_get1_session() call. + * This does not free the session as refcount remains > 0 + */ + SSL_SESSION_free(our_ssl_sessionid); + } + Curl_ssl_sessionid_unlock(conn); } /* @@ -2752,7 +2907,7 @@ static CURLcode ossl_connect_common(struct connectdata *conn, bool *done) { CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; curl_socket_t sockfd = conn->sock[sockindex]; long timeout_ms; @@ -2896,7 +3051,7 @@ static ssize_t ossl_send(struct connectdata *conn, /* SSL_write() is said to return 'int' while write() and send() returns 'size_t' */ int err; - char error_buffer[120]; /* OpenSSL documents that this must be at least 120 + char error_buffer[256]; /* OpenSSL documents that this must be at least 256 bytes long. */ unsigned long sslerror; int memlen; @@ -2928,7 +3083,7 @@ static ssize_t ossl_send(struct connectdata *conn, The OpenSSL error queue contains more information on the error. */ sslerror = ERR_get_error(); failf(conn->data, "SSL_write() error: %s", - ERR_error_string(sslerror, error_buffer)); + ossl_strerror(sslerror, error_buffer, sizeof(error_buffer))); *curlcode = CURLE_SEND_ERROR; return -1; } @@ -2947,8 +3102,8 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */ size_t buffersize, /* max amount to read */ CURLcode *curlcode) { - char error_buffer[120]; /* OpenSSL documents that this must be at - least 120 bytes long. */ + char error_buffer[256]; /* OpenSSL documents that this must be at + least 256 bytes long. */ unsigned long sslerror; ssize_t nread; int buffsize; @@ -2979,7 +3134,7 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */ /* If the return code was negative or there actually is an error in the queue */ failf(conn->data, "SSL read: %s, errno %d", - ERR_error_string(sslerror, error_buffer), + ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)), SOCKERRNO); *curlcode = CURLE_RECV_ERROR; return -1; @@ -2998,7 +3153,7 @@ size_t Curl_ossl_version(char *buffer, size_t size) unsigned long ssleay_value; sub[2]='\0'; sub[1]='\0'; - ssleay_value=SSLeay(); + ssleay_value=OpenSSL_version_num(); if(ssleay_value < 0x906000) { ssleay_value=SSLEAY_VERSION_NUMBER; sub[0]='\0'; @@ -3029,7 +3184,7 @@ size_t Curl_ossl_version(char *buffer, size_t size) } /* can be called with data == NULL */ -int Curl_ossl_random(struct SessionHandle *data, unsigned char *entropy, +int Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy, size_t length) { if(data) { diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h index c8e32af0b..ee18e710f 100644 --- a/lib/vtls/openssl.h +++ b/lib/vtls/openssl.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -41,20 +41,20 @@ void Curl_ossl_close(struct connectdata *conn, int sockindex); /* tell OpenSSL to close down all open information regarding connections (and thus session ID caching etc) */ -void Curl_ossl_close_all(struct SessionHandle *data); +void Curl_ossl_close_all(struct Curl_easy *data); /* Sets an OpenSSL engine */ -CURLcode Curl_ossl_set_engine(struct SessionHandle *data, const char *engine); +CURLcode Curl_ossl_set_engine(struct Curl_easy *data, const char *engine); /* function provided for the generic SSL-layer, called when a session id should be freed */ void Curl_ossl_session_free(void *ptr); /* Sets engine as default for all SSL operations */ -CURLcode Curl_ossl_set_engine_default(struct SessionHandle *data); +CURLcode Curl_ossl_set_engine_default(struct Curl_easy *data); /* Build list of OpenSSL engines */ -struct curl_slist *Curl_ossl_engines_list(struct SessionHandle *data); +struct curl_slist *Curl_ossl_engines_list(struct Curl_easy *data); int Curl_ossl_init(void); void Curl_ossl_cleanup(void); @@ -66,7 +66,7 @@ bool Curl_ossl_data_pending(const struct connectdata *conn, int connindex); /* return 0 if a find random is filled in */ -int Curl_ossl_random(struct SessionHandle *data, unsigned char *entropy, +int Curl_ossl_random(struct Curl_easy *data, unsigned char *entropy, size_t length); void Curl_ossl_md5sum(unsigned char *tmp, /* input */ size_t tmplen, @@ -88,9 +88,12 @@ bool Curl_ossl_cert_status_request(void); /* this backend supports CURLOPT_CERTINFO */ #define have_curlssl_certinfo 1 -/* this backend suppots CURLOPT_SSL_CTX_* */ +/* this backend supports CURLOPT_SSL_CTX_* */ #define have_curlssl_ssl_ctx 1 +/* this backend supports CURLOPT_PINNEDPUBLICKEY */ +#define have_curlssl_pinnedpubkey 1 + /* API setup for OpenSSL */ #define curlssl_init Curl_ossl_init #define curlssl_cleanup Curl_ossl_cleanup diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c index fcce60f05..d33f54801 100644 --- a/lib/vtls/polarssl.c +++ b/lib/vtls/polarssl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2016, Daniel Stenberg, , et al. * Copyright (C) 2010 - 2011, Hoi-Ho Chan, * * This software is licensed as described in the file COPYING, which @@ -36,6 +36,7 @@ #include #include #include +#include #if POLARSSL_VERSION_NUMBER < 0x01030000 #error too old PolarSSL @@ -60,6 +61,15 @@ /* The last #include file should be: */ #include "memdebug.h" +/* See https://tls.mbed.org/discussions/generic/ + howto-determine-exact-buffer-len-for-mbedtls_pk_write_pubkey_der +*/ +#define RSA_PUB_DER_MAX_BYTES (38 + 2 * POLARSSL_MPI_MAX_SIZE) +#define ECP_PUB_DER_MAX_BYTES (30 + 2 * POLARSSL_ECP_MAX_BYTES) + +#define PUB_DER_MAX_BYTES (RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \ + RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES) + /* apply threading? */ #if defined(USE_THREADS_POSIX) || defined(USE_THREADS_WIN32) #define THREADING_SUPPORT @@ -104,12 +114,12 @@ static int entropy_func_mutex(void *data, unsigned char *output, size_t len) #ifdef POLARSSL_DEBUG static void polarssl_debug(void *context, int level, const char *line) { - struct SessionHandle *data = NULL; + struct Curl_easy *data = NULL; if(!context) return; - data = (struct SessionHandle *)context; + data = (struct Curl_easy *)context; infof(data, "%s", line); (void) level; @@ -130,7 +140,7 @@ static CURLcode polarssl_connect_step1(struct connectdata *conn, int sockindex) { - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data* connssl = &conn->ssl[sockindex]; bool sni = TRUE; /* default is SNI enabled */ @@ -140,8 +150,6 @@ polarssl_connect_step1(struct connectdata *conn, #else struct in_addr addr; #endif - void *old_session = NULL; - size_t old_session_size = 0; char errorbuf[128]; errorbuf[0]=0; @@ -157,7 +165,7 @@ polarssl_connect_step1(struct connectdata *conn, entropy_init_mutex(&entropy); if((ret = ctr_drbg_init(&connssl->ctr_drbg, entropy_func_mutex, &entropy, - connssl->ssn.id, connssl->ssn.length)) != 0) { + NULL, 0)) != 0) { #ifdef POLARSSL_ERROR_C error_strerror(ret, errorbuf, sizeof(errorbuf)); #endif /* POLARSSL_ERROR_C */ @@ -168,7 +176,7 @@ polarssl_connect_step1(struct connectdata *conn, entropy_init(&connssl->entropy); if((ret = ctr_drbg_init(&connssl->ctr_drbg, entropy_func, &connssl->entropy, - connssl->ssn.id, connssl->ssn.length)) != 0) { + NULL, 0)) != 0) { #ifdef POLARSSL_ERROR_C error_strerror(ret, errorbuf, sizeof(errorbuf)); #endif /* POLARSSL_ERROR_C */ @@ -328,13 +336,22 @@ polarssl_connect_step1(struct connectdata *conn, net_send, &conn->sock[sockindex]); ssl_set_ciphersuites(&connssl->ssl, ssl_list_ciphersuites()); - if(!Curl_ssl_getsessionid(conn, &old_session, &old_session_size)) { - memcpy(&connssl->ssn, old_session, old_session_size); - infof(data, "PolarSSL re-using session\n"); - } - ssl_set_session(&connssl->ssl, - &connssl->ssn); + /* Check if there's a cached ID we can/should use here! */ + if(conn->ssl_config.sessionid) { + void *old_session = NULL; + + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, &old_session, NULL)) { + ret = ssl_set_session(&connssl->ssl, old_session); + Curl_ssl_sessionid_unlock(conn); + if(ret) { + failf(data, "ssl_set_session returned -0x%x", -ret); + return CURLE_SSL_CONNECT_ERROR; + } + infof(data, "PolarSSL re-using session\n"); + } + } ssl_set_ca_chain(&connssl->ssl, &connssl->cacert, @@ -344,17 +361,16 @@ polarssl_connect_step1(struct connectdata *conn, ssl_set_own_cert_rsa(&connssl->ssl, &connssl->clicert, &connssl->rsa); - if(!Curl_inet_pton(AF_INET, conn->host.name, &addr) && -#ifdef ENABLE_IPV6 - !Curl_inet_pton(AF_INET6, conn->host.name, &addr) && -#endif - sni && ssl_set_hostname(&connssl->ssl, conn->host.name)) { - infof(data, "WARNING: failed to configure " - "server name indication (SNI) TLS extension\n"); + if(ssl_set_hostname(&connssl->ssl, conn->host.name)) { + /* ssl_set_hostname() sets the name to use in CN/SAN checks *and* the name + to set in the SNI extension. So even if curl connects to a host + specified as an IP address, this function must be used. */ + failf(data, "couldn't set hostname in PolarSSL"); + return CURLE_SSL_CONNECT_ERROR; } #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { static const char* protocols[3]; int cur = 0; @@ -388,7 +404,7 @@ polarssl_connect_step2(struct connectdata *conn, int sockindex) { int ret; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data* connssl = &conn->ssl[sockindex]; char buffer[1024]; @@ -453,8 +469,63 @@ polarssl_connect_step2(struct connectdata *conn, infof(data, "Dumping cert info:\n%s\n", buffer); } + /* adapted from mbedtls.c */ + if(data->set.str[STRING_SSL_PINNEDPUBLICKEY]) { + int size; + CURLcode result; + x509_crt *p; + unsigned char pubkey[PUB_DER_MAX_BYTES]; + const x509_crt *peercert; + + peercert = ssl_get_peer_cert(&connssl->ssl); + + if(!peercert || !peercert->raw.p || !peercert->raw.len) { + failf(data, "Failed due to missing peer certificate"); + return CURLE_SSL_PINNEDPUBKEYNOTMATCH; + } + + p = calloc(1, sizeof(*p)); + + if(!p) + return CURLE_OUT_OF_MEMORY; + + x509_crt_init(p); + + /* Make a copy of our const peercert because pk_write_pubkey_der + needs a non-const key, for now. + https://github.com/ARMmbed/mbedtls/issues/396 */ + if(x509_crt_parse_der(p, peercert->raw.p, peercert->raw.len)) { + failf(data, "Failed copying peer certificate"); + x509_crt_free(p); + free(p); + return CURLE_SSL_PINNEDPUBKEYNOTMATCH; + } + + size = pk_write_pubkey_der(&p->pk, pubkey, PUB_DER_MAX_BYTES); + + if(size <= 0) { + failf(data, "Failed copying public key from peer certificate"); + x509_crt_free(p); + free(p); + return CURLE_SSL_PINNEDPUBKEYNOTMATCH; + } + + /* pk_write_pubkey_der writes data at the end of the buffer. */ + result = Curl_pin_peer_pubkey(data, + data->set.str[STRING_SSL_PINNEDPUBLICKEY], + &pubkey[PUB_DER_MAX_BYTES - size], size); + if(result) { + x509_crt_free(p); + free(p); + return result; + } + + x509_crt_free(p); + free(p); + } + #ifdef HAS_ALPN - if(data->set.ssl_enable_alpn) { + if(conn->bits.tls_enable_alpn) { const char *next_protocol = ssl_get_alpn_protocol(&connssl->ssl); if(next_protocol != NULL) { @@ -486,39 +557,40 @@ static CURLcode polarssl_connect_step3(struct connectdata *conn, int sockindex) { - CURLcode result = CURLE_OK; + CURLcode retcode = CURLE_OK; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct SessionHandle *data = conn->data; - void *old_ssl_sessionid = NULL; - ssl_session *our_ssl_sessionid = &conn->ssl[sockindex].ssn; - bool incache; + struct Curl_easy *data = conn->data; DEBUGASSERT(ssl_connect_3 == connssl->connecting_state); - /* Save the current session data for possible re-use */ - incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)); - if(incache) { - if(old_ssl_sessionid != our_ssl_sessionid) { - infof(data, "old SSL session ID is stale, removing\n"); - Curl_ssl_delsessionid(conn, old_ssl_sessionid); - incache = FALSE; - } - } + if(conn->ssl_config.sessionid) { + int ret; + ssl_session *our_ssl_sessionid; + void *old_ssl_sessionid = NULL; - if(!incache) { - void *new_session = malloc(sizeof(ssl_session)); + our_ssl_sessionid = malloc(sizeof(ssl_session)); + if(!our_ssl_sessionid) + return CURLE_OUT_OF_MEMORY; - if(new_session) { - memcpy(new_session, our_ssl_sessionid, sizeof(ssl_session)); + ssl_session_init(our_ssl_sessionid); - result = Curl_ssl_addsessionid(conn, new_session, sizeof(ssl_session)); + ret = ssl_get_session(&connssl->ssl, our_ssl_sessionid); + if(ret) { + failf(data, "ssl_get_session returned -0x%x", -ret); + return CURLE_SSL_CONNECT_ERROR; } - else - result = CURLE_OUT_OF_MEMORY; - if(result) { + /* If there's already a matching session in the cache, delete it */ + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)) + Curl_ssl_delsessionid(conn, old_ssl_sessionid); + + retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid, 0); + Curl_ssl_sessionid_unlock(conn); + if(retcode) { + free(our_ssl_sessionid); failf(data, "failed to store ssl session"); - return result; + return retcode; } } @@ -584,6 +656,7 @@ static ssize_t polarssl_recv(struct connectdata *conn, void Curl_polarssl_session_free(void *ptr) { + ssl_session_free(ptr); free(ptr); } @@ -605,7 +678,7 @@ polarssl_connect_common(struct connectdata *conn, bool *done) { CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; curl_socket_t sockfd = conn->sock[sockindex]; long timeout_ms; diff --git a/lib/vtls/polarssl.h b/lib/vtls/polarssl.h index 1ab5a841f..7098b24a4 100644 --- a/lib/vtls/polarssl.h +++ b/lib/vtls/polarssl.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2016, Daniel Stenberg, , et al. * Copyright (C) 2010, Hoi-Ho Chan, * * This software is licensed as described in the file COPYING, which @@ -26,6 +26,8 @@ #ifdef USE_POLARSSL +#include + /* Called on first use PolarSSL, setup threading if supported */ int Curl_polarssl_init(void); void Curl_polarssl_cleanup(void); @@ -50,6 +52,9 @@ int Curl_polarssl_shutdown(struct connectdata *conn, int sockindex); /* this backend supports the CAPATH option */ #define have_curlssl_ca_path 1 +/* this backends supports CURLOPT_PINNEDPUBLICKEY */ +#define have_curlssl_pinnedpubkey 1 + /* API setup for PolarSSL */ #define curlssl_init() Curl_polarssl_init() #define curlssl_cleanup() Curl_polarssl_cleanup() @@ -65,6 +70,7 @@ int Curl_polarssl_shutdown(struct connectdata *conn, int sockindex); #define curlssl_version Curl_polarssl_version #define curlssl_check_cxn(x) ((void)x, -1) #define curlssl_data_pending(x,y) ((void)x, (void)y, 0) +#define curlssl_sha256sum(a,b,c,d) sha256(a,b,c,0) /* This might cause libcurl to use a weeker random! TODO: implement proper use of Polarssl's CTR-DRBG or HMAC-DRBG and use that diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 7f7bd357d..511bd11ee 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -5,9 +5,9 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2015, Marc Hoersken, + * Copyright (C) 2012 - 2016, Marc Hoersken, * Copyright (C) 2012, Mark Salisbury, - * Copyright (C) 2012 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -56,11 +56,23 @@ #include "inet_pton.h" /* for IP addr SNI check */ #include "curl_multibyte.h" #include "warnless.h" +#include "x509asn1.h" #include "curl_printf.h" +#include "system_win32.h" + + /* The last #include file should be: */ #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" +/* ALPN requires version 8.1 of the Windows SDK, which was + shipped with Visual Studio 2013, aka _MSC_VER 1800: + + https://technet.microsoft.com/en-us/library/hh831771%28v=ws.11%29.aspx +*/ +#if defined(_MSC_VER) && (_MSC_VER >= 1800) && !defined(_USING_V110_SDK71_) +# define HAS_ALPN 1 +#endif + /* Uncomment to force verbose output * #define infof(x, y, ...) printf(y, __VA_ARGS__) * #define failf(x, y, ...) printf(y, __VA_ARGS__) @@ -93,10 +105,15 @@ static CURLcode schannel_connect_step1(struct connectdata *conn, int sockindex) { ssize_t written = -1; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; SecBuffer outbuf; SecBufferDesc outbuf_desc; + SecBuffer inbuf; + SecBufferDesc inbuf_desc; +#ifdef HAS_ALPN + unsigned char alpn_buffer[128]; +#endif SCHANNEL_CRED schannel_cred; SECURITY_STATUS sspi_status = SEC_E_OK; struct curl_schannel_cred *old_cred = NULL; @@ -110,12 +127,36 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) infof(data, "schannel: SSL/TLS connection with %s port %hu (step 1/3)\n", conn->host.name, conn->remote_port); +#ifdef HAS_ALPN + /* ALPN is only supported on Windows 8.1 / Server 2012 R2 and above. + Also it doesn't seem to be supported for Wine, see curl bug #983. */ + connssl->use_alpn = conn->bits.tls_enable_alpn && + !GetProcAddress(GetModuleHandleA("ntdll"), + "wine_get_version") && + Curl_verify_windows_version(6, 3, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL); +#else + connssl->use_alpn = false; +#endif + + connssl->cred = NULL; + /* check for an existing re-usable credential handle */ - if(!Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL)) { - connssl->cred = old_cred; - infof(data, "schannel: re-using existing credential handle\n"); + if(conn->ssl_config.sessionid) { + Curl_ssl_sessionid_lock(conn); + if(!Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL)) { + connssl->cred = old_cred; + infof(data, "schannel: re-using existing credential handle\n"); + + /* increment the reference counter of the credential/session handle */ + connssl->cred->refcount++; + infof(data, "schannel: incremented credential handle refcount = %d\n", + connssl->cred->refcount); + } + Curl_ssl_sessionid_unlock(conn); } - else { + + if(!connssl->cred) { /* setup Schannel API options */ memset(&schannel_cred, 0, sizeof(schannel_cred)); schannel_cred.dwVersion = SCHANNEL_CRED_VERSION; @@ -188,6 +229,7 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) return CURLE_OUT_OF_MEMORY; } memset(connssl->cred, 0, sizeof(struct curl_schannel_cred)); + connssl->cred->refcount = 1; /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa374716.aspx */ @@ -219,6 +261,60 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) infof(data, "schannel: using IP address, SNI is not supported by OS.\n"); } +#ifdef HAS_ALPN + if(connssl->use_alpn) { + int cur = 0; + int list_start_index = 0; + unsigned int* extension_len = NULL; + unsigned short* list_len = NULL; + + /* The first four bytes will be an unsigned int indicating number + of bytes of data in the rest of the the buffer. */ + extension_len = (unsigned int*)(&alpn_buffer[cur]); + cur += sizeof(unsigned int); + + /* The next four bytes are an indicator that this buffer will contain + ALPN data, as opposed to NPN, for example. */ + *(unsigned int*)&alpn_buffer[cur] = + SecApplicationProtocolNegotiationExt_ALPN; + cur += sizeof(unsigned int); + + /* The next two bytes will be an unsigned short indicating the number + of bytes used to list the preferred protocols. */ + list_len = (unsigned short*)(&alpn_buffer[cur]); + cur += sizeof(unsigned short); + + list_start_index = cur; + +#ifdef USE_NGHTTP2 + if(data->set.httpversion >= CURL_HTTP_VERSION_2) { + memcpy(&alpn_buffer[cur], NGHTTP2_PROTO_ALPN, NGHTTP2_PROTO_ALPN_LEN); + cur += NGHTTP2_PROTO_ALPN_LEN; + infof(data, "schannel: ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID); + } +#endif + + alpn_buffer[cur++] = ALPN_HTTP_1_1_LENGTH; + memcpy(&alpn_buffer[cur], ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH); + cur += ALPN_HTTP_1_1_LENGTH; + infof(data, "schannel: ALPN, offering %s\n", ALPN_HTTP_1_1); + + *list_len = curlx_uitous(cur - list_start_index); + *extension_len = *list_len + sizeof(unsigned int) + sizeof(unsigned short); + + InitSecBuffer(&inbuf, SECBUFFER_APPLICATION_PROTOCOLS, alpn_buffer, cur); + InitSecBufferDesc(&inbuf_desc, &inbuf, 1); + } + else + { + InitSecBuffer(&inbuf, SECBUFFER_EMPTY, NULL, 0); + InitSecBufferDesc(&inbuf_desc, &inbuf, 1); + } +#else /* HAS_ALPN */ + InitSecBuffer(&inbuf, SECBUFFER_EMPTY, NULL, 0); + InitSecBufferDesc(&inbuf_desc, &inbuf, 1); +#endif + /* setup output buffer */ InitSecBuffer(&outbuf, SECBUFFER_EMPTY, NULL, 0); InitSecBufferDesc(&outbuf_desc, &outbuf, 1); @@ -241,11 +337,17 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) if(!host_name) return CURLE_OUT_OF_MEMORY; - /* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */ + /* Schannel InitializeSecurityContext: + https://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx + At the moment we don't pass inbuf unless we're using ALPN since we only + use it for that, and Wine (for which we currently disable ALPN) is giving + us problems with inbuf regardless. https://github.com/curl/curl/issues/983 + */ sspi_status = s_pSecFn->InitializeSecurityContext( - &connssl->cred->cred_handle, NULL, host_name, - connssl->req_flags, 0, 0, NULL, 0, &connssl->ctxt->ctxt_handle, + &connssl->cred->cred_handle, NULL, host_name, connssl->req_flags, 0, 0, + (connssl->use_alpn ? &inbuf_desc : NULL), + 0, &connssl->ctxt->ctxt_handle, &outbuf_desc, &connssl->ret_flags, &connssl->ctxt->time_stamp); Curl_unicodefree(host_name); @@ -292,7 +394,7 @@ schannel_connect_step2(struct connectdata *conn, int sockindex) { int i; ssize_t nread = -1, written = -1; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; unsigned char *reallocated_buffer; size_t reallocated_length; @@ -532,10 +634,13 @@ static CURLcode schannel_connect_step3(struct connectdata *conn, int sockindex) { CURLcode result = CURLE_OK; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - struct curl_schannel_cred *old_cred = NULL; - bool incache; + SECURITY_STATUS sspi_status = SEC_E_OK; + CERT_CONTEXT *ccert_context = NULL; +#ifdef HAS_ALPN + SecPkgContext_ApplicationProtocol alpn_result; +#endif DEBUGASSERT(ssl_connect_3 == connssl->connecting_state); @@ -560,34 +665,95 @@ schannel_connect_step3(struct connectdata *conn, int sockindex) return CURLE_SSL_CONNECT_ERROR; } - /* increment the reference counter of the credential/session handle */ - if(connssl->cred && connssl->ctxt) { - connssl->cred->refcount++; - infof(data, "schannel: incremented credential handle refcount = %d\n", - connssl->cred->refcount); +#ifdef HAS_ALPN + if(connssl->use_alpn) { + sspi_status = s_pSecFn->QueryContextAttributes(&connssl->ctxt->ctxt_handle, + SECPKG_ATTR_APPLICATION_PROTOCOL, &alpn_result); + + if(sspi_status != SEC_E_OK) { + failf(data, "schannel: failed to retrieve ALPN result"); + return CURLE_SSL_CONNECT_ERROR; + } + + if(alpn_result.ProtoNegoStatus == + SecApplicationProtocolNegotiationStatus_Success) { + + infof(data, "schannel: ALPN, server accepted to use %.*s\n", + alpn_result.ProtocolIdSize, alpn_result.ProtocolId); + +#ifdef USE_NGHTTP2 + if(alpn_result.ProtocolIdSize == NGHTTP2_PROTO_VERSION_ID_LEN && + !memcmp(NGHTTP2_PROTO_VERSION_ID, alpn_result.ProtocolId, + NGHTTP2_PROTO_VERSION_ID_LEN)) { + conn->negnpn = CURL_HTTP_VERSION_2; + } + else +#endif + if(alpn_result.ProtocolIdSize == ALPN_HTTP_1_1_LENGTH && + !memcmp(ALPN_HTTP_1_1, alpn_result.ProtocolId, + ALPN_HTTP_1_1_LENGTH)) { + conn->negnpn = CURL_HTTP_VERSION_1_1; + } + } + else + infof(data, "ALPN, server did not agree to a protocol\n"); } +#endif /* save the current session data for possible re-use */ - incache = !(Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL)); - if(incache) { - if(old_cred != connssl->cred) { - infof(data, "schannel: old credential handle is stale, removing\n"); - Curl_ssl_delsessionid(conn, (void *)old_cred); - incache = FALSE; + if(conn->ssl_config.sessionid) { + bool incache; + struct curl_schannel_cred *old_cred = NULL; + + Curl_ssl_sessionid_lock(conn); + incache = !(Curl_ssl_getsessionid(conn, (void **)&old_cred, NULL)); + if(incache) { + if(old_cred != connssl->cred) { + infof(data, "schannel: old credential handle is stale, removing\n"); + /* we're not taking old_cred ownership here, no refcount++ is needed */ + Curl_ssl_delsessionid(conn, (void *)old_cred); + incache = FALSE; + } + } + if(!incache) { + result = Curl_ssl_addsessionid(conn, (void *)connssl->cred, + sizeof(struct curl_schannel_cred)); + if(result) { + Curl_ssl_sessionid_unlock(conn); + failf(data, "schannel: failed to store credential handle"); + return result; + } + else { + /* this cred session is now also referenced by sessionid cache */ + connssl->cred->refcount++; + infof(data, "schannel: stored credential handle in session cache\n"); + } } + Curl_ssl_sessionid_unlock(conn); } - if(!incache) { - result = Curl_ssl_addsessionid(conn, (void *)connssl->cred, - sizeof(struct curl_schannel_cred)); - if(result) { - failf(data, "schannel: failed to store credential handle"); - return result; + if(data->set.ssl.certinfo) { + sspi_status = s_pSecFn->QueryContextAttributes(&connssl->ctxt->ctxt_handle, + SECPKG_ATTR_REMOTE_CERT_CONTEXT, &ccert_context); + + if((sspi_status != SEC_E_OK) || (ccert_context == NULL)) { + failf(data, "schannel: failed to retrieve remote cert context"); + return CURLE_SSL_CONNECT_ERROR; } - else { - connssl->cred->cached = TRUE; - infof(data, "schannel: stored credential handle in session cache\n"); + + result = Curl_ssl_init_certinfo(data, 1); + if(!result) { + if(((ccert_context->dwCertEncodingType & X509_ASN_ENCODING) != 0) && + (ccert_context->cbCertEncoded > 0)) { + + const char *beg = (const char *) ccert_context->pbCertEncoded; + const char *end = beg + ccert_context->cbCertEncoded; + result = Curl_extract_certinfo(conn, 0, beg, end); + } } + CertFreeCertificateContext(ccert_context); + if(result) + return result; } connssl->connecting_state = ssl_connect_done; @@ -600,7 +766,7 @@ schannel_connect_common(struct connectdata *conn, int sockindex, bool nonblocking, bool *done) { CURLcode result; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; curl_socket_t sockfd = conn->sock[sockindex]; long timeout_ms; @@ -859,7 +1025,7 @@ schannel_recv(struct connectdata *conn, int sockindex, { size_t size = 0; ssize_t nread = -1; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; unsigned char *reallocated_buffer; size_t reallocated_length; @@ -1122,39 +1288,8 @@ cleanup: */ if(len && !connssl->decdata_offset && connssl->recv_connection_closed && !connssl->recv_sspi_close_notify) { - bool isWin2k = FALSE; - -#if !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_WIN2K) || \ - (_WIN32_WINNT < _WIN32_WINNT_WIN2K) - OSVERSIONINFO osver; - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - - /* Find out the Windows version */ - if(GetVersionEx(&osver)) { - /* Verify the version number is 5.0 */ - if(osver.dwMajorVersion == 5 && osver.dwMinorVersion == 0) - isWin2k = TRUE; - } -#else - ULONGLONG cm; - OSVERSIONINFOEX osver; - - memset(&osver, 0, sizeof(osver)); - osver.dwOSVersionInfoSize = sizeof(osver); - osver.dwMajorVersion = 5; - - cm = VerSetConditionMask(0, VER_MAJORVERSION, VER_EQUAL); - cm = VerSetConditionMask(cm, VER_MINORVERSION, VER_EQUAL); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMAJOR, VER_GREATER_EQUAL); - cm = VerSetConditionMask(cm, VER_SERVICEPACKMINOR, VER_GREATER_EQUAL); - - if(VerifyVersionInfo(&osver, (VER_MAJORVERSION | VER_MINORVERSION | - VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR), - cm)) - isWin2k = TRUE; -#endif + bool isWin2k = Curl_verify_windows_version(5, 0, PLATFORM_WINNT, + VERSION_EQUAL); if(isWin2k && sspi_status == SEC_E_OK) connssl->recv_sspi_close_notify = true; @@ -1222,7 +1357,7 @@ bool Curl_schannel_data_pending(const struct connectdata *conn, int sockindex) if(connssl->use) /* SSL/TLS is in use */ return (connssl->encdata_offset > 0 || - connssl->decdata_offset > 0 ) ? TRUE : FALSE; + connssl->decdata_offset > 0) ? TRUE : FALSE; else return FALSE; } @@ -1239,7 +1374,7 @@ int Curl_schannel_shutdown(struct connectdata *conn, int sockindex) /* See https://msdn.microsoft.com/en-us/library/windows/desktop/aa380138.aspx * Shutting Down an Schannel Connection */ - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; infof(data, "schannel: shutting down SSL/TLS connection with %s port %hu\n", @@ -1312,19 +1447,10 @@ int Curl_schannel_shutdown(struct connectdata *conn, int sockindex) /* free SSPI Schannel API credential handle */ if(connssl->cred) { - /* decrement the reference counter of the credential/session handle */ - if(connssl->cred->refcount > 0) { - connssl->cred->refcount--; - infof(data, "schannel: decremented credential handle refcount = %d\n", - connssl->cred->refcount); - } - - /* if the handle was not cached and the refcount is zero */ - if(!connssl->cred->cached && connssl->cred->refcount == 0) { - infof(data, "schannel: clear credential handle\n"); - s_pSecFn->FreeCredentialsHandle(&connssl->cred->cred_handle); - Curl_safefree(connssl->cred); - } + Curl_ssl_sessionid_lock(conn); + Curl_schannel_session_free(connssl->cred); + Curl_ssl_sessionid_unlock(conn); + connssl->cred = NULL; } /* free internal buffer for received encrypted data */ @@ -1346,16 +1472,13 @@ int Curl_schannel_shutdown(struct connectdata *conn, int sockindex) void Curl_schannel_session_free(void *ptr) { + /* this is expected to be called under sessionid lock */ struct curl_schannel_cred *cred = ptr; - if(cred && cred->cached) { - if(cred->refcount == 0) { - s_pSecFn->FreeCredentialsHandle(&cred->cred_handle); - Curl_safefree(cred); - } - else { - cred->cached = FALSE; - } + cred->refcount--; + if(cred->refcount == 0) { + s_pSecFn->FreeCredentialsHandle(&cred->cred_handle); + Curl_safefree(cred); } } @@ -1397,7 +1520,7 @@ int Curl_schannel_random(unsigned char *entropy, size_t length) static CURLcode verify_certificate(struct connectdata *conn, int sockindex) { SECURITY_STATUS status; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; CURLcode result = CURLE_OK; CERT_CONTEXT *pCertContextServer = NULL; diff --git a/lib/vtls/schannel.h b/lib/vtls/schannel.h index a314b34f9..8a4991ec8 100644 --- a/lib/vtls/schannel.h +++ b/lib/vtls/schannel.h @@ -97,6 +97,9 @@ int Curl_schannel_random(unsigned char *entropy, size_t length); /* Set the API backend definition to Schannel */ #define CURL_SSL_BACKEND CURLSSLBACKEND_SCHANNEL +/* this backend supports CURLOPT_CERTINFO */ +#define have_curlssl_certinfo 1 + /* API setup for Schannel */ #define curlssl_init Curl_schannel_init #define curlssl_cleanup Curl_schannel_cleanup diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 36465a7f6..fe69306de 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -99,8 +99,7 @@ Curl_ssl_config_matches(struct ssl_config_data* data, (data->verifyhost == needle->verifyhost) && safe_strequal(data->CApath, needle->CApath) && safe_strequal(data->CAfile, needle->CAfile) && - safe_strequal(data->random_file, needle->random_file) && - safe_strequal(data->egdsocket, needle->egdsocket) && + safe_strequal(data->clientcert, needle->clientcert) && safe_strequal(data->cipher_list, needle->cipher_list)) return TRUE; @@ -156,6 +155,15 @@ Curl_clone_ssl_config(struct ssl_config_data *source, else dest->random_file = NULL; + if(source->clientcert) { + dest->clientcert = strdup(source->clientcert); + if(!dest->clientcert) + return FALSE; + dest->sessionid = FALSE; + } + else + dest->clientcert = NULL; + return TRUE; } @@ -166,6 +174,7 @@ void Curl_free_ssl_config(struct ssl_config_data* sslc) Curl_safefree(sslc->cipher_list); Curl_safefree(sslc->egdsocket); Curl_safefree(sslc->random_file); + Curl_safefree(sslc->clientcert); } @@ -181,7 +190,7 @@ void Curl_free_ssl_config(struct ssl_config_data* sslc) * */ -unsigned int Curl_rand(struct SessionHandle *data) +unsigned int Curl_rand(struct Curl_easy *data) { unsigned int r = 0; static unsigned int randseed; @@ -276,7 +285,7 @@ void Curl_ssl_cleanup(void) } } -static bool ssl_prefs_check(struct SessionHandle *data) +static bool ssl_prefs_check(struct Curl_easy *data) { /* check for CURLOPT_SSLVERSION invalid parameter value */ if((data->set.ssl.version < 0) @@ -329,6 +338,25 @@ Curl_ssl_connect_nonblocking(struct connectdata *conn, int sockindex, return result; } +/* + * Lock shared SSL session data + */ +void Curl_ssl_sessionid_lock(struct connectdata *conn) +{ + if(SSLSESSION_SHARED(conn->data)) + Curl_share_lock(conn->data, + CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SINGLE); +} + +/* + * Unlock shared SSL session data + */ +void Curl_ssl_sessionid_unlock(struct connectdata *conn) +{ + if(SSLSESSION_SHARED(conn->data)) + Curl_share_unlock(conn->data, CURL_LOCK_DATA_SSL_SESSION); +} + /* * Check if there's a session ID for the given connection in the cache, and if * there's one suitable, it is provided. Returns TRUE when no entry matched. @@ -338,22 +366,22 @@ bool Curl_ssl_getsessionid(struct connectdata *conn, size_t *idsize) /* set 0 if unknown */ { struct curl_ssl_session *check; - struct SessionHandle *data = conn->data; + struct Curl_easy *data = conn->data; size_t i; long *general_age; bool no_match = TRUE; *ssl_sessionid = NULL; + DEBUGASSERT(conn->ssl_config.sessionid); + if(!conn->ssl_config.sessionid) /* session ID re-use is disabled */ return TRUE; /* Lock if shared */ - if(SSLSESSION_SHARED(data)) { - Curl_share_lock(data, CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SINGLE); + if(SSLSESSION_SHARED(data)) general_age = &data->share->sessionage; - } else general_age = &data->state.sessionage; @@ -363,6 +391,12 @@ bool Curl_ssl_getsessionid(struct connectdata *conn, /* not session ID means blank entry */ continue; if(Curl_raw_equal(conn->host.name, check->name) && + ((!conn->bits.conn_to_host && !check->conn_to_host) || + (conn->bits.conn_to_host && check->conn_to_host && + Curl_raw_equal(conn->conn_to_host.name, check->conn_to_host))) && + ((!conn->bits.conn_to_port && check->conn_to_port == -1) || + (conn->bits.conn_to_port && check->conn_to_port != -1 && + conn->conn_to_port == check->conn_to_port)) && (conn->remote_port == check->remote_port) && Curl_ssl_config_matches(&conn->ssl_config, &check->ssl_config)) { /* yes, we have a session ID! */ @@ -376,10 +410,6 @@ bool Curl_ssl_getsessionid(struct connectdata *conn, } } - /* Unlock */ - if(SSLSESSION_SHARED(data)) - Curl_share_unlock(data, CURL_LOCK_DATA_SSL_SESSION); - return no_match; } @@ -400,6 +430,7 @@ void Curl_ssl_kill_session(struct curl_ssl_session *session) Curl_free_ssl_config(&session->ssl_config); Curl_safefree(session->name); + Curl_safefree(session->conn_to_host); } } @@ -409,10 +440,7 @@ void Curl_ssl_kill_session(struct curl_ssl_session *session) void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid) { size_t i; - struct SessionHandle *data=conn->data; - - if(SSLSESSION_SHARED(data)) - Curl_share_lock(data, CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SINGLE); + struct Curl_easy *data=conn->data; for(i = 0; i < data->set.ssl.max_ssl_sessions; i++) { struct curl_ssl_session *check = &data->state.session[i]; @@ -422,9 +450,6 @@ void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid) break; } } - - if(SSLSESSION_SHARED(data)) - Curl_share_unlock(data, CURL_LOCK_DATA_SSL_SESSION); } /* @@ -438,26 +463,40 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, size_t idsize) { size_t i; - struct SessionHandle *data=conn->data; /* the mother of all structs */ + struct Curl_easy *data=conn->data; /* the mother of all structs */ struct curl_ssl_session *store = &data->state.session[0]; long oldest_age=data->state.session[0].age; /* zero if unused */ char *clone_host; + char *clone_conn_to_host; + int conn_to_port; long *general_age; - /* Even though session ID re-use might be disabled, that only disables USING - IT. We still store it here in case the re-using is again enabled for an - upcoming transfer */ + DEBUGASSERT(conn->ssl_config.sessionid); clone_host = strdup(conn->host.name); if(!clone_host) return CURLE_OUT_OF_MEMORY; /* bail out */ + if(conn->bits.conn_to_host) { + clone_conn_to_host = strdup(conn->conn_to_host.name); + if(!clone_conn_to_host) { + free(clone_host); + return CURLE_OUT_OF_MEMORY; /* bail out */ + } + } + else + clone_conn_to_host = NULL; + + if(conn->bits.conn_to_port) + conn_to_port = conn->conn_to_port; + else + conn_to_port = -1; + /* Now we should add the session ID and the host name to the cache, (remove the oldest if necessary) */ /* If using shared SSL session, lock! */ if(SSLSESSION_SHARED(data)) { - Curl_share_lock(data, CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_ACCESS_SINGLE); general_age = &data->share->sessionage; } else { @@ -484,17 +523,16 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, store->age = *general_age; /* set current age */ /* free it if there's one already present */ free(store->name); + free(store->conn_to_host); store->name = clone_host; /* clone host name */ + store->conn_to_host = clone_conn_to_host; /* clone connect to host name */ + store->conn_to_port = conn_to_port; /* connect to port number */ store->remote_port = conn->remote_port; /* port number */ - - /* Unlock */ - if(SSLSESSION_SHARED(data)) - Curl_share_unlock(data, CURL_LOCK_DATA_SSL_SESSION); - if(!Curl_clone_ssl_config(&conn->ssl_config, &store->ssl_config)) { store->sessionid = NULL; /* let caller free sessionid */ free(clone_host); + free(clone_conn_to_host); return CURLE_OUT_OF_MEMORY; } @@ -502,7 +540,7 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, } -void Curl_ssl_close_all(struct SessionHandle *data) +void Curl_ssl_close_all(struct Curl_easy *data) { size_t i; /* kill the session ID cache if not shared */ @@ -540,20 +578,20 @@ CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex) /* Selects an SSL crypto engine */ -CURLcode Curl_ssl_set_engine(struct SessionHandle *data, const char *engine) +CURLcode Curl_ssl_set_engine(struct Curl_easy *data, const char *engine) { return curlssl_set_engine(data, engine); } /* Selects the default SSL crypto engine */ -CURLcode Curl_ssl_set_engine_default(struct SessionHandle *data) +CURLcode Curl_ssl_set_engine_default(struct Curl_easy *data) { return curlssl_set_engine_default(data); } /* Return list of OpenSSL crypto engine names. */ -struct curl_slist *Curl_ssl_engines_list(struct SessionHandle *data) +struct curl_slist *Curl_ssl_engines_list(struct Curl_easy *data) { return curlssl_engines_list(data); } @@ -562,7 +600,7 @@ struct curl_slist *Curl_ssl_engines_list(struct SessionHandle *data) * This sets up a session ID cache to the specified size. Make sure this code * is agnostic to what underlying SSL technology we use. */ -CURLcode Curl_ssl_initsessions(struct SessionHandle *data, size_t amount) +CURLcode Curl_ssl_initsessions(struct Curl_easy *data, size_t amount) { struct curl_ssl_session *session; @@ -605,7 +643,7 @@ bool Curl_ssl_data_pending(const struct connectdata *conn, return curlssl_data_pending(conn, connindex); } -void Curl_ssl_free_certinfo(struct SessionHandle *data) +void Curl_ssl_free_certinfo(struct Curl_easy *data) { int i; struct curl_certinfo *ci = &data->info.certs; @@ -623,7 +661,7 @@ void Curl_ssl_free_certinfo(struct SessionHandle *data) } } -CURLcode Curl_ssl_init_certinfo(struct SessionHandle *data, int num) +CURLcode Curl_ssl_init_certinfo(struct Curl_easy *data, int num) { struct curl_certinfo *ci = &data->info.certs; struct curl_slist **table; @@ -645,7 +683,7 @@ CURLcode Curl_ssl_init_certinfo(struct SessionHandle *data, int num) /* * 'value' is NOT a zero terminated string */ -CURLcode Curl_ssl_push_certinfo_len(struct SessionHandle *data, +CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy *data, int certnum, const char *label, const char *value, @@ -686,7 +724,7 @@ CURLcode Curl_ssl_push_certinfo_len(struct SessionHandle *data, * This is a convenience function for push_certinfo_len that takes a zero * terminated value. */ -CURLcode Curl_ssl_push_certinfo(struct SessionHandle *data, +CURLcode Curl_ssl_push_certinfo(struct Curl_easy *data, int certnum, const char *label, const char *value) @@ -696,7 +734,7 @@ CURLcode Curl_ssl_push_certinfo(struct SessionHandle *data, return Curl_ssl_push_certinfo_len(data, certnum, label, value, valuelen); } -int Curl_ssl_random(struct SessionHandle *data, +int Curl_ssl_random(struct Curl_easy *data, unsigned char *entropy, size_t length) { @@ -765,7 +803,7 @@ static CURLcode pubkey_pem_to_der(const char *pem, * Generic pinned public key check. */ -CURLcode Curl_pin_peer_pubkey(struct SessionHandle *data, +CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data, const char *pinnedpubkey, const unsigned char *pubkey, size_t pubkeylen) { @@ -788,9 +826,9 @@ CURLcode Curl_pin_peer_pubkey(struct SessionHandle *data, if(!pubkey || !pubkeylen) return result; -#ifdef curlssl_sha256sum /* only do this if pinnedpubkey starts with "sha256//", length 8 */ if(strncmp(pinnedpubkey, "sha256//", 8) == 0) { +#ifdef curlssl_sha256sum /* compute sha256sum of public key */ sha256sumdigest = malloc(SHA256_DIGEST_LENGTH); if(!sha256sumdigest) @@ -843,11 +881,12 @@ CURLcode Curl_pin_peer_pubkey(struct SessionHandle *data, } while(end_pos && begin_pos); Curl_safefree(encoded); Curl_safefree(pinkeycopy); - return result; - } #else - (void)data; + /* without sha256 support, this cannot match */ + (void)data; #endif + return result; + } fp = fopen(pinnedpubkey, "rb"); if(!fp) diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index b6c66bfa3..a41ecc325 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -56,7 +56,7 @@ bool Curl_clone_ssl_config(struct ssl_config_data* source, struct ssl_config_data* dest); void Curl_free_ssl_config(struct ssl_config_data* sslc); -unsigned int Curl_rand(struct SessionHandle *); +unsigned int Curl_rand(struct Curl_easy *); int Curl_ssl_backend(void); @@ -69,16 +69,16 @@ CURLcode Curl_ssl_connect_nonblocking(struct connectdata *conn, bool *done); /* tell the SSL stuff to close down all open information regarding connections (and thus session ID caching etc) */ -void Curl_ssl_close_all(struct SessionHandle *data); +void Curl_ssl_close_all(struct Curl_easy *data); void Curl_ssl_close(struct connectdata *conn, int sockindex); CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex); -CURLcode Curl_ssl_set_engine(struct SessionHandle *data, const char *engine); +CURLcode Curl_ssl_set_engine(struct Curl_easy *data, const char *engine); /* Sets engine as default for all SSL operations */ -CURLcode Curl_ssl_set_engine_default(struct SessionHandle *data); -struct curl_slist *Curl_ssl_engines_list(struct SessionHandle *data); +CURLcode Curl_ssl_set_engine_default(struct Curl_easy *data); +struct curl_slist *Curl_ssl_engines_list(struct Curl_easy *data); /* init the SSL session ID cache */ -CURLcode Curl_ssl_initsessions(struct SessionHandle *, size_t); +CURLcode Curl_ssl_initsessions(struct Curl_easy *, size_t); size_t Curl_ssl_version(char *buffer, size_t size); bool Curl_ssl_data_pending(const struct connectdata *conn, int connindex); @@ -86,39 +86,70 @@ int Curl_ssl_check_cxn(struct connectdata *conn); /* Certificate information list handling. */ -void Curl_ssl_free_certinfo(struct SessionHandle *data); -CURLcode Curl_ssl_init_certinfo(struct SessionHandle * data, int num); -CURLcode Curl_ssl_push_certinfo_len(struct SessionHandle * data, int certnum, +void Curl_ssl_free_certinfo(struct Curl_easy *data); +CURLcode Curl_ssl_init_certinfo(struct Curl_easy * data, int num); +CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy * data, int certnum, const char * label, const char * value, size_t valuelen); -CURLcode Curl_ssl_push_certinfo(struct SessionHandle * data, int certnum, +CURLcode Curl_ssl_push_certinfo(struct Curl_easy * data, int certnum, const char * label, const char * value); /* Functions to be used by SSL library adaptation functions */ -/* extract a session ID */ +/* Lock session cache mutex. + * Call this before calling other Curl_ssl_*session* functions + * Caller should unlock this mutex as soon as possible, as it may block + * other SSL connection from making progress. + * The purpose of explicitly locking SSL session cache data is to allow + * individual SSL engines to manage session lifetime in their specific way. + */ +void Curl_ssl_sessionid_lock(struct connectdata *conn); + +/* Unlock session cache mutex */ +void Curl_ssl_sessionid_unlock(struct connectdata *conn); + +/* extract a session ID + * Sessionid mutex must be locked (see Curl_ssl_sessionid_lock). + * Caller must make sure that the ownership of returned sessionid object + * is properly taken (e.g. its refcount is incremented + * under sessionid mutex). + */ bool Curl_ssl_getsessionid(struct connectdata *conn, void **ssl_sessionid, - size_t *idsize) /* set 0 if unknown */; -/* add a new session ID */ + size_t *idsize); /* set 0 if unknown */ +/* add a new session ID + * Sessionid mutex must be locked (see Curl_ssl_sessionid_lock). + * Caller must ensure that it has properly shared ownership of this sessionid + * object with cache (e.g. incrementing refcount on success) + */ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, void *ssl_sessionid, size_t idsize); -/* Kill a single session ID entry in the cache */ +/* Kill a single session ID entry in the cache + * Sessionid mutex must be locked (see Curl_ssl_sessionid_lock). + * This will call engine-specific curlssl_session_free function, which must + * take sessionid object ownership from sessionid cache + * (e.g. decrement refcount). + */ void Curl_ssl_kill_session(struct curl_ssl_session *session); -/* delete a session from the cache */ +/* delete a session from the cache + * Sessionid mutex must be locked (see Curl_ssl_sessionid_lock). + * This will call engine-specific curlssl_session_free function, which must + * take sessionid object ownership from sessionid cache + * (e.g. decrement refcount). + */ void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid); /* get N random bytes into the buffer, return 0 if a find random is filled in */ -int Curl_ssl_random(struct SessionHandle *data, unsigned char *buffer, +int Curl_ssl_random(struct Curl_easy *data, unsigned char *buffer, size_t length); CURLcode Curl_ssl_md5sum(unsigned char *tmp, /* input */ size_t tmplen, unsigned char *md5sum, /* output */ size_t md5len); /* Check pinned public key. */ -CURLcode Curl_pin_peer_pubkey(struct SessionHandle *data, +CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data, const char *pinnedpubkey, const unsigned char *pubkey, size_t pubkeylen); diff --git a/lib/warnless.c b/lib/warnless.c index ed06c99a7..0c4472e4a 100644 --- a/lib/warnless.c +++ b/lib/warnless.