Skip to content
Permalink
Branch: master
Commits on Feb 7, 2019
  1. zsh.pl: escape ':' character

    ghedo committed Feb 5, 2019
    ':' is interpreted as separator by zsh, so if used as part of the argument
    or option's description it needs to be escaped.
    
    The problem can be reproduced as follows:
    
     % curl --reso<TAB>
     % curl -E <TAB>
    
    Bug: https://bugs.debian.org/921452
  2. zsh.pl: update regex to better match curl -h output

    ghedo committed Feb 5, 2019
    The current regex fails to match '<...>' arguments properly (e.g. those
    with spaces in them), which causes an completion script with wrong
    descriptions for some options.
    
    Here's a diff of the generated completion script, comparing the previous
    version to the one with this fix:
    
    --- /usr/share/zsh/vendor-completions/_curl	2019-01-15 20:47:40.000000000 +0000
    +++ _curl	2019-02-05 20:57:29.453349040 +0000
    @@ -9,48 +9,48 @@
    
     _arguments -C -S \
       --happy-eyeballs-timeout-ms'[How long to wait in milliseconds for IPv6 before trying IPv4]':'<milliseconds>' \
    +  --resolve'[Resolve the host+port to this address]':'<host:port:address[,address]...>' \
       {-c,--cookie-jar}'[Write cookies to <filename> after operation]':'<filename>':_files \
       {-D,--dump-header}'[Write the received headers to <filename>]':'<filename>':_files \
       {-y,--speed-time}'[Trigger '\''speed-limit'\'' abort after this time]':'<seconds>' \
       --proxy-cacert'[CA certificate to verify peer against for proxy]':'<file>':_files \
    -  --tls13-ciphers'[of TLS 1.3 ciphersuites> TLS 1.3 cipher suites to use]':'<list' \
    +  --tls13-ciphers'[TLS 1.3 cipher suites to use]':'<list of TLS 1.3 ciphersuites>' \
       {-E,--cert}'[Client certificate file and password]':'<certificate[:password]>' \
       --libcurl'[Dump libcurl equivalent code of this command line]':'<file>':_files \
       --proxy-capath'[CA directory to verify peer against for proxy]':'<dir>':_files \
    -  --proxy-negotiate'[HTTP Negotiate (SPNEGO) authentication on the proxy]':'Use' \
       --proxy-pinnedpubkey'[FILE/HASHES public key to verify proxy with]':'<hashes>' \
       --crlfile'[Get a CRL list in PEM format from the given file]':'<file>':_files \
    -  --proxy-insecure'[HTTPS proxy connections without verifying the proxy]':'Do' \
    -  --proxy-ssl-allow-beast'[security flaw for interop for HTTPS proxy]':'Allow' \
    +  --proxy-negotiate'[Use HTTP Negotiate (SPNEGO) authentication on the proxy]' \
       --abstract-unix-socket'[Connect via abstract Unix domain socket]':'<path>' \
       --pinnedpubkey'[FILE/HASHES Public key to verify peer against]':'<hashes>' \
    +  --proxy-insecure'[Do HTTPS proxy connections without verifying the proxy]' \
       --proxy-pass'[Pass phrase for the private key for HTTPS proxy]':'<phrase>' \
    +  --proxy-ssl-allow-beast'[Allow security flaw for interop for HTTPS proxy]' \
       {-p,--proxytunnel}'[Operate through an HTTP proxy tunnel (using CONNECT)]' \
       --socks5-hostname'[SOCKS5 proxy, pass host name to proxy]':'<host[:port]>' \
       --proto-default'[Use PROTOCOL for any URL missing a scheme]':'<protocol>' \
    -  --proxy-tls13-ciphers'[list> TLS 1.3 proxy cipher suites]':'<ciphersuite' \
    +  --proxy-tls13-ciphers'[TLS 1.3 proxy cipher suites]':'<ciphersuite list>' \
       --socks5-gssapi-service'[SOCKS5 proxy service name for GSS-API]':'<name>' \
       --ftp-alternative-to-user'[String to replace USER \[name\]]':'<command>' \
    -  --ftp-ssl-control'[SSL/TLS for FTP login, clear for transfer]':'Require' \
       {-T,--upload-file}'[Transfer local FILE to destination]':'<file>':_files \
       --local-port'[Force use of RANGE for local port numbers]':'<num/range>' \
       --proxy-tlsauthtype'[TLS authentication type for HTTPS proxy]':'<type>' \
       {-R,--remote-time}'[Set the remote file'\''s time on the local output]' \
    -  --retry-connrefused'[on connection refused (use with --retry)]':'Retry' \
    -  --suppress-connect-headers'[proxy CONNECT response headers]':'Suppress' \
    -  {-j,--junk-session-cookies}'[session cookies read from file]':'Ignore' \
    -  --location-trusted'[--location, and send auth to other hosts]':'Like' \