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -378,6 +378,63 @@ int curlx_sztosi(ssize_t sznum) #endif } +/* +** unsigned int to unsigned short +*/ + +unsigned short curlx_uitous(unsigned int uinum) +{ +#ifdef __INTEL_COMPILER +# pragma warning(push) +# pragma warning(disable:810) /* conversion may lose significant bits */ +#endif + + DEBUGASSERT(uinum <= (unsigned int) CURL_MASK_USHORT); + return (unsigned short) (uinum & (unsigned int) CURL_MASK_USHORT); + +#ifdef __INTEL_COMPILER +# pragma warning(pop) +#endif +} + +/* +** unsigned int to unsigned char +*/ + +unsigned char curlx_uitouc(unsigned int uinum) +{ +#ifdef __INTEL_COMPILER +# pragma warning(push) +# pragma warning(disable:810) /* conversion may lose significant bits */ +#endif + + DEBUGASSERT(uinum <= (unsigned int) CURL_MASK_UCHAR); + return (unsigned char) (uinum & (unsigned int) CURL_MASK_UCHAR); + +#ifdef __INTEL_COMPILER +# pragma warning(pop) +#endif +} + +/* +** unsigned int to signed int +*/ + +int curlx_uitosi(unsigned int uinum) +{ +#ifdef __INTEL_COMPILER +# pragma warning(push) +# pragma warning(disable:810) /* conversion may lose significant bits */ +#endif + + DEBUGASSERT(uinum <= (unsigned int) CURL_MASK_SINT); + return (int) (uinum & (unsigned int) CURL_MASK_SINT); + +#ifdef __INTEL_COMPILER +# pragma warning(pop) +#endif +} + /* ** signed int to unsigned size_t */ diff --git a/lib/warnless.h b/lib/warnless.h index 499d0a0ab..ab6d29998 100644 --- a/lib/warnless.h +++ b/lib/warnless.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -52,6 +52,12 @@ size_t curlx_sotouz(curl_off_t sonum); int curlx_sztosi(ssize_t sznum); +unsigned short curlx_uitous(unsigned int uinum); + +unsigned char curlx_uitouc(unsigned int uinum); + +int curlx_uitosi(unsigned int uinum); + size_t curlx_sitouz(int sinum); #ifdef USE_WINSOCK diff --git a/lib/wildcard.c b/lib/wildcard.c index 216307304..dbbe45f6f 100644 --- a/lib/wildcard.c +++ b/lib/wildcard.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -25,9 +25,9 @@ #include "wildcard.h" #include "llist.h" #include "fileinfo.h" +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" CURLcode Curl_wildcard_init(struct WildcardData *wc) diff --git a/lib/wildcard.h b/lib/wildcard.h index 7d66992b1..7f61cd173 100644 --- a/lib/wildcard.h +++ b/lib/wildcard.h @@ -53,6 +53,6 @@ struct WildcardData { CURLcode Curl_wildcard_init(struct WildcardData *wc); void Curl_wildcard_dtor(struct WildcardData *wc); -struct SessionHandle; +struct Curl_easy; #endif /* HEADER_CURL_WILDCARD_H */ diff --git a/lib/x509asn1.c b/lib/x509asn1.c index dbe57c7b7..e17bcd92d 100644 --- a/lib/x509asn1.c +++ b/lib/x509asn1.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -23,7 +23,7 @@ #include "curl_setup.h" #if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \ - defined(USE_CYASSL) + defined(USE_CYASSL) || defined(USE_SCHANNEL) #include #include "urldata.h" @@ -34,9 +34,10 @@ #include "inet_pton.h" #include "curl_base64.h" #include "x509asn1.h" + +/* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" -/* The last #include file should be: */ #include "memdebug.h" @@ -783,7 +784,7 @@ static const char * dumpAlgo(curl_asn1Element * param, return OID2str(oid.beg, oid.end, TRUE); } -static void do_pubkey_field(struct SessionHandle * data, int certnum, +static void do_pubkey_field(struct Curl_easy * data, int certnum, const char * label, curl_asn1Element * elem) { const char * output; @@ -800,7 +801,7 @@ static void do_pubkey_field(struct SessionHandle * data, int certnum, } } -static void do_pubkey(struct SessionHandle * data, int certnum, +static void do_pubkey(struct Curl_easy * data, int certnum, const char * algo, curl_asn1Element * param, curl_asn1Element * pubkey) { @@ -870,7 +871,7 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn, const char * end) { curl_X509certificate cert; - struct SessionHandle * data = conn->data; + struct Curl_easy * data = conn->data; curl_asn1Element param; const char * ccp; char * cp1; @@ -1024,7 +1025,7 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn, return CURLE_OK; } -#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL */ +#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL or USE_SCHANNEL */ #if defined(USE_GSKIT) @@ -1055,7 +1056,7 @@ static const char * checkOID(const char * beg, const char * end, CURLcode Curl_verifyhost(struct connectdata * conn, const char * beg, const char * end) { - struct SessionHandle * data = conn->data; + struct Curl_easy * data = conn->data; curl_X509certificate cert; curl_asn1Element dn; curl_asn1Element elem; diff --git a/lib/x509asn1.h b/lib/x509asn1.h index e6a1e2444..0f2b9304f 100644 --- a/lib/x509asn1.h +++ b/lib/x509asn1.h @@ -26,7 +26,7 @@ #include "curl_setup.h" #if defined(USE_GSKIT) || defined(USE_NSS) || defined(USE_GNUTLS) || \ - defined(USE_CYASSL) + defined(USE_CYASSL) || defined(USE_SCHANNEL) #include "urldata.h" @@ -128,5 +128,5 @@ CURLcode Curl_extract_certinfo(struct connectdata * conn, int certnum, CURLcode Curl_verifyhost(struct connectdata * conn, const char * beg, const char * end); -#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL */ +#endif /* USE_GSKIT or USE_NSS or USE_GNUTLS or USE_CYASSL or USE_SCHANNEL */ #endif /* HEADER_CURL_X509ASN1_H */ diff --git a/ltmain.sh b/ltmain.sh index 147d758ab..2ad8be848 100644 --- a/ltmain.sh +++ b/ltmain.sh @@ -31,7 +31,7 @@ PROGRAM=libtool PACKAGE=libtool -VERSION="2.4.6 Debian-2.4.6-0.1" +VERSION="2.4.6 Debian-2.4.6-1" package_revision=2.4.6 @@ -1977,7 +1977,7 @@ func_version () # End: # Set a version string. -scriptversion='(GNU libtool) 2.4.6' +scriptversion='(GNU libtool) 2.4.6 Debian-2.4.6-1' # func_echo ARG... @@ -2068,7 +2068,7 @@ include the following information: compiler: $LTCC compiler flags: $LTCFLAGS linker: $LD (gnu? $with_gnu_ld) - version: $progname (GNU libtool) 2.4.6 + version: $progname $scriptversion automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q` autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q` diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4 index 085c6ff64..6ecd3237b 100644 --- a/m4/curl-compilers.m4 +++ b/m4/curl-compilers.m4 @@ -21,7 +21,7 @@ #*************************************************************************** # File version for 'aclocal' use. Keep it a single number. -# serial 66 +# serial 67 dnl CURL_CHECK_COMPILER @@ -1374,7 +1374,7 @@ AC_DEFUN([CURL_CHECK_COMPILER_SYMBOL_HIDING], [ GNU_C) dnl Only gcc 3.4 or later if test "$compiler_num" -ge "304"; then - if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null ; then + if $CC --help --verbose 2>/dev/null | grep fvisibility= >/dev/null ; then tmp_EXTERN="__attribute__ ((__visibility__ (\"default\")))" tmp_CFLAGS="-fvisibility=hidden" supports_symbol_hiding="yes" diff --git a/m4/curl-confopts.m4 b/m4/curl-confopts.m4 index a396be60b..69b9a1431 100644 --- a/m4/curl-confopts.m4 +++ b/m4/curl-confopts.m4 @@ -433,15 +433,15 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET], [ tst_method="unknown" AC_MSG_CHECKING([how to set a socket into non-blocking mode]) - if test "x$ac_cv_func_fcntl_o_nonblock" = "xyes"; then + if test "x$curl_cv_func_fcntl_o_nonblock" = "xyes"; then tst_method="fcntl O_NONBLOCK" - elif test "x$ac_cv_func_ioctl_fionbio" = "xyes"; then + elif test "x$curl_cv_func_ioctl_fionbio" = "xyes"; then tst_method="ioctl FIONBIO" - elif test "x$ac_cv_func_ioctlsocket_fionbio" = "xyes"; then + elif test "x$curl_cv_func_ioctlsocket_fionbio" = "xyes"; then tst_method="ioctlsocket FIONBIO" - elif test "x$ac_cv_func_ioctlsocket_camel_fionbio" = "xyes"; then + elif test "x$curl_cv_func_ioctlsocket_camel_fionbio" = "xyes"; then tst_method="IoctlSocket FIONBIO" - elif test "x$ac_cv_func_setsockopt_so_nonblock" = "xyes"; then + elif test "x$curl_cv_func_setsockopt_so_nonblock" = "xyes"; then tst_method="setsockopt SO_NONBLOCK" fi AC_MSG_RESULT([$tst_method]) @@ -464,7 +464,7 @@ AC_DEFUN([CURL_CONFIGURE_SYMBOL_HIDING], [ AC_MSG_CHECKING([whether hiding of library internal symbols will actually happen]) CFLAG_CURL_SYMBOL_HIDING="" doing_symbol_hiding="no" - if test x"$ac_cv_native_windows" != "xyes" && + if test x"$curl_cv_native_windows" != "xyes" && test "$want_symbol_hiding" = "yes" && test "$supports_symbol_hiding" = "yes"; then doing_symbol_hiding="yes" @@ -611,7 +611,7 @@ AC_DEFUN([CURL_CHECK_NTLM_WB], [ AC_REQUIRE([CURL_CHECK_OPTION_NTLM_WB])dnl AC_REQUIRE([CURL_CHECK_NATIVE_WINDOWS])dnl AC_MSG_CHECKING([whether to enable NTLM delegation to winbind's helper]) - if test "$ac_cv_native_windows" = "yes" || + if test "$curl_cv_native_windows" = "yes" || test "x$SSL_ENABLED" = "x"; then want_ntlm_wb_file="" want_ntlm_wb="no" diff --git a/m4/curl-functions.m4 b/m4/curl-functions.m4 index ed263ba9a..ee7a2521c 100644 --- a/m4/curl-functions.m4 +++ b/m4/curl-functions.m4 @@ -639,10 +639,10 @@ AC_DEFUN([CURL_CHECK_FUNC_ALARM], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_ALARM, 1, [Define to 1 if you have the alarm function.]) - ac_cv_func_alarm="yes" + curl_cv_func_alarm="yes" else AC_MSG_RESULT([no]) - ac_cv_func_alarm="no" + curl_cv_func_alarm="no" fi ]) @@ -730,10 +730,10 @@ AC_DEFUN([CURL_CHECK_FUNC_BASENAME], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_BASENAME, 1, [Define to 1 if you have the basename function.]) - ac_cv_func_basename="yes" + curl_cv_func_basename="yes" else AC_MSG_RESULT([no]) - ac_cv_func_basename="no" + curl_cv_func_basename="no" fi ]) @@ -824,10 +824,10 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOSESOCKET], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_CLOSESOCKET, 1, [Define to 1 if you have the closesocket function.]) - ac_cv_func_closesocket="yes" + curl_cv_func_closesocket="yes" else AC_MSG_RESULT([no]) - ac_cv_func_closesocket="no" + curl_cv_func_closesocket="no" fi ]) @@ -914,10 +914,10 @@ AC_DEFUN([CURL_CHECK_FUNC_CLOSESOCKET_CAMEL], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_CLOSESOCKET_CAMEL, 1, [Define to 1 if you have the CloseSocket camel case function.]) - ac_cv_func_closesocket_camel="yes" + curl_cv_func_closesocket_camel="yes" else AC_MSG_RESULT([no]) - ac_cv_func_closesocket_camel="no" + curl_cv_func_closesocket_camel="no" fi ]) @@ -1012,10 +1012,10 @@ AC_DEFUN([CURL_CHECK_FUNC_CONNECT], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_CONNECT, 1, [Define to 1 if you have the connect function.]) - ac_cv_func_connect="yes" + curl_cv_func_connect="yes" else AC_MSG_RESULT([no]) - ac_cv_func_connect="no" + curl_cv_func_connect="no" fi ]) @@ -1097,11 +1097,11 @@ AC_DEFUN([CURL_CHECK_FUNC_FCNTL], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_FCNTL, 1, [Define to 1 if you have the fcntl function.]) - ac_cv_func_fcntl="yes" + curl_cv_func_fcntl="yes" CURL_CHECK_FUNC_FCNTL_O_NONBLOCK else AC_MSG_RESULT([no]) - ac_cv_func_fcntl="no" + curl_cv_func_fcntl="no" fi ]) @@ -1125,7 +1125,7 @@ AC_DEFUN([CURL_CHECK_FUNC_FCNTL_O_NONBLOCK], [ ;; esac # - if test "$ac_cv_func_fcntl" = "yes"; then + if test "$curl_cv_func_fcntl" = "yes"; then AC_MSG_CHECKING([if fcntl O_NONBLOCK is compilable]) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ @@ -1161,10 +1161,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FCNTL_O_NONBLOCK], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_FCNTL_O_NONBLOCK, 1, [Define to 1 if you have a working fcntl O_NONBLOCK function.]) - ac_cv_func_fcntl_o_nonblock="yes" + curl_cv_func_fcntl_o_nonblock="yes" else AC_MSG_RESULT([no]) - ac_cv_func_fcntl_o_nonblock="no" + curl_cv_func_fcntl_o_nonblock="no" fi ]) @@ -1246,10 +1246,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FDOPEN], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_FDOPEN, 1, [Define to 1 if you have the fdopen function.]) - ac_cv_func_fdopen="yes" + curl_cv_func_fdopen="yes" else AC_MSG_RESULT([no]) - ac_cv_func_fdopen="no" + curl_cv_func_fdopen="no" fi ]) @@ -1368,10 +1368,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FGETXATTR], [ AC_DEFINE(HAVE_FGETXATTR_6, 1, [fgetxattr() takes 6 args]) fi # - ac_cv_func_fgetxattr="yes" + curl_cv_func_fgetxattr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_fgetxattr="no" + curl_cv_func_fgetxattr="no" fi ]) @@ -1490,10 +1490,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FLISTXATTR], [ AC_DEFINE(HAVE_FLISTXATTR_4, 1, [flistxattr() takes 4 args]) fi # - ac_cv_func_flistxattr="yes" + curl_cv_func_flistxattr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_flistxattr="no" + curl_cv_func_flistxattr="no" fi ]) @@ -1586,10 +1586,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FREEADDRINFO], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_FREEADDRINFO, 1, [Define to 1 if you have the freeaddrinfo function.]) - ac_cv_func_freeaddrinfo="yes" + curl_cv_func_freeaddrinfo="yes" else AC_MSG_RESULT([no]) - ac_cv_func_freeaddrinfo="no" + curl_cv_func_freeaddrinfo="no" fi ]) @@ -1670,10 +1670,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FREEIFADDRS], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_FREEIFADDRS, 1, [Define to 1 if you have the freeifaddrs function.]) - ac_cv_func_freeifaddrs="yes" + curl_cv_func_freeifaddrs="yes" else AC_MSG_RESULT([no]) - ac_cv_func_freeifaddrs="no" + curl_cv_func_freeifaddrs="no" fi ]) @@ -1792,10 +1792,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FREMOVEXATTR], [ AC_DEFINE(HAVE_FREMOVEXATTR_3, 1, [fremovexattr() takes 3 args]) fi # - ac_cv_func_fremovexattr="yes" + curl_cv_func_fremovexattr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_fremovexattr="no" + curl_cv_func_fremovexattr="no" fi ]) @@ -1914,10 +1914,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FSETXATTR], [ AC_DEFINE(HAVE_FSETXATTR_6, 1, [fsetxattr() takes 6 args]) fi # - ac_cv_func_fsetxattr="yes" + curl_cv_func_fsetxattr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_fsetxattr="no" + curl_cv_func_fsetxattr="no" fi ]) @@ -1999,10 +1999,10 @@ AC_DEFUN([CURL_CHECK_FUNC_FTRUNCATE], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_FTRUNCATE, 1, [Define to 1 if you have the ftruncate function.]) - ac_cv_func_ftruncate="yes" + curl_cv_func_ftruncate="yes" else AC_MSG_RESULT([no]) - ac_cv_func_ftruncate="no" + curl_cv_func_ftruncate="no" fi ]) @@ -2148,14 +2148,14 @@ AC_DEFUN([CURL_CHECK_FUNC_GETADDRINFO], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_GETADDRINFO, 1, [Define to 1 if you have a working getaddrinfo function.]) - ac_cv_func_getaddrinfo="yes" + curl_cv_func_getaddrinfo="yes" else AC_MSG_RESULT([no]) - ac_cv_func_getaddrinfo="no" - ac_cv_func_getaddrinfo_threadsafe="no" + curl_cv_func_getaddrinfo="no" + curl_cv_func_getaddrinfo_threadsafe="no" fi # - if test "$ac_cv_func_getaddrinfo" = "yes"; then + if test "$curl_cv_func_getaddrinfo" = "yes"; then AC_MSG_CHECKING([if getaddrinfo is threadsafe]) case $host_os in aix[[1234]].* | aix5.[[01]].*) @@ -2208,7 +2208,7 @@ AC_DEFUN([CURL_CHECK_FUNC_GETADDRINFO], [ ;; esac if test "$tst_tsafe_getaddrinfo" = "unknown" && - test "$ac_cv_native_windows" = "yes"; then + test "$curl_cv_native_windows" = "yes"; then tst_tsafe_getaddrinfo="yes" fi if test "$tst_tsafe_getaddrinfo" = "unknown"; then @@ -2263,9 +2263,9 @@ AC_DEFUN([CURL_CHECK_FUNC_GETADDRINFO], [ if test "$tst_tsafe_getaddrinfo" = "yes"; then AC_DEFINE_UNQUOTED(HAVE_GETADDRINFO_THREADSAFE, 1, [Define to 1 if the getaddrinfo function is threadsafe.]) - ac_cv_func_getaddrinfo_threadsafe="yes" + curl_cv_func_getaddrinfo_threadsafe="yes" else - ac_cv_func_getaddrinfo_threadsafe="no" + curl_cv_func_getaddrinfo_threadsafe="no" fi fi ]) @@ -2357,10 +2357,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTBYADDR], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_GETHOSTBYADDR, 1, [Define to 1 if you have the gethostbyaddr function.]) - ac_cv_func_gethostbyaddr="yes" + curl_cv_func_gethostbyaddr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_gethostbyaddr="no" + curl_cv_func_gethostbyaddr="no" fi ]) @@ -2450,10 +2450,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GAI_STRERROR], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_GAI_STRERROR, 1, [Define to 1 if you have the gai_strerror function.]) - ac_cv_func_gai_strerror="yes" + curl_cv_func_gai_strerror="yes" else AC_MSG_RESULT([no]) - ac_cv_func_gai_strerror="no" + curl_cv_func_gai_strerror="no" fi ]) @@ -2592,10 +2592,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTBYADDR_R], [ AC_DEFINE(HAVE_GETHOSTBYADDR_R_8, 1, [gethostbyaddr_r() takes 8 args]) fi # - ac_cv_func_gethostbyaddr_r="yes" + curl_cv_func_gethostbyaddr_r="yes" else AC_MSG_RESULT([no]) - ac_cv_func_gethostbyaddr_r="no" + curl_cv_func_gethostbyaddr_r="no" fi ]) @@ -2686,10 +2686,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTBYNAME], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_GETHOSTBYNAME, 1, [Define to 1 if you have the gethostbyname function.]) - ac_cv_func_gethostbyname="yes" + curl_cv_func_gethostbyname="yes" else AC_MSG_RESULT([no]) - ac_cv_func_gethostbyname="no" + curl_cv_func_gethostbyname="no" fi ]) @@ -2828,10 +2828,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTBYNAME_R], [ AC_DEFINE(HAVE_GETHOSTBYNAME_R_6, 1, [gethostbyname_r() takes 6 args]) fi # - ac_cv_func_gethostbyname_r="yes" + curl_cv_func_gethostbyname_r="yes" else AC_MSG_RESULT([no]) - ac_cv_func_gethostbyname_r="no" + curl_cv_func_gethostbyname_r="no" fi ]) @@ -2952,10 +2952,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTNAME], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_GETHOSTNAME, 1, [Define to 1 if you have the gethostname function.]) - ac_cv_func_gethostname="yes" + curl_cv_func_gethostname="yes" else AC_MSG_RESULT([no]) - ac_cv_func_gethostname="no" + curl_cv_func_gethostname="no" fi ]) @@ -3068,10 +3068,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GETIFADDRS], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_GETIFADDRS, 1, [Define to 1 if you have a working getifaddrs function.]) - ac_cv_func_getifaddrs="yes" + curl_cv_func_getifaddrs="yes" else AC_MSG_RESULT([no]) - ac_cv_func_getifaddrs="no" + curl_cv_func_getifaddrs="no" fi ]) @@ -3208,10 +3208,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GETSERVBYPORT_R], [ AC_DEFINE(GETSERVBYPORT_R_BUFSIZE, 4096, [Specifies the size of the buffer to pass to getservbyport_r]) fi - ac_cv_func_getservbyport_r="yes" + curl_cv_func_getservbyport_r="yes" else AC_MSG_RESULT([no]) - ac_cv_func_getservbyport_r="no" + curl_cv_func_getservbyport_r="no" fi ]) @@ -3330,10 +3330,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GETXATTR], [ AC_DEFINE(HAVE_GETXATTR_6, 1, [getxattr() takes 6 args]) fi # - ac_cv_func_getxattr="yes" + curl_cv_func_getxattr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_getxattr="no" + curl_cv_func_getxattr="no" fi ]) @@ -3446,10 +3446,10 @@ AC_DEFUN([CURL_CHECK_FUNC_GMTIME_R], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_GMTIME_R, 1, [Define to 1 if you have a working gmtime_r function.]) - ac_cv_func_gmtime_r="yes" + curl_cv_func_gmtime_r="yes" else AC_MSG_RESULT([no]) - ac_cv_func_gmtime_r="no" + curl_cv_func_gmtime_r="no" fi ]) @@ -3570,10 +3570,10 @@ AC_DEFUN([CURL_CHECK_FUNC_INET_NTOA_R], [ AC_DEFINE(HAVE_INET_NTOA_R_3, 1, [inet_ntoa_r() takes 3 args]) fi # - ac_cv_func_inet_ntoa_r="yes" + curl_cv_func_inet_ntoa_r="yes" else AC_MSG_RESULT([no]) - ac_cv_func_inet_ntoa_r="no" + curl_cv_func_inet_ntoa_r="no" fi ]) @@ -3729,10 +3729,10 @@ AC_DEFUN([CURL_CHECK_FUNC_INET_NTOP], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_INET_NTOP, 1, [Define to 1 if you have a IPv6 capable working inet_ntop function.]) - ac_cv_func_inet_ntop="yes" + curl_cv_func_inet_ntop="yes" else AC_MSG_RESULT([no]) - ac_cv_func_inet_ntop="no" + curl_cv_func_inet_ntop="no" fi ]) @@ -3881,10 +3881,10 @@ AC_DEFUN([CURL_CHECK_FUNC_INET_PTON], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_INET_PTON, 1, [Define to 1 if you have a IPv6 capable working inet_pton function.]) - ac_cv_func_inet_pton="yes" + curl_cv_func_inet_pton="yes" else AC_MSG_RESULT([no]) - ac_cv_func_inet_pton="no" + curl_cv_func_inet_pton="no" fi ]) @@ -3966,12 +3966,12 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTL], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_IOCTL, 1, [Define to 1 if you have the ioctl function.]) - ac_cv_func_ioctl="yes" + curl_cv_func_ioctl="yes" CURL_CHECK_FUNC_IOCTL_FIONBIO CURL_CHECK_FUNC_IOCTL_SIOCGIFADDR else AC_MSG_RESULT([no]) - ac_cv_func_ioctl="no" + curl_cv_func_ioctl="no" fi ]) @@ -3988,7 +3988,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTL_FIONBIO], [ tst_compi_ioctl_fionbio="unknown" tst_allow_ioctl_fionbio="unknown" # - if test "$ac_cv_func_ioctl" = "yes"; then + if test "$curl_cv_func_ioctl" = "yes"; then AC_MSG_CHECKING([if ioctl FIONBIO is compilable]) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ @@ -4024,10 +4024,10 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTL_FIONBIO], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_IOCTL_FIONBIO, 1, [Define to 1 if you have a working ioctl FIONBIO function.]) - ac_cv_func_ioctl_fionbio="yes" + curl_cv_func_ioctl_fionbio="yes" else AC_MSG_RESULT([no]) - ac_cv_func_ioctl_fionbio="no" + curl_cv_func_ioctl_fionbio="no" fi ]) @@ -4044,7 +4044,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTL_SIOCGIFADDR], [ tst_compi_ioctl_siocgifaddr="unknown" tst_allow_ioctl_siocgifaddr="unknown" # - if test "$ac_cv_func_ioctl" = "yes"; then + if test "$curl_cv_func_ioctl" = "yes"; then AC_MSG_CHECKING([if ioctl SIOCGIFADDR is compilable]) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ @@ -4081,10 +4081,10 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTL_SIOCGIFADDR], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_IOCTL_SIOCGIFADDR, 1, [Define to 1 if you have a working ioctl SIOCGIFADDR function.]) - ac_cv_func_ioctl_siocgifaddr="yes" + curl_cv_func_ioctl_siocgifaddr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_ioctl_siocgifaddr="no" + curl_cv_func_ioctl_siocgifaddr="no" fi ]) @@ -4171,11 +4171,11 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_IOCTLSOCKET, 1, [Define to 1 if you have the ioctlsocket function.]) - ac_cv_func_ioctlsocket="yes" + curl_cv_func_ioctlsocket="yes" CURL_CHECK_FUNC_IOCTLSOCKET_FIONBIO else AC_MSG_RESULT([no]) - ac_cv_func_ioctlsocket="no" + curl_cv_func_ioctlsocket="no" fi ]) @@ -4192,7 +4192,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_FIONBIO], [ tst_compi_ioctlsocket_fionbio="unknown" tst_allow_ioctlsocket_fionbio="unknown" # - if test "$ac_cv_func_ioctlsocket" = "yes"; then + if test "$curl_cv_func_ioctlsocket" = "yes"; then AC_MSG_CHECKING([if ioctlsocket FIONBIO is compilable]) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ @@ -4228,10 +4228,10 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_FIONBIO], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_IOCTLSOCKET_FIONBIO, 1, [Define to 1 if you have a working ioctlsocket FIONBIO function.]) - ac_cv_func_ioctlsocket_fionbio="yes" + curl_cv_func_ioctlsocket_fionbio="yes" else AC_MSG_RESULT([no]) - ac_cv_func_ioctlsocket_fionbio="no" + curl_cv_func_ioctlsocket_fionbio="no" fi ]) @@ -4313,11 +4313,11 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_CAMEL], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_IOCTLSOCKET_CAMEL, 1, [Define to 1 if you have the IoctlSocket camel case function.]) - ac_cv_func_ioctlsocket_camel="yes" + curl_cv_func_ioctlsocket_camel="yes" CURL_CHECK_FUNC_IOCTLSOCKET_CAMEL_FIONBIO else AC_MSG_RESULT([no]) - ac_cv_func_ioctlsocket_camel="no" + curl_cv_func_ioctlsocket_camel="no" fi ]) @@ -4333,7 +4333,7 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_CAMEL_FIONBIO], [ tst_compi_ioctlsocket_camel_fionbio="unknown" tst_allow_ioctlsocket_camel_fionbio="unknown" # - if test "$ac_cv_func_ioctlsocket_camel" = "yes"; then + if test "$curl_cv_func_ioctlsocket_camel" = "yes"; then AC_MSG_CHECKING([if IoctlSocket FIONBIO is compilable]) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ @@ -4369,10 +4369,10 @@ AC_DEFUN([CURL_CHECK_FUNC_IOCTLSOCKET_CAMEL_FIONBIO], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_IOCTLSOCKET_CAMEL_FIONBIO, 1, [Define to 1 if you have a working IoctlSocket camel case FIONBIO function.]) - ac_cv_func_ioctlsocket_camel_fionbio="yes" + curl_cv_func_ioctlsocket_camel_fionbio="yes" else AC_MSG_RESULT([no]) - ac_cv_func_ioctlsocket_camel_fionbio="no" + curl_cv_func_ioctlsocket_camel_fionbio="no" fi ]) @@ -4491,10 +4491,10 @@ AC_DEFUN([CURL_CHECK_FUNC_LISTXATTR], [ AC_DEFINE(HAVE_LISTXATTR_4, 1, [listxattr() takes 4 args]) fi # - ac_cv_func_listxattr="yes" + curl_cv_func_listxattr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_listxattr="no" + curl_cv_func_listxattr="no" fi ]) @@ -4607,10 +4607,10 @@ AC_DEFUN([CURL_CHECK_FUNC_LOCALTIME_R], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_LOCALTIME_R, 1, [Define to 1 if you have a working localtime_r function.]) - ac_cv_func_localtime_r="yes" + curl_cv_func_localtime_r="yes" else AC_MSG_RESULT([no]) - ac_cv_func_localtime_r="no" + curl_cv_func_localtime_r="no" fi ]) @@ -4712,10 +4712,10 @@ AC_DEFUN([CURL_CHECK_FUNC_MEMRCHR], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_MEMRCHR, 1, [Define to 1 if you have the memrchr function or macro.]) - ac_cv_func_memrchr="yes" + curl_cv_func_memrchr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_memrchr="no" + curl_cv_func_memrchr="no" fi ]) @@ -4841,10 +4841,10 @@ AC_DEFUN([CURL_CHECK_FUNC_POLL], [ [Define to 1 if you have a working poll function.]) AC_DEFINE_UNQUOTED(HAVE_POLL_FINE, 1, [If you have a fine poll]) - ac_cv_func_poll="yes" + curl_cv_func_poll="yes" else AC_MSG_RESULT([no]) - ac_cv_func_poll="no" + curl_cv_func_poll="no" fi ]) @@ -4963,10 +4963,10 @@ AC_DEFUN([CURL_CHECK_FUNC_REMOVEXATTR], [ AC_DEFINE(HAVE_REMOVEXATTR_3, 1, [removexattr() takes 3 args]) fi # - ac_cv_func_removexattr="yes" + curl_cv_func_removexattr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_removexattr="no" + curl_cv_func_removexattr="no" fi ]) @@ -5057,11 +5057,11 @@ AC_DEFUN([CURL_CHECK_FUNC_SETSOCKOPT], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_SETSOCKOPT, 1, [Define to 1 if you have the setsockopt function.]) - ac_cv_func_setsockopt="yes" + curl_cv_func_setsockopt="yes" CURL_CHECK_FUNC_SETSOCKOPT_SO_NONBLOCK else AC_MSG_RESULT([no]) - ac_cv_func_setsockopt="no" + curl_cv_func_setsockopt="no" fi ]) @@ -5078,7 +5078,7 @@ AC_DEFUN([CURL_CHECK_FUNC_SETSOCKOPT_SO_NONBLOCK], [ tst_compi_setsockopt_so_nonblock="unknown" tst_allow_setsockopt_so_nonblock="unknown" # - if test "$ac_cv_func_setsockopt" = "yes"; then + if test "$curl_cv_func_setsockopt" = "yes"; then AC_MSG_CHECKING([if setsockopt SO_NONBLOCK is compilable]) AC_COMPILE_IFELSE([ AC_LANG_PROGRAM([[ @@ -5114,10 +5114,10 @@ AC_DEFUN([CURL_CHECK_FUNC_SETSOCKOPT_SO_NONBLOCK], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_SETSOCKOPT_SO_NONBLOCK, 1, [Define to 1 if you have a working setsockopt SO_NONBLOCK function.]) - ac_cv_func_setsockopt_so_nonblock="yes" + curl_cv_func_setsockopt_so_nonblock="yes" else AC_MSG_RESULT([no]) - ac_cv_func_setsockopt_so_nonblock="no" + curl_cv_func_setsockopt_so_nonblock="no" fi ]) @@ -5236,10 +5236,10 @@ AC_DEFUN([CURL_CHECK_FUNC_SETXATTR], [ AC_DEFINE(HAVE_SETXATTR_6, 1, [setxattr() takes 6 args]) fi # - ac_cv_func_setxattr="yes" + curl_cv_func_setxattr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_setxattr="no" + curl_cv_func_setxattr="no" fi ]) @@ -5321,10 +5321,10 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGACTION], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_SIGACTION, 1, [Define to 1 if you have the sigaction function.]) - ac_cv_func_sigaction="yes" + curl_cv_func_sigaction="yes" else AC_MSG_RESULT([no]) - ac_cv_func_sigaction="no" + curl_cv_func_sigaction="no" fi ]) @@ -5406,10 +5406,10 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGINTERRUPT], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_SIGINTERRUPT, 1, [Define to 1 if you have the siginterrupt function.]) - ac_cv_func_siginterrupt="yes" + curl_cv_func_siginterrupt="yes" else AC_MSG_RESULT([no]) - ac_cv_func_siginterrupt="no" + curl_cv_func_siginterrupt="no" fi ]) @@ -5491,10 +5491,10 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGNAL], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_SIGNAL, 1, [Define to 1 if you have the signal function.]) - ac_cv_func_signal="yes" + curl_cv_func_signal="yes" else AC_MSG_RESULT([no]) - ac_cv_func_signal="no" + curl_cv_func_signal="no" fi ]) @@ -5598,10 +5598,10 @@ AC_DEFUN([CURL_CHECK_FUNC_SIGSETJMP], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_SIGSETJMP, 1, [Define to 1 if you have the sigsetjmp function or macro.]) - ac_cv_func_sigsetjmp="yes" + curl_cv_func_sigsetjmp="yes" else AC_MSG_RESULT([no]) - ac_cv_func_sigsetjmp="no" + curl_cv_func_sigsetjmp="no" fi ]) @@ -5696,10 +5696,10 @@ AC_DEFUN([CURL_CHECK_FUNC_SOCKET], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_SOCKET, 1, [Define to 1 if you have the socket function.]) - ac_cv_func_socket="yes" + curl_cv_func_socket="yes" else AC_MSG_RESULT([no]) - ac_cv_func_socket="no" + curl_cv_func_socket="no" fi ]) @@ -5785,10 +5785,10 @@ AC_DEFUN([CURL_CHECK_FUNC_SOCKETPAIR], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_SOCKETPAIR, 1, [Define to 1 if you have the socketpair function.]) - ac_cv_func_socketpair="yes" + curl_cv_func_socketpair="yes" else AC_MSG_RESULT([no]) - ac_cv_func_socketpair="no" + curl_cv_func_socketpair="no" fi ]) @@ -5870,10 +5870,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRCASECMP], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRCASECMP, 1, [Define to 1 if you have the strcasecmp function.]) - ac_cv_func_strcasecmp="yes" + curl_cv_func_strcasecmp="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strcasecmp="no" + curl_cv_func_strcasecmp="no" fi ]) @@ -5954,10 +5954,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRCMPI], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRCMPI, 1, [Define to 1 if you have the strcmpi function.]) - ac_cv_func_strcmpi="yes" + curl_cv_func_strcmpi="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strcmpi="no" + curl_cv_func_strcmpi="no" fi ]) @@ -6039,10 +6039,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRDUP], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRDUP, 1, [Define to 1 if you have the strdup function.]) - ac_cv_func_strdup="yes" + curl_cv_func_strdup="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strdup="no" + curl_cv_func_strdup="no" fi ]) @@ -6298,10 +6298,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRERROR_R], [ AC_DEFINE_UNQUOTED(STRERROR_R_TYPE_ARG3, $tst_posix_strerror_r_type_arg3, [Define to the type of arg 3 for strerror_r.]) fi - ac_cv_func_strerror_r="yes" + curl_cv_func_strerror_r="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strerror_r="no" + curl_cv_func_strerror_r="no" fi # if test "$tst_compi_strerror_r" = "yes" && @@ -6389,10 +6389,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRICMP], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRICMP, 1, [Define to 1 if you have the stricmp function.]) - ac_cv_func_stricmp="yes" + curl_cv_func_stricmp="yes" else AC_MSG_RESULT([no]) - ac_cv_func_stricmp="no" + curl_cv_func_stricmp="no" fi ]) @@ -6473,10 +6473,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRNCASECMP], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRNCASECMP, 1, [Define to 1 if you have the strncasecmp function.]) - ac_cv_func_strncasecmp="yes" + curl_cv_func_strncasecmp="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strncasecmp="no" + curl_cv_func_strncasecmp="no" fi ]) @@ -6558,10 +6558,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRNCMPI], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRNCMPI, 1, [Define to 1 if you have the strncmpi function.]) - ac_cv_func_strncmpi="yes" + curl_cv_func_strncmpi="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strncmpi="no" + curl_cv_func_strncmpi="no" fi ]) @@ -6643,10 +6643,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRNICMP], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRNICMP, 1, [Define to 1 if you have the strnicmp function.]) - ac_cv_func_strnicmp="yes" + curl_cv_func_strnicmp="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strnicmp="no" + curl_cv_func_strnicmp="no" fi ]) @@ -6728,10 +6728,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRSTR], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRSTR, 1, [Define to 1 if you have the strstr function.]) - ac_cv_func_strstr="yes" + curl_cv_func_strstr="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strstr="no" + curl_cv_func_strstr="no" fi ]) @@ -6813,10 +6813,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRTOK_R], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRTOK_R, 1, [Define to 1 if you have the strtok_r function.]) - ac_cv_func_strtok_r="yes" + curl_cv_func_strtok_r="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strtok_r="no" + curl_cv_func_strtok_r="no" fi ]) @@ -6898,10 +6898,10 @@ AC_DEFUN([CURL_CHECK_FUNC_STRTOLL], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_STRTOLL, 1, [Define to 1 if you have the strtoll function.]) - ac_cv_func_strtoll="yes" + curl_cv_func_strtoll="yes" else AC_MSG_RESULT([no]) - ac_cv_func_strtoll="no" + curl_cv_func_strtoll="no" fi ]) @@ -6983,9 +6983,9 @@ AC_DEFUN([CURL_CHECK_FUNC_WRITEV], [ AC_MSG_RESULT([yes]) AC_DEFINE_UNQUOTED(HAVE_WRITEV, 1, [Define to 1 if you have the writev function.]) - ac_cv_func_writev="yes" + curl_cv_func_writev="yes" else AC_MSG_RESULT([no]) - ac_cv_func_writev="no" + curl_cv_func_writev="no" fi ]) diff --git a/m4/libtool.m4 b/m4/libtool.m4 index b202060b8..94b2e7ab4 100644 --- a/m4/libtool.m4 +++ b/m4/libtool.m4 @@ -728,7 +728,6 @@ _LT_CONFIG_SAVE_COMMANDS([ cat <<_LT_EOF >> "$cfgfile" #! $SHELL # Generated automatically by $as_me ($PACKAGE) $VERSION -# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: # NOTE: Changes made to this file will be lost: look at ltmain.sh. # Provide generalized library-building support services. diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c index 75b7570ea..3b08bef7d 100644 --- a/packages/OS400/ccsidcurl.c +++ b/packages/OS400/ccsidcurl.c @@ -610,7 +610,7 @@ curl_easy_getinfo_ccsid(CURL * curl, CURLINFO info, ...) CURLcode ret; unsigned int ccsid; char * * cpp; - struct SessionHandle * data; + struct Curl_easy * data; struct curl_slist * * slp; struct curl_certinfo * cipf; struct curl_certinfo * cipt; @@ -618,7 +618,7 @@ curl_easy_getinfo_ccsid(CURL * curl, CURLINFO info, ...) /* WARNING: unlike curl_easy_get_info(), the strings returned by this procedure have to be free'ed. */ - data = (struct SessionHandle *) curl; + data = (struct Curl_easy *) curl; va_start(arg, info); paramp = va_arg(arg, void *); ret = Curl_getinfo(data, info, paramp); @@ -1108,7 +1108,7 @@ curl_easy_setopt_ccsid(CURL * curl, CURLoption tag, ...) { CURLcode result; va_list arg; - struct SessionHandle * data; + struct Curl_easy * data; char * s; char * cp; unsigned int ccsid; @@ -1130,7 +1130,7 @@ curl_easy_setopt_ccsid(CURL * curl, CURLoption tag, ...) "*** WARNING: curl_easy_setopt_ccsid() should be reworked ***\n"); } - data = (struct SessionHandle *) curl; + data = (struct Curl_easy *) curl; va_start(arg, tag); switch (tag) { diff --git a/packages/OS400/curl.inc.in b/packages/OS400/curl.inc.in index 7c646868e..1e8a93dd1 100644 --- a/packages/OS400/curl.inc.in +++ b/packages/OS400/curl.inc.in @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -234,6 +234,8 @@ d c 3 d CURL_HTTP_VERSION_2TLS... d c 4 + d CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE... + d c 5 * d CURL_NETRC_IGNORED... d c 0 @@ -534,6 +536,8 @@ d c 90 d CURLE_SSL_INVALIDCERTSTATUS... d c 91 + d CURLE_HTTP2_STREAM... + d c 92 * /if not defined(CURL_NO_OLDIES) d CURLE_URL_MALFORMAT_USER... @@ -1244,6 +1248,10 @@ d c 10241 d CURLOPT_TFTP_NO_OPTIONS... d c 00242 + d CURLOPT_CONNECT_TO... + d c 10243 + d CURLOPT_TCP_FASTOPEN... + d c 00244 * /if not defined(CURL_NO_OLDIES) d CURLOPT_FILE c 10001 @@ -1428,6 +1436,8 @@ d c X'0050002C' d CURLINFO_TLS_SSL_PTR... CURLINFO_SLIST + 45 d c X'0040002D' + d CURLINFO_HTTP_VERSION... CURLINFO_LONG + 46 + d c X'0020002E' * d CURLINFO_HTTP_CODE... Old ...RESPONSE_CODE d c X'00200002' @@ -1458,6 +1468,13 @@ d c 10 d CURLSSLBACKEND_MBEDTLS... d c 11 + * Aliases for clones. + d CURLSSLBACKEND_LIBRESSL... + d c 1 + d CURLSSLBACKEND_BORINGSSL... + d c 1 + d CURLSSLBACKEND_WOLFSSL... + d c 6 * d curl_closepolicy... d s 10i 0 based(######ptr######) Enum diff --git a/packages/OS400/initscript.sh b/packages/OS400/initscript.sh index 8d66b606a..a13d651bc 100644 --- a/packages/OS400/initscript.sh +++ b/packages/OS400/initscript.sh @@ -50,7 +50,7 @@ setenv TGTCCSID '500' # Target CCSID of objects. setenv DEBUG '*ALL' # Debug level. setenv OPTIMIZE '10' # Optimisation level setenv OUTPUT '*NONE' # Compilation output option. -setenv TGTRLS 'V5R3M0' # Target OS release. +setenv TGTRLS 'V6R1M0' # Target OS release. setenv IFSDIR '/curl' # Installation IFS directory. # Define ZLIB availability and locations. @@ -188,7 +188,7 @@ make_module() CMD="CRTCMOD MODULE(${TARGETLIB}/${1}) SRCSTMF('__tmpsrcf.c')" # CMD="${CMD} SYSIFCOPT(*IFS64IO) OPTION(*INCDIRFIRST *SHOWINC *SHOWSYS)" CMD="${CMD} SYSIFCOPT(*IFS64IO) OPTION(*INCDIRFIRST)" - CMD="${CMD} LOCALETYPE(*LOCALE)" + CMD="${CMD} LOCALETYPE(*LOCALE) FLAG(10)" CMD="${CMD} INCDIR('/qibm/proddata/qadrt/include'" CMD="${CMD} '${TOPDIR}/include/curl' '${TOPDIR}/include' '${SRCDIR}'" CMD="${CMD} '${TOPDIR}/packages/OS400'" @@ -207,7 +207,7 @@ make_module() CMD="${CMD} OPTIMIZE(${OPTIMIZE})" CMD="${CMD} DBGVIEW(${DEBUG})" - DEFINES="${3}" + DEFINES="${3} BUILDING_LIBCURL" if [ "${WITH_ZLIB}" != "0" ] then DEFINES="${DEFINES} HAVE_LIBZ HAVE_ZLIB_H" diff --git a/packages/OS400/make-lib.sh b/packages/OS400/make-lib.sh index 526ec0359..410bef05b 100644 --- a/packages/OS400/make-lib.sh +++ b/packages/OS400/make-lib.sh @@ -20,7 +20,7 @@ fi echo '#pragma comment(user, "libcurl version '"${LIBCURL_VERSION}"'")' > os400.c echo '#pragma comment(user, __DATE__)' >> os400.c echo '#pragma comment(user, __TIME__)' >> os400.c -echo '#pragma comment(copyright, "Copyright (C) 1998-2014 Daniel Stenberg et al. OS/400 version by P. Monnerat")' >> os400.c +echo '#pragma comment(copyright, "Copyright (C) 1998-2016 Daniel Stenberg et al. OS/400 version by P. Monnerat")' >> os400.c make_module OS400 os400.c LINK= # No need to rebuild service program yet. MODULES= diff --git a/packages/Symbian/group/libcurl.mmp b/packages/Symbian/group/libcurl.mmp index 545cdee94..f74b19b53 100644 --- a/packages/Symbian/group/libcurl.mmp +++ b/packages/Symbian/group/libcurl.mmp @@ -35,12 +35,15 @@ SOURCE \ socks_sspi.c curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c \ pop3.c smtp.c pingpong.c rtsp.c curl_threads.c warnless.c hmac.c \ vtls/polarssl.c curl_rtmp.c openldap.c curl_gethostname.c gopher.c \ - vtls/axtls.c idn_win32.c http_negotiate_sspi.c vtls/cyassl.c \ - http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \ - curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_ntlm_msgs.c \ - curl_sasl.c vtls/schannel.c curl_multibyte.c vtls/darwinssl.c \ - conncache.c curl_sasl_sspi.c smb.c curl_sasl_gssapi.c \ - curl_endian.c curl_des.c + vtls/axtls.c idn_win32.c vtls/cyassl.c http_proxy.c non-ascii.c \ + asyn-ares.c asyn-thread.c curl_gssapi.c http_ntlm.c curl_ntlm_wb.c \ + curl_ntlm_core.c curl_sasl.c vtls/schannel.c curl_multibyte.c \ + vtls/darwinssl.c conncache.c curl_sasl_sspi.c smb.c curl_endian.c \ + curl_des.c system_win32.c \ + vauth/vauth.c vauth/cleartext.c vauth/cram.c vauth/digest.c \ + vauth/digest_sspi.c vauth/krb5_gssapi.c vauth/krb5_sspi.c \ + vauth/ntlm.c vauth/ntlm_sspi.c vauth/oauth2.c vauth/spnego_gssapi.c \ + vauth/spnego_sspi.c USERINCLUDE ../../../lib ../../../include/curl #ifdef ENABLE_SSL diff --git a/projects/README b/projects/README index e5fd019de..fee730493 100644 --- a/projects/README +++ b/projects/README @@ -4,7 +4,7 @@ Building via IDE Project Files This document describes how to compile, build and install curl and libcurl from sources using an IDE based development tool such as Visual Studio. - Project files are currently available for Visual C++ v6.0 to v12.0. The + Project files are currently available for Visual C++ v6.0 to v14.0. The following directory structure has been used to cater for this: somedirectory\ @@ -27,8 +27,8 @@ Dependencies ============ The projects files also support build configurations that require third - party dependencies such as OpenSSL and SSH2. If you wish to support these, - you will also need to download and compile those libraries as well. + party dependencies such as OpenSSL, wolfSSL and SSH2. If you wish to support + these, you will also need to download and compile those libraries as well. To support compilation of these libraries using different versions of compilers, the following directory structure has been used for both the @@ -55,9 +55,10 @@ Dependencies |_VC |_ - As OpenSSL doesn't support side-by-side compilation when using different - versions of Visual Studio a build helper batch file has been provided to - assist with this. Please run "build-openssl -help" for usage details. + As OpenSSL and wolfSSL don't support side-by-side compilation when using + different versions of Visual Studio, build helper batch files have been + provided to assist with this. Please run "build-openssl -help" and/or + "build-wolfssl -help" for usage details. Building with Visual C++ ======================== @@ -159,17 +160,3 @@ Legacy Windows and SSL support the legacy handshakes and algorithms used by those versions. If you will be using curl in one of those earlier versions of Windows you should choose another SSL backend such as OpenSSL. - -TODO -==== - - These project files are a recent addition to the curl source code and as such - are not 100% complete. This is a list of things that are still todo: - - * Support zlib - * Use of static runtime libraries - * Add the Test Suite components - * Support for other development IDEs - * Add PATH environment variables for third-party DLLs - - Any additional help would be appreciated ;-) \ No newline at end of file diff --git a/projects/Windows/VC10/lib/libcurl.vcxproj b/projects/Windows/VC10/lib/libcurl.vcxproj index 5a2fbf882..d821056fd 100644 --- a/projects/Windows/VC10/lib/libcurl.vcxproj +++ b/projects/Windows/VC10/lib/libcurl.vcxproj @@ -866,7 +866,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -900,7 +900,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -934,7 +934,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -967,7 +967,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1001,7 +1001,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1033,7 +1033,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1067,7 +1067,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1098,7 +1098,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1122,7 +1122,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1142,7 +1142,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1165,7 +1165,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1188,7 +1188,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1209,7 +1209,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1229,7 +1229,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1252,7 +1252,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1275,7 +1275,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1302,7 +1302,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1336,7 +1336,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1370,7 +1370,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1402,7 +1402,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1432,7 +1432,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1440,7 +1440,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1466,7 +1466,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1474,7 +1474,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1500,7 +1500,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1508,7 +1508,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) true @@ -1533,7 +1533,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1541,7 +1541,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) true @@ -1567,14 +1567,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1599,14 +1599,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1631,14 +1631,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(TargetDir)$(TargetName).lib @@ -1662,14 +1662,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(TargetDir)$(TargetName).lib @@ -1692,7 +1692,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1726,7 +1726,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1760,7 +1760,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1792,7 +1792,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1814,7 +1814,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1837,7 +1837,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1857,7 +1857,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1880,7 +1880,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1900,7 +1900,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1920,7 +1920,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1943,7 +1943,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1966,7 +1966,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1986,7 +1986,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2009,7 +2009,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2029,7 +2029,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2052,7 +2052,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2073,7 +2073,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2096,7 +2096,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2116,7 +2116,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2139,7 +2139,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2159,7 +2159,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2179,7 +2179,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2202,7 +2202,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2225,7 +2225,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2245,7 +2245,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2268,7 +2268,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2288,7 +2288,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2311,7 +2311,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2339,14 +2339,10 @@ - - - - @@ -2374,7 +2370,7 @@ - + @@ -2418,6 +2414,7 @@ + @@ -2427,6 +2424,18 @@ + + + + + + + + + + + + @@ -2464,8 +2473,6 @@ - - @@ -2495,6 +2502,7 @@ + @@ -2532,6 +2540,7 @@ + @@ -2541,6 +2550,9 @@ + + + diff --git a/projects/Windows/VC10/src/curl.vcxproj b/projects/Windows/VC10/src/curl.vcxproj index 9c88e7001..62721163c 100644 --- a/projects/Windows/VC10/src/curl.vcxproj +++ b/projects/Windows/VC10/src/curl.vcxproj @@ -924,7 +924,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -953,7 +953,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -985,7 +985,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1015,7 +1015,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1046,7 +1046,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1075,7 +1075,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1107,7 +1107,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1137,7 +1137,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1167,7 +1167,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1198,7 +1198,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1230,7 +1230,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1262,7 +1262,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1293,7 +1293,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1324,7 +1324,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1356,7 +1356,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1388,7 +1388,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1419,7 +1419,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1451,7 +1451,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1482,7 +1482,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1513,7 +1513,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1545,7 +1545,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1577,7 +1577,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1609,7 +1609,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1639,7 +1639,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1668,7 +1668,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1697,7 +1697,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1727,7 +1727,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1757,7 +1757,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1785,7 +1785,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1817,7 +1817,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1849,7 +1849,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1879,7 +1879,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1907,7 +1907,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1939,7 +1939,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1971,7 +1971,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2001,7 +2001,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2029,7 +2029,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2061,7 +2061,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2093,7 +2093,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2123,7 +2123,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2151,7 +2151,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2183,7 +2183,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2215,7 +2215,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2245,7 +2245,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2273,7 +2273,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2305,7 +2305,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2337,7 +2337,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2367,7 +2367,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2395,7 +2395,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2404,7 +2404,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC10\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2426,7 +2426,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2435,7 +2435,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC10\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2458,7 +2458,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2467,7 +2467,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC10\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2490,7 +2490,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2499,7 +2499,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC10\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2522,7 +2522,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2530,7 +2530,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC10\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2551,7 +2551,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2559,7 +2559,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC10\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2581,7 +2581,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2589,7 +2589,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC10\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2611,7 +2611,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2619,7 +2619,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC10\$(Configuration);%(AdditionalLibraryDirectories) Console diff --git a/projects/Windows/VC11/lib/libcurl.vcxproj b/projects/Windows/VC11/lib/libcurl.vcxproj index f173133d5..681151d68 100644 --- a/projects/Windows/VC11/lib/libcurl.vcxproj +++ b/projects/Windows/VC11/lib/libcurl.vcxproj @@ -922,7 +922,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -956,7 +956,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -990,7 +990,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1023,7 +1023,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1057,7 +1057,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1089,7 +1089,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1123,7 +1123,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1154,7 +1154,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1178,7 +1178,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1198,7 +1198,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1221,7 +1221,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1244,7 +1244,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1265,7 +1265,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1285,7 +1285,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1308,7 +1308,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1331,7 +1331,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1358,7 +1358,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1392,7 +1392,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1426,7 +1426,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1458,7 +1458,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1488,7 +1488,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1496,7 +1496,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1522,7 +1522,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1530,7 +1530,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1556,7 +1556,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1564,7 +1564,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) true @@ -1589,7 +1589,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1597,7 +1597,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) true @@ -1623,14 +1623,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1655,14 +1655,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1687,14 +1687,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(TargetDir)$(TargetName).lib @@ -1718,14 +1718,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(TargetDir)$(TargetName).lib @@ -1748,7 +1748,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1782,7 +1782,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1816,7 +1816,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1848,7 +1848,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1870,7 +1870,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1893,7 +1893,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1913,7 +1913,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1936,7 +1936,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1956,7 +1956,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1976,7 +1976,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1999,7 +1999,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2022,7 +2022,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2042,7 +2042,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2065,7 +2065,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2085,7 +2085,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2108,7 +2108,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2129,7 +2129,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2152,7 +2152,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2172,7 +2172,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2195,7 +2195,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2215,7 +2215,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2235,7 +2235,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2258,7 +2258,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2281,7 +2281,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2301,7 +2301,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2324,7 +2324,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2344,7 +2344,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2367,7 +2367,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2395,14 +2395,10 @@ - - - - @@ -2430,7 +2426,7 @@ - + @@ -2474,6 +2470,7 @@ + @@ -2483,6 +2480,18 @@ + + + + + + + + + + + + @@ -2520,8 +2529,6 @@ - - @@ -2551,6 +2558,7 @@ + @@ -2588,6 +2596,7 @@ + @@ -2597,6 +2606,9 @@ + + + diff --git a/projects/Windows/VC11/src/curl.vcxproj b/projects/Windows/VC11/src/curl.vcxproj index 8842d983d..7d27f4ecd 100644 --- a/projects/Windows/VC11/src/curl.vcxproj +++ b/projects/Windows/VC11/src/curl.vcxproj @@ -980,7 +980,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1009,7 +1009,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1041,7 +1041,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1071,7 +1071,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1102,7 +1102,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1131,7 +1131,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1163,7 +1163,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1193,7 +1193,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1223,7 +1223,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1254,7 +1254,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1286,7 +1286,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1318,7 +1318,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1349,7 +1349,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1380,7 +1380,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1412,7 +1412,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1444,7 +1444,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1475,7 +1475,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1507,7 +1507,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1538,7 +1538,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1569,7 +1569,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1601,7 +1601,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1633,7 +1633,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1665,7 +1665,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1695,7 +1695,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1724,7 +1724,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1753,7 +1753,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1783,7 +1783,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1813,7 +1813,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1841,7 +1841,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1873,7 +1873,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1905,7 +1905,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1935,7 +1935,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1963,7 +1963,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1995,7 +1995,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2027,7 +2027,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2057,7 +2057,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2085,7 +2085,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2117,7 +2117,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2149,7 +2149,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2179,7 +2179,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2207,7 +2207,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2239,7 +2239,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2271,7 +2271,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2301,7 +2301,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2329,7 +2329,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2361,7 +2361,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2393,7 +2393,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2423,7 +2423,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2451,7 +2451,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2460,7 +2460,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC11\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2482,7 +2482,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2491,7 +2491,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC11\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2514,7 +2514,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2523,7 +2523,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC11\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2546,7 +2546,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2555,7 +2555,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC11\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2578,7 +2578,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2586,7 +2586,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC11\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2607,7 +2607,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2615,7 +2615,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC11\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2637,7 +2637,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2645,7 +2645,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC11\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2667,7 +2667,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2675,7 +2675,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC11\$(Configuration);%(AdditionalLibraryDirectories) Console diff --git a/projects/Windows/VC12/lib/libcurl.vcxproj b/projects/Windows/VC12/lib/libcurl.vcxproj index d7ad13c39..8f770c1da 100644 --- a/projects/Windows/VC12/lib/libcurl.vcxproj +++ b/projects/Windows/VC12/lib/libcurl.vcxproj @@ -922,7 +922,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -956,7 +956,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -990,7 +990,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1023,7 +1023,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1057,7 +1057,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1089,7 +1089,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1123,7 +1123,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1154,7 +1154,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1178,7 +1178,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1198,7 +1198,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1221,7 +1221,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1244,7 +1244,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1265,7 +1265,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1285,7 +1285,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1308,7 +1308,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1331,7 +1331,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1358,7 +1358,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1392,7 +1392,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1426,7 +1426,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1458,7 +1458,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1488,7 +1488,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1496,7 +1496,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1522,7 +1522,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1530,7 +1530,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1556,7 +1556,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1564,7 +1564,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) true @@ -1589,7 +1589,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1597,7 +1597,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) true @@ -1623,14 +1623,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1655,14 +1655,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1687,14 +1687,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(TargetDir)$(TargetName).lib @@ -1718,14 +1718,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(TargetDir)$(TargetName).lib @@ -1748,7 +1748,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1782,7 +1782,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1816,7 +1816,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1848,7 +1848,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1870,7 +1870,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1893,7 +1893,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1913,7 +1913,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1936,7 +1936,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1956,7 +1956,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1976,7 +1976,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1999,7 +1999,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2022,7 +2022,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2042,7 +2042,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2065,7 +2065,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2085,7 +2085,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2108,7 +2108,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2129,7 +2129,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2152,7 +2152,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2172,7 +2172,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2195,7 +2195,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2215,7 +2215,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2235,7 +2235,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2258,7 +2258,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2281,7 +2281,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2301,7 +2301,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2324,7 +2324,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2344,7 +2344,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2367,7 +2367,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2395,14 +2395,10 @@ - - - - @@ -2430,7 +2426,7 @@ - + @@ -2474,6 +2470,7 @@ + @@ -2483,6 +2480,18 @@ + + + + + + + + + + + + @@ -2520,8 +2529,6 @@ - - @@ -2551,6 +2558,7 @@ + @@ -2588,6 +2596,7 @@ + @@ -2597,6 +2606,9 @@ + + + diff --git a/projects/Windows/VC12/src/curl.vcxproj b/projects/Windows/VC12/src/curl.vcxproj index 2a00b4aaf..28a831985 100644 --- a/projects/Windows/VC12/src/curl.vcxproj +++ b/projects/Windows/VC12/src/curl.vcxproj @@ -980,7 +980,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1009,7 +1009,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1041,7 +1041,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1071,7 +1071,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1102,7 +1102,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1131,7 +1131,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1163,7 +1163,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1193,7 +1193,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1223,7 +1223,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1254,7 +1254,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1286,7 +1286,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1318,7 +1318,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1349,7 +1349,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1380,7 +1380,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1412,7 +1412,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1444,7 +1444,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1475,7 +1475,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1507,7 +1507,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1538,7 +1538,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1569,7 +1569,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1601,7 +1601,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1633,7 +1633,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1665,7 +1665,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1695,7 +1695,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1724,7 +1724,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1753,7 +1753,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1783,7 +1783,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1813,7 +1813,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1841,7 +1841,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1873,7 +1873,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1905,7 +1905,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1935,7 +1935,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1963,7 +1963,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1995,7 +1995,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2027,7 +2027,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2057,7 +2057,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2085,7 +2085,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2117,7 +2117,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2149,7 +2149,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2179,7 +2179,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2207,7 +2207,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2239,7 +2239,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2271,7 +2271,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2301,7 +2301,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2329,7 +2329,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2361,7 +2361,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2393,7 +2393,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2423,7 +2423,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2451,7 +2451,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2460,7 +2460,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC12\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2482,7 +2482,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2491,7 +2491,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC12\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2514,7 +2514,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2523,7 +2523,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC12\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2546,7 +2546,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2555,7 +2555,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC12\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2578,7 +2578,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2586,7 +2586,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC12\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2607,7 +2607,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2615,7 +2615,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC12\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2637,7 +2637,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2645,7 +2645,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC12\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2667,7 +2667,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2675,7 +2675,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC12\$(Configuration);%(AdditionalLibraryDirectories) Console diff --git a/projects/Windows/VC14/lib/libcurl.vcxproj b/projects/Windows/VC14/lib/libcurl.vcxproj index cc71407dc..518271125 100644 --- a/projects/Windows/VC14/lib/libcurl.vcxproj +++ b/projects/Windows/VC14/lib/libcurl.vcxproj @@ -922,7 +922,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -956,7 +956,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -990,7 +990,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1023,7 +1023,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1057,7 +1057,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1089,7 +1089,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1123,7 +1123,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1154,7 +1154,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1178,7 +1178,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1198,7 +1198,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1221,7 +1221,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1244,7 +1244,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1265,7 +1265,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1285,7 +1285,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1308,7 +1308,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1331,7 +1331,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1358,7 +1358,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1392,7 +1392,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1426,7 +1426,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1458,7 +1458,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1488,7 +1488,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1496,7 +1496,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1522,7 +1522,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1530,7 +1530,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1556,7 +1556,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1564,7 +1564,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) true @@ -1589,7 +1589,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1597,7 +1597,7 @@ 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) true @@ -1623,14 +1623,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1655,14 +1655,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(IntDir)$(TargetFileName).intermediate.manifest @@ -1687,14 +1687,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(TargetDir)$(TargetName).lib @@ -1718,14 +1718,14 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) 0x0409 - ws2_32.lib;wldap32.lib;normaliz.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) %(AdditionalLibraryDirectories) $(TargetDir)$(TargetName).lib @@ -1748,7 +1748,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1782,7 +1782,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1816,7 +1816,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1848,7 +1848,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1870,7 +1870,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1893,7 +1893,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1913,7 +1913,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1936,7 +1936,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1956,7 +1956,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1976,7 +1976,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1999,7 +1999,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2022,7 +2022,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2042,7 +2042,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2065,7 +2065,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2085,7 +2085,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2108,7 +2108,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2129,7 +2129,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2152,7 +2152,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2172,7 +2172,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2195,7 +2195,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2215,7 +2215,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2235,7 +2235,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2258,7 +2258,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2281,7 +2281,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2301,7 +2301,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2324,7 +2324,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2344,7 +2344,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2367,7 +2367,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2395,14 +2395,10 @@ - - - - @@ -2430,7 +2426,7 @@ - + @@ -2474,6 +2470,7 @@ + @@ -2483,6 +2480,18 @@ + + + + + + + + + + + + @@ -2520,8 +2529,6 @@ - - @@ -2551,6 +2558,7 @@ + @@ -2588,6 +2596,7 @@ + @@ -2597,6 +2606,9 @@ + + + diff --git a/projects/Windows/VC14/src/curl.vcxproj b/projects/Windows/VC14/src/curl.vcxproj index 9be7f2c0b..1b9eb0bb4 100644 --- a/projects/Windows/VC14/src/curl.vcxproj +++ b/projects/Windows/VC14/src/curl.vcxproj @@ -980,7 +980,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1009,7 +1009,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1041,7 +1041,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1071,7 +1071,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1102,7 +1102,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1131,7 +1131,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1163,7 +1163,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1193,7 +1193,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1223,7 +1223,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1254,7 +1254,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1286,7 +1286,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1318,7 +1318,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1349,7 +1349,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1380,7 +1380,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1412,7 +1412,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1444,7 +1444,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1475,7 +1475,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1507,7 +1507,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1538,7 +1538,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1569,7 +1569,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1601,7 +1601,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1633,7 +1633,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1665,7 +1665,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1695,7 +1695,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1724,7 +1724,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1753,7 +1753,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1783,7 +1783,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1813,7 +1813,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1841,7 +1841,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1873,7 +1873,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1905,7 +1905,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1935,7 +1935,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -1963,7 +1963,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -1995,7 +1995,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2027,7 +2027,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2057,7 +2057,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2085,7 +2085,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2117,7 +2117,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2149,7 +2149,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2179,7 +2179,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2207,7 +2207,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2239,7 +2239,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2271,7 +2271,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2301,7 +2301,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2329,7 +2329,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2361,7 +2361,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2393,7 +2393,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2423,7 +2423,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2451,7 +2451,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2460,7 +2460,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC14\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2482,7 +2482,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2491,7 +2491,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC14\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2514,7 +2514,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2523,7 +2523,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC14\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2546,7 +2546,7 @@ true EnableFastChecks MultiThreadedDebugDLL - Level3 + Level4 ProgramDatabase @@ -2555,7 +2555,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurld.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC14\$(Configuration);%(AdditionalLibraryDirectories) true @@ -2578,7 +2578,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2586,7 +2586,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC14\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2607,7 +2607,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2615,7 +2615,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win32\VC14\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2637,7 +2637,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2645,7 +2645,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC14\$(Configuration);%(AdditionalLibraryDirectories) Console @@ -2667,7 +2667,7 @@ true MultiThreadedDLL true - Level3 + Level4 NDEBUG;%(PreprocessorDefinitions) @@ -2675,7 +2675,7 @@ ..\..\..\..\include;%(AdditionalIncludeDirectories) - ws2_32.lib;wldap32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) + ws2_32.lib;wldap32.lib;crypt32.lib;normaliz.lib;libcurl.lib;%(AdditionalDependencies) $(OutDir)$(TargetName)$(TargetExt) ..\..\..\..\build\Win64\VC14\$(Configuration);%(AdditionalLibraryDirectories) Console diff --git a/projects/Windows/VC6/lib/libcurl.dsp b/projects/Windows/VC6/lib/libcurl.dsp index 040b689d2..4071c1ffd 100644 --- a/projects/Windows/VC6/lib/libcurl.dsp +++ b/projects/Windows/VC6/lib/libcurl.dsp @@ -63,8 +63,8 @@ CFG=libcurl - Win32 LIB Debug # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /FD /EHsc /GZ /c MTL=midl.exe # ADD BASE MTL /nologo /D "_DEBUG" /win32 # ADD MTL /nologo /D "_DEBUG" /win32 @@ -93,8 +93,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_OPENSSL" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_OPENSSL" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_OPENSSL" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_OPENSSL" /FD /EHsc /GZ /c MTL=midl.exe # ADD BASE MTL /nologo /D "_DEBUG" /win32 # ADD MTL /nologo /D "_DEBUG" /win32 @@ -123,8 +123,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c MTL=midl.exe # ADD BASE MTL /nologo /D "_DEBUG" /win32 # ADD MTL /nologo /D "_DEBUG" /win32 @@ -153,8 +153,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /FD /EHsc /GZ /c MTL=midl.exe # ADD BASE MTL /nologo /D "_DEBUG" /win32 # ADD MTL /nologo /D "_DEBUG" /win32 @@ -165,8 +165,8 @@ BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 advapi32.lib wldap32.lib ws2_32.lib /nologo /dll /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI\libcurld.dll" /pdbtype:con /fixed:no -# ADD LINK32 advapi32.lib wldap32.lib ws2_32.lib /nologo /dll /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI\libcurld.dll" /pdbtype:con /fixed:no +# ADD BASE LINK32 advapi32.lib wldap32.lib ws2_32.lib crypt32.lib /nologo /dll /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI\libcurld.dll" /pdbtype:con /fixed:no +# ADD LINK32 advapi32.lib wldap32.lib ws2_32.lib crypt32.lib /nologo /dll /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI\libcurld.dll" /pdbtype:con /fixed:no !ELSEIF "$(CFG)" == "libcurl - Win32 DLL Debug DLL Windows SSPI DLL WinIDN" @@ -183,8 +183,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /GZ /c MTL=midl.exe # ADD BASE MTL /nologo /D "_DEBUG" /win32 # ADD MTL /nologo /D "_DEBUG" /win32 @@ -195,8 +195,8 @@ BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib /nologo /dll /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI - DLL WinIDN\libcurld.dll" /pdbtype:con /fixed:no -# ADD LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib /nologo /dll /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI - DLL WinIDN\libcurld.dll" /pdbtype:con /fixed:no +# ADD BASE LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib crypt32.lib /nologo /dll /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI - DLL WinIDN\libcurld.dll" /pdbtype:con /fixed:no +# ADD LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib crypt32.lib /nologo /dll /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI - DLL WinIDN\libcurld.dll" /pdbtype:con /fixed:no !ELSEIF "$(CFG)" == "libcurl - Win32 DLL Release" @@ -212,8 +212,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /FD /EHsc /c MTL=midl.exe # ADD BASE MTL /nologo /D "NDEBUG" /win32 # ADD MTL /nologo /D "NDEBUG" /win32 @@ -242,8 +242,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_OPENSSL" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_OPENSSL" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_OPENSSL" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_OPENSSL" /FD /EHsc /c MTL=midl.exe # ADD BASE MTL /nologo /D "NDEBUG" /win32 # ADD MTL /nologo /D "NDEBUG" /win32 @@ -272,8 +272,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c MTL=midl.exe # ADD BASE MTL /nologo /D "NDEBUG" /win32 # ADD MTL /nologo /D "NDEBUG" /win32 @@ -302,8 +302,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /FD /EHsc /c MTL=midl.exe # ADD BASE MTL /nologo /D "NDEBUG" /win32 # ADD MTL /nologo /D "NDEBUG" /win32 @@ -314,8 +314,8 @@ BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 advapi32.lib wldap32.lib ws2_32.lib /nologo /dll /pdb:none /machine:I386 /fixed:no /release -# ADD LINK32 advapi32.lib wldap32.lib ws2_32.lib /nologo /dll /pdb:none /machine:I386 /fixed:no /release +# ADD BASE LINK32 advapi32.lib wldap32.lib ws2_32.lib crypt32.lib /nologo /dll /pdb:none /machine:I386 /fixed:no /release +# ADD LINK32 advapi32.lib wldap32.lib ws2_32.lib crypt32.lib /nologo /dll /pdb:none /machine:I386 /fixed:no /release !ELSEIF "$(CFG)" == "libcurl - Win32 DLL Release DLL Windows SSPI DLL WinIDN" @@ -332,8 +332,8 @@ LINK32=link.exe # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /c MTL=midl.exe # ADD BASE MTL /nologo /D "NDEBUG" /win32 # ADD MTL /nologo /D "NDEBUG" /win32 @@ -344,8 +344,8 @@ BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib /nologo /dll /pdb:none /machine:I386 /fixed:no /release -# ADD LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib /nologo /dll /pdb:none /machine:I386 /fixed:no /release +# ADD BASE LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib crypt32.lib /nologo /dll /pdb:none /machine:I386 /fixed:no /release +# ADD LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib crypt32.lib /nologo /dll /pdb:none /machine:I386 /fixed:no /release !ELSEIF "$(CFG)" == "libcurl - Win32 LIB Debug" @@ -360,8 +360,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" @@ -385,8 +385,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - DLL OpenSSL\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /GZ /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" @@ -410,8 +410,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - DLL OpenSSL - DLL LibSSH2\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" @@ -435,8 +435,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /FD /EHsc /GZ /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" @@ -460,8 +460,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /GZ /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" @@ -485,8 +485,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - LIB OpenSSL\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /GZ /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" @@ -510,8 +510,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - LIB OpenSSL - LIB LibSSH2\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "_DEBUG" /D "BUILDING_LIBCURL" /D "DEBUGBUILD" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /GZ /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "_DEBUG" # ADD RSC /l 0x409 /d "_DEBUG" @@ -535,8 +535,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /FD /EHsc /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" @@ -560,8 +560,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - DLL OpenSSL\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" @@ -585,8 +585,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - DLL OpenSSL - DLL LibSSH2\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" @@ -610,8 +610,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /FD /EHsc /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" @@ -635,8 +635,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_WINDOWS_SSPI" /D "USE_SCHANNEL" /D "USE_WIN32_IDN" /D "WANT_IDN_PROTOTYPES" /FD /EHsc /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" @@ -660,8 +660,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - LIB OpenSSL\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /FD /EHsc /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" @@ -685,8 +685,8 @@ LIB32=link.exe -lib # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - LIB OpenSSL - LIB LibSSH2\lib" # PROP Target_Dir "" CPP=cl.exe -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\..\openssl\inc32" /I "..\..\..\..\..\libssh2\include" /D "NDEBUG" /D "BUILDING_LIBCURL" /D "CURL_STATICLIB" /D "USE_OPENSSL" /D "USE_LIBSSH2" /D "HAVE_LIBSSH2_H" /FD /EHsc /c RSC=rc.exe # ADD BASE RSC /l 0x409 /d "NDEBUG" # ADD RSC /l 0x409 /d "NDEBUG" @@ -794,18 +794,10 @@ SOURCE=..\..\..\..\lib\curl_multibyte.c # End Source File # Begin Source File -SOURCE=..\..\..\..\lib\curl_ntlm.c -# End Source File -# Begin Source File - SOURCE=..\..\..\..\lib\curl_ntlm_core.c # End Source File # Begin Source File -SOURCE=..\..\..\..\lib\curl_ntlm_msgs.c -# End Source File -# Begin Source File - SOURCE=..\..\..\..\lib\curl_ntlm_wb.c # End Source File # Begin Source File @@ -818,14 +810,6 @@ SOURCE=..\..\..\..\lib\curl_sasl.c # End Source File # Begin Source File -SOURCE=..\..\..\..\lib\curl_sasl_gssapi.c -# End Source File -# Begin Source File - -SOURCE=..\..\..\..\lib\curl_sasl_sspi.c -# End Source File -# Begin Source File - SOURCE=..\..\..\..\lib\curl_sspi.c # End Source File # Begin Source File @@ -934,7 +918,7 @@ SOURCE=..\..\..\..\lib\http_negotiate.c # End Source File # Begin Source File -SOURCE=..\..\..\..\lib\http_negotiate_sspi.c +SOURCE=..\..\..\..\lib\http_ntlm.c # End Source File # Begin Source File @@ -1110,6 +1094,10 @@ SOURCE=..\..\..\..\lib\strtoofft.c # End Source File # Begin Source File +SOURCE=..\..\..\..\lib\system_win32.c +# End Source File +# Begin Source File + SOURCE=..\..\..\..\lib\telnet.c # End Source File # Begin Source File @@ -1146,6 +1134,54 @@ SOURCE=..\..\..\..\lib\x509asn1.c # End Source File # Begin Source File +SOURCE=..\..\..\..\lib\vauth\cleartext.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\cram.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\digest.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\digest_sspi.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\krb5_gssapi.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\krb5_sspi.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\ntlm.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\ntlm_sspi.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\oauth2.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\spnego_gssapi.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\spnego_sspi.c +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\vauth.c +# End Source File +# Begin Source File + SOURCE=..\..\..\..\lib\vtls\axtls.c # End Source File # Begin Source File @@ -1290,14 +1326,6 @@ SOURCE=..\..\..\..\lib\curl_ntlm_core.h # End Source File # Begin Source File -SOURCE=..\..\..\..\lib\curl_ntlm.h -# End Source File -# Begin Source File - -SOURCE=..\..\..\..\lib\curl_ntlm_msgs.h -# End Source File -# Begin Source File - SOURCE=..\..\..\..\lib\curl_ntlm_wb.h # End Source File # Begin Source File @@ -1414,6 +1442,10 @@ SOURCE=..\..\..\..\lib\http_negotiate.h # End Source File # Begin Source File +SOURCE=..\..\..\..\lib\http_ntlm.h +# End Source File +# Begin Source File + SOURCE=..\..\..\..\lib\http_proxy.h # End Source File # Begin Source File @@ -1562,6 +1594,10 @@ SOURCE=..\..\..\..\lib\strtoofft.h # End Source File # Begin Source File +SOURCE=..\..\..\..\lib\system_win32.h +# End Source File +# Begin Source File + SOURCE=..\..\..\..\lib\telnet.h # End Source File # Begin Source File @@ -1598,6 +1634,18 @@ SOURCE=..\..\..\..\lib\x509asn1.h # End Source File # Begin Source File +SOURCE=..\..\..\..\lib\vauth\digest.h +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\ntlm.h +# End Source File +# Begin Source File + +SOURCE=..\..\..\..\lib\vauth\vauth.h +# End Source File +# Begin Source File + SOURCE=..\..\..\..\lib\vtls\axtls.h # End Source File # Begin Source File diff --git a/projects/Windows/VC6/src/curl.dsp b/projects/Windows/VC6/src/curl.dsp index e7d413016..81101b4ea 100644 --- a/projects/Windows/VC6/src/curl.dsp +++ b/projects/Windows/VC6/src/curl.dsp @@ -63,8 +63,8 @@ RSC=rc.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Debug\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -88,8 +88,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Debug - DLL OpenSSL\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -113,8 +113,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Debug - DLL OpenSSL - DLL LibSSH2\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -138,8 +138,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -163,8 +163,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Debug - DLL Windows SSPI - DLL WinIDN\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -187,8 +187,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Release\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_CONSOLE" /D "NDEBUG" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_CONSOLE" /D "NDEBUG" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -212,8 +212,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Release - DLL OpenSSL\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -237,8 +237,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Release - DLL OpenSSL - DLL LibSSH2\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -262,8 +262,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Release - DLL Windows SSPI\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -287,8 +287,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\DLL Release - DLL Windows SSPI - DLL WinIDN\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -311,8 +311,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -336,8 +336,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - DLL OpenSSL\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -361,8 +361,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - DLL OpenSSL - DLL LibSSH2\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -386,16 +386,16 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 advapi32.lib wldap32.lib ws2_32.lib libcurld.lib /nologo /subsystem:console /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI\curld.exe" /pdbtype:con /libpath:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI" /fixed:no -# ADD LINK32 advapi32.lib wldap32.lib ws2_32.lib libcurld.lib /nologo /subsystem:console /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI\curld.exe" /pdbtype:con /libpath:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI" /fixed:no +# ADD BASE LINK32 advapi32.lib wldap32.lib ws2_32.lib crypt32.lib libcurld.lib /nologo /subsystem:console /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI\curld.exe" /pdbtype:con /libpath:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI" /fixed:no +# ADD LINK32 advapi32.lib wldap32.lib ws2_32.lib crypt32.lib libcurld.lib /nologo /subsystem:console /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI\curld.exe" /pdbtype:con /libpath:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI" /fixed:no !ELSEIF "$(CFG)" == "curl - Win32 LIB Debug DLL Windows SSPI DLL WinIDN" @@ -411,16 +411,16 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib libcurld.lib /nologo /subsystem:console /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN\curld.exe" /pdbtype:con /libpath:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN" /fixed:no -# ADD LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib libcurld.lib /nologo /subsystem:console /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN\curld.exe" /pdbtype:con /libpath:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN" /fixed:no +# ADD BASE LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib crypt32.lib libcurld.lib /nologo /subsystem:console /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN\curld.exe" /pdbtype:con /libpath:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN" /fixed:no +# ADD LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib crypt32.lib libcurld.lib /nologo /subsystem:console /incremental:no /debug /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN\curld.exe" /pdbtype:con /libpath:"..\..\..\..\build\Win32\VC6\LIB Debug - DLL Windows SSPI - DLL WinIDN" /fixed:no !ELSEIF "$(CFG)" == "curl - Win32 LIB Debug LIB OpenSSL" @@ -436,8 +436,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - LIB OpenSSL\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -461,8 +461,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Debug - LIB OpenSSL - LIB LibSSH2\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c -# ADD CPP /nologo /MDd /W3 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD BASE CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c +# ADD CPP /nologo /MDd /W4 /Zi /Od /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_DEBUG" /D "_CONSOLE" /D "DEBUGBUILD" /D "CURL_STATICLIB" /FD /EHsc /GZ /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "_DEBUG" BSC32=bscmake.exe @@ -485,8 +485,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_CONSOLE" /D "NDEBUG" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "_CONSOLE" /D "NDEBUG" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -510,8 +510,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - DLL OpenSSL\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -535,8 +535,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - DLL OpenSSL - DLL LibSSH2\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -560,16 +560,16 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 advapi32.lib wldap32.lib ws2_32.lib libcurl.lib /nologo /subsystem:console /pdb:none /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI\curl.exe" /libpath:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI" /fixed:no -# ADD LINK32 advapi32.lib wldap32.lib ws2_32.lib libcurl.lib /nologo /subsystem:console /pdb:none /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI\curl.exe" /libpath:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI" /fixed:no +# ADD BASE LINK32 advapi32.lib wldap32.lib ws2_32.lib crypt32.lib libcurl.lib /nologo /subsystem:console /pdb:none /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI\curl.exe" /libpath:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI" /fixed:no +# ADD LINK32 advapi32.lib wldap32.lib ws2_32.lib crypt32.lib libcurl.lib /nologo /subsystem:console /pdb:none /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI\curl.exe" /libpath:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI" /fixed:no !ELSEIF "$(CFG)" == "curl - Win32 LIB Release DLL Windows SSPI DLL WinIDN" @@ -585,16 +585,16 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe # ADD BASE BSC32 /nologo # ADD BSC32 /nologo LINK32=link.exe -# ADD BASE LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib libcurl.lib /nologo /subsystem:console /pdb:none /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN\curl.exe" /libpath:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN" /fixed:no -# ADD LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib libcurl.lib /nologo /subsystem:console /pdb:none /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN\curl.exe" /libpath:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN" /fixed:no +# ADD BASE LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib crypt32.lib libcurl.lib /nologo /subsystem:console /pdb:none /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN\curl.exe" /libpath:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN" /fixed:no +# ADD LINK32 advapi32.lib normaliz.lib wldap32.lib ws2_32.lib crypt32.lib libcurl.lib /nologo /subsystem:console /pdb:none /machine:I386 /out:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN\curl.exe" /libpath:"..\..\..\..\build\Win32\VC6\LIB Release - DLL Windows SSPI - DLL WinIDN" /fixed:no !ELSEIF "$(CFG)" == "curl - Win32 LIB Release LIB OpenSSL" @@ -610,8 +610,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - LIB OpenSSL\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe @@ -635,8 +635,8 @@ LINK32=link.exe # PROP Intermediate_Dir "..\..\..\..\build\Win32\VC6\LIB Release - LIB OpenSSL - LIB LibSSH2\src" # PROP Ignore_Export_Lib 0 # PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c -# ADD CPP /nologo /MD /W3 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD BASE CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c +# ADD CPP /nologo /MD /W4 /O2 /I "$(ProgramFiles)\Microsoft Platform SDK\Include" /I "..\..\..\..\include" /I "..\..\..\..\lib" /I "..\..\..\..\src" /D "NDEBUG" /D "_CONSOLE" /D "CURL_STATICLIB" /FD /EHsc /c # ADD BASE RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" # ADD RSC /l 0x409 /i "..\..\..\..\include" /d "NDEBUG" BSC32=bscmake.exe diff --git a/projects/Windows/VC7.1/lib/libcurl.vcproj b/projects/Windows/VC7.1/lib/libcurl.vcproj index fd4c683e3..b2b3554a4 100644 --- a/projects/Windows/VC7.1/lib/libcurl.vcproj +++ b/projects/Windows/VC7.1/lib/libcurl.vcproj @@ -27,7 +27,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -143,7 +143,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -202,7 +202,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -296,7 +296,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -399,7 +399,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;CURL_STATICLIB;USE_WINDOWS_SSPI;USE_SCHANNEL" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -446,7 +446,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;CURL_STATICLIB;USE_OPENSSL" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -494,7 +494,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -559,7 +559,7 @@ @@ -948,7 +948,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;USE_OPENSSL;USE_LIBSSH2;HAVE_LIBSSH2_H" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -1007,7 +1007,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;CURL_STATICLIB;USE_OPENSSL" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -1054,7 +1054,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;USE_WINDOWS_SSPI;USE_SCHANNEL;USE_WIN32_IDN;WANT_IDN_PROTOTYPES" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -1063,7 +1063,7 @@ @@ -1217,7 +1217,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> - - - - @@ -1321,12 +1315,6 @@ - - - - @@ -1409,7 +1397,7 @@ RelativePath="..\..\..\..\lib\http_negotiate.c"> + RelativePath="..\..\..\..\lib\http_ntlm.c"> @@ -1540,6 +1528,9 @@ + + @@ -1640,12 +1631,6 @@ - - - - @@ -1733,6 +1718,9 @@ + + @@ -1844,6 +1832,9 @@ + + @@ -1879,6 +1870,63 @@ RelativePath="..\..\..\..\lib\libcurl.rc"> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/projects/Windows/VC7.1/src/curl.vcproj b/projects/Windows/VC7.1/src/curl.vcproj index 09e9dcefe..48a02895d 100644 --- a/projects/Windows/VC7.1/src/curl.vcproj +++ b/projects/Windows/VC7.1/src/curl.vcproj @@ -26,7 +26,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -247,7 +247,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -304,7 +304,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -361,7 +361,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -419,7 +419,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -695,7 +695,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -752,7 +752,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -810,7 +810,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -976,7 +976,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -985,7 +985,7 @@ @@ -1145,7 +1145,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -1203,7 +1203,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -1266,7 +1266,7 @@ @@ -131,7 +131,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -184,7 +184,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -266,7 +266,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -357,7 +357,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;CURL_STATICLIB;USE_WINDOWS_SSPI;USE_SCHANNEL" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -398,7 +398,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;CURL_STATICLIB;USE_OPENSSL" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -440,7 +440,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -499,7 +499,7 @@ @@ -840,7 +840,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;USE_OPENSSL;USE_LIBSSH2;HAVE_LIBSSH2_H" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -893,7 +893,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;CURL_STATICLIB;USE_OPENSSL" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -934,7 +934,7 @@ PreprocessorDefinitions="_DEBUG;BUILDING_LIBCURL;DEBUGBUILD;USE_WINDOWS_SSPI;USE_SCHANNEL;USE_WIN32_IDN;WANT_IDN_PROTOTYPES" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -943,7 +943,7 @@ @@ -1079,7 +1079,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> - - - - @@ -1175,12 +1169,6 @@ - - - - @@ -1263,7 +1251,7 @@ RelativePath="..\..\..\..\lib\http_negotiate.c"> + RelativePath="..\..\..\..\lib\http_ntlm.c"> @@ -1394,6 +1382,9 @@ + + @@ -1494,12 +1485,6 @@ - - - - @@ -1587,6 +1572,9 @@ + + @@ -1698,6 +1686,9 @@ + + @@ -1733,6 +1724,63 @@ RelativePath="..\..\..\..\lib\libcurl.rc"> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/projects/Windows/VC7/src/curl.vcproj b/projects/Windows/VC7/src/curl.vcproj index 81e41fb8a..ee7401838 100644 --- a/projects/Windows/VC7/src/curl.vcproj +++ b/projects/Windows/VC7/src/curl.vcproj @@ -26,7 +26,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -223,7 +223,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -274,7 +274,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -325,7 +325,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -377,7 +377,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -623,7 +623,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -674,7 +674,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -726,7 +726,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -874,7 +874,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -883,7 +883,7 @@ @@ -1025,7 +1025,7 @@ PreprocessorDefinitions="_DEBUG;_CONSOLE;DEBUGBUILD" BasicRuntimeChecks="3" RuntimeLibrary="3" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" DebugInformationFormat="3" CompileAs="0"/> @@ -1077,7 +1077,7 @@ StringPooling="TRUE" RuntimeLibrary="2" EnableFunctionLevelLinking="TRUE" - WarningLevel="3" + WarningLevel="4" SuppressStartupBanner="TRUE" CompileAs="0"/> @@ -1134,7 +1134,7 @@ - - - - @@ -3704,14 +3696,6 @@ RelativePath="..\..\..\..\lib\curl_sasl.c" > - - - - @@ -3821,7 +3805,7 @@ > + + @@ -4128,14 +4116,6 @@ RelativePath="..\..\..\..\lib\curl_ntlm_core.h" > - - - - @@ -4252,6 +4232,10 @@ RelativePath="..\..\..\..\lib\http_negotiate.h" > + + @@ -4400,6 +4384,10 @@ RelativePath="..\..\..\..\lib\strtoofft.h" > + + @@ -4445,6 +4433,78 @@ > + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/projects/Windows/VC8/src/curl.vcproj b/projects/Windows/VC8/src/curl.vcproj index 631efa6ab..593371110 100644 --- a/projects/Windows/VC8/src/curl.vcproj +++ b/projects/Windows/VC8/src/curl.vcproj @@ -52,7 +52,7 @@ StringPooling="true" RuntimeLibrary="2" EnableFunctionLevelLinking="true" - WarningLevel="3" + WarningLevel="4" /> - - - - @@ -3645,14 +3637,6 @@ RelativePath="..\..\..\..\lib\curl_sasl.c" > - - - - @@ -3762,7 +3746,7 @@ > + + @@ -4069,14 +4057,6 @@ RelativePath="..\..\..\..\lib\curl_ntlm_core.h" > - - - - @@ -4193,6 +4173,10 @@ RelativePath="..\..\..\..\lib\http_negotiate.h" > + + @@ -4341,6 +4325,10 @@ RelativePath="..\..\..\..\lib\strtoofft.h" > + + @@ -4386,6 +4374,78 @@ > + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/projects/Windows/VC9/src/curl.vcproj b/projects/Windows/VC9/src/curl.vcproj index 959e3fccb..ef60a596a 100644 --- a/projects/Windows/VC9/src/curl.vcproj +++ b/projects/Windows/VC9/src/curl.vcproj @@ -53,7 +53,7 @@ StringPooling="true" RuntimeLibrary="2" EnableFunctionLevelLinking="true" - WarningLevel="3" + WarningLevel="4" /> NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\lib" -Wcurl_config.h.cmake "%%i" ) + rem Check the lib\vauth directory + if exist %SRC_DIR%\lib\vauth ( + for /f "delims=" %%i in ('dir "%SRC_DIR%\lib\vauth\*.c.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\lib\vauth" "%%i" + for /f "delims=" %%i in ('dir "%SRC_DIR%\lib\vauth\*.h.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\lib\vauth" "%%i" + ) + rem Check the lib\vtls directory if exist %SRC_DIR%\lib\vtls ( for /f "delims=" %%i in ('dir "%SRC_DIR%\lib\vtls\*.c.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\lib\vtls" "%%i" @@ -98,17 +120,46 @@ rem *************************************************************************** ) ) + if "%CHECK_TESTS%" == "TRUE" ( + rem Check the tests\libtest directory + if exist %SRC_DIR%\tests\libtest ( + for /f "delims=" %%i in ('dir "%SRC_DIR%\tests\libtest\*.c.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\tests\libtest" "%%i" + for /f "delims=" %%i in ('dir "%SRC_DIR%\tests\libtest\*.h.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\tests\libtest" "%%i" + ) + + rem Check the tests\unit directory + if exist %SRC_DIR%\tests\unit ( + for /f "delims=" %%i in ('dir "%SRC_DIR%\tests\unit\*.c.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\tests\unit" "%%i" + for /f "delims=" %%i in ('dir "%SRC_DIR%\tests\unit\*.h.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\tests\unit" "%%i" + ) + + rem Check the tests\server directory + if exist %SRC_DIR%\tests\server ( + for /f "delims=" %%i in ('dir "%SRC_DIR%\tests\server\*.c.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\tests\server" "%%i" + for /f "delims=" %%i in ('dir "%SRC_DIR%\tests\server\*.h.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\tests\server" "%%i" + ) + ) + + if "%CHECK_EXAMPLES%" == "TRUE" ( + rem Check the docs\examples directory + if exist %SRC_DIR%\docs\examples ( + for /f "delims=" %%i in ('dir "%SRC_DIR%\docs\examples\*.c.*" /b 2^>NUL') do @perl "%SRC_DIR%\lib\checksrc.pl" "-D%SRC_DIR%\docs\examples" "%%i" + ) + ) + goto success :syntax rem Display the help echo. - echo Usage: checksrc [product] [directory] + echo Usage: checksrc [what] [directory] echo. - echo Product: + echo What to scan: echo. echo lib - Scan the libcurl source echo src - Scan the command-line tool source + echo tests - Scan the library tests and unit tests + echo examples - Scan the examples echo. echo directory - Specifies the curl source directory goto success diff --git a/scripts/Makefile.am b/scripts/Makefile.am index ef4145442..32dc1b9e2 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -31,7 +31,7 @@ if CROSSCOMPILING @echo "NOTICE: we can't generate zsh completion when cross-compiling!" else # if not cross-compiling: @if ! test -x "$(PERL)"; then echo "No perl: can't install zsh.pl"; exit 0; fi - $(PERL) $(srcdir)/zsh.pl $(top_builddir)/src/curl > $@ + $(PERL) $(srcdir)/zsh.pl $(top_builddir)/src/curl$(EXEEXT) > $@ endif install-data-local: diff --git a/scripts/Makefile.in b/scripts/Makefile.in index b42dfe31c..d3c8b25c0 100644 --- a/scripts/Makefile.in +++ b/scripts/Makefile.in @@ -278,7 +278,7 @@ ZLIB_LIBS = @ZLIB_LIBS@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -547,7 +547,7 @@ all-local: $(ZSH_COMPLETION_FUNCTION_FILENAME) $(ZSH_COMPLETION_FUNCTION_FILENAME): zsh.pl @CROSSCOMPILING_TRUE@ @echo "NOTICE: we can't generate zsh completion when cross-compiling!" @CROSSCOMPILING_FALSE@ @if ! test -x "$(PERL)"; then echo "No perl: can't install zsh.pl"; exit 0; fi -@CROSSCOMPILING_FALSE@ $(PERL) $(srcdir)/zsh.pl $(top_builddir)/src/curl > $@ +@CROSSCOMPILING_FALSE@ $(PERL) $(srcdir)/zsh.pl $(top_builddir)/src/curl$(EXEEXT) > $@ install-data-local: @CROSSCOMPILING_TRUE@ @echo "NOTICE: we can't install zsh completion when cross-compiling!" diff --git a/src/Makefile.am b/src/Makefile.am index 535a740a5..878bbfef5 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -91,8 +91,7 @@ NROFF=env LC_ALL=C @NROFF@ @MANOPT@ # figured out by the configure script EXTRA_DIST = mkhelp.pl makefile.dj Makefile.vc6 Makefile.b32 \ Makefile.m32 macos/curl.mcp.xml.sit.hqx macos/MACINSTALL.TXT \ macos/src/curl_GUSIConfig.cpp macos/src/macos_main.cpp makefile.amiga \ - curl.rc Makefile.netware Makefile.inc Makefile.Watcom CMakeLists.txt \ - checksrc.whitelist + curl.rc Makefile.netware Makefile.inc Makefile.Watcom CMakeLists.txt MANPAGE=$(top_srcdir)/docs/curl.1 README=$(top_srcdir)/docs/MANUAL @@ -130,7 +129,8 @@ endif # ignore tool_hugehelp.c since it is generated source code and it plays # by slightly different rules! checksrc: - @@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(top_srcdir)/src -Wtool_hugehelp.c $(CURL_CFILES) $(CURL_HFILES) + @PERL@ $(top_srcdir)/lib/checksrc.pl -D$(srcdir) \ + -W$(srcdir)/tool_hugehelp.c $(srcdir)/*.[ch] if CURLDEBUG # for debug builds, we scan the sources on all regular make invokes diff --git a/src/Makefile.in b/src/Makefile.in index f3274c941..ac71cdfb4 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -491,7 +491,7 @@ top_srcdir = @top_srcdir@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -652,8 +652,7 @@ CLEANFILES = tool_hugehelp.c EXTRA_DIST = mkhelp.pl makefile.dj Makefile.vc6 Makefile.b32 \ Makefile.m32 macos/curl.mcp.xml.sit.hqx macos/MACINSTALL.TXT \ macos/src/curl_GUSIConfig.cpp macos/src/macos_main.cpp makefile.amiga \ - curl.rc Makefile.netware Makefile.inc Makefile.Watcom CMakeLists.txt \ - checksrc.whitelist + curl.rc Makefile.netware Makefile.inc Makefile.Watcom CMakeLists.txt MANPAGE = $(top_srcdir)/docs/curl.1 README = $(top_srcdir)/docs/MANUAL @@ -2081,7 +2080,8 @@ uninstall-am: uninstall-binPROGRAMS # ignore tool_hugehelp.c since it is generated source code and it plays # by slightly different rules! checksrc: - @@PERL@ $(top_srcdir)/lib/checksrc.pl -D$(top_srcdir)/src -Wtool_hugehelp.c $(CURL_CFILES) $(CURL_HFILES) + @PERL@ $(top_srcdir)/lib/checksrc.pl -D$(srcdir) \ + -W$(srcdir)/tool_hugehelp.c $(srcdir)/*.[ch] # for debug builds, we scan the sources on all regular make invokes @CURLDEBUG_TRUE@all-local: checksrc diff --git a/src/Makefile.m32 b/src/Makefile.m32 index 076fc5e35..40852e573 100644 --- a/src/Makefile.m32 +++ b/src/Makefile.m32 @@ -274,6 +274,10 @@ ifdef SSL INCLUDES += -I"$(OPENSSL_INCLUDE)" CFLAGS += -DUSE_OPENSSL curl_LDADD += -L"$(OPENSSL_LIBPATH)" $(OPENSSL_LIBS) +else +ifdef WINSSL + curl_LDADD += -lcrypt32 +endif endif ifdef ZLIB INCLUDES += -I"$(ZLIB_PATH)" diff --git a/src/Makefile.vc10 b/src/Makefile.vc10 index fd051ef1c..67da1d9af 100644 --- a/src/Makefile.vc10 +++ b/src/Makefile.vc10 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -191,7 +191,7 @@ DEBUG_OBJS= \ rawstrd.obj \ strtoofftd.obj \ warnlessd.obj \ - slist_wc.obj \ + slist_wcd.obj \ tool_binmoded.obj \ tool_bnamed.obj \ tool_cb_dbgd.obj \ @@ -459,7 +459,7 @@ strtoofftd.obj: ../lib/strtoofft.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c warnlessd.obj: ../lib/warnless.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c -slist_wc.obj: slist_wc.c +slist_wcd.obj: slist_wc.c $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c tool_binmoded.obj: tool_binmode.c $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c diff --git a/src/Makefile.vc11 b/src/Makefile.vc11 index 872c40122..6459c342c 100644 --- a/src/Makefile.vc11 +++ b/src/Makefile.vc11 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -191,7 +191,7 @@ DEBUG_OBJS= \ rawstrd.obj \ strtoofftd.obj \ warnlessd.obj \ - slist_wc.obj \ + slist_wcd.obj \ tool_binmoded.obj \ tool_bnamed.obj \ tool_cb_dbgd.obj \ @@ -459,7 +459,7 @@ strtoofftd.obj: ../lib/strtoofft.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c warnlessd.obj: ../lib/warnless.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c -slist_wc.obj: slist_wc.c +slist_wcd.obj: slist_wc.c $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c tool_binmoded.obj: tool_binmode.c $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c diff --git a/src/Makefile.vc12 b/src/Makefile.vc12 index 544a07388..46abfcb98 100644 --- a/src/Makefile.vc12 +++ b/src/Makefile.vc12 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -191,7 +191,7 @@ DEBUG_OBJS= \ rawstrd.obj \ strtoofftd.obj \ warnlessd.obj \ - slist_wc.obj \ + slist_wcd.obj \ tool_binmoded.obj \ tool_bnamed.obj \ tool_cb_dbgd.obj \ @@ -459,7 +459,7 @@ strtoofftd.obj: ../lib/strtoofft.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c warnlessd.obj: ../lib/warnless.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c -slist_wc.obj: slist_wc.c +slist_wcd.obj: slist_wc.c $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c tool_binmoded.obj: tool_binmode.c $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c diff --git a/src/Makefile.vc14 b/src/Makefile.vc14 index 9719ae868..5c6894de0 100644 --- a/src/Makefile.vc14 +++ b/src/Makefile.vc14 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -191,7 +191,7 @@ DEBUG_OBJS= \ rawstrd.obj \ strtoofftd.obj \ warnlessd.obj \ - slist_wc.obj \ + slist_wcd.obj \ tool_binmoded.obj \ tool_bnamed.obj \ tool_cb_dbgd.obj \ @@ -459,7 +459,7 @@ strtoofftd.obj: ../lib/strtoofft.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c warnlessd.obj: ../lib/warnless.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c -slist_wc.obj: slist_wc.c +slist_wcd.obj: slist_wc.c $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c tool_binmoded.obj: tool_binmode.c $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c diff --git a/src/Makefile.vc6 b/src/Makefile.vc6 index 08ea74e5f..ff82a4df8 100644 --- a/src/Makefile.vc6 +++ b/src/Makefile.vc6 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -191,7 +191,7 @@ DEBUG_OBJS= \ rawstrd.obj \ strtoofftd.obj \ warnlessd.obj \ - slist_wc.obj \ + slist_wcd.obj \ tool_binmoded.obj \ tool_bnamed.obj \ tool_cb_dbgd.obj \ @@ -459,7 +459,7 @@ strtoofftd.obj: ../lib/strtoofft.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c warnlessd.obj: ../lib/warnless.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c -slist_wc.obj: slist_wc.c +slist_wcd.obj: slist_wc.c $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c tool_binmoded.obj: tool_binmode.c $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c diff --git a/src/Makefile.vc7 b/src/Makefile.vc7 index 8861b8406..6c802c8fd 100644 --- a/src/Makefile.vc7 +++ b/src/Makefile.vc7 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -191,7 +191,7 @@ DEBUG_OBJS= \ rawstrd.obj \ strtoofftd.obj \ warnlessd.obj \ - slist_wc.obj \ + slist_wcd.obj \ tool_binmoded.obj \ tool_bnamed.obj \ tool_cb_dbgd.obj \ @@ -459,7 +459,7 @@ strtoofftd.obj: ../lib/strtoofft.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c warnlessd.obj: ../lib/warnless.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c -slist_wc.obj: slist_wc.c +slist_wcd.obj: slist_wc.c $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c tool_binmoded.obj: tool_binmode.c $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c diff --git a/src/Makefile.vc8 b/src/Makefile.vc8 index 004d784c4..efbf306ea 100644 --- a/src/Makefile.vc8 +++ b/src/Makefile.vc8 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -191,7 +191,7 @@ DEBUG_OBJS= \ rawstrd.obj \ strtoofftd.obj \ warnlessd.obj \ - slist_wc.obj \ + slist_wcd.obj \ tool_binmoded.obj \ tool_bnamed.obj \ tool_cb_dbgd.obj \ @@ -459,7 +459,7 @@ strtoofftd.obj: ../lib/strtoofft.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c warnlessd.obj: ../lib/warnless.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c -slist_wc.obj: slist_wc.c +slist_wcd.obj: slist_wc.c $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c tool_binmoded.obj: tool_binmode.c $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c diff --git a/src/Makefile.vc9 b/src/Makefile.vc9 index e2e2a71eb..3ee46e322 100644 --- a/src/Makefile.vc9 +++ b/src/Makefile.vc9 @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1999 - 2015, Daniel Stenberg, , et al. +# Copyright (C) 1999 - 2016, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -191,7 +191,7 @@ DEBUG_OBJS= \ rawstrd.obj \ strtoofftd.obj \ warnlessd.obj \ - slist_wc.obj \ + slist_wcd.obj \ tool_binmoded.obj \ tool_bnamed.obj \ tool_cb_dbgd.obj \ @@ -459,7 +459,7 @@ strtoofftd.obj: ../lib/strtoofft.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/strtoofft.c warnlessd.obj: ../lib/warnless.c $(CCD) $(CFLAGS) /Fo"$@" ../lib/warnless.c -slist_wc.obj: slist_wc.c +slist_wcd.obj: slist_wc.c $(CCD) $(CFLAGS) /Fo"$@" slist_wc.c tool_binmoded.obj: tool_binmode.c $(CCD) $(CFLAGS) /Fo"$@" tool_binmode.c diff --git a/src/checksrc.whitelist b/src/checksrc.whitelist deleted file mode 100644 index b078ac1ae..000000000 --- a/src/checksrc.whitelist +++ /dev/null @@ -1,3 +0,0 @@ - * 'name=@filename,filename2,filename3' - * 'name=@filename;type=image/gif,filename2,filename3' - file = fopen(name, "r"); /* VMS */ diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c index 5be02aad2..f7d835562 100644 --- a/src/tool_cb_hdr.c +++ b/src/tool_cb_hdr.c @@ -48,6 +48,7 @@ size_t tool_header_cb(void *ptr, size_t size, size_t nmemb, void *userdata) const char *str = ptr; const size_t cb = size * nmemb; const char *end = (char*)ptr + cb; + char *url = NULL; /* * Once that libcurl has called back tool_header_cb() the returned value @@ -88,7 +89,9 @@ size_t tool_header_cb(void *ptr, size_t size, size_t nmemb, void *userdata) */ if(hdrcbdata->honor_cd_filename && - (cb > 20) && checkprefix("Content-disposition:", str)) { + (cb > 20) && checkprefix("Content-disposition:", str) && + !curl_easy_getinfo(outs->config->easy, CURLINFO_EFFECTIVE_URL, &url) && + url && (checkprefix("http://", url) || checkprefix("https://", url))) { const char *p = str + 20; /* look for the 'filename=' parameter diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c index 6c2aced55..567123b82 100644 --- a/src/tool_cfgable.c +++ b/src/tool_cfgable.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -41,6 +41,7 @@ void config_init(struct OperationConfig* config) CURLPROTO_SMBS); config->proto_redir_present = FALSE; config->proto_default = NULL; + config->tcp_nodelay = TRUE; /* enabled by default */ } static void free_config_fields(struct OperationConfig *config) @@ -135,9 +136,9 @@ static void free_config_fields(struct OperationConfig *config) curl_slist_free_all(config->telnet_options); curl_slist_free_all(config->resolve); + curl_slist_free_all(config->connect_to); Curl_safefree(config->socksproxy); - Curl_safefree(config->socks5_gssapi_service); Curl_safefree(config->proxy_service_name); Curl_safefree(config->service_name); diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h index fb6c7aec4..aa98fced5 100644 --- a/src/tool_cfgable.h +++ b/src/tool_cfgable.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -151,6 +151,7 @@ struct OperationConfig { struct curl_httppost *last_post; struct curl_slist *telnet_options; struct curl_slist *resolve; + struct curl_slist *connect_to; HttpReq httpreq; /* for bandwidth limiting features: */ @@ -165,16 +166,15 @@ struct OperationConfig { char *socksproxy; /* set to server string */ int socksver; /* set to CURLPROXY_SOCKS* define */ - char *socks5_gssapi_service; /* set service name for gssapi principal - * default rcmd */ - char *proxy_service_name; /* set service name for proxy negotiation - * default HTTP */ - int socks5_gssapi_nec ; /* The NEC reference server does not protect - * the encryption type exchange */ - char *service_name; /* set negotiation service name - * default HTTP */ + int socks5_gssapi_nec; /* The NEC reference server does not protect the + encryption type exchange */ + char *proxy_service_name; /* set authentication service name for HTTP and + SOCKS5 proxies */ + char *service_name; /* set authentication service name for DIGEST-MD5, + Kerberos 5 and SPNEGO */ bool tcp_nodelay; + bool tcp_fastopen; long req_retry; /* number of retries */ long retry_delay; /* delay between retries (in seconds) */ long retry_maxtime; /* maximum time to keep retrying */ diff --git a/src/tool_formparse.c b/src/tool_formparse.c index 76c27a342..de30c5264 100644 --- a/src/tool_formparse.c +++ b/src/tool_formparse.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -323,7 +323,7 @@ int formparse(struct OperationConfig *config, info[i].option = CURLFORM_END; if(curl_formadd(httppost, last_post, - CURLFORM_ARRAY, info, CURLFORM_END ) != 0) { + CURLFORM_ARRAY, info, CURLFORM_END) != 0) { warnf(config->global, "curl_formadd failed, possibly the file %s is " "bad!\n", contp + 1); Curl_safefree(contents); diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 61f50464b..e49acf803 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -64,9 +64,9 @@ struct LongShort { }; static const struct LongShort aliases[]= { - /* all these ones, starting with "*" or "$" as a short-option have *no* - short option to mention. */ - {"*", "url", TRUE}, + /* 'letter' strings with more than one character have *no* short option to + mention. */ + {"*@", "url", TRUE}, {"*4", "dns-ipv4-addr", TRUE}, {"*6", "dns-ipv6-addr", TRUE}, {"*a", "random-file", TRUE}, @@ -106,23 +106,21 @@ static const struct LongShort aliases[]= { {"*u", "crlf", FALSE}, {"*v", "stderr", TRUE}, {"*w", "interface", TRUE}, - {"*x", "krb" , TRUE}, - {"*x", "krb4" , TRUE}, + {"*x", "krb", TRUE}, + {"*x", "krb4", TRUE}, /* 'krb4' is the previous name */ {"*y", "max-filesize", TRUE}, {"*z", "disable-eprt", FALSE}, {"*Z", "eprt", FALSE}, /* 'eprt' made like this to make --no-eprt and --eprt to work although --disable-eprt is the documented option */ + {"*~", "xattr", FALSE}, {"$a", "ftp-ssl", FALSE}, /* 'ftp-ssl' deprecated name since 7.20.0 */ {"$a", "ssl", FALSE}, /* 'ssl' new option name in 7.20.0, previously this was ftp-ssl */ {"$b", "ftp-pasv", FALSE}, {"$c", "socks5", TRUE}, - {"$c", "socks", TRUE}, - /* 'socks' is how the option once was documented but we prefer - the --socks5 version for explicit version */ {"$d", "tcp-nodelay", FALSE}, {"$e", "proxy-digest", FALSE}, {"$f", "proxy-basic", FALSE}, @@ -158,7 +156,6 @@ static const struct LongShort aliases[]= { {"$3", "keepalive-time", TRUE}, {"$4", "post302", FALSE}, {"$5", "noproxy", TRUE}, - {"$6", "socks5-gssapi-service", TRUE}, {"$7", "socks5-gssapi-nec", FALSE}, {"$8", "proxy1.0", TRUE}, {"$9", "tftp-blksize", TRUE}, @@ -176,14 +173,19 @@ static const struct LongShort aliases[]= { {"$L", "test-event", FALSE}, {"$M", "unix-socket", TRUE}, {"$N", "path-as-is", FALSE}, + {"$O", "socks5-gssapi-service", TRUE}, + /* 'socks5-gssapi-service' merged with'proxy-service-name' and + deprecated since 7.49.0 */ {"$O", "proxy-service-name", TRUE}, {"$P", "service-name", TRUE}, {"$Q", "proto-default", TRUE}, {"$R", "expect100-timeout", TRUE}, {"$S", "tftp-no-options", FALSE}, + {"$U", "connect-to", TRUE}, {"0", "http1.0", FALSE}, {"01", "http1.1", FALSE}, {"02", "http2", FALSE}, + {"03", "http2-prior-knowledge", FALSE}, {"1", "tlsv1", FALSE}, {"10", "tlsv1.0", FALSE}, {"11", "tlsv1.1", FALSE}, @@ -212,7 +214,7 @@ static const struct LongShort aliases[]= { {"Ed", "key-type", TRUE}, {"Ee", "pass", TRUE}, {"Ef", "engine", TRUE}, - {"Eg", "capath ", TRUE}, + {"Eg", "capath", TRUE}, {"Eh", "pubkey", TRUE}, {"Ei", "hostpubmd5", TRUE}, {"Ej", "crlfile", TRUE}, @@ -225,6 +227,7 @@ static const struct LongShort aliases[]= { {"Eq", "cert-status", FALSE}, {"Er", "false-start", FALSE}, {"Es", "ssl-no-revoke", FALSE}, + {"Et", "tcp-fastopen", FALSE}, {"f", "fail", FALSE}, {"F", "form", TRUE}, {"Fs", "form-string", TRUE}, @@ -253,8 +256,6 @@ static const struct LongShort aliases[]= { {"O", "remote-name", FALSE}, {"Oa", "remote-name-all", FALSE}, {"p", "proxytunnel", FALSE}, - {"P", "ftpport", TRUE}, - /* 'ftpport' old version */ {"P", "ftp-port", TRUE}, {"q", "disable", FALSE}, {"Q", "quote", TRUE}, @@ -262,8 +263,7 @@ static const struct LongShort aliases[]= { {"R", "remote-time", FALSE}, {"s", "silent", FALSE}, {"S", "show-error", FALSE}, - {"t", "telnet-options", TRUE}, - /* 'telnet-options' documented as telnet-option */ + {"t", "telnet-option", TRUE}, {"T", "upload-file", TRUE}, {"u", "user", TRUE}, {"U", "proxy-user", TRUE}, @@ -272,14 +272,11 @@ static const struct LongShort aliases[]= { {"w", "write-out", TRUE}, {"x", "proxy", TRUE}, {"X", "request", TRUE}, - {"X", "http-request", TRUE}, - /* 'http-request' OBSOLETE VERSION */ {"Y", "speed-limit", TRUE}, {"y", "speed-time", TRUE}, {"z", "time-cond", TRUE}, {"#", "progress-bar", FALSE}, {":", "next", FALSE}, - {"~", "xattr", FALSE}, }; /* Split the argument of -E to 'certname' and 'passphrase' separated by colon. @@ -304,9 +301,12 @@ void parse_cert_parameter(const char *cert_parameter, if(param_length == 0) return; - /* next less trivial: cert_parameter contains no colon nor backslash; this + /* next less trivial: cert_parameter starts 'pkcs11:' and thus + * looks like a RFC7512 PKCS#11 URI which can be used as-is. + * Also if cert_parameter contains no colon nor backslash, this * means no passphrase was given and no characters escaped */ - if(!strpbrk(cert_parameter, ":\\")) { + if(!strncmp(cert_parameter, "pkcs11:", 7) || + !strpbrk(cert_parameter, ":\\")) { *certname = strdup(cert_parameter); return; } @@ -718,8 +718,10 @@ ParameterError getparameter(char *flag, /* f or -long-flag */ case 'Z': /* --eprt */ config->disable_eprt = (!toggle)?TRUE:FALSE; break; - - default: /* the URL! */ + case '~': /* --xattr */ + config->xattr = toggle; + break; + case '@': /* the URL! */ { struct getout *url; if(config->url_get || ((config->url_get = config->url_list) != NULL)) { @@ -900,10 +902,7 @@ ParameterError getparameter(char *flag, /* f or -long-flag */ /* This specifies the noproxy list */ GetStr(&config->noproxy, nextarg); break; - case '6': /* --socks5-gssapi-service */ - GetStr(&config->socks5_gssapi_service, nextarg); - break; - case '7': /* --socks5-gssapi-nec*/ + case '7': /* --socks5-gssapi-nec*/ config->socks5_gssapi_nec = toggle; break; case '8': /* --proxy1.0 */ @@ -1009,6 +1008,11 @@ ParameterError getparameter(char *flag, /* f or -long-flag */ case 'S': /* --tftp-no-options */ config->tftp_no_options = toggle; break; + case 'U': /* --connect-to */ + err = add2list(&config->connect_to, nextarg); + if(err) + return err; + break; } break; case '#': /* --progress-bar */ @@ -1019,9 +1023,6 @@ ParameterError getparameter(char *flag, /* f or -long-flag */ break; case ':': /* --next */ return PARAM_NEXT_OPERATION; - case '~': /* --xattr */ - config->xattr = toggle; - break; case '0': /* --http* options */ switch(subletter) { case '\0': @@ -1036,6 +1037,10 @@ ParameterError getparameter(char *flag, /* f or -long-flag */ /* HTTP version 2.0 */ config->httpversion = CURL_HTTP_VERSION_2_0; break; + case '3': + /* HTTP version 2.0 over clean TCP*/ + config->httpversion = CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE; + break; } break; case '1': /* --tlsv1* options */ @@ -1405,6 +1410,10 @@ ParameterError getparameter(char *flag, /* f or -long-flag */ config->ssl_no_revoke = TRUE; break; + case 't': /* --tcp-fastopen */ + config->tcp_fastopen = TRUE; + break; + default: /* certificate file */ { char *certname, *passphrase; diff --git a/src/tool_help.c b/src/tool_help.c index a1a6fb493..fb428c9ca 100644 --- a/src/tool_help.c +++ b/src/tool_help.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2015, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -58,6 +58,7 @@ static const char *const helptext[] = { " --compressed Request compressed response (using deflate or gzip)", " -K, --config FILE Read config from FILE", " --connect-timeout SECONDS Maximum time allowed for connection", + " --connect-to HOST1:PORT1:HOST2:PORT2 Connect to host (network level)", " -C, --continue-at OFFSET Resumed transfer OFFSET", " -b, --cookie STRING/FILE Read cookies from STRING/FILE (H)", " -c, --cookie-jar FILE Write cookies to FILE after operation (H)", @@ -111,6 +112,7 @@ static const char *const helptext[] = { " -0, --http1.0 Use HTTP 1.0 (H)", " --http1.1 Use HTTP 1.1 (H)", " --http2 Use HTTP 2 (H)", + " --http2-prior-knowledge Use HTTP 2 without HTTP/1.1 Upgrade (H)", " --ignore-content-length Ignore the HTTP Content-Length header", " -i, --include Include protocol headers in the output (H/F)", " -k, --insecure Allow connections to SSL sites without certs (H)", @@ -153,6 +155,7 @@ static const char *const helptext[] = { " --no-sessionid Disable SSL session-ID reusing (SSL)", " --noproxy List of hosts which do not use proxy", " --ntlm Use HTTP NTLM authentication (H)", + " --ntlm-wb Use HTTP NTLM authentication with winbind (H)", " --oauth2-bearer TOKEN OAuth 2 Bearer Token (IMAP, POP3, SMTP)", " -o, --output FILE Write to FILE instead of stdout", " --pass PASS Pass phrase for the private key (SSL/SSH)", @@ -175,6 +178,7 @@ static const char *const helptext[] = { " --proxy-negotiate " "Use HTTP Negotiate (SPNEGO) authentication on the proxy (H)", " --proxy-ntlm Use NTLM authentication on the proxy (H)", + " --proxy-header LINE Pass custom header LINE to proxy (H)", " --proxy-service-name NAME SPNEGO proxy service name", " --service-name NAME SPNEGO service name", " -U, --proxy-user USER[:PASSWORD] Proxy user and password", @@ -219,6 +223,7 @@ static const char *const helptext[] = { " --ssl-no-revoke Disable cert revocation checks (WinSSL)", " --stderr FILE Where to redirect stderr (use \"-\" for stdout)", " --tcp-nodelay Use the TCP_NODELAY option", + " --tcp-fastopen Use TCP Fast Open", " -t, --telnet-option OPT=VAL Set telnet option", " --tftp-blksize VALUE Set TFTP BLKSIZE option (must be >512)", " --tftp-no-options Do not send TFTP options requests", @@ -247,7 +252,7 @@ static const char *const helptext[] = { #endif " -w, --write-out FORMAT Use output FORMAT after completion", " --xattr Store metadata in extended file attributes", - " -q Disable .curlrc (must be first parameter)", + " -q, --disable Disable .curlrc (must be first parameter)", NULL }; diff --git a/src/tool_helpers.c b/src/tool_helpers.c index fef14596f..14bc7668c 100644 --- a/src/tool_helpers.c +++ b/src/tool_helpers.c @@ -35,7 +35,7 @@ #include "memdebug.h" /* keep this as LAST include */ /* -** Helper functions that are used from more tha one source file. +** Helper functions that are used from more than one source file. */ const char *param2text(int res) diff --git a/src/tool_hugehelp.c b/src/tool_hugehelp.c index e2dfe8de7..75350e1e0 100644 --- a/src/tool_hugehelp.c +++ b/src/tool_hugehelp.c @@ -2,7 +2,7 @@ #ifndef HAVE_LIBZ /* * NEVER EVER edit this manually, fix the mkhelp.pl script instead! - * Generation time: Tue Mar 22 10:34:41 2016 + * Generation time: Wed Sep 7 07:46:52 2016 */ #ifdef USE_MANUAL #include "tool_hugehelp.h" @@ -51,18 +51,18 @@ void hugehelp(void) "\n" " or you can get sequences of alphanumeric series by using [] as in:\n" "\n" -" ftp://ftp.numericals.com/file[1-100].txt\n" +" ftp://ftp.example.com/file[1-100].txt\n" "\n" , stdout); fputs( -" ftp://ftp.numericals.com/file[001-100].txt (with leading zeros)\n" +" ftp://ftp.example.com/file[001-100].txt (with leading zeros)\n" "\n" -" ftp://ftp.letters.com/file[a-z].txt\n" +" ftp://ftp.example.com/file[a-z].txt\n" "\n" " Nested sequences are not supported, but you can use several ones next\n" " to each other:\n" "\n" -" http://any.org/archive[1996-1999]/vol[1-4]/part{a,b,c}.html\n" +" http://example.com/archive[1996-1999]/vol[1-4]/part{a,b,c}.html\n" "\n" " You can specify any amount of URLs on the command line. They will be\n" " fetched in a sequential manner in the specified order.\n" @@ -72,9 +72,9 @@ void hugehelp(void) " You can specify a step counter for the ranges to get every Nth number\n" " or letter:\n" "\n" -" http://www.numericals.com/file[1-100:10].txt\n" +" http://example.com/file[1-100:10].txt\n" "\n" -" http://www.letters.com/file[a-z:2].txt\n" +" http://example.com/file[a-z:2].txt\n" "\n" " When using [] or {} sequences when invoked from a command line prompt,\n" " you probably have to put the full URL within double quotes to avoid the\n" @@ -111,12 +111,14 @@ void hugehelp(void) "PROGRESS METER\n" " curl normally displays a progress meter during operations, indicating\n" " the amount of transferred data, transfer speeds and estimated time\n" -" left, etc.\n" +" left, etc. The progress meter displays number of bytes and the speeds\n" +" are in bytes per second. The suffixes (k, M, G, T, P) are 1024 based.\n" +" For example 1k is 1024 bytes. 1M is 1048576 bytes.\n" "\n" -" curl displays this data to the terminal by default, so if you invoke\n" -" curl to do an operation and it is about to write data to the terminal,\n" , stdout); fputs( +" curl displays this data to the terminal by default, so if you invoke\n" +" curl to do an operation and it is about to write data to the terminal,\n" " it disables the progress meter as otherwise it would mess up the output\n" " mixing progress meter and response data.\n" "\n" @@ -124,11 +126,11 @@ void hugehelp(void) " redirect the response output to a file, using shell redirect (>), -o\n" " [file] or similar.\n" "\n" +, stdout); + fputs( " It is not the same case for FTP upload as that operation does not spit\n" " out any response data to the terminal.\n" "\n" -, stdout); - fputs( " If you prefer a progress \"bar\" instead of the regular meter, -# is your\n" " friend.\n" "OPTIONS\n" @@ -136,44 +138,44 @@ void hugehelp(void) " additional value next to them.\n" "\n" " The short \"single-dash\" form of the options, -d for example, may be\n" -" used with or without a space between it and its value, although a space\n" -" is a recommended separator. The long \"double-dash\" form, --data for\n" , stdout); fputs( +" used with or without a space between it and its value, although a space\n" +" is a recommended separator. The long \"double-dash\" form, --data for\n" " example, requires a space between it and its value.\n" "\n" " Short version options that don't need any additional values can be used\n" " immediately next to each other, like for example you can specify all\n" " the options -O, -L and -v at once as -OLv.\n" "\n" -" In general, all boolean options are enabled with --option and yet again\n" -" disabled with --no-option. That is, you use the exact same option name\n" , stdout); fputs( +" In general, all boolean options are enabled with --option and yet again\n" +" disabled with --no-option. That is, you use the exact same option name\n" " but prefix it with \"no-\". However, in this list we mostly only list and\n" " show the --option version of them. (This concept with --no options was\n" " added in 7.19.0. Previously most options were toggled on/off on\n" " repeated use of the same command line option.)\n" "\n" " -#, --progress-bar\n" +, stdout); + fputs( " Make curl display progress as a simple progress bar instead of\n" " the standard, more informational, meter.\n" "\n" " -:, --next\n" -, stdout); - fputs( " Tells curl to use a separate operation for the following URL and\n" " associated options. This allows you to send several URL\n" " requests, each with their own specific options, for example,\n" " such as different user names or custom requests for each. (Added\n" " in 7.36.0)\n" "\n" +, stdout); + fputs( " -0, --http1.0\n" " (HTTP) Tells curl to use HTTP version 1.0 instead of using its\n" " internally preferred: HTTP 1.1.\n" "\n" -, stdout); - fputs( " --http1.1\n" " (HTTP) Tells curl to use HTTP version 1.1. This is the internal\n" " default version. (Added in 7.33.0)\n" @@ -183,143 +185,157 @@ void hugehelp(void) " requires that the underlying libcurl was built to support it.\n" " (Added in 7.33.0)\n" "\n" -" --no-npn\n" -" Disable the NPN TLS extension. NPN is enabled by default if\n" , stdout); fputs( -" libcurl was built with an SSL library that supports NPN. NPN is\n" -" used by a libcurl that supports HTTP 2 to negotiate HTTP 2 sup-\n" +" --http2-prior-knowledge\n" +" (HTTP) Tells curl to issue its non-TLS HTTP requests using\n" +" HTTP/2 without HTTP/1.1 Upgrade. It requires prior knowledge\n" +" that the server supports HTTP/2 straight away. HTTPS requests\n" +" will still do HTTP/2 the standard way with negotiated protocol\n" +" version in the TLS handshake.\n" +"\n" +" HTTP/2 support in general also requires that the underlying\n" +, stdout); + fputs( +" libcurl was built to support it. (Added in 7.49.0)\n" +"\n" +" --no-npn\n" +" Disable the NPN TLS extension. NPN is enabled by default if\n" +" libcurl was built with an SSL library that supports NPN. NPN is\n" +" used by a libcurl that supports HTTP 2 to negotiate HTTP 2 sup-\n" " port with the server during https sessions.\n" "\n" " (Added in 7.36.0)\n" "\n" " --no-alpn\n" -" Disable the ALPN TLS extension. ALPN is enabled by default if\n" -" libcurl was built with an SSL library that supports ALPN. ALPN\n" , stdout); fputs( -" is used by a libcurl that supports HTTP 2 to negotiate HTTP 2\n" +" Disable the ALPN TLS extension. ALPN is enabled by default if\n" +" libcurl was built with an SSL library that supports ALPN. ALPN\n" +" is used by a libcurl that supports HTTP 2 to negotiate HTTP 2\n" " support with the server during https sessions.\n" "\n" " (Added in 7.36.0)\n" "\n" " -1, --tlsv1\n" " (SSL) Forces curl to use TLS version 1.x when negotiating with a\n" -" remote TLS server. You can use options --tlsv1.0, --tlsv1.1,\n" -" and --tlsv1.2 to control the TLS version more precisely (if the\n" -" SSL backend in use supports such a level of control).\n" -"\n" , stdout); fputs( +" remote TLS server. You can use options --tlsv1.0, --tlsv1.1,\n" +" and --tlsv1.2 to control the TLS version more precisely (if the\n" +" SSL backend in use supports such a level of control).\n" +"\n" " -2, --sslv2\n" -" (SSL) Forces curl to use SSL version 2 when negotiating with a\n" -" remote SSL server. Sometimes curl is built without SSLv2 sup-\n" +" (SSL) Forces curl to use SSL version 2 when negotiating with a\n" +" remote SSL server. Sometimes curl is built without SSLv2 sup-\n" " port. SSLv2 is widely considered insecure (see RFC 6176).\n" "\n" " -3, --sslv3\n" -" (SSL) Forces curl to use SSL version 3 when negotiating with a\n" -" remote SSL server. Sometimes curl is built without SSLv3 sup-\n" -" port. SSLv3 is widely considered insecure (see RFC 7568).\n" -"\n" , stdout); fputs( +" (SSL) Forces curl to use SSL version 3 when negotiating with a\n" +" remote SSL server. Sometimes curl is built without SSLv3 sup-\n" +" port. SSLv3 is widely considered insecure (see RFC 7568).\n" +"\n" " -4, --ipv4\n" -" This option tells curl to resolve names to IPv4 addresses only,\n" +" This option tells curl to resolve names to IPv4 addresses only,\n" " and not for example try IPv6.\n" "\n" " -6, --ipv6\n" -" This option tells curl to resolve names to IPv6 addresses only,\n" +" This option tells curl to resolve names to IPv6 addresses only,\n" +, stdout); + fputs( " and not for example try IPv4.\n" "\n" " -a, --append\n" " (FTP/SFTP) When used in an upload, this makes curl append to the\n" -" target file instead of overwriting it. If the remote file\n" -, stdout); - fputs( -" doesn't exist, it will be created. Note that this flag is\n" +" target file instead of overwriting it. If the remote file\n" +" doesn't exist, it will be created. Note that this flag is\n" " ignored by some SFTP servers (including OpenSSH).\n" "\n" " -A, --user-agent \n" " (HTTP) Specify the User-Agent string to send to the HTTP server.\n" -" Some badly done CGIs fail if this field isn't set to\n" -" \"Mozilla/4.0\". To encode blanks in the string, surround the\n" -" string with single quote marks. This can also be set with the\n" , stdout); fputs( +" Some badly done CGIs fail if this field isn't set to\n" +" \"Mozilla/4.0\". To encode blanks in the string, surround the\n" +" string with single quote marks. This can also be set with the\n" " -H, --header option of course.\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " --anyauth\n" " (HTTP) Tells curl to figure out authentication method by itself,\n" -" and use the most secure one the remote site claims to support.\n" -" This is done by first doing a request and checking the response-\n" -" headers, thus possibly inducing an extra network round-trip.\n" , stdout); fputs( -" This is used instead of setting a specific authentication\n" -" method, which you can do with --basic, --digest, --ntlm, and\n" +" and use the most secure one the remote site claims to support.\n" +" This is done by first doing a request and checking the response-\n" +" headers, thus possibly inducing an extra network round-trip.\n" +" This is used instead of setting a specific authentication\n" +" method, which you can do with --basic, --digest, --ntlm, and\n" " --negotiate.\n" "\n" -" Note that using --anyauth is not recommended if you do uploads\n" -" from stdin, since it may require data to be sent twice and then\n" +, stdout); + fputs( +" Note that using --anyauth is not recommended if you do uploads\n" +" from stdin, since it may require data to be sent twice and then\n" " the client must be able to rewind. If the need should arise when\n" " uploading from stdin, the upload operation will fail.\n" "\n" +" -b, --cookie \n" +" (HTTP) Pass the data to the HTTP server as a cookie. It is sup-\n" +" posedly the data previously received from the server in a \"Set-\n" , stdout); fputs( -" -b, --cookie \n" -" (HTTP) Pass the data to the HTTP server as a cookie. It is sup-\n" -" posedly the data previously received from the server in a \"Set-\n" -" Cookie:\" line. The data should be in the format \"NAME1=VALUE1;\n" +" Cookie:\" line. The data should be in the format \"NAME1=VALUE1;\n" " NAME2=VALUE2\".\n" "\n" -" If no '=' symbol is used in the line, it is treated as a file-\n" -" name to use to read previously stored cookie lines from, which\n" +" If no '=' symbol is used in the line, it is treated as a file-\n" +" name to use to read previously stored cookie lines from, which\n" +" should be used in this session if they match. Using this method\n" +" also activates the cookie engine which will make curl record\n" , stdout); fputs( -" should be used in this session if they match. Using this method\n" -" also activates the cookie engine which will make curl record\n" " incoming cookies too, which may be handy if you're using this in\n" -" combination with the -L, --location option. The file format of\n" +" combination with the -L, --location option. The file format of\n" " the file to read cookies from should be plain HTTP headers (Set-\n" " Cookie style) or the Netscape/Mozilla cookie file format.\n" "\n" +" The file specified with -b, --cookie is only used as input. No\n" +" cookies will be written to the file. To store cookies, use the\n" , stdout); fputs( -" The file specified with -b, --cookie is only used as input. No\n" -" cookies will be written to the file. To store cookies, use the\n" " -c, --cookie-jar option.\n" "\n" -" Exercise caution if you are using this option and multiple\n" +" Exercise caution if you are using this option and multiple\n" " transfers may occur. If you use the NAME1=VALUE1; format, or in\n" -" a file use the Set-Cookie format and don't specify a domain,\n" -, stdout); - fputs( +" a file use the Set-Cookie format and don't specify a domain,\n" " then the cookie is sent for any domain (even after redirects are\n" -" followed) and cannot be modified by a server-set cookie. If the\n" -" cookie engine is enabled and a server sets a cookie of the same\n" -" name then both will be sent on a future transfer to that server,\n" -" likely not what you intended. To address these issues set a\n" -" domain in Set-Cookie (doing that will include sub-domains) or\n" +" followed) and cannot be modified by a server-set cookie. If the\n" , stdout); fputs( +" cookie engine is enabled and a server sets a cookie of the same\n" +" name then both will be sent on a future transfer to that server,\n" +" likely not what you intended. To address these issues set a\n" +" domain in Set-Cookie (doing that will include sub-domains) or\n" " use the Netscape format.\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " -B, --use-ascii\n" -" (FTP/LDAP) Enable ASCII transfer. For FTP, this can also be\n" -" enforced by using an URL that ends with \";type=A\". This option\n" +, stdout); + fputs( +" (FTP/LDAP) Enable ASCII transfer. For FTP, this can also be\n" +" enforced by using an URL that ends with \";type=A\". This option\n" " causes data sent to stdout to be in text mode for win32 systems.\n" "\n" " --basic\n" -" (HTTP) Tells curl to use HTTP Basic authentication with the\n" +" (HTTP) Tells curl to use HTTP Basic authentication with the\n" +" remote host. This is the default and this option is usually\n" +" pointless, unless you use it to override a previously set option\n" , stdout); fputs( -" remote host. This is the default and this option is usually\n" -" pointless, unless you use it to override a previously set option\n" -" that sets a different authentication method (such as --ntlm,\n" +" that sets a different authentication method (such as --ntlm,\n" " --digest, or --negotiate).\n" "\n" " Used together with -u, --user and -x, --proxy.\n" @@ -327,263 +343,263 @@ void hugehelp(void) " See also --proxy-basic.\n" "\n" " -c, --cookie-jar \n" -" (HTTP) Specify to which file you want curl to write all cookies\n" +" (HTTP) Specify to which file you want curl to write all cookies\n" +" after a completed operation. Curl writes all cookies previously\n" +" read from a specified file as well as all cookies received from\n" , stdout); fputs( -" after a completed operation. Curl writes all cookies previously\n" -" read from a specified file as well as all cookies received from\n" " remote server(s). If no cookies are known, no data will be writ-\n" -" ten. The file will be written using the Netscape cookie file\n" -" format. If you set the file name to a single dash, \"-\", the\n" +" ten. The file will be written using the Netscape cookie file\n" +" format. If you set the file name to a single dash, \"-\", the\n" " cookies will be written to stdout.\n" "\n" -, stdout); - fputs( -" This command line option will activate the cookie engine that\n" +" This command line option will activate the cookie engine that\n" " makes curl record and use cookies. Another way to activate it is\n" " to use the -b, --cookie option.\n" "\n" -" If the cookie jar can't be created or written to, the whole curl\n" -" operation won't fail or even report an error clearly. Using -v\n" -" will get a warning displayed, but that is the only visible feed-\n" , stdout); fputs( +" If the cookie jar can't be created or written to, the whole curl\n" +" operation won't fail or even report an error clearly. Using -v\n" +" will get a warning displayed, but that is the only visible feed-\n" " back you get about this possibly lethal situation.\n" "\n" " Since 7.43.0 cookies that were imported in the Set-Cookie format\n" " without a domain name are not exported by this option.\n" "\n" -" If this option is used several times, the last specified file\n" +, stdout); + fputs( +" If this option is used several times, the last specified file\n" " name will be used.\n" "\n" " -C, --continue-at \n" -" Continue/Resume a previous file transfer at the given offset.\n" +" Continue/Resume a previous file transfer at the given offset.\n" +" The given offset is the exact number of bytes that will be\n" +" skipped, counting from the beginning of the source file before\n" +" it is transferred to the destination. If used with uploads, the\n" , stdout); fputs( -" The given offset is the exact number of bytes that will be\n" -" skipped, counting from the beginning of the source file before\n" -" it is transferred to the destination. If used with uploads, the\n" " FTP server command SIZE will not be used by curl.\n" "\n" -" Use \"-C -\" to tell curl to automatically find out where/how to\n" -" resume the transfer. It then uses the given output/input files\n" +" Use \"-C -\" to tell curl to automatically find out where/how to\n" +" resume the transfer. It then uses the given output/input files\n" " to figure that out.\n" "\n" -, stdout); - fputs( " If this option is used several times, the last one will be used.\n" "\n" " --ciphers \n" " (SSL) Specifies which ciphers to use in the connection. The list\n" -" of ciphers must specify valid ciphers. Read up on SSL cipher\n" -" list details on this URL:\n" +, stdout); + fputs( +" of ciphers must specify valid ciphers. Read up on SSL cipher\n" +" list details on this URL:\n" " https://www.openssl.org/docs/apps/ciphers.html\n" "\n" -" NSS ciphers are done differently than OpenSSL and GnuTLS. The\n" +" NSS ciphers are done differently than OpenSSL and GnuTLS. The\n" +" full list of NSS ciphers is in the NSSCipherSuite entry at this\n" +" URL: https://git.fedora-\n" , stdout); fputs( -" full list of NSS ciphers is in the NSSCipherSuite entry at this\n" -" URL: https://git.fedora-\n" " hosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " --compressed\n" " (HTTP) Request a compressed response using one of the algorithms\n" -" curl supports, and save the uncompressed document. If this\n" -, stdout); - fputs( -" option is used and the server sends an unsupported encoding,\n" +" curl supports, and save the uncompressed document. If this\n" +" option is used and the server sends an unsupported encoding,\n" " curl will report an error.\n" "\n" " --connect-timeout \n" -" Maximum time in seconds that you allow curl's connection to\n" -" take. This only limits the connection phase, so if curl con-\n" -" nects within the given period it will continue - if not it will\n" -" exit. Since version 7.32.0, this option accepts decimal values.\n" -"\n" , stdout); fputs( +" Maximum time in seconds that you allow curl's connection to\n" +" take. This only limits the connection phase, so if curl con-\n" +" nects within the given period it will continue - if not it will\n" +" exit. Since version 7.32.0, this option accepts decimal values.\n" +"\n" " See also the -m, --max-time option.\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " --create-dirs\n" -" When used in conjunction with the -o option, curl will create\n" -" the necessary local directory hierarchy as needed. This option\n" -" creates the dirs mentioned with the -o option, nothing else. If\n" -" the -o file name uses no dir or if the dirs it mentions already\n" , stdout); fputs( +" When used in conjunction with the -o option, curl will create\n" +" the necessary local directory hierarchy as needed. This option\n" +" creates the dirs mentioned with the -o option, nothing else. If\n" +" the -o file name uses no dir or if the dirs it mentions already\n" " exist, no dir will be created.\n" "\n" -" To create remote directories when using FTP or SFTP, try --ftp-\n" +" To create remote directories when using FTP or SFTP, try --ftp-\n" " create-dirs.\n" "\n" +, stdout); + fputs( " --crlf Convert LF to CRLF in upload. Useful for MVS (OS/390).\n" "\n" " (SMTP added in 7.40.0)\n" "\n" " --crlfile \n" -" (HTTPS/FTPS) Provide a file using PEM format with a Certificate\n" -" Revocation List that may specify peer certificates that are to\n" +" (HTTPS/FTPS) Provide a file using PEM format with a Certificate\n" +" Revocation List that may specify peer certificates that are to\n" " be considered revoked.\n" "\n" -, stdout); - fputs( " If this option is used several times, the last one will be used.\n" "\n" " (Added in 7.19.7)\n" " -d, --data \n" -" (HTTP) Sends the specified data in a POST request to the HTTP\n" -" server, in the same way that a browser does when a user has\n" -" filled in an HTML form and presses the submit button. This will\n" -" cause curl to pass the data to the server using the content-type\n" , stdout); fputs( +" (HTTP) Sends the specified data in a POST request to the HTTP\n" +" server, in the same way that a browser does when a user has\n" +" filled in an HTML form and presses the submit button. This will\n" +" cause curl to pass the data to the server using the content-type\n" " application/x-www-form-urlencoded. Compare to -F, --form.\n" "\n" " -d, --data is the same as --data-ascii. --data-raw is almost the\n" +, stdout); + fputs( " same but does not have a special interpretation of the @ charac-\n" -" ter. To post data purely binary, you should instead use the\n" -" --data-binary option. To URL-encode the value of a form field\n" +" ter. To post data purely binary, you should instead use the\n" +" --data-binary option. To URL-encode the value of a form field\n" " you may use --data-urlencode.\n" "\n" +" If any of these options is used more than once on the same com-\n" +" mand line, the data pieces specified will be merged together\n" , stdout); fputs( -" If any of these options is used more than once on the same com-\n" -" mand line, the data pieces specified will be merged together\n" -" with a separating &-symbol. Thus, using '-d name=daniel -d\n" +" with a separating &-symbol. Thus, using '-d name=daniel -d\n" " skill=lousy' would generate a post chunk that looks like\n" " 'name=daniel&skill=lousy'.\n" "\n" -" If you start the data with the letter @, the rest should be a\n" -, stdout); - fputs( -" file name to read the data from, or - if you want curl to read\n" +" If you start the data with the letter @, the rest should be a\n" +" file name to read the data from, or - if you want curl to read\n" " the data from stdin. Multiple files can also be specified. Post-\n" -" ing data from a file named 'foobar' would thus be done with\n" -" --data @foobar. When --data is told to read from a file like\n" -" that, carriage returns and newlines will be stripped out. If you\n" -" don't want the @ character to have a special interpretation use\n" , stdout); fputs( +" ing data from a file named 'foobar' would thus be done with\n" +" --data @foobar. When --data is told to read from a file like\n" +" that, carriage returns and newlines will be stripped out. If you\n" +" don't want the @ character to have a special interpretation use\n" " --data-raw instead.\n" "\n" " -D, --dump-header \n" " Write the protocol headers to the specified file.\n" "\n" -" This option is handy to use when you want to store the headers\n" -" that an HTTP site sends to you. Cookies from the headers could\n" -" then be read in a second curl invocation by using the -b,\n" -" --cookie option! The -c, --cookie-jar option is a better way to\n" -" store cookies.\n" -"\n" , stdout); fputs( -" When used in FTP, the FTP server response lines are considered\n" +" This option is handy to use when you want to store the headers\n" +" that an HTTP site sends to you. Cookies from the headers could\n" +" then be read in a second curl invocation by using the -b,\n" +" --cookie option! The -c, --cookie-jar option is a better way to\n" +" store cookies.\n" +"\n" +" When used in FTP, the FTP server response lines are considered\n" " being \"headers\" and thus are saved there.\n" "\n" +, stdout); + fputs( " If this option is used several times, the last one will be used.\n" "\n" " --data-ascii \n" " See -d, --data.\n" "\n" " --data-binary \n" -" (HTTP) This posts data exactly as specified with no extra pro-\n" +" (HTTP) This posts data exactly as specified with no extra pro-\n" " cessing whatsoever.\n" "\n" -" If you start the data with the letter @, the rest should be a\n" +" If you start the data with the letter @, the rest should be a\n" +" filename. Data is posted in a similar manner as --data-ascii\n" , stdout); fputs( -" filename. Data is posted in a similar manner as --data-ascii\n" -" does, except that newlines and carriage returns are preserved\n" +" does, except that newlines and carriage returns are preserved\n" " and conversions are never done.\n" "\n" -" If this option is used several times, the ones following the\n" +" If this option is used several times, the ones following the\n" " first will append data as described in -d, --data.\n" "\n" " --data-raw \n" -" (HTTP) This posts data similarly to --data but without the spe-\n" -, stdout); - fputs( -" cial interpretation of the @ character. See -d, --data. (Added\n" +" (HTTP) This posts data similarly to --data but without the spe-\n" +" cial interpretation of the @ character. See -d, --data. (Added\n" " in 7.43.0)\n" "\n" +, stdout); + fputs( " --data-urlencode \n" " (HTTP) This posts data, similar to the other --data options with\n" " the exception that this performs URL-encoding. (Added in 7.18.0)\n" -" To be CGI-compliant, the part should begin with a name\n" -" followed by a separator and a content specification. The \n" -, stdout); - fputs( +" To be CGI-compliant, the part should begin with a name\n" +" followed by a separator and a content specification. The \n" " part can be passed to curl using one of the following syntaxes:\n" "\n" " content\n" -" This will make curl URL-encode the content and pass that\n" -" on. Just be careful so that the content doesn't contain\n" -" any = or @ symbols, as that will then make the syntax\n" +, stdout); + fputs( +" This will make curl URL-encode the content and pass that\n" +" on. Just be careful so that the content doesn't contain\n" +" any = or @ symbols, as that will then make the syntax\n" " match one of the other cases below!\n" "\n" " =content\n" -" This will make curl URL-encode the content and pass that\n" -, stdout); - fputs( +" This will make curl URL-encode the content and pass that\n" " on. The preceding = symbol is not included in the data.\n" "\n" +, stdout); + fputs( " name=content\n" -" This will make curl URL-encode the content part and pass\n" -" that on. Note that the name part is expected to be URL-\n" +" This will make curl URL-encode the content part and pass\n" +" that on. Note that the name part is expected to be URL-\n" " encoded already.\n" "\n" " @filename\n" -" This will make curl load data from the given file\n" -" (including any newlines), URL-encode that data and pass\n" -, stdout); - fputs( +" This will make curl load data from the given file\n" +" (including any newlines), URL-encode that data and pass\n" " it on in the POST.\n" "\n" " name@filename\n" -" This will make curl load data from the given file\n" -" (including any newlines), URL-encode that data and pass\n" -" it on in the POST. The name part gets an equal sign\n" +, stdout); + fputs( +" This will make curl load data from the given file\n" +" (including any newlines), URL-encode that data and pass\n" +" it on in the POST. The name part gets an equal sign\n" " appended, resulting in name=urlencoded-file-content. Note\n" " that the name is expected to be URL-encoded already.\n" "\n" " --delegation LEVEL\n" +" Set LEVEL to tell the server what it is allowed to delegate when\n" , stdout); fputs( -" Set LEVEL to tell the server what it is allowed to delegate when\n" " it comes to user credentials. Used with GSS/kerberos.\n" "\n" " none Don't allow any delegation.\n" "\n" -" policy Delegates if and only if the OK-AS-DELEGATE flag is set\n" -" in the Kerberos service ticket, which is a matter of\n" +" policy Delegates if and only if the OK-AS-DELEGATE flag is set\n" +" in the Kerberos service ticket, which is a matter of\n" " realm policy.\n" "\n" " always Unconditionally allow the server to delegate.\n" "\n" " --digest\n" +" (HTTP) Enables HTTP Digest authentication. This is an authenti-\n" , stdout); fputs( -" (HTTP) Enables HTTP Digest authentication. This is an authenti-\n" -" cation scheme that prevents the password from being sent over\n" -" the wire in clear text. Use this in combination with the normal\n" -" -u, --user option to set user name and password. See also\n" +" cation scheme that prevents the password from being sent over\n" +" the wire in clear text. Use this in combination with the normal\n" +" -u, --user option to set user name and password. See also\n" " --ntlm, --negotiate and --anyauth for related options.\n" "\n" -" If this option is used several times, only the first one is\n" +" If this option is used several times, only the first one is\n" " used.\n" "\n" +" --disable-eprt\n" , stdout); fputs( -" --disable-eprt\n" " (FTP) Tell curl to disable the use of the EPRT and LPRT commands\n" " when doing active FTP transfers. Curl will normally always first\n" -" attempt to use EPRT, then LPRT before using PORT, but with this\n" -" option, it will use PORT right away. EPRT and LPRT are exten-\n" -" sions to the original FTP protocol, and may not work on all\n" +" attempt to use EPRT, then LPRT before using PORT, but with this\n" +" option, it will use PORT right away. EPRT and LPRT are exten-\n" +" sions to the original FTP protocol, and may not work on all\n" " servers, but they enable more functionality in a better way than\n" , stdout); fputs( @@ -592,25 +608,25 @@ void hugehelp(void) " --eprt can be used to explicitly enable EPRT again and --no-eprt\n" " is an alias for --disable-eprt.\n" "\n" -" If the server is an IPv6 host, this option will have no effect\n" +" If the server is an IPv6 host, this option will have no effect\n" " as EPRT is necessary then.\n" "\n" -" Disabling EPRT only changes the active behavior. If you want to\n" -" switch to passive mode you need to not use -P, --ftp-port or\n" +" Disabling EPRT only changes the active behavior. If you want to\n" +" switch to passive mode you need to not use -P, --ftp-port or\n" " force it with --ftp-pasv.\n" "\n" , stdout); fputs( " --disable-epsv\n" -" (FTP) Tell curl to disable the use of the EPSV command when\n" -" doing passive FTP transfers. Curl will normally always first\n" -" attempt to use EPSV before PASV, but with this option, it will\n" +" (FTP) Tell curl to disable the use of the EPSV command when\n" +" doing passive FTP transfers. Curl will normally always first\n" +" attempt to use EPSV before PASV, but with this option, it will\n" " not try using EPSV.\n" "\n" " --epsv can be used to explicitly enable EPSV again and --no-epsv\n" " is an alias for --disable-epsv.\n" "\n" -" If the server is an IPv6 host, this option will have no effect\n" +" If the server is an IPv6 host, this option will have no effect\n" , stdout); fputs( " as EPSV is necessary then.\n" @@ -619,49 +635,49 @@ void hugehelp(void) " switch to active mode you need to use -P, --ftp-port.\n" "\n" " --dns-interface \n" -" Tell curl to send outgoing DNS requests through .\n" -" This option is a counterpart to --interface (which does not\n" -" affect DNS). The supplied string must be an interface name (not\n" +" Tell curl to send outgoing DNS requests through .\n" +" This option is a counterpart to --interface (which does not\n" +" affect DNS). The supplied string must be an interface name (not\n" " an address).\n" "\n" , stdout); fputs( -" This option requires that libcurl was built with a resolver\n" -" backend that supports this operation. The c-ares backend is the\n" +" This option requires that libcurl was built with a resolver\n" +" backend that supports this operation. The c-ares backend is the\n" " only such one. (Added in 7.33.0)\n" "\n" " --dns-ipv4-addr \n" " Tell curl to bind to when making IPv4 DNS requests,\n" -" so that the DNS requests originate from this address. The argu-\n" +" so that the DNS requests originate from this address. The argu-\n" " ment should be a single IPv4 address.\n" "\n" , stdout); fputs( -" This option requires that libcurl was built with a resolver\n" -" backend that supports this operation. The c-ares backend is the\n" +" This option requires that libcurl was built with a resolver\n" +" backend that supports this operation. The c-ares backend is the\n" " only such one. (Added in 7.33.0)\n" "\n" " --dns-ipv6-addr \n" " Tell curl to bind to when making IPv6 DNS requests,\n" -" so that the DNS requests originate from this address. The argu-\n" +" so that the DNS requests originate from this address. The argu-\n" " ment should be a single IPv6 address.\n" "\n" , stdout); fputs( -" This option requires that libcurl was built with a resolver\n" -" backend that supports this operation. The c-ares backend is the\n" +" This option requires that libcurl was built with a resolver\n" +" backend that supports this operation. The c-ares backend is the\n" " only such one. (Added in 7.33.0)\n" "\n" " --dns-servers \n" -" Set the list of DNS servers to be used instead of the system\n" +" Set the list of DNS servers to be used instead of the system\n" " default. The list of IP addresses should be separated with com-\n" " mas. Port numbers may also optionally be given as :\n" , stdout); fputs( " after each IP address.\n" "\n" -" This option requires that libcurl was built with a resolver\n" -" backend that supports this operation. The c-ares backend is the\n" +" This option requires that libcurl was built with a resolver\n" +" backend that supports this operation. The c-ares backend is the\n" " only such one. (Added in 7.33.0)\n" "\n" " -e, --referer \n" @@ -671,83 +687,83 @@ void hugehelp(void) fputs( " used with -L, --location you can append \";auto\" to the --referer\n" " URL to make curl automatically set the previous URL when it fol-\n" -" lows a Location: header. The \";auto\" string can be used alone,\n" +" lows a Location: header. The \";auto\" string can be used alone,\n" " even if you don't set an initial --referer.\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " -E, --cert \n" -" (SSL) Tells curl to use the specified client certificate file\n" +" (SSL) Tells curl to use the specified client certificate file\n" , stdout); fputs( " when getting a file with HTTPS, FTPS or another SSL-based proto-\n" -" col. The certificate must be in PKCS#12 format if using Secure\n" -" Transport, or PEM format if using any other engine. If the\n" +" col. The certificate must be in PKCS#12 format if using Secure\n" +" Transport, or PEM format if using any other engine. If the\n" " optional password isn't specified, it will be queried for on the\n" -" terminal. Note that this option assumes a \"certificate\" file\n" +" terminal. Note that this option assumes a \"certificate\" file\n" " that is the private key and the client certificate concatenated!\n" , stdout); fputs( " See --cert and --key to specify them independently.\n" "\n" -" If curl is built against the NSS SSL library then this option\n" -" can tell curl the nickname of the certificate to use within the\n" -" NSS database defined by the environment variable SSL_DIR (or by\n" -" default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (lib-\n" -" nsspem.so) is available then PEM files may be loaded. If you\n" +" If curl is built against the NSS SSL library then this option\n" +" can tell curl the nickname of the certificate to use within the\n" +" NSS database defined by the environment variable SSL_DIR (or by\n" +" default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (lib-\n" +" nsspem.so) is available then PEM files may be loaded. If you\n" , stdout); fputs( " want to use a file from the current directory, please precede it\n" -" with \"./\" prefix, in order to avoid confusion with a nickname.\n" -" If the nickname contains \":\", it needs to be preceded by \"\\\" so\n" -" that it is not recognized as password delimiter. If the nick-\n" -" name contains \"\\\", it needs to be escaped as \"\\\\\" so that it is\n" +" with \"./\" prefix, in order to avoid confusion with a nickname.\n" +" If the nickname contains \":\", it needs to be preceded by \"\\\" so\n" +" that it is not recognized as password delimiter. If the nick-\n" +" name contains \"\\\", it needs to be escaped as \"\\\\\" so that it is\n" " not recognized as an escape character.\n" "\n" , stdout); fputs( -" (iOS and Mac OS X only) If curl is built against Secure Trans-\n" -" port, then the certificate string can either be the name of a\n" -" certificate/private key in the system or user keychain, or the\n" -" path to a PKCS#12-encoded certificate and private key. If you\n" -" want to use a file from the current directory, please precede it\n" -" with \"./\" prefix, in order to avoid confusion with a nickname.\n" +" (iOS and macOS only) If curl is built against Secure Transport,\n" +" then the certificate string can either be the name of a certifi-\n" +" cate/private key in the system or user keychain, or the path to\n" +" a PKCS#12-encoded certificate and private key. If you want to\n" +" use a file from the current directory, please precede it with\n" +" \"./\" prefix, in order to avoid confusion with a nickname.\n" "\n" , stdout); fputs( " If this option is used several times, the last one will be used.\n" "\n" " --engine \n" -" Select the OpenSSL crypto engine to use for cipher operations.\n" -" Use --engine list to print a list of build-time supported\n" -" engines. Note that not all (or none) of the engines may be\n" +" Select the OpenSSL crypto engine to use for cipher operations.\n" +" Use --engine list to print a list of build-time supported\n" +" engines. Note that not all (or none) of the engines may be\n" " available at run-time.\n" "\n" " --environment\n" -" (RISC OS ONLY) Sets a range of environment variables, using the\n" +" (RISC OS ONLY) Sets a range of environment variables, using the\n" , stdout); fputs( " names the -w option supports, to allow easier extraction of use-\n" " ful information after having run curl.\n" "\n" " --egd-file \n" -" (SSL) Specify the path name to the Entropy Gathering Daemon\n" -" socket. The socket is used to seed the random engine for SSL\n" +" (SSL) Specify the path name to the Entropy Gathering Daemon\n" +" socket. The socket is used to seed the random engine for SSL\n" " connections. See also the --random-file option.\n" "\n" " --expect100-timeout \n" " (HTTP) Maximum time in seconds that you allow curl to wait for a\n" , stdout); fputs( -" 100-continue response when curl emits an Expects: 100-continue\n" -" header in its request. By default curl will wait one second.\n" -" This option accepts decimal values! When curl stops waiting, it\n" +" 100-continue response when curl emits an Expects: 100-continue\n" +" header in its request. By default curl will wait one second.\n" +" This option accepts decimal values! When curl stops waiting, it\n" " will continue as if the response has been received.\n" "\n" " (Added in 7.47.0)\n" "\n" " --cert-type \n" -" (SSL) Tells curl what certificate type the provided certificate\n" +" (SSL) Tells curl what certificate type the provided certificate\n" , stdout); fputs( " is in. PEM, DER and ENG are recognized types. If not specified,\n" @@ -757,42 +773,51 @@ void hugehelp(void) "\n" " --cacert \n" " (SSL) Tells curl to use the specified certificate file to verify\n" -" the peer. The file may contain multiple CA certificates. The\n" -" certificate(s) must be in PEM format. Normally curl is built to\n" +" the peer. The file may contain multiple CA certificates. The\n" +" certificate(s) must be in PEM format. Normally curl is built to\n" , stdout); fputs( " use a default file for this, so this option is typically used to\n" " alter that default file.\n" "\n" -" curl recognizes the environment variable named 'CURL_CA_BUNDLE'\n" -" if it is set, and uses the given path as a path to a CA cert\n" +" curl recognizes the environment variable named 'CURL_CA_BUNDLE'\n" +" if it is set, and uses the given path as a path to a CA cert\n" " bundle. This option overrides that variable.\n" "\n" -" The windows version of curl will automatically look for a CA\n" +" The windows version of curl will automatically look for a CA\n" " certs file named 'curl-ca-bundle.crt', either in the same direc-\n" , stdout); fputs( " tory as curl.exe, or in the Current Working Directory, or in any\n" " folder along your PATH.\n" "\n" -" If curl is built against the NSS SSL library, the NSS PEM\n" -" PKCS#11 module (libnsspem.so) needs to be available for this\n" +" If curl is built against the NSS SSL library, the NSS PEM\n" +" PKCS#11 module (libnsspem.so) needs to be available for this\n" " option to work properly.\n" "\n" +" (iOS and macOS only) If curl is built against Secure Transport,\n" +" then this option is supported for backward compatibility with\n" +, stdout); + fputs( +" other SSL engines, but it should not be set. If the option is\n" +" not set, then curl will use the certificates in the system and\n" +" user Keychain to verify the peer, which is the preferred method\n" +" of verifying the peer's certificate chain.\n" +"\n" " If this option is used several times, the last one will be used.\n" "\n" " --capath \n" +" (SSL) Tells curl to use the specified certificate directory to\n" , stdout); fputs( -" (SSL) Tells curl to use the specified certificate directory to\n" " verify the peer. Multiple paths can be provided by separating\n" " them with \":\" (e.g. \"path1:path2:path3\"). The certificates must\n" " be in PEM format, and if curl is built against OpenSSL, the\n" " directory must have been processed using the c_rehash utility\n" " supplied with OpenSSL. Using --capath can allow OpenSSL-powered\n" +" curl to make SSL-connections much more efficiently than using\n" , stdout); fputs( -" curl to make SSL-connections much more efficiently than using\n" " --cacert if the --cacert file contains many CA certificates.\n" "\n" " If this option is set, the default capath value will be ignored,\n" @@ -800,131 +825,135 @@ void hugehelp(void) "\n" " --pinnedpubkey \n" " (SSL) Tells curl to use the specified public key file (or\n" +" hashes) to verify the peer. This can be a path to a file which\n" , stdout); fputs( -" hashes) to verify the peer. This can be a path to a file which\n" " contains a single public key in PEM or DER format, or any number\n" " of base64 encoded sha256 hashes preceded by 'sha256//' and sepa-\n" " rated by ';'\n" "\n" " When negotiating a TLS or SSL connection, the server sends a\n" " certificate indicating its identity. A public key is extracted\n" +" from this certificate and if it does not exactly match the pub-\n" , stdout); fputs( -" from this certificate and if it does not exactly match the pub-\n" " lic key provided to this option, curl will abort the connection\n" " before sending or receiving any data.\n" "\n" -" Added in 7.39.0 for OpenSSL, GnuTLS and GSKit. Added in 7.43.0\n" -" for NSS and wolfSSL/CyaSSL. sha256 support added in 7.44.0 for\n" -" OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL. Other SSL backends not\n" -" supported.\n" -"\n" +" PEM/DER support:\n" +" 7.39.0: OpenSSL, GnuTLS and GSKit\n" +" 7.43.0: NSS and wolfSSL/CyaSSL\n" +" 7.47.0: mbedtls\n" +" 7.49.0: PolarSSL sha256 support:\n" +" 7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL/CyaSSL.\n" +" 7.47.0: mbedtls\n" , stdout); fputs( +" 7.49.0: PolarSSL Other SSL backends not supported.\n" +"\n" " If this option is used several times, the last one will be used.\n" "\n" " --cert-status\n" -" (SSL) Tells curl to verify the status of the server certificate\n" +" (SSL) Tells curl to verify the status of the server certificate\n" " by using the Certificate Status Request (aka. OCSP stapling) TLS\n" " extension.\n" "\n" -" If this option is enabled and the server sends an invalid (e.g.\n" -" expired) response, if the response suggests that the server cer-\n" +" If this option is enabled and the server sends an invalid (e.g.\n" , stdout); fputs( -" tificate has been revoked, or no response at all is received,\n" +" expired) response, if the response suggests that the server cer-\n" +" tificate has been revoked, or no response at all is received,\n" " the verification fails.\n" "\n" -" This is currently only implemented in the OpenSSL, GnuTLS and\n" +" This is currently only implemented in the OpenSSL, GnuTLS and\n" " NSS backends. (Added in 7.41.0)\n" "\n" " --false-start\n" "\n" -" (SSL) Tells curl to use false start during the TLS handshake.\n" -" False start is a mode where a TLS client will start sending\n" +" (SSL) Tells curl to use false start during the TLS handshake.\n" , stdout); fputs( +" False start is a mode where a TLS client will start sending\n" " application data before verifying the server's Finished message,\n" " thus saving a round trip when performing a full handshake.\n" "\n" -" This is currently only implemented in the NSS and Secure Trans-\n" -" port (on iOS 7.0 or later, or OS X 10.9 or later) backends.\n" +" This is currently only implemented in the NSS and Secure Trans-\n" +" port (on iOS 7.0 or later, or OS X 10.9 or later) backends.\n" " (Added in 7.42.0)\n" "\n" " -f, --fail\n" -" (HTTP) Fail silently (no output at all) on server errors. This\n" , stdout); fputs( -" is mostly done to better enable scripts etc to better deal with\n" -" failed attempts. In normal cases when an HTTP server fails to\n" -" deliver a document, it returns an HTML document stating so\n" -" (which often also describes why and more). This flag will pre-\n" +" (HTTP) Fail silently (no output at all) on server errors. This\n" +" is mostly done to better enable scripts etc to better deal with\n" +" failed attempts. In normal cases when an HTTP server fails to\n" +" deliver a document, it returns an HTML document stating so\n" +" (which often also describes why and more). This flag will pre-\n" " vent curl from outputting that and return error 22.\n" "\n" -" This method is not fail-safe and there are occasions where non-\n" , stdout); fputs( -" successful response codes will slip through, especially when\n" +" This method is not fail-safe and there are occasions where non-\n" +" successful response codes will slip through, especially when\n" " authentication is involved (response codes 401 and 407).\n" "\n" " -F, --form \n" -" (HTTP) This lets curl emulate a filled-in form in which a user\n" -" has pressed the submit button. This causes curl to POST data\n" -" using the Content-Type multipart/form-data according to RFC\n" -" 2388. This enables uploading of binary files etc. To force the\n" +" (HTTP) This lets curl emulate a filled-in form in which a user\n" +" has pressed the submit button. This causes curl to POST data\n" +" using the Content-Type multipart/form-data according to RFC\n" , stdout); fputs( -" 'content' part to be a file, prefix the file name with an @\n" -" sign. To just get the content part from a file, prefix the file\n" -" name with the symbol <. The difference between @ and < is then\n" -" that @ makes a file get attached in the post as a file upload,\n" -" while the < makes a text field and just get the contents for\n" -" that text field from a file.\n" -"\n" +" 2388. This enables uploading of binary files etc. To force the\n" +" 'content' part to be a file, prefix the file name with an @\n" +" sign. To just get the content part from a file, prefix the file\n" +" name with the symbol <. The difference between @ and < is then\n" +" that @ makes a file get attached in the post as a file upload,\n" +" while the < makes a text field and just get the contents for\n" , stdout); fputs( -" Example, to send your password file to the server, where 'pass-\n" -" word' is the name of the form-field to which /etc/passwd will be\n" -" the input:\n" +" that text field from a file.\n" +"\n" +" Example: to send an image to a server, where 'profile' is the\n" +" name of the form-field to which portrait.jpg will be the input:\n" "\n" -" curl -F password=@/etc/passwd www.mypasswords.com\n" +" curl -F profile=@portrait.jpg https://example.com/upload.cgi\n" "\n" " To read content from stdin instead of a file, use - as the file-\n" " name. This goes for both @ and < constructs. Unfortunately it\n" -" does not support reading the file from a named pipe or similar,\n" , stdout); fputs( +" does not support reading the file from a named pipe or similar,\n" " as it needs the full size before the transfer starts.\n" "\n" " You can also tell curl what Content-Type to use by using\n" " 'type=', in a manner similar to:\n" "\n" -" curl -F \"web=@index.html;type=text/html\" url.com\n" +" curl -F \"web=@index.html;type=text/html\" example.com\n" "\n" " or\n" "\n" -" curl -F \"name=daniel;type=text/foo\" url.com\n" +" curl -F \"name=daniel;type=text/foo\" example.com\n" "\n" +, stdout); + fputs( " You can also explicitly change the name field of a file upload\n" " part by setting filename=, like this:\n" "\n" -, stdout); - fputs( -" curl -F \"file=@localfile;filename=nameinpost\" url.com\n" +" curl -F \"file=@localfile;filename=nameinpost\" example.com\n" "\n" " If filename/path contains ',' or ';', it must be quoted by dou-\n" " ble-quotes like:\n" "\n" -" curl -F \"file=@\\\"localfile\\\";filename=\\\"nameinpost\\\"\" url.com\n" +" curl -F \"file=@\\\"localfile\\\";filename=\\\"nameinpost\\\"\" exam-\n" +" ple.com\n" "\n" " or\n" "\n" -" curl -F 'file=@\"localfile\";filename=\"nameinpost\"' url.com\n" -"\n" -" Note that if a filename/path is quoted by double-quotes, any\n" , stdout); fputs( +" curl -F 'file=@\"localfile\";filename=\"nameinpost\"' example.com\n" +"\n" +" Note that if a filename/path is quoted by double-quotes, any\n" " double-quote or backslash within the filename must be escaped by\n" " backslash.\n" "\n" @@ -934,66 +963,66 @@ void hugehelp(void) "\n" " --ftp-account [data]\n" " (FTP) When an FTP server asks for \"account data\" after user name\n" -" and password has been provided, this data is sent off using the\n" -" ACCT command. (Added in 7.13.0)\n" -"\n" , stdout); fputs( +" and password has been provided, this data is sent off using the\n" +" ACCT command. (Added in 7.13.0)\n" +"\n" " If this option is used several times, the last one will be used.\n" "\n" " --ftp-alternative-to-user \n" -" (FTP) If authenticating with the USER and PASS commands fails,\n" -" send this command. When connecting to Tumbleweed's Secure\n" -" Transport server over FTPS using a client certificate, using\n" -" \"SITE AUTH\" will tell the server to retrieve the username from\n" -" the certificate. (Added in 7.15.5)\n" -"\n" +" (FTP) If authenticating with the USER and PASS commands fails,\n" +" send this command. When connecting to Tumbleweed's Secure\n" +" Transport server over FTPS using a client certificate, using\n" , stdout); fputs( +" \"SITE AUTH\" will tell the server to retrieve the username from\n" +" the certificate. (Added in 7.15.5)\n" +"\n" " --ftp-create-dirs\n" -" (FTP/SFTP) When an FTP or SFTP URL/operation uses a path that\n" -" doesn't currently exist on the server, the standard behavior of\n" +" (FTP/SFTP) When an FTP or SFTP URL/operation uses a path that\n" +" doesn't currently exist on the server, the standard behavior of\n" " curl is to fail. Using this option, curl will instead attempt to\n" " create missing directories.\n" "\n" " --ftp-method [method]\n" -" (FTP) Control what method curl should use to reach a file on an\n" -" FTP(S) server. The method argument should be one of the follow-\n" , stdout); fputs( +" (FTP) Control what method curl should use to reach a file on an\n" +" FTP(S) server. The method argument should be one of the follow-\n" " ing alternatives:\n" "\n" " multicwd\n" -" curl does a single CWD operation for each path part in\n" -" the given URL. For deep hierarchies this means very many\n" -" commands. This is how RFC 1738 says it should be done.\n" -" This is the default but the slowest behavior.\n" -"\n" -" nocwd curl does no CWD at all. curl will do SIZE, RETR, STOR\n" +" curl does a single CWD operation for each path part in\n" +" the given URL. For deep hierarchies this means very many\n" +" commands. This is how RFC 1738 says it should be done.\n" , stdout); fputs( +" This is the default but the slowest behavior.\n" +"\n" +" nocwd curl does no CWD at all. curl will do SIZE, RETR, STOR\n" " etc and give a full path to the server for all these com-\n" " mands. This is the fastest behavior.\n" "\n" " singlecwd\n" " curl does one CWD with the full target directory and then\n" -" operates on the file \"normally\" (like in the multicwd\n" -" case). This is somewhat more standards compliant than\n" -" 'nocwd' but without the full penalty of 'multicwd'.\n" -"\n" +" operates on the file \"normally\" (like in the multicwd\n" , stdout); fputs( +" case). This is somewhat more standards compliant than\n" +" 'nocwd' but without the full penalty of 'multicwd'.\n" +"\n" " (Added in 7.15.1)\n" "\n" " --ftp-pasv\n" -" (FTP) Use passive mode for the data connection. Passive is the\n" -" internal default behavior, but using this option can be used to\n" +" (FTP) Use passive mode for the data connection. Passive is the\n" +" internal default behavior, but using this option can be used to\n" " override a previous -P/-ftp-port option. (Added in 7.11.0)\n" "\n" -" If this option is used several times, only the first one is\n" -" used. Undoing an enforced passive really isn't doable but you\n" , stdout); fputs( +" If this option is used several times, only the first one is\n" +" used. Undoing an enforced passive really isn't doable but you\n" " must then instead enforce the correct -P, --ftp-port again.\n" "\n" " Passive mode means that curl will try the EPSV command first and\n" @@ -1001,102 +1030,110 @@ void hugehelp(void) "\n" " --ftp-skip-pasv-ip\n" " (FTP) Tell curl to not use the IP address the server suggests in\n" -" its response to curl's PASV command when curl connects the data\n" -" connection. Instead curl will re-use the same IP address it\n" , stdout); fputs( +" its response to curl's PASV command when curl connects the data\n" +" connection. Instead curl will re-use the same IP address it\n" " already uses for the control connection. (Added in 7.14.2)\n" "\n" -" This option has no effect if PORT, EPRT or EPSV is used instead\n" +" This option has no effect if PORT, EPRT or EPSV is used instead\n" " of PASV.\n" "\n" " --ftp-pret\n" -" (FTP) Tell curl to send a PRET command before PASV (and EPSV).\n" -" Certain FTP servers, mainly drftpd, require this non-standard\n" -" command for directory listings as well as up and downloads in\n" +" (FTP) Tell curl to send a PRET command before PASV (and EPSV).\n" +, stdout); + fputs( +" Certain FTP servers, mainly drftpd, require this non-standard\n" +" command for directory listings as well as up and downloads in\n" " PASV mode. (Added in 7.20.x)\n" "\n" " --ftp-ssl-ccc\n" +" (FTP) Use CCC (Clear Command Channel) Shuts down the SSL/TLS\n" +" layer after authenticating. The rest of the control channel com-\n" +" munication will be unencrypted. This allows NAT routers to fol-\n" , stdout); fputs( -" (FTP) Use CCC (Clear Command Channel) Shuts down the SSL/TLS\n" -" layer after authenticating. The rest of the control channel com-\n" -" munication will be unencrypted. This allows NAT routers to fol-\n" " low the FTP transaction. The default mode is passive. See --ftp-\n" " ssl-ccc-mode for other modes. (Added in 7.16.1)\n" "\n" " --ftp-ssl-ccc-mode [active/passive]\n" +" (FTP) Use CCC (Clear Command Channel) Sets the CCC mode. The\n" +" passive mode will not initiate the shutdown, but instead wait\n" +" for the server to do it, and will not reply to the shutdown from\n" , stdout); fputs( -" (FTP) Use CCC (Clear Command Channel) Sets the CCC mode. The\n" -" passive mode will not initiate the shutdown, but instead wait\n" -" for the server to do it, and will not reply to the shutdown from\n" " the server. The active mode initiates the shutdown and waits for\n" " a reply from the server. (Added in 7.16.2)\n" "\n" " --ftp-ssl-control\n" -" (FTP) Require SSL/TLS for the FTP login, clear for transfer.\n" +" (FTP) Require SSL/TLS for the FTP login, clear for transfer.\n" +" Allows secure authentication, but non-encrypted data transfers\n" +" for efficiency. Fails the transfer if the server doesn't sup-\n" +" port SSL/TLS. (Added in 7.16.0) that can still be used but will\n" , stdout); fputs( -" Allows secure authentication, but non-encrypted data transfers\n" -" for efficiency. Fails the transfer if the server doesn't sup-\n" -" port SSL/TLS. (Added in 7.16.0) that can still be used but will\n" " be removed in a future version.\n" "\n" +" --ftp-ssl\n" +" (FTP) This deprecated option is now known as --ssl.\n" +"\n" +" --ftp-ssl-reqd\n" +" (FTP) This deprecated option is now known as --ssl-reqd.\n" +"\n" " --form-string \n" -" (HTTP) Similar to --form except that the value string for the\n" -" named parameter is used literally. Leading '@' and '<' charac-\n" +" (HTTP) Similar to --form except that the value string for the\n" +" named parameter is used literally. Leading '@' and '<' charac-\n" +" ters, and the ';type=' string in the value have no special mean-\n" , stdout); fputs( -" ters, and the ';type=' string in the value have no special mean-\n" " ing. Use this in preference to --form if there's any possibility\n" -" that the string value may accidentally trigger the '@' or '<'\n" +" that the string value may accidentally trigger the '@' or '<'\n" " features of --form.\n" "\n" " -g, --globoff\n" " This option switches off the \"URL globbing parser\". When you set\n" -" this option, you can specify URLs that contain the letters {}[]\n" +" this option, you can specify URLs that contain the letters {}[]\n" +" without having them being interpreted by curl itself. Note that\n" , stdout); fputs( -" without having them being interpreted by curl itself. Note that\n" -" these letters are not normal legal URL contents but they should\n" +" these letters are not normal legal URL contents but they should\n" " be encoded according to the URI standard.\n" "\n" " -G, --get\n" -" When used, this option will make all data specified with -d,\n" -" --data, --data-binary or --data-urlencode to be used in an HTTP\n" -" GET request instead of the POST request that otherwise would be\n" +" When used, this option will make all data specified with -d,\n" +" --data, --data-binary or --data-urlencode to be used in an HTTP\n" +" GET request instead of the POST request that otherwise would be\n" +" used. The data will be appended to the URL with a '?' separator.\n" , stdout); fputs( -" used. The data will be appended to the URL with a '?' separator.\n" -" If used in combination with -I, the POST data will instead be\n" +" If used in combination with -I, the POST data will instead be\n" " appended to the URL with a HEAD request.\n" "\n" -" If this option is used several times, only the first one is\n" -" used. This is because undoing a GET doesn't make sense, but you\n" +" If this option is used several times, only the first one is\n" +" used. This is because undoing a GET doesn't make sense, but you\n" " should then instead enforce the alternative method you prefer.\n" "\n" " -H, --header

\n" +" (HTTP) Extra header to include in the request when sending HTTP\n" , stdout); fputs( -" (HTTP) Extra header to include in the request when sending HTTP\n" -" to a server. You may specify any number of extra headers. Note\n" +" to a server. You may specify any number of extra headers. Note\n" " that if you should add a custom header that has the same name as\n" -" one of the internal ones curl would use, your externally set\n" +" one of the internal ones curl would use, your externally set\n" " header will be used instead of the internal one. This allows you\n" -" to make even trickier stuff than curl would normally do. You\n" +" to make even trickier stuff than curl would normally do. You\n" +" should not replace internally set headers without knowing per-\n" , stdout); fputs( -" should not replace internally set headers without knowing per-\n" " fectly well what you're doing. Remove an internal header by giv-\n" -" ing a replacement without content on the right side of the\n" +" ing a replacement without content on the right side of the\n" " colon, as in: -H \"Host:\". If you send the custom header with no-\n" -" value then its header must be terminated with a semicolon, such\n" +" value then its header must be terminated with a semicolon, such\n" " as -H \"X-Custom-Header;\" to send \"X-Custom-Header:\".\n" "\n" +" curl will make sure that each header you add/replace is sent\n" , stdout); fputs( -" curl will make sure that each header you add/replace is sent\n" " with the proper end-of-line marker, you should thus not add that\n" " as a part of the header content: do not add newlines or carriage\n" " returns, they will only mess things up for you.\n" @@ -1106,26 +1143,26 @@ void hugehelp(void) " Starting in 7.37.0, you need --proxy-header to send custom head-\n" " ers intended for a proxy.\n" "\n" -, stdout); - fputs( " Example:\n" "\n" -" # curl -H \"X-First-Name: Joe\" http://192.168.0.1/\n" +, stdout); + fputs( +" # curl -H \"X-First-Name: Joe\" http://example.com/\n" "\n" -" WARNING: headers set with this option will be set in all\n" -" requests - even after redirects are followed, like when told\n" -" with -L, --location. This can lead to the header being sent to\n" -" other hosts than the original host, so sensitive headers should\n" +" WARNING: headers set with this option will be set in all\n" +" requests - even after redirects are followed, like when told\n" +" with -L, --location. This can lead to the header being sent to\n" +" other hosts than the original host, so sensitive headers should\n" " be used with caution combined with following redirects.\n" "\n" , stdout); fputs( -" This option can be used multiple times to add/replace/remove\n" +" This option can be used multiple times to add/replace/remove\n" " multiple headers.\n" "\n" " --hostpubmd5 \n" -" (SCP/SFTP) Pass a string containing 32 hexadecimal digits. The\n" -" string should be the 128 bit MD5 checksum of the remote host's\n" +" (SCP/SFTP) Pass a string containing 32 hexadecimal digits. The\n" +" string should be the 128 bit MD5 checksum of the remote host's\n" " public key, curl will refuse the connection with the host unless\n" " the md5sums match. (Added in 7.17.1)\n" "\n" @@ -1133,33 +1170,33 @@ void hugehelp(void) , stdout); fputs( " For HTTP, Ignore the Content-Length header. This is particularly\n" -" useful for servers running Apache 1.x, which will report incor-\n" +" useful for servers running Apache 1.x, which will report incor-\n" " rect Content-Length for files larger than 2 gigabytes.\n" "\n" -" For FTP (since 7.46.0), skip the RETR command to figure out the\n" +" For FTP (since 7.46.0), skip the RETR command to figure out the\n" " size before downloading a file.\n" "\n" " -i, --include\n" -" (HTTP) Include the HTTP-header in the output. The HTTP-header\n" +" (HTTP) Include the HTTP-header in the output. The HTTP-header\n" , stdout); fputs( -" includes things like server-name, date of the document, HTTP-\n" +" includes things like server-name, date of the document, HTTP-\n" " version and more...\n" "\n" " -I, --head\n" " (HTTP/FTP/FILE) Fetch the HTTP-header only! HTTP-servers feature\n" -" the command HEAD which this uses to get nothing but the header\n" -" of a document. When used on an FTP or FILE file, curl displays\n" +" the command HEAD which this uses to get nothing but the header\n" +" of a document. When used on an FTP or FILE file, curl displays\n" " the file size and last modification time only.\n" "\n" " --interface \n" , stdout); fputs( -" Perform an operation using a specified interface. You can enter\n" -" interface name, IP address or host name. An example could look\n" +" Perform an operation using a specified interface. You can enter\n" +" interface name, IP address or host name. An example could look\n" " like:\n" "\n" -" curl --interface eth0:1 http://www.netscape.com/\n" +" curl --interface eth0:1 https://www.example.com/\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" @@ -1167,9 +1204,9 @@ void hugehelp(void) " (HTTP) When curl is told to read cookies from a given file, this\n" , stdout); fputs( -" option will make it discard all \"session cookies\". This will\n" -" basically have the same effect as if a new session is started.\n" -" Typical browsers always discard session cookies when they're\n" +" option will make it discard all \"session cookies\". This will\n" +" basically have the same effect as if a new session is started.\n" +" Typical browsers always discard session cookies when they're\n" " closed down.\n" "\n" " -J, --remote-header-name\n" @@ -1179,70 +1216,70 @@ void hugehelp(void) fputs( " extracting a filename from the URL.\n" "\n" -" If the server specifies a file name and a file with that name\n" -" already exists in the current working directory it will not be\n" +" If the server specifies a file name and a file with that name\n" +" already exists in the current working directory it will not be\n" " overwritten and an error will occur. If the server doesn't spec-\n" " ify a file name then this option has no effect.\n" "\n" -" There's no attempt to decode %-sequences (yet) in the provided\n" +" There's no attempt to decode %-sequences (yet) in the provided\n" , stdout); fputs( " file name, so this option may provide you with rather unexpected\n" " file names.\n" "\n" -" WARNING: Exercise judicious use of this option, especially on\n" -" Windows. A rogue server could send you the name of a DLL or\n" -" other file that could possibly be loaded automatically by Win-\n" +" WARNING: Exercise judicious use of this option, especially on\n" +" Windows. A rogue server could send you the name of a DLL or\n" +" other file that could possibly be loaded automatically by Win-\n" " dows or some third party software.\n" "\n" " -k, --insecure\n" -" (SSL) This option explicitly allows curl to perform \"insecure\"\n" +" (SSL) This option explicitly allows curl to perform \"insecure\"\n" , stdout); fputs( " SSL connections and transfers. All SSL connections are attempted\n" -" to be made secure by using the CA certificate bundle installed\n" -" by default. This makes all connections considered \"insecure\"\n" +" to be made secure by using the CA certificate bundle installed\n" +" by default. This makes all connections considered \"insecure\"\n" " fail unless -k, --insecure is used.\n" "\n" -" See this online resource for further details:\n" +" See this online resource for further details:\n" " https://curl.haxx.se/docs/sslcerts.html\n" "\n" " -K, --config \n" , stdout); fputs( -" Specify which config file to read curl arguments from. The con-\n" -" fig file is a text file in which command line arguments can be\n" -" written which then will be used as if they were written on the\n" +" Specify which config file to read curl arguments from. The con-\n" +" fig file is a text file in which command line arguments can be\n" +" written which then will be used as if they were written on the\n" " actual command line.\n" "\n" -" Options and their parameters must be specified on the same con-\n" -" fig file line, separated by whitespace, colon, or the equals\n" +" Options and their parameters must be specified on the same con-\n" +" fig file line, separated by whitespace, colon, or the equals\n" , stdout); fputs( -" sign. Long option names can optionally be given in the config\n" -" file without the initial double dashes and if so, the colon or\n" -" equals characters can be used as separators. If the option is\n" -" specified with one or two dashes, there can be no colon or\n" +" sign. Long option names can optionally be given in the config\n" +" file without the initial double dashes and if so, the colon or\n" +" equals characters can be used as separators. If the option is\n" +" specified with one or two dashes, there can be no colon or\n" " equals character between the option and its parameter.\n" "\n" " If the parameter is to contain whitespace, the parameter must be\n" , stdout); fputs( -" enclosed within quotes. Within double quotes, the following\n" -" escape sequences are available: \\\\, \\\", \\t, \\n, \\r and \\v. A\n" -" backslash preceding any other letter is ignored. If the first\n" +" enclosed within quotes. Within double quotes, the following\n" +" escape sequences are available: \\\\, \\\", \\t, \\n, \\r and \\v. A\n" +" backslash preceding any other letter is ignored. If the first\n" " column of a config line is a '#' character, the rest of the line\n" " will be treated as a comment. Only write one option per physical\n" " line in the config file.\n" "\n" , stdout); fputs( -" Specify the filename to -K, --config as '-' to make curl read\n" +" Specify the filename to -K, --config as '-' to make curl read\n" " the file from stdin.\n" "\n" -" Note that to be able to specify a URL in the config file, you\n" -" need to specify it using the --url option, and not by simply\n" -" writing the URL on its own line. So, it could look similar to\n" +" Note that to be able to specify a URL in the config file, you\n" +" need to specify it using the --url option, and not by simply\n" +" writing the URL on its own line. So, it could look similar to\n" " this:\n" "\n" " url = \"https://curl.haxx.se/docs/\"\n" @@ -1250,170 +1287,170 @@ void hugehelp(void) , stdout); fputs( " When curl is invoked, it always (unless -q is used) checks for a\n" -" default config file and uses it if found. The default config\n" +" default config file and uses it if found. The default config\n" " file is checked for in the following places in this order:\n" "\n" -" 1) curl tries to find the \"home dir\": It first checks for the\n" +" 1) curl tries to find the \"home dir\": It first checks for the\n" " CURL_HOME and then the HOME environment variables. Failing that,\n" -" it uses getpwuid() on Unix-like systems (which returns the home\n" +" it uses getpwuid() on Unix-like systems (which returns the home\n" , stdout); fputs( -" dir given the current user in your system). On Windows, it then\n" +" dir given the current user in your system). On Windows, it then\n" " checks for the APPDATA variable, or as a last resort the '%USER-\n" " PROFILE%\\Application Data'.\n" "\n" -" 2) On windows, if there is no _curlrc file in the home dir, it\n" +" 2) On windows, if there is no _curlrc file in the home dir, it\n" " checks for one in the same dir the curl executable is placed. On\n" -" Unix-like systems, it will simply try to load .curlrc from the\n" +" Unix-like systems, it will simply try to load .curlrc from the\n" " determined home dir.\n" "\n" , stdout); fputs( " # --- Example file ---\n" " # this is a comment\n" -" url = \"curl.haxx.se\"\n" +" url = \"example.com\"\n" " output = \"curlhere.html\"\n" " user-agent = \"superagent/1.0\"\n" "\n" " # and fetch another URL too\n" -" url = \"curl.haxx.se/docs/manpage.html\"\n" +" url = \"example.com/docs/manpage.html\"\n" " -O\n" -" referer = \"http://nowhereatall.com/\"\n" +" referer = \"http://nowhereatall.example.com/\"\n" " # --- End of example file ---\n" "\n" -" This option can be used multiple times to load multiple config\n" -" files.\n" -"\n" +" This option can be used multiple times to load multiple config\n" , stdout); fputs( +" files.\n" +"\n" " --keepalive-time \n" -" This option sets the time a connection needs to remain idle\n" -" before sending keepalive probes and the time between individual\n" +" This option sets the time a connection needs to remain idle\n" +" before sending keepalive probes and the time between individual\n" " keepalive probes. It is currently effective on operating systems\n" " offering the TCP_KEEPIDLE and TCP_KEEPINTVL socket options\n" -" (meaning Linux, recent AIX, HP-UX and more). This option has no\n" -" effect if --no-keepalive is used. (Added in 7.18.0)\n" -"\n" +" (meaning Linux, recent AIX, HP-UX and more). This option has no\n" , stdout); fputs( +" effect if --no-keepalive is used. (Added in 7.18.0)\n" +"\n" " If this option is used several times, the last one will be used.\n" " If unspecified, the option defaults to 60 seconds.\n" "\n" " --key \n" " (SSL/SSH) Private key file name. Allows you to provide your pri-\n" -" vate key in this separate file. For SSH, if not specified, curl\n" -" tries the following candidates in order: '~/.ssh/id_rsa',\n" -" '~/.ssh/id_dsa', './id_rsa', './id_dsa'.\n" -"\n" +" vate key in this separate file. For SSH, if not specified, curl\n" +" tries the following candidates in order: '~/.ssh/id_rsa',\n" , stdout); fputs( +" '~/.ssh/id_dsa', './id_rsa', './id_dsa'.\n" +"\n" " If this option is used several times, the last one will be used.\n" "\n" " --key-type \n" -" (SSL) Private key file type. Specify which type your --key pro-\n" -" vided private key is. DER, PEM, and ENG are supported. If not\n" +" (SSL) Private key file type. Specify which type your --key pro-\n" +" vided private key is. DER, PEM, and ENG are supported. If not\n" " specified, PEM is assumed.\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " --krb \n" -" (FTP) Enable Kerberos authentication and use. The level must be\n" , stdout); fputs( +" (FTP) Enable Kerberos authentication and use. The level must be\n" " entered and should be one of 'clear', 'safe', 'confidential', or\n" -" 'private'. Should you use a level that is not one of these,\n" +" 'private'. Should you use a level that is not one of these,\n" " 'private' will instead be used.\n" "\n" -" This option requires a library built with kerberos4 support.\n" -" This is not very common. Use -V, --version to see if your curl\n" +" This option requires a library built with kerberos4 support.\n" +" This is not very common. Use -V, --version to see if your curl\n" " supports it.\n" "\n" +, stdout); + fputs( " If this option is used several times, the last one will be used.\n" "\n" +" --krb4 \n" +" (FTP) This is the former name for --krb. Do not use.\n" +"\n" " -l, --list-only\n" +" (FTP) When listing an FTP directory, this switch forces a name-\n" +" only view. This is especially useful if the user wants to\n" +" machine-parse the contents of an FTP directory since the normal\n" , stdout); fputs( -" (FTP) When listing an FTP directory, this switch forces a name-\n" -" only view. This is especially useful if the user wants to\n" -" machine-parse the contents of an FTP directory since the normal\n" -" directory view doesn't use a standard look or format. When used\n" -" like this, the option causes a NLST command to be sent to the\n" +" directory view doesn't use a standard look or format. When used\n" +" like this, the option causes a NLST command to be sent to the\n" " server instead of LIST.\n" "\n" -, stdout); - fputs( -" Note: Some FTP servers list only files in their response to\n" +" Note: Some FTP servers list only files in their response to\n" " NLST; they do not include sub-directories and symbolic links.\n" "\n" -" (POP3) When retrieving a specific email from POP3, this switch\n" -" forces a LIST command to be performed instead of RETR. This is\n" -" particularly useful if the user wants to see if a specific mes-\n" +" (POP3) When retrieving a specific email from POP3, this switch\n" +, stdout); + fputs( +" forces a LIST command to be performed instead of RETR. This is\n" +" particularly useful if the user wants to see if a specific mes-\n" " sage id exists on the server and what size it is.\n" "\n" +" Note: When combined with -X, --request , this option\n" +" can be used to send an UIDL command instead, so the user may use\n" +" the email's unique identifier rather than it's message id to\n" , stdout); fputs( -" Note: When combined with -X, --request , this option\n" -" can be used to send an UIDL command instead, so the user may use\n" -" the email's unique identifier rather than it's message id to\n" " make the request. (Added in 7.21.5)\n" "\n" " -L, --location\n" -" (HTTP/HTTPS) If the server reports that the requested page has\n" +" (HTTP/HTTPS) If the server reports that the requested page has\n" " moved to a different location (indicated with a Location: header\n" -, stdout); - fputs( -" and a 3XX response code), this option will make curl redo the\n" +" and a 3XX response code), this option will make curl redo the\n" " request on the new place. If used together with -i, --include or\n" " -I, --head, headers from all requested pages will be shown. When\n" -" authentication is used, curl only sends its credentials to the\n" -" initial host. If a redirect takes curl to a different host, it\n" -" won't be able to intercept the user+password. See also --loca-\n" , stdout); fputs( -" tion-trusted on how to change this. You can limit the amount of\n" +" authentication is used, curl only sends its credentials to the\n" +" initial host. If a redirect takes curl to a different host, it\n" +" won't be able to intercept the user+password. See also --loca-\n" +" tion-trusted on how to change this. You can limit the amount of\n" " redirects to follow by using the --max-redirs option.\n" "\n" -" When curl follows a redirect and the request is not a plain GET\n" -" (for example POST or PUT), it will do the following request with\n" -" a GET if the HTTP response was 301, 302, or 303. If the response\n" -" code was any other 3xx code, curl will re-send the following\n" +" When curl follows a redirect and the request is not a plain GET\n" , stdout); fputs( +" (for example POST or PUT), it will do the following request with\n" +" a GET if the HTTP response was 301, 302, or 303. If the response\n" +" code was any other 3xx code, curl will re-send the following\n" " request using the same unmodified method.\n" "\n" -" You can tell curl to not change the non-GET request method to\n" -" GET after a 30x response by using the dedicated options for\n" +" You can tell curl to not change the non-GET request method to\n" +" GET after a 30x response by using the dedicated options for\n" +, stdout); + fputs( " that: --post301, --post302 and --post303.\n" "\n" " --libcurl \n" -" Append this option to any ordinary curl command line, and you\n" -" will get a libcurl-using C source code written to the file that\n" -, stdout); - fputs( +" Append this option to any ordinary curl command line, and you\n" +" will get a libcurl-using C source code written to the file that\n" " does the equivalent of what your command-line operation does!\n" "\n" -" If this option is used several times, the last given file name\n" +" If this option is used several times, the last given file name\n" " will be used. (Added in 7.16.1)\n" "\n" " --limit-rate \n" -" Specify the maximum transfer rate you want curl to use - for\n" -" both downloads and uploads. This feature is useful if you have a\n" -" limited pipe and you'd like your transfer not to use your entire\n" , stdout); fputs( +" Specify the maximum transfer rate you want curl to use - for\n" +" both downloads and uploads. This feature is useful if you have a\n" +" limited pipe and you'd like your transfer not to use your entire\n" " bandwidth. To make it slower than it otherwise would be.\n" "\n" -" The given speed is measured in bytes/second, unless a suffix is\n" -" appended. Appending 'k' or 'K' will count the number as kilo-\n" -" bytes, 'm' or M' makes it megabytes, while 'g' or 'G' makes it\n" -" gigabytes. Examples: 200K, 3m and 1G.\n" -"\n" -" The given rate is the average speed counted during the entire\n" +" The given speed is measured in bytes/second, unless a suffix is\n" +" appended. Appending 'k' or 'K' will count the number as kilo-\n" , stdout); fputs( -" transfer. It means that curl might use higher transfer speeds in\n" -" short bursts, but over time it uses no more than the given rate.\n" -" If you also use the -Y, --speed-limit option, that option will\n" +" bytes, 'm' or M' makes it megabytes, while 'g' or 'G' makes it\n" +" gigabytes. Examples: 200K, 3m and 1G.\n" +"\n" +" If you also use the -Y, --speed-limit option, that option will\n" " take precedence and might cripple the rate-limiting slightly, to\n" " help keeping the speed-limit logic working.\n" "\n" @@ -1423,26 +1460,26 @@ void hugehelp(void) , stdout); fputs( " Set a preferred number or range of local port numbers to use for\n" -" the connection(s). Note that port numbers by nature are a\n" +" the connection(s). Note that port numbers by nature are a\n" " scarce resource that will be busy at times so setting this range\n" " to something too narrow might cause unnecessary connection setup\n" " failures. (Added in 7.15.2)\n" "\n" " --location-trusted\n" -" (HTTP/HTTPS) Like -L, --location, but will allow sending the\n" +" (HTTP/HTTPS) Like -L, --location, but will allow sending the\n" , stdout); fputs( " name + password to all hosts that the site may redirect to. This\n" " may or may not introduce a security breach if the site redirects\n" -" you to a site to which you'll send your authentication info\n" +" you to a site to which you'll send your authentication info\n" " (which is plaintext in the case of HTTP Basic authentication).\n" "\n" " -m, --max-time \n" -" Maximum time in seconds that you allow the whole operation to\n" +" Maximum time in seconds that you allow the whole operation to\n" , stdout); fputs( -" take. This is useful for preventing your batch jobs from hang-\n" -" ing for hours due to slow networks or links going down. Since\n" +" take. This is useful for preventing your batch jobs from hang-\n" +" ing for hours due to slow networks or links going down. Since\n" " 7.32.0, this option accepts decimal values, but the actual time-\n" " out will decrease in accuracy as the specified timeout increases\n" " in decimal precision. See also the --connect-timeout option.\n" @@ -1454,10 +1491,10 @@ void hugehelp(void) " --login-options \n" " Specify the login options to use during server authentication.\n" "\n" -" You can use the login options to specify protocol specific\n" -" options that may be used during authentication. At present only\n" -" IMAP, POP3 and SMTP support login options. For more information\n" -" about the login options please see RFC 2384, RFC 5092 and IETF\n" +" You can use the login options to specify protocol specific\n" +" options that may be used during authentication. At present only\n" +" IMAP, POP3 and SMTP support login options. For more information\n" +" about the login options please see RFC 2384, RFC 5092 and IETF\n" " draft draft-earhart-url-smtp-00.txt (Added in 7.34.0).\n" "\n" , stdout); @@ -1465,14 +1502,14 @@ void hugehelp(void) " If this option is used several times, the last one will be used.\n" "\n" " --mail-auth
\n" -" (SMTP) Specify a single address. This will be used to specify\n" -" the authentication address (identity) of a submitted message\n" +" (SMTP) Specify a single address. This will be used to specify\n" +" the authentication address (identity) of a submitted message\n" " that is being relayed to another server.\n" "\n" " (Added in 7.25.0)\n" "\n" " --mail-from
\n" -" (SMTP) Specify a single address that the given mail should get\n" +" (SMTP) Specify a single address that the given mail should get\n" " sent from.\n" "\n" , stdout); @@ -1480,25 +1517,26 @@ void hugehelp(void) " (Added in 7.20.0)\n" "\n" " --max-filesize \n" -" Specify the maximum size (in bytes) of a file to download. If\n" -" the file requested is larger than this value, the transfer will\n" +" Specify the maximum size (in bytes) of a file to download. If\n" +" the file requested is larger than this value, the transfer will\n" " not start and curl will return with exit code 63.\n" "\n" -" NOTE: The file size is not always known prior to download, and\n" +" NOTE: The file size is not always known prior to download, and\n" " for such files this option has no effect even if the file trans-\n" , stdout); fputs( -" fer ends up being larger than this given limit. This concerns\n" +" fer ends up being larger than this given limit. This concerns\n" " both FTP and HTTP transfers.\n" "\n" " --mail-rcpt
\n" " (SMTP) Specify a single address, user name or mailing list name.\n" +" Repeat this option several times to send to multiple recipients.\n" " When performing a mail transfer, the recipient should specify a\n" " valid email address to send the mail to. (Added in 7.20.0)\n" "\n" -" When performing an address verification (VRFY command), the\n" , stdout); fputs( +" When performing an address verification (VRFY command), the\n" " recipient should be specified as the user name or user name and\n" " domain (as per Section 3.5 of RFC5321). (Added in 7.34.0)\n" "\n" @@ -1507,9 +1545,9 @@ void hugehelp(void) " \"Friends\" or \"London-Office\". (Added in 7.34.0)\n" "\n" " --max-redirs \n" -" Set maximum number of redirection-followings allowed. If -L,\n" , stdout); fputs( +" Set maximum number of redirection-followings allowed. If -L,\n" " --location is used, this option can be used to prevent curl from\n" " following redirections \"in absurdum\". By default, the limit is\n" " set to 50 redirections. Set this option to -1 to make it limit-\n" @@ -1518,18 +1556,18 @@ void hugehelp(void) " If this option is used several times, the last one will be used.\n" "\n" " --metalink\n" -" This option can tell curl to parse and process a given URI as\n" , stdout); fputs( +" This option can tell curl to parse and process a given URI as\n" " Metalink file (both version 3 and 4 (RFC 5854) are supported)\n" " and make use of the mirrors listed within for failover if there\n" " are errors (such as the file or server not being available). It\n" " will also verify the hash of the file after the download com-\n" " pletes. The Metalink file itself is downloaded and processed in\n" -" memory and not stored in the local file system.\n" -"\n" , stdout); fputs( +" memory and not stored in the local file system.\n" +"\n" " Example to use a remote Metalink file:\n" "\n" " curl --metalink http://www.example.com/example.metalink\n" @@ -1540,9 +1578,9 @@ void hugehelp(void) " curl --metalink file://example.metalink\n" "\n" " Please note that if FILE protocol is disabled, there is no way\n" -" to use a local Metalink file at the time of this writing. Also\n" , stdout); fputs( +" to use a local Metalink file at the time of this writing. Also\n" " note that if --metalink and --include are used together,\n" " --include will be ignored. This is because including headers in\n" " the response will break Metalink parser and if the headers are\n" @@ -1551,9 +1589,9 @@ void hugehelp(void) "\n" " (Added in 7.27.0, if built against the libmetalink library.)\n" "\n" -" -n, --netrc\n" , stdout); fputs( +" -n, --netrc\n" " Makes curl scan the .netrc (_netrc on Windows) file in the\n" " user's home directory for login name and password. This is typi-\n" " cally used for FTP on Unix. If used with HTTP, curl will enable\n" @@ -1656,231 +1694,256 @@ void hugehelp(void) " match local.com, local.com:80, and www.local.com, but not\n" " www.notlocal.com. (Added in 7.19.4).\n" "\n" -" --ntlm (HTTP) Enables NTLM authentication. The NTLM authentication\n" +" --connect-to \n" +" For a request to the given \"host:port\" pair, connect to \"con-\n" +" nect-to-host:connect-to-port\" instead. This is suitable to\n" +" direct the request at a specific server, e.g. at a specific\n" +, stdout); + fputs( +" cluster node in a cluster of servers. This option is only used\n" +" to establish the network connection. It does NOT affect the\n" +" hostname/port that is used for TLS/SSL (e.g. SNI, certificate\n" +" verification) or for the application protocols. \"host\" and\n" +" \"port\" may be the empty string, meaning \"any host/port\". \"con-\n" +" nect-to-host\" and \"connect-to-port\" may also be the empty\n" +, stdout); + fputs( +" string, meaning \"use the request's original host/port\". This\n" +" option can be used many times to add many connect rules. (Added\n" +" in 7.49.0).\n" +"\n" +" --ntlm (HTTP) Enables NTLM authentication. The NTLM authentication\n" " method was designed by Microsoft and is used by IIS web servers.\n" -" It is a proprietary protocol, reverse-engineered by clever peo-\n" -" ple and implemented in curl based on their efforts. This kind of\n" +" It is a proprietary protocol, reverse-engineered by clever peo-\n" , stdout); fputs( -" behavior should not be endorsed, you should encourage everyone\n" -" who uses NTLM to switch to a public and documented authentica-\n" +" ple and implemented in curl based on their efforts. This kind of\n" +" behavior should not be endorsed, you should encourage everyone\n" +" who uses NTLM to switch to a public and documented authentica-\n" " tion method instead, such as Digest.\n" "\n" -" If you want to enable NTLM for your proxy authentication, then\n" +" If you want to enable NTLM for your proxy authentication, then\n" " use --proxy-ntlm.\n" "\n" -" This option requires a library built with SSL support. Use -V,\n" -" --version to see if your curl supports NTLM.\n" -"\n" +" This option requires a library built with SSL support. Use -V,\n" , stdout); fputs( -" If this option is used several times, only the first one is\n" +" --version to see if your curl supports NTLM.\n" +"\n" +" If this option is used several times, only the first one is\n" " used.\n" "\n" +" --ntlm-wb\n" +" (HTTP) Enables NTLM much in the style --ntlm does, but hand over\n" +" the authentication to the separate binary ntlmauth application\n" +" that is executed when needed.\n" +"\n" " -o, --output \n" " Write output to instead of stdout. If you are using {} or\n" -" [] to fetch multiple documents, you can use '#' followed by a\n" -" number in the specifier. That variable will be replaced\n" -" with the current string for the URL being fetched. Like in:\n" -"\n" , stdout); fputs( -" curl http://{one,two}.site.com -o \"file_#1.txt\"\n" +" [] to fetch multiple documents, you can use '#' followed by a\n" +" number in the specifier. That variable will be replaced\n" +" with the current string for the URL being fetched. Like in:\n" +"\n" +" curl http://{one,two}.example.com -o \"file_#1.txt\"\n" "\n" " or use several variables like:\n" "\n" " curl http://{site,host}.host[1-5].com -o \"#1_#2\"\n" "\n" -" You may use this option as many times as the number of URLs you\n" +" You may use this option as many times as the number of URLs you\n" +, stdout); + fputs( " have.\n" "\n" -" See also the --create-dirs option to create the local directo-\n" -" ries dynamically. Specifying the output as '-' (a single dash)\n" +" See also the --create-dirs option to create the local directo-\n" +" ries dynamically. Specifying the output as '-' (a single dash)\n" " will force the output to be done to stdout.\n" "\n" -, stdout); - fputs( " -O, --remote-name\n" -" Write output to a local file named like the remote file we get.\n" -" (Only the file part of the remote file is used, the path is cut\n" +" Write output to a local file named like the remote file we get.\n" +" (Only the file part of the remote file is used, the path is cut\n" " off.)\n" "\n" -" The file will be saved in the current working directory. If you\n" -" want the file saved in a different directory, make sure you\n" -" change the current working directory before invoking curl with\n" +, stdout); + fputs( +" The file will be saved in the current working directory. If you\n" +" want the file saved in a different directory, make sure you\n" +" change the current working directory before invoking curl with\n" " this option.\n" "\n" +" The remote file name to use for saving is extracted from the\n" +" given URL, nothing else, and if it already exists it will be\n" , stdout); fputs( -" The remote file name to use for saving is extracted from the\n" -" given URL, nothing else, and if it already exists it will be\n" -" overwritten. If you want the server to be able to choose the\n" +" overwritten. If you want the server to be able to choose the\n" " file name refer to -J, --remote-header-name which can be used in\n" -" addition to this option. If the server chooses a file name and\n" +" addition to this option. If the server chooses a file name and\n" " that name already exists it will not be overwritten.\n" "\n" -, stdout); - fputs( " There is no URL decoding done on the file name. If it has %20 or\n" -" other URL encoded parts of the name, they will end up as-is as\n" +" other URL encoded parts of the name, they will end up as-is as\n" " file name.\n" "\n" -" You may use this option as many times as the number of URLs you\n" +, stdout); + fputs( +" You may use this option as many times as the number of URLs you\n" " have.\n" "\n" " --oauth2-bearer\n" " (IMAP, POP3, SMTP) Specify the Bearer Token for OAUTH 2.0 server\n" " authentication. The Bearer Token is used in conjunction with the\n" -, stdout); - fputs( -" user name which can be specified as part of the --url or -u,\n" +" user name which can be specified as part of the --url or -u,\n" " --user options.\n" "\n" -" The Bearer Token and user name are formatted according to RFC\n" +" The Bearer Token and user name are formatted according to RFC\n" " 6750.\n" "\n" +, stdout); + fputs( " If this option is used several times, the last one will be used.\n" "\n" " --proxy-header
\n" -" (HTTP) Extra header to include in the request when sending HTTP\n" +" (HTTP) Extra header to include in the request when sending HTTP\n" " to a proxy. You may specify any number of extra headers. This is\n" +" the equivalent option to -H, --header but is for proxy communi-\n" +" cation only like in CONNECT requests when you want a separate\n" , stdout); fputs( -" the equivalent option to -H, --header but is for proxy communi-\n" -" cation only like in CONNECT requests when you want a separate\n" -" header sent to the proxy to what is sent to the actual remote\n" +" header sent to the proxy to what is sent to the actual remote\n" " host.\n" "\n" -" curl will make sure that each header you add/replace is sent\n" +" curl will make sure that each header you add/replace is sent\n" " with the proper end-of-line marker, you should thus not add that\n" " as a part of the header content: do not add newlines or carriage\n" -, stdout); - fputs( " returns, they will only mess things up for you.\n" "\n" -" Headers specified with this option will not be included in\n" +" Headers specified with this option will not be included in\n" +, stdout); + fputs( " requests that curl knows will not be sent to a proxy.\n" "\n" -" This option can be used multiple times to add/replace/remove\n" +" This option can be used multiple times to add/replace/remove\n" " multiple headers.\n" " (Added in 7.37.0)\n" " -p, --proxytunnel\n" " When an HTTP proxy is used (-x, --proxy), this option will cause\n" +" non-HTTP protocols to attempt to tunnel through the proxy\n" +" instead of merely using it to do HTTP-like operations. The tun-\n" , stdout); fputs( -" non-HTTP protocols to attempt to tunnel through the proxy\n" -" instead of merely using it to do HTTP-like operations. The tun-\n" -" nel approach is made with the HTTP proxy CONNECT request and\n" +" nel approach is made with the HTTP proxy CONNECT request and\n" " requires that the proxy allows direct connect to the remote port\n" " number curl wants to tunnel through to.\n" "\n" " -P, --ftp-port
\n" -" (FTP) Reverses the default initiator/listener roles when con-\n" +" (FTP) Reverses the default initiator/listener roles when con-\n" +" necting with FTP. This switch makes curl use active mode. In\n" +" practice, curl then tells the server to connect back to the\n" , stdout); fputs( -" necting with FTP. This switch makes curl use active mode. In\n" -" practice, curl then tells the server to connect back to the\n" " client's specified address and port, while passive mode asks the\n" -" server to setup an IP address and port for it to connect to.\n" +" server to setup an IP address and port for it to connect to.\n" "
should be one of:\n" "\n" " interface\n" -" i.e \"eth0\" to specify which interface's IP address you\n" -, stdout); - fputs( +" i.e \"eth0\" to specify which interface's IP address you\n" " want to use (Unix only)\n" "\n" " IP address\n" " i.e \"192.168.10.1\" to specify the exact IP address\n" "\n" " host name\n" +, stdout); + fputs( " i.e \"my.host.domain\" to specify the machine\n" "\n" -" - make curl pick the same IP address that is already used\n" +" - make curl pick the same IP address that is already used\n" " for the control connection\n" "\n" " If this option is used several times, the last one will be used.\n" -, stdout); - fputs( -" Disable the use of PORT with --ftp-pasv. Disable the attempt to\n" -" use the EPRT command instead of PORT by using --disable-eprt.\n" +" Disable the use of PORT with --ftp-pasv. Disable the attempt to\n" +" use the EPRT command instead of PORT by using --disable-eprt.\n" " EPRT is really PORT++.\n" "\n" -" Starting in 7.19.5, you can append \":[start]-[end]\" to the right\n" -" of the address, to tell curl what TCP port range to use. That\n" -" means you specify a port range, from a lower to a higher number.\n" , stdout); fputs( +" Starting in 7.19.5, you can append \":[start]-[end]\" to the right\n" +" of the address, to tell curl what TCP port range to use. That\n" +" means you specify a port range, from a lower to a higher number.\n" " A single number works as well, but do note that it increases the\n" " risk of failure since the port may not be available.\n" "\n" " --pass \n" " (SSL/SSH) Passphrase for the private key\n" "\n" +, stdout); + fputs( " If this option is used several times, the last one will be used.\n" "\n" " --path-as-is\n" -" Tell curl to not handle sequences of /../ or /./ in the given\n" -" URL path. Normally curl will squash or merge them according to\n" -, stdout); - fputs( +" Tell curl to not handle sequences of /../ or /./ in the given\n" +" URL path. Normally curl will squash or merge them according to\n" " standards but with this option set you tell it not to do that.\n" "\n" " (Added in 7.42.0)\n" "\n" " --post301\n" " (HTTP) Tells curl to respect RFC 7230/6.4.2 and not convert POST\n" -" requests into GET requests when following a 301 redirection. The\n" -" non-RFC behaviour is ubiquitous in web browsers, so curl does\n" -" the conversion by default to maintain consistency. However, a\n" , stdout); fputs( -" server may require a POST to remain a POST after such a redi-\n" -" rection. This option is meaningful only when using -L, --loca-\n" +" requests into GET requests when following a 301 redirection. The\n" +" non-RFC behaviour is ubiquitous in web browsers, so curl does\n" +" the conversion by default to maintain consistency. However, a\n" +" server may require a POST to remain a POST after such a redi-\n" +" rection. This option is meaningful only when using -L, --loca-\n" " tion (Added in 7.17.1)\n" "\n" " --post302\n" +, stdout); + fputs( " (HTTP) Tells curl to respect RFC 7230/6.4.3 and not convert POST\n" " requests into GET requests when following a 302 redirection. The\n" -" non-RFC behaviour is ubiquitous in web browsers, so curl does\n" +" non-RFC behaviour is ubiquitous in web browsers, so curl does\n" +" the conversion by default to maintain consistency. However, a\n" +" server may require a POST to remain a POST after such a redi-\n" +" rection. This option is meaningful only when using -L, --loca-\n" , stdout); fputs( -" the conversion by default to maintain consistency. However, a\n" -" server may require a POST to remain a POST after such a redi-\n" -" rection. This option is meaningful only when using -L, --loca-\n" " tion (Added in 7.19.1)\n" "\n" " --post303\n" " (HTTP) Tells curl to respect RFC 7230/6.4.4 and not convert POST\n" " requests into GET requests when following a 303 redirection. The\n" +" non-RFC behaviour is ubiquitous in web browsers, so curl does\n" +" the conversion by default to maintain consistency. However, a\n" +" server may require a POST to remain a POST after such a redi-\n" , stdout); fputs( -" non-RFC behaviour is ubiquitous in web browsers, so curl does\n" -" the conversion by default to maintain consistency. However, a\n" -" server may require a POST to remain a POST after such a redi-\n" -" rection. This option is meaningful only when using -L, --loca-\n" +" rection. This option is meaningful only when using -L, --loca-\n" " tion (Added in 7.26.0)\n" "\n" " --proto \n" -" Tells curl to use the listed protocols for its initial\n" -, stdout); - fputs( +" Tells curl to use the listed protocols for its initial\n" " retrieval. Protocols are evaluated left to right, are comma sep-\n" -" arated, and are each a protocol name or 'all', optionally pre-\n" +" arated, and are each a protocol name or 'all', optionally pre-\n" " fixed by zero or more modifiers. Available modifiers are:\n" "\n" +, stdout); + fputs( " + Permit this protocol in addition to protocols already permit-\n" " ted (this is the default if no modifier is used).\n" "\n" -" - Deny this protocol, removing it from the list of protocols\n" +" - Deny this protocol, removing it from the list of protocols\n" " already permitted.\n" "\n" -, stdout); - fputs( -" = Permit only this protocol (ignoring the list already permit-\n" -" ted), though subject to later modification by subsequent\n" +" = Permit only this protocol (ignoring the list already permit-\n" +" ted), though subject to later modification by subsequent\n" " entries in the comma separated list.\n" "\n" +, stdout); + fputs( " For example:\n" "\n" " --proto -ftps uses the default protocols, but disables ftps\n" @@ -1889,19 +1952,17 @@ void hugehelp(void) " only enables http and https\n" "\n" " --proto =http,https\n" -, stdout); - fputs( " also only enables http and https\n" "\n" -" Unknown protocols produce a warning. This allows scripts to\n" -" safely rely on being able to disable potentially dangerous pro-\n" -" tocols, without relying upon support for that protocol being\n" +" Unknown protocols produce a warning. This allows scripts to\n" +" safely rely on being able to disable potentially dangerous pro-\n" +, stdout); + fputs( +" tocols, without relying upon support for that protocol being\n" " built into curl to avoid an error.\n" "\n" " This option can be used multiple times, in which case the effect\n" -, stdout); - fputs( -" is the same as concatenating the protocols into one instance of\n" +" is the same as concatenating the protocols into one instance of\n" " the option.\n" "\n" " (Added in 7.20.2)\n" @@ -1911,23 +1972,25 @@ void hugehelp(void) "\n" " Example:\n" "\n" +, stdout); + fputs( " --proto-default https ftp.mozilla.org\n" " https://ftp.mozilla.org\n" "\n" -" An unknown or unsupported protocol causes error CURLE_UNSUPPORTED_PRO-\n" +" An unknown or unsupported protocol causes error CURLE_UNSUPPORTED_PRO-\n" " TOCOL.\n" "\n" -, stdout); - fputs( " This option does not change the default proxy protocol (http).\n" "\n" -" Without this option curl would make a guess based on the host, see\n" +" Without this option curl would make a guess based on the host, see\n" " --url for details.\n" "\n" " (Added in 7.45.0)\n" "\n" " --proto-redir \n" -" Tells curl to use the listed protocols on redirect. See --proto\n" +, stdout); + fputs( +" Tells curl to use the listed protocols on redirect. See --proto\n" " for how protocols are represented.\n" "\n" " Example:\n" @@ -1935,171 +1998,172 @@ void hugehelp(void) " --proto-redir -all,http,https\n" " Allow only HTTP and HTTPS on redirect.\n" "\n" +" By default curl will allow all protocols on redirect except several\n" +" disabled for security reasons: Since 7.19.4 FILE and SCP are disabled,\n" +" and since 7.40.0 SMB and SMBS are also disabled. Specifying all or +all\n" , stdout); fputs( -" By default curl will allow all protocols on redirect except several\n" -" disabled for security reasons: Since 7.19.4 FILE and SCP are disabled,\n" -" and since 7.40.0 SMB and SMBS are also disabled. Specifying all or +all\n" -" enables all protocols on redirect, including those disabled for secu-\n" +" enables all protocols on redirect, including those disabled for secu-\n" " rity.\n" "\n" " (Added in 7.20.2)\n" "\n" " --proxy-anyauth\n" -" Tells curl to pick a suitable authentication method when commu-\n" -, stdout); - fputs( -" nicating with the given proxy. This might cause an extra\n" +" Tells curl to pick a suitable authentication method when commu-\n" +" nicating with the given proxy. This might cause an extra\n" " request/response round-trip. (Added in 7.13.2)\n" "\n" " --proxy-basic\n" -" Tells curl to use HTTP Basic authentication when communicating\n" +" Tells curl to use HTTP Basic authentication when communicating\n" +, stdout); + fputs( " with the given proxy. Use --basic for enabling HTTP Basic with a\n" -" remote host. Basic is the default authentication method curl\n" +" remote host. Basic is the default authentication method curl\n" " uses with proxies.\n" "\n" " --proxy-digest\n" -, stdout); - fputs( -" Tells curl to use HTTP Digest authentication when communicating\n" +" Tells curl to use HTTP Digest authentication when communicating\n" " with the given proxy. Use --digest for enabling HTTP Digest with\n" " a remote host.\n" "\n" " --proxy-negotiate\n" -" Tells curl to use HTTP Negotiate (SPNEGO) authentication when\n" +, stdout); + fputs( +" Tells curl to use HTTP Negotiate (SPNEGO) authentication when\n" " communicating with the given proxy. Use --negotiate for enabling\n" " HTTP Negotiate (SPNEGO) with a remote host. (Added in 7.17.1)\n" "\n" " --proxy-ntlm\n" -, stdout); - fputs( -" Tells curl to use HTTP NTLM authentication when communicating\n" +" Tells curl to use HTTP NTLM authentication when communicating\n" " with the given proxy. Use --ntlm for enabling NTLM with a remote\n" " host.\n" "\n" " --proxy-service-name \n" -" This option allows you to change the service name for proxy\n" +, stdout); + fputs( +" This option allows you to change the service name for proxy\n" " negotiation.\n" "\n" -" Examples: --proxy-negotiate proxy-name --proxy-service-name\n" +" Examples: --proxy-negotiate proxy-name --proxy-service-name\n" " sockd would use sockd/proxy-name. (Added in 7.43.0).\n" "\n" -, stdout); - fputs( " --proxy1.0 \n" -" Use the specified HTTP 1.0 proxy. If the port number is not\n" +" Use the specified HTTP 1.0 proxy. If the port number is not\n" " specified, it is assumed at port 1080.\n" "\n" -" The only difference between this and the HTTP proxy option (-x,\n" +, stdout); + fputs( +" The only difference between this and the HTTP proxy option (-x,\n" " --proxy), is that attempts to use CONNECT through the proxy will\n" " specify an HTTP 1.0 protocol instead of the default HTTP 1.1.\n" "\n" " --pubkey \n" -, stdout); - fputs( -" (SSH) Public key file name. Allows you to provide your public\n" +" (SSH) Public key file name. Allows you to provide your public\n" " key in this separate file.\n" "\n" " If this option is used several times, the last one will be used.\n" -" (As of 7.39.0, curl attempts to automatically extract the public\n" -" key from the private key file, so passing this option is gener-\n" -" ally not required. Note that this public key extraction requires\n" , stdout); fputs( -" libcurl to be linked against a copy of libssh2 1.2.8 or higher\n" +" (As of 7.39.0, curl attempts to automatically extract the public\n" +" key from the private key file, so passing this option is gener-\n" +" ally not required. Note that this public key extraction requires\n" +" libcurl to be linked against a copy of libssh2 1.2.8 or higher\n" " that is itself linked against OpenSSL.)\n" "\n" -" -q If used as the first parameter on the command line, the curlrc\n" -" config file will not be read and used. See the -K, --config for\n" +" -q, --disable\n" +" If used as the first parameter on the command line, the curlrc\n" +, stdout); + fputs( +" config file will not be read and used. See the -K, --config for\n" " details on the default config file search path.\n" "\n" " -Q, --quote \n" -" (FTP/SFTP) Send an arbitrary command to the remote FTP or SFTP\n" -, stdout); - fputs( -" server. Quote commands are sent BEFORE the transfer takes place\n" -" (just after the initial PWD command in an FTP transfer, to be\n" +" (FTP/SFTP) Send an arbitrary command to the remote FTP or SFTP\n" +" server. Quote commands are sent BEFORE the transfer takes place\n" +" (just after the initial PWD command in an FTP transfer, to be\n" " exact). To make commands take place after a successful transfer,\n" -" prefix them with a dash '-'. To make commands be sent after\n" -" curl has changed the working directory, just before the transfer\n" -" command(s), prefix the command with a '+' (this is only sup-\n" , stdout); fputs( -" ported for FTP). You may specify any number of commands. If the\n" +" prefix them with a dash '-'. To make commands be sent after\n" +" curl has changed the working directory, just before the transfer\n" +" command(s), prefix the command with a '+' (this is only sup-\n" +" ported for FTP). You may specify any number of commands. If the\n" " server returns failure for one of the commands, the entire oper-\n" -" ation will be aborted. You must send syntactically correct FTP\n" -" commands as RFC 959 defines to FTP servers, or one of the com-\n" -" mands listed below to SFTP servers. This option can be used\n" -" multiple times. When speaking to an FTP server, prefix the com-\n" +" ation will be aborted. You must send syntactically correct FTP\n" , stdout); fputs( +" commands as RFC 959 defines to FTP servers, or one of the com-\n" +" mands listed below to SFTP servers. This option can be used\n" +" multiple times. When speaking to an FTP server, prefix the com-\n" " mand with an asterisk (*) to make curl continue even if the com-\n" " mand fails as by default curl will stop at first failure.\n" "\n" -" SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP\n" -" quote commands itself before sending them to the server. File\n" +" SFTP is a binary protocol. Unlike for FTP, curl interprets SFTP\n" +, stdout); + fputs( +" quote commands itself before sending them to the server. File\n" " names may be quoted shell-style to embed spaces or special char-\n" -" acters. Following is the list of all supported SFTP quote com-\n" +" acters. Following is the list of all supported SFTP quote com-\n" " mands:\n" "\n" +" chgrp group file\n" +" The chgrp command sets the group ID of the file named by\n" +" the file operand to the group ID specified by the group\n" , stdout); fputs( -" chgrp group file\n" -" The chgrp command sets the group ID of the file named by\n" -" the file operand to the group ID specified by the group\n" " operand. The group operand is a decimal integer group ID.\n" "\n" " chmod mode file\n" -" The chmod command modifies the file mode bits of the\n" +" The chmod command modifies the file mode bits of the\n" " specified file. The mode operand is an octal integer mode\n" " number.\n" "\n" -, stdout); - fputs( " chown user file\n" " The chown command sets the owner of the file named by the\n" -" file operand to the user ID specified by the user oper-\n" +" file operand to the user ID specified by the user oper-\n" +, stdout); + fputs( " and. The user operand is a decimal integer user ID.\n" "\n" " ln source_file target_file\n" " The ln and symlink commands create a symbolic link at the\n" -" target_file location pointing to the source_file loca-\n" +" target_file location pointing to the source_file loca-\n" " tion.\n" "\n" -, stdout); - fputs( " mkdir directory_name\n" -" The mkdir command creates the directory named by the\n" +" The mkdir command creates the directory named by the\n" " directory_name operand.\n" "\n" +, stdout); + fputs( " pwd The pwd command returns the absolute pathname of the cur-\n" " rent working directory.\n" "\n" " rename source target\n" " The rename command renames the file or directory named by\n" -" the source operand to the destination path named by the\n" -, stdout); - fputs( +" the source operand to the destination path named by the\n" " target operand.\n" "\n" " rm file\n" " The rm command removes the file specified by the file op-\n" " erand.\n" "\n" +, stdout); + fputs( " rmdir directory\n" -" The rmdir command removes the directory entry specified\n" +" The rmdir command removes the directory entry specified\n" " by the directory operand, provided it is empty.\n" "\n" " symlink source_file target_file\n" " See ln.\n" "\n" " -r, --range \n" -, stdout); - fputs( -" (HTTP/FTP/SFTP/FILE) Retrieve a byte range (i.e a partial docu-\n" -" ment) from a HTTP/1.1, FTP or SFTP server or a local FILE.\n" +" (HTTP/FTP/SFTP/FILE) Retrieve a byte range (i.e a partial docu-\n" +" ment) from a HTTP/1.1, FTP or SFTP server or a local FILE.\n" " Ranges can be specified in a number of ways.\n" "\n" +, stdout); + fputs( " 0-499 specifies the first 500 bytes\n" "\n" " 500-999 specifies the second 500 bytes\n" @@ -2108,107 +2172,109 @@ void hugehelp(void) "\n" " 9500- specifies the bytes from offset 9500 and forward\n" "\n" -, stdout); - fputs( " 0-0,-1 specifies the first and last byte only(*)(HTTP)\n" "\n" " 100-199,500-599\n" " specifies two separate 100-byte ranges(*) (HTTP)\n" "\n" -" (*) = NOTE that this will cause the server to reply with a mul-\n" -" tipart response!\n" -"\n" -" Only digit characters (0-9) are valid in the 'start' and 'stop'\n" -" fields of the 'start-stop' range syntax. If a non-digit charac-\n" +" (*) = NOTE that this will cause the server to reply with a mul-\n" , stdout); fputs( +" tipart response!\n" +"\n" +" Only digit characters (0-9) are valid in the 'start' and 'stop'\n" +" fields of the 'start-stop' range syntax. If a non-digit charac-\n" " ter is given in the range, the server's response will be unspec-\n" " ified, depending on the server's configuration.\n" "\n" -" You should also be aware that many HTTP/1.1 servers do not have\n" -" this feature enabled, so that when you attempt to get a range,\n" -" you'll instead get the whole document.\n" -"\n" -" FTP and SFTP range downloads only support the simple 'start-\n" +" You should also be aware that many HTTP/1.1 servers do not have\n" +" this feature enabled, so that when you attempt to get a range,\n" , stdout); fputs( -" stop' syntax (optionally with one of the numbers omitted). FTP\n" +" you'll instead get the whole document.\n" +"\n" +" FTP and SFTP range downloads only support the simple 'start-\n" +" stop' syntax (optionally with one of the numbers omitted). FTP\n" " use depends on the extended FTP command SIZE.\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " -R, --remote-time\n" -" When used, this will make curl attempt to figure out the time-\n" -" stamp of the remote file, and if that is available make the\n" +" When used, this will make curl attempt to figure out the time-\n" +, stdout); + fputs( +" stamp of the remote file, and if that is available make the\n" " local file get that same timestamp.\n" "\n" " --random-file \n" -, stdout); - fputs( " (SSL) Specify the path name to file containing what will be con-\n" -" sidered as random data. The data is used to seed the random\n" +" sidered as random data. The data is used to seed the random\n" " engine for SSL connections. See also the --egd-file option.\n" "\n" " --raw (HTTP) When used, it disables all internal HTTP decoding of con-\n" -" tent or transfer encodings and instead makes them passed on\n" +, stdout); + fputs( +" tent or transfer encodings and instead makes them passed on\n" " unaltered, raw. (Added in 7.16.2)\n" "\n" " --remote-name-all\n" -, stdout); - fputs( -" This option changes the default action for all given URLs to be\n" +" This option changes the default action for all given URLs to be\n" " dealt with as if -O, --remote-name were used for each one. So if\n" " you want to disable that for a specific URL after --remote-name-\n" -" all has been used, you must use \"-o -\" or --no-remote-name.\n" +" all has been used, you must use \"-o -\" or --no-remote-name.\n" +, stdout); + fputs( " (Added in 7.19.0)\n" "\n" " --resolve \n" -" Provide a custom address for a specific host and port pair.\n" -, stdout); - fputs( -" Using this, you can make the curl requests(s) use a specified\n" -" address and prevent the otherwise normally resolved address to\n" -" be used. Consider it a sort of /etc/hosts alternative provided\n" -" on the command line. The port number should be the number used\n" -" for the specific protocol the host will be used for. It means\n" -" you need several entries if you want to provide address for the\n" +" Provide a custom address for a specific host and port pair.\n" +" Using this, you can make the curl requests(s) use a specified\n" +" address and prevent the otherwise normally resolved address to\n" +" be used. Consider it a sort of /etc/hosts alternative provided\n" +" on the command line. The port number should be the number used\n" , stdout); fputs( +" for the specific protocol the host will be used for. It means\n" +" you need several entries if you want to provide address for the\n" " same host but different ports.\n" "\n" +" The provided address set by this option will be used even if -4,\n" +" --ipv4 or -6, --ipv6 is set to make curl use another IP version.\n" " This option can be used many times to add many host names to\n" " resolve.\n" "\n" " (Added in 7.21.3)\n" "\n" +, stdout); + fputs( " --retry \n" " If a transient error is returned when curl tries to perform a\n" " transfer, it will retry this number of times before giving up.\n" " Setting the number to 0 makes curl do no retries (which is the\n" -, stdout); - fputs( " default). Transient error means either: a timeout, an FTP 4xx\n" " response code or an HTTP 5xx response code.\n" "\n" " When curl is about to retry a transfer, it will first wait one\n" +, stdout); + fputs( " second and then for all forthcoming retries it will double the\n" " waiting time until it reaches 10 minutes which then will be the\n" " delay between the rest of the retries. By using --retry-delay\n" -, stdout); - fputs( " you disable this exponential backoff algorithm. See also\n" " --retry-max-time to limit the total time allowed for retries.\n" " (Added in 7.12.3)\n" "\n" +, stdout); + fputs( " If this option is used several times, the last one will be used.\n" "\n" " --retry-delay \n" " Make curl sleep this amount of time before each retry when a\n" " transfer has failed with a transient error (it changes the\n" -, stdout); - fputs( " default backoff time algorithm between retries). This option is\n" " only interesting if --retry is also used. Setting this delay to\n" +, stdout); + fputs( " zero will make curl use the default backoff time. (Added in\n" " 7.12.3)\n" "\n" @@ -2216,21 +2282,21 @@ void hugehelp(void) "\n" " --retry-max-time \n" " The retry timer is reset before the first transfer attempt.\n" -, stdout); - fputs( " Retries will be done as usual (see --retry) as long as the timer\n" " hasn't reached this given limit. Notice that if the timer hasn't\n" +, stdout); + fputs( " reached the limit, the request will be made and while perform-\n" " ing, it may take longer than this given time period. To limit a\n" " single request's maximum time, use -m, --max-time. Set this\n" " option to zero to not timeout retries. (Added in 7.12.3)\n" "\n" -, stdout); - fputs( " If this option is used several times, the last one will be used.\n" "\n" " -s, --silent\n" " Silent or quiet mode. Don't show progress meter or error mes-\n" +, stdout); + fputs( " sages. Makes Curl mute. It will still output the data you ask\n" " for, potentially even to the terminal/stdout unless you redirect\n" " it.\n" @@ -2239,12 +2305,12 @@ void hugehelp(void) " Enable initial response in SASL authentication. (Added in\n" " 7.31.0)\n" "\n" -, stdout); - fputs( " --service-name \n" " This option allows you to change the service name for SPNEGO.\n" "\n" " Examples: --negotiate --service-name sockd would use\n" +, stdout); + fputs( " sockd/server-name. (Added in 7.43.0).\n" "\n" " -S, --show-error\n" @@ -2252,31 +2318,27 @@ void hugehelp(void) " fails.\n" "\n" " --ssl (FTP, POP3, IMAP, SMTP) Try to use SSL/TLS for the connection.\n" -, stdout); - fputs( " Reverts to a non-secure connection if the server doesn't support\n" " SSL/TLS. See also --ftp-ssl-control and --ssl-reqd for differ-\n" " ent levels of encryption required. (Added in 7.20.0)\n" "\n" +, stdout); + fputs( " This option was formerly known as --ftp-ssl (Added in 7.11.0).\n" " That option name can still be used but will be removed in a\n" " future version.\n" "\n" " --ssl-reqd\n" -, stdout); - fputs( " (FTP, POP3, IMAP, SMTP) Require SSL/TLS for the connection.\n" " Terminates the connection if the server doesn't support SSL/TLS.\n" " (Added in 7.20.0)\n" "\n" -" This option was formerly known as --ftp-ssl-reqd (added in\n" -" 7.15.5). That option name can still be used but will be removed\n" -" in a future version.\n" +" This option was formerly known as --ftp-ssl-reqd.\n" "\n" " --ssl-allow-beast\n" -" (SSL) This option tells curl to not work around a security flaw\n" , stdout); fputs( +" (SSL) This option tells curl to not work around a security flaw\n" " in the SSL3 and TLS1.0 protocols known as BEAST. If this option\n" " isn't used, the SSL layer may use workarounds known to cause\n" " interoperability problems with some older SSL implementations.\n" @@ -2284,9 +2346,9 @@ void hugehelp(void) " flag you ask for exactly that. (Added in 7.25.0)\n" "\n" " --ssl-no-revoke\n" -" (WinSSL) This option tells curl to disable certificate revoca-\n" , stdout); fputs( +" (WinSSL) This option tells curl to disable certificate revoca-\n" " tion checks. WARNING: this option loosens the SSL security, and\n" " by using this flag you ask for exactly that. (Added in 7.44.0)\n" "\n" @@ -2295,10 +2357,10 @@ void hugehelp(void) " fied, it is assumed at port 1080. (Added in 7.15.2)\n" "\n" " This option overrides any previous use of -x, --proxy, as they\n" -" are mutually exclusive.\n" -"\n" , stdout); fputs( +" are mutually exclusive.\n" +"\n" " Since 7.21.7, this option is superfluous since you can specify a\n" " socks4 proxy with -x, --proxy using a socks4:// protocol prefix.\n" " If this option is used several times, the last one will be used.\n" @@ -2307,9 +2369,9 @@ void hugehelp(void) " Use the specified SOCKS4a proxy. If the port number is not spec-\n" " ified, it is assumed at port 1080. (Added in 7.18.0)\n" "\n" -" This option overrides any previous use of -x, --proxy, as they\n" , stdout); fputs( +" This option overrides any previous use of -x, --proxy, as they\n" " are mutually exclusive.\n" "\n" " Since 7.21.7, this option is superfluous since you can specify a\n" @@ -2320,9 +2382,9 @@ void hugehelp(void) "\n" " --socks5-hostname \n" " Use the specified SOCKS5 proxy (and let the proxy resolve the\n" -" host name). If the port number is not specified, it is assumed\n" , stdout); fputs( +" host name). If the port number is not specified, it is assumed\n" " at port 1080. (Added in 7.18.0)\n" "\n" " This option overrides any previous use of -x, --proxy, as they\n" @@ -2332,9 +2394,9 @@ void hugehelp(void) " socks5 hostname proxy with -x, --proxy using a socks5h:// proto-\n" " col prefix.\n" "\n" -" If this option is used several times, the last one will be used.\n" , stdout); fputs( +" If this option is used several times, the last one will be used.\n" " (This option was previously wrongly documented and used as\n" " --socks without the number appended.)\n" "\n" @@ -2343,107 +2405,112 @@ void hugehelp(void) " locally. If the port number is not specified, it is assumed at\n" " port 1080.\n" "\n" +, stdout); + fputs( " This option overrides any previous use of -x, --proxy, as they\n" " are mutually exclusive.\n" "\n" -, stdout); - fputs( " Since 7.21.7, this option is superfluous since you can specify a\n" " socks5 proxy with -x, --proxy using a socks5:// protocol prefix.\n" " If this option is used several times, the last one will be used.\n" " (This option was previously wrongly documented and used as\n" " --socks without the number appended.)\n" "\n" +, stdout); + fputs( " This option (as well as --socks4) does not work with IPV6, FTPS\n" " or LDAP.\n" "\n" -, stdout); - fputs( " --socks5-gssapi-service \n" " The default service name for a socks server is rcmd/server-fqdn.\n" " This option allows you to change it.\n" "\n" " Examples: --socks5 proxy-name --socks5-gssapi-service sockd\n" " would use sockd/proxy-name --socks5 proxy-name --socks5-gssapi-\n" -" service sockd/real-name would use sockd/real-name for cases\n" -" where the proxy-name does not match the principal name. (Added\n" , stdout); fputs( +" service sockd/real-name would use sockd/real-name for cases\n" +" where the proxy-name does not match the principal name. (Added\n" " in 7.19.4).\n" "\n" " --socks5-gssapi-nec\n" " As part of the GSS-API negotiation a protection mode is negoti-\n" " ated. RFC 1961 says in section 4.3/4.4 it should be protected,\n" " but the NEC reference implementation does not. The option\n" +, stdout); + fputs( " --socks5-gssapi-nec allows the unprotected exchange of the pro-\n" " tection mode negotiation. (Added in 7.19.4).\n" "\n" " --stderr \n" -, stdout); - fputs( " Redirect all writes to stderr to the specified file instead. If\n" " the file name is a plain '-', it is instead written to stdout.\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " -t, --telnet-option \n" +, stdout); + fputs( " Pass options to the telnet protocol. Supported options are:\n" "\n" " TTYPE= Sets the terminal type.\n" "\n" " XDISPLOC= Sets the X display location.\n" "\n" -, stdout); - fputs( " NEW_ENV= Sets an environment variable.\n" "\n" " -T, --upload-file \n" " This transfers the specified local file to the remote URL. If\n" " there is no file part in the specified URL, Curl will append the\n" +, stdout); + fputs( " local file name. NOTE that you must use a trailing / on the last\n" " directory to really prove to Curl that there is no file name or\n" " curl will think that your last directory name is the remote file\n" -, stdout); - fputs( " name to use. That will most likely cause the upload operation to\n" " fail. If this is used on an HTTP(S) server, the PUT command will\n" " be used.\n" "\n" " Use the file name \"-\" (a single dash) to use stdin instead of a\n" +, stdout); + fputs( " given file. Alternately, the file name \".\" (a single period)\n" " may be specified instead of \"-\" to use stdin in non-blocking\n" " mode to allow reading server output while stdin is being\n" -, stdout); - fputs( " uploaded.\n" "\n" " You can specify one -T for each URL on the command line. Each -T\n" " + URL pair specifies what to upload and to where. curl also sup-\n" +, stdout); + fputs( " ports \"globbing\" of the -T argument, meaning that you can upload\n" " multiple files to a single URL by using the same URL globbing\n" " style supported in the URL, like this:\n" "\n" -" curl -T \"{file1,file2}\" http://www.uploadtothissite.com\n" +" curl -T \"{file1,file2}\" http://www.example.com\n" "\n" " or even\n" "\n" -, stdout); - fputs( -" curl -T \"img[1-1000].png\" ftp://ftp.picturemania.com/upload/\n" +" curl -T \"img[1-1000].png\" ftp://ftp.example.com/upload/\n" "\n" " --tcp-nodelay\n" " Turn on the TCP_NODELAY option. See the curl_easy_setopt(3) man\n" +, stdout); + fputs( " page for details about this option. (Added in 7.11.2)\n" "\n" +" --tcp-fastopen\n" +" Enable use of TCP Fast Open (RFC7413). (Added in 7.49.0)\n" +"\n" " --tftp-blksize \n" " (TFTP) Set TFTP BLKSIZE option (must be >512). This is the block\n" " size that curl will try to use when transferring data to or from\n" " a TFTP server. By default 512 bytes will be used.\n" "\n" -, stdout); - fputs( " If this option is used several times, the last one will be used.\n" "\n" +, stdout); + fputs( " (Added in 7.20.0)\n" " --tftp-no-options\n" " (TFTP) Tells curl not to send TFTP options requests.\n" @@ -2455,9 +2522,9 @@ void hugehelp(void) " (Added in 7.48.0)\n" "\n" " --tlsauthtype \n" +" Set TLS authentication type. Currently, the only supported\n" , stdout); fputs( -" Set TLS authentication type. Currently, the only supported\n" " option is \"SRP\", for TLS-SRP (RFC 5054). If --tlsuser and\n" " --tlspassword are specified but --tlsauthtype is not, then this\n" " option defaults to \"SRP\". (Added in 7.21.4)\n" @@ -2465,11 +2532,11 @@ void hugehelp(void) " --tlspassword \n" " Set password for use with the TLS authentication method speci-\n" " fied with --tlsauthtype. Requires that --tlsuser also be set.\n" -, stdout); - fputs( " (Added in 7.21.4)\n" "\n" " --tlsuser \n" +, stdout); + fputs( " Set username for use with the TLS authentication method speci-\n" " fied with --tlsauthtype. Requires that --tlspassword also be\n" " set. (Added in 7.21.4)\n" @@ -2480,10 +2547,10 @@ void hugehelp(void) "\n" " --tlsv1.1\n" " (SSL) Forces curl to use TLS version 1.1 when negotiating with a\n" -, stdout); - fputs( " remote TLS server. (Added in 7.34.0)\n" "\n" +, stdout); + fputs( " --tlsv1.2\n" " (SSL) Forces curl to use TLS version 1.2 when negotiating with a\n" " remote TLS server. (Added in 7.34.0)\n" @@ -2496,9 +2563,9 @@ void hugehelp(void) " (Added in 7.21.6)\n" "\n" " --trace \n" +" Enables a full trace dump of all incoming and outgoing data,\n" , stdout); fputs( -" Enables a full trace dump of all incoming and outgoing data,\n" " including descriptive information, to the given output file. Use\n" " \"-\" as filename to have the output sent to stdout.\n" "\n" @@ -2508,9 +2575,9 @@ void hugehelp(void) " If this option is used several times, the last one will be used.\n" "\n" " --trace-ascii \n" +" Enables a full trace dump of all incoming and outgoing data,\n" , stdout); fputs( -" Enables a full trace dump of all incoming and outgoing data,\n" " including descriptive information, to the given output file. Use\n" " \"-\" as filename to have the output sent to stdout.\n" "\n" @@ -2518,9 +2585,9 @@ void hugehelp(void) " only shows the ASCII part of the dump. It makes smaller output\n" " that might be easier to read for untrained humans.\n" "\n" +" This option overrides previous uses of -v, --verbose or --trace.\n" , stdout); fputs( -" This option overrides previous uses of -v, --verbose or --trace.\n" " If this option is used several times, the last one will be used.\n" "\n" " --trace-time\n" @@ -2532,9 +2599,9 @@ void hugehelp(void) " the network. (Added in 7.40.0)\n" "\n" " -u, --user \n" +" Specify the user name and password to use for server authentica-\n" , stdout); fputs( -" Specify the user name and password to use for server authentica-\n" " tion. Overrides -n, --netrc and --netrc-optional.\n" "\n" " If you simply specify the user name, curl will prompt for a\n" @@ -2544,19 +2611,19 @@ void hugehelp(void) " which makes it impossible to use a colon in the user name with\n" " this option. The password can, still.\n" "\n" +" When using Kerberos V5 with a Windows based server you should\n" , stdout); fputs( -" When using Kerberos V5 with a Windows based server you should\n" " include the Windows domain name in the user name, in order for\n" " the server to successfully obtain a Kerberos Ticket. If you\n" " don't then the initial authentication handshake may fail.\n" "\n" " When using NTLM, the user name can be specified simply as the\n" " user name, without the domain, if there is a single domain and\n" -, stdout); - fputs( " forest in your setup for example.\n" "\n" +, stdout); + fputs( " To specify the domain name use either Down-Level Logon Name or\n" " UPN (User Principal Name) formats. For example, EXAMPLE\\user and\n" " user@example.com respectively.\n" @@ -2657,7 +2724,7 @@ void hugehelp(void) " This is only meaningful if curl is told to write\n" " to a file with the --remote-name or --output\n" " option. It's most useful in combination with the\n" -" --remote-header-name option. (Added in 7.25.1)\n" +" --remote-header-name option. (Added in 7.26.0)\n" "\n" " ftp_entry_path The initial path curl ended up in when logging on\n" " to the remote FTP server. (Added in 7.15.4)\n" @@ -2675,253 +2742,256 @@ void hugehelp(void) "\n" , stdout); fputs( -" local_ip The IP address of the local end of the most\n" -" recently done connection - can be either IPv4 or\n" +" http_version The http version that was effectively used.\n" +" (Added in 7.50.0)\n" +"\n" +" local_ip The IP address of the local end of the most\n" +" recently done connection - can be either IPv4 or\n" " IPv6 (Added in 7.29.0)\n" "\n" -" local_port The local port number of the most recently done\n" +" local_port The local port number of the most recently done\n" " connection (Added in 7.29.0)\n" "\n" -" num_connects Number of new connects made in the recent trans-\n" -" fer. (Added in 7.12.3)\n" -"\n" , stdout); fputs( -" num_redirects Number of redirects that were followed in the\n" +" num_connects Number of new connects made in the recent trans-\n" +" fer. (Added in 7.12.3)\n" +"\n" +" num_redirects Number of redirects that were followed in the\n" " request. (Added in 7.12.3)\n" "\n" -" redirect_url When an HTTP request was made without -L to fol-\n" +" redirect_url When an HTTP request was made without -L to fol-\n" " low redirects, this variable will show the actual\n" -" URL a redirect would take you to. (Added in\n" -" 7.18.2)\n" -"\n" -" remote_ip The remote IP address of the most recently done\n" , stdout); fputs( +" URL a redirect would take you to. (Added in\n" +" 7.18.2)\n" +"\n" +" remote_ip The remote IP address of the most recently done\n" " connection - can be either IPv4 or IPv6 (Added in\n" " 7.29.0)\n" "\n" -" remote_port The remote port number of the most recently done\n" +" remote_port The remote port number of the most recently done\n" " connection (Added in 7.29.0)\n" "\n" +, stdout); + fputs( " size_download The total amount of bytes that were downloaded.\n" "\n" " size_header The total amount of bytes of the downloaded head-\n" " ers.\n" "\n" -, stdout); - fputs( -" size_request The total amount of bytes that were sent in the\n" +" size_request The total amount of bytes that were sent in the\n" " HTTP request.\n" "\n" " size_upload The total amount of bytes that were uploaded.\n" "\n" " speed_download The average download speed that curl measured for\n" +, stdout); + fputs( " the complete download. Bytes per second.\n" "\n" -" speed_upload The average upload speed that curl measured for\n" +" speed_upload The average upload speed that curl measured for\n" " the complete upload. Bytes per second.\n" "\n" -, stdout); - fputs( " ssl_verify_result\n" -" The result of the SSL peer certificate verifica-\n" +" The result of the SSL peer certificate verifica-\n" " tion that was requested. 0 means the verification\n" " was successful. (Added in 7.19.0)\n" "\n" -" time_appconnect\n" -" The time, in seconds, it took from the start\n" -" until the SSL/SSH/etc connect/handshake to the\n" , stdout); fputs( +" time_appconnect\n" +" The time, in seconds, it took from the start\n" +" until the SSL/SSH/etc connect/handshake to the\n" " remote host was completed. (Added in 7.19.0)\n" "\n" -" time_connect The time, in seconds, it took from the start\n" -" until the TCP connect to the remote host (or\n" +" time_connect The time, in seconds, it took from the start\n" +" until the TCP connect to the remote host (or\n" " proxy) was completed.\n" "\n" +, stdout); + fputs( " time_namelookup\n" -" The time, in seconds, it took from the start\n" +" The time, in seconds, it took from the start\n" " until the name resolving was completed.\n" "\n" " time_pretransfer\n" +" The time, in seconds, it took from the start\n" +" until the file transfer was just about to begin.\n" +" This includes all pre-transfer commands and nego-\n" , stdout); fputs( -" The time, in seconds, it took from the start\n" -" until the file transfer was just about to begin.\n" -" This includes all pre-transfer commands and nego-\n" " tiations that are specific to the particular pro-\n" " tocol(s) involved.\n" "\n" " time_redirect The time, in seconds, it took for all redirection\n" +" steps include name lookup, connect, pretransfer\n" +" and transfer before the final transaction was\n" +" started. time_redirect shows the complete execu-\n" , stdout); fputs( -" steps include name lookup, connect, pretransfer\n" -" and transfer before the final transaction was\n" -" started. time_redirect shows the complete execu-\n" -" tion time for multiple redirections. (Added in\n" +" tion time for multiple redirections. (Added in\n" " 7.12.3)\n" "\n" " time_starttransfer\n" -" The time, in seconds, it took from the start\n" +" The time, in seconds, it took from the start\n" +" until the first byte was just about to be trans-\n" +" ferred. This includes time_pretransfer and also\n" +" the time the server needed to calculate the\n" , stdout); fputs( -" until the first byte was just about to be trans-\n" -" ferred. This includes time_pretransfer and also\n" -" the time the server needed to calculate the\n" " result.\n" "\n" -" time_total The total time, in seconds, that the full opera-\n" +" time_total The total time, in seconds, that the full opera-\n" " tion lasted. The time will be displayed with mil-\n" " lisecond resolution.\n" "\n" -, stdout); - fputs( " url_effective The URL that was fetched last. This is most mean-\n" -" ingful if you've told curl to follow location:\n" +" ingful if you've told curl to follow location:\n" " headers.\n" "\n" +, stdout); + fputs( " If this option is used several times, the last one will be used.\n" "\n" " -x, --proxy <[protocol://][user:password@]proxyhost[:port]>\n" " Use the specified proxy.\n" "\n" -" The proxy string can be specified with a protocol:// prefix to\n" +" The proxy string can be specified with a protocol:// prefix to\n" +" specify alternative proxy protocols. Use socks4://, socks4a://,\n" +" socks5:// or socks5h:// to request the specific SOCKS version to\n" , stdout); fputs( -" specify alternative proxy protocols. Use socks4://, socks4a://,\n" -" socks5:// or socks5h:// to request the specific SOCKS version to\n" -" be used. No protocol specified, http:// and all others will be\n" +" be used. No protocol specified, http:// and all others will be\n" " treated as HTTP proxies. (The protocol support was added in curl\n" " 7.21.7)\n" "\n" -" If the port number is not specified in the proxy string, it is\n" +" If the port number is not specified in the proxy string, it is\n" " assumed to be 1080.\n" "\n" +" This option overrides existing environment variables that set\n" +" the proxy to use. If there's an environment variable setting a\n" , stdout); fputs( -" This option overrides existing environment variables that set\n" -" the proxy to use. If there's an environment variable setting a\n" " proxy, you can set proxy to \"\" to override it.\n" "\n" " All operations that are performed over an HTTP proxy will trans-\n" -" parently be converted to HTTP. It means that certain protocol\n" +" parently be converted to HTTP. It means that certain protocol\n" " specific operations might not be available. This is not the case\n" -, stdout); - fputs( " if you can tunnel through the proxy, as one with the -p, --prox-\n" " ytunnel option.\n" "\n" " User and password that might be provided in the proxy string are\n" -" URL decoded by curl. This allows you to pass in special charac-\n" -" ters such as @ by using %40 or pass in a colon with %3a.\n" -"\n" -" The proxy host can be specified the exact same way as the proxy\n" -" environment variables, including the protocol prefix (http://)\n" , stdout); fputs( +" URL decoded by curl. This allows you to pass in special charac-\n" +" ters such as @ by using %40 or pass in a colon with %3a.\n" +"\n" +" The proxy host can be specified the exact same way as the proxy\n" +" environment variables, including the protocol prefix (http://)\n" " and the embedded user + password.\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " -X, --request \n" -" (HTTP) Specifies a custom request method to use when communicat-\n" -" ing with the HTTP server. The specified request method will be\n" -" used instead of the method otherwise used (which defaults to\n" -" GET). Read the HTTP 1.1 specification for details and explana-\n" , stdout); fputs( -" tions. Common additional HTTP requests include PUT and DELETE,\n" +" (HTTP) Specifies a custom request method to use when communicat-\n" +" ing with the HTTP server. The specified request method will be\n" +" used instead of the method otherwise used (which defaults to\n" +" GET). Read the HTTP 1.1 specification for details and explana-\n" +" tions. Common additional HTTP requests include PUT and DELETE,\n" " but related technologies like WebDAV offers PROPFIND, COPY, MOVE\n" " and more.\n" "\n" -" Normally you don't need this option. All sorts of GET, HEAD,\n" +, stdout); + fputs( +" Normally you don't need this option. All sorts of GET, HEAD,\n" " POST and PUT requests are rather invoked by using dedicated com-\n" " mand line options.\n" "\n" -" This option only changes the actual word used in the HTTP\n" -, stdout); - fputs( -" request, it does not alter the way curl behaves. So for example\n" -" if you want to make a proper HEAD request, using -X HEAD will\n" +" This option only changes the actual word used in the HTTP\n" +" request, it does not alter the way curl behaves. So for example\n" +" if you want to make a proper HEAD request, using -X HEAD will\n" " not suffice. You need to use the -I, --head option.\n" "\n" -" The method string you set with -X will be used for all requests,\n" -" which if you for example use -L, --location may cause unintended\n" -" side-effects when curl doesn't change request method according\n" , stdout); fputs( +" The method string you set with -X will be used for all requests,\n" +" which if you for example use -L, --location may cause unintended\n" +" side-effects when curl doesn't change request method according\n" " to the HTTP 30x response codes - and similar.\n" "\n" " (FTP) Specifies a custom FTP command to use instead of LIST when\n" " doing file lists with FTP.\n" "\n" " (POP3) Specifies a custom POP3 command to use instead of LIST or\n" +, stdout); + fputs( " RETR. (Added in 7.26.0)\n" "\n" -" (IMAP) Specifies a custom IMAP command to use instead of LIST.\n" +" (IMAP) Specifies a custom IMAP command to use instead of LIST.\n" " (Added in 7.30.0)\n" "\n" " (SMTP) Specifies a custom SMTP command to use instead of HELP or\n" -, stdout); - fputs( " VRFY. (Added in 7.34.0)\n" "\n" " If this option is used several times, the last one will be used.\n" "\n" " --xattr\n" -" When saving output to a file, this option tells curl to store\n" -" certain file metadata in extended file attributes. Currently,\n" -" the URL is stored in the xdg.origin.url attribute and, for HTTP,\n" -" the content type is stored in the mime_type attribute. If the\n" +" When saving output to a file, this option tells curl to store\n" , stdout); fputs( -" file system does not support extended attributes, a warning is\n" +" certain file metadata in extended file attributes. Currently,\n" +" the URL is stored in the xdg.origin.url attribute and, for HTTP,\n" +" the content type is stored in the mime_type attribute. If the\n" +" file system does not support extended attributes, a warning is\n" " issued.\n" "\n" " -y, --speed-time