    +  --ftp-ssl-control'[Require SSL/TLS for FTP login, clear for transfer]' \
       --proxy-cert-type'[Client certificate type for HTTPS proxy]':'<type>' \
       {-O,--remote-name}'[Write output to a file named as the remote file]' \
    +  --retry-connrefused'[Retry on connection refused (use with --retry)]' \
    +  --suppress-connect-headers'[Suppress proxy CONNECT response headers]' \
       --trace-ascii'[Like --trace, but without hex output]':'<file>':_files \
       --connect-timeout'[Maximum time allowed for connection]':'<seconds>' \
       --expect100-timeout'[How long to wait for 100-continue]':'<seconds>' \
       {-g,--globoff}'[Disable URL sequences and ranges using {} and \[\]]' \
    +  {-j,--junk-session-cookies}'[Ignore session cookies read from file]' \
       {-m,--max-time}'[Maximum time allowed for the transfer]':'<seconds>' \
       --dns-ipv4-addr'[IPv4 address to use for DNS requests]':'<address>' \
       --dns-ipv6-addr'[IPv6 address to use for DNS requests]':'<address>' \
    -  --ignore-content-length'[the size of the remote resource]':'Ignore' \
       {-k,--insecure}'[Allow insecure server connections when using SSL]' \
    +  --location-trusted'[Like --location, and send auth to other hosts]' \
       --mail-auth'[Originator address of the original email]':'<address>' \
       --noproxy'[List of hosts which do not use proxy]':'<no-proxy-list>' \
       --proto-redir'[Enable/disable PROTOCOLS on redirect]':'<protocols>' \
    @@ -62,18 +62,19 @@
       --socks5-basic'[Enable username/password auth for SOCKS5 proxies]' \
       --cacert'[CA certificate to verify peer against]':'<file>':_files \
       {-H,--header}'[Pass custom header(s) to server]':'<header/@file>' \
    +  --ignore-content-length'[Ignore the size of the remote resource]' \
       {-i,--include}'[Include protocol response headers in the output]' \
       --proxy-header'[Pass custom header(s) to proxy]':'<header/@file>' \
       --unix-socket'[Connect through this Unix domain socket]':'<path>' \
       {-w,--write-out}'[Use output FORMAT after completion]':'<format>' \
    -  --http2-prior-knowledge'[HTTP 2 without HTTP/1.1 Upgrade]':'Use' \
       {-o,--output}'[Write to file instead of stdout]':'<file>':_files \
    -  {-J,--remote-header-name}'[the header-provided filename]':'Use' \
    +  --preproxy'[\[protocol://\]host\[:port\] Use this proxy first]' \
       --socks4a'[SOCKS4a proxy on given host + port]':'<host[:port]>' \
       {-Y,--speed-limit}'[Stop transfers slower than this]':'<speed>' \
       {-z,--time-cond}'[Transfer based on a time condition]':'<time>' \
       --capath'[CA directory to verify peer against]':'<dir>':_files \
       {-f,--fail}'[Fail silently (no output at all) on HTTP errors]' \
    +  --http2-prior-knowledge'[Use HTTP 2 without HTTP/1.1 Upgrade]' \
       --proxy-tlspassword'[TLS password for HTTPS proxy]':'<string>' \
       {-U,--proxy-user}'[Proxy user and password]':'<user:password>' \
       --proxy1.0'[Use HTTP/1.0 proxy on given port]':'<host[:port]>' \
    @@ -81,52 +82,49 @@
       {-A,--user-agent}'[Send User-Agent <name> to server]':'<name>' \
       --egd-file'[EGD socket path for random data]':'<file>':_files \
       --fail-early'[Fail on first transfer error, do not continue]' \
    -  --haproxy-protocol'[HAProxy PROXY protocol v1 header]':'Send' \
    -  --preproxy'[Use this proxy first]':'[protocol://]host[:port]' \
    +  {-J,--remote-header-name}'[Use the header-provided filename]' \
       --retry-max-time'[Retry only within this period]':'<seconds>' \
       --socks4'[SOCKS4 proxy on given host + port]':'<host[:port]>' \
       --socks5'[SOCKS5 proxy on given host + port]':'<host[:port]>' \
    -  --socks5-gssapi-nec'[with NEC SOCKS5 server]':'Compatibility' \
    -  --ssl-allow-beast'[security flaw to improve interop]':'Allow' \
       --cert-status'[Verify the status of the server certificate]' \
    -  --ftp-create-dirs'[the remote dirs if not present]':'Create' \
       {-:,--next}'[Make next URL use its separate set of options]' \
       --proxy-key-type'[Private key file type for proxy]':'<type>' \
    -  --remote-name-all'[the remote file name for all URLs]':'Use' \
       {-X,--request}'[Specify request command to use]':'<command>' \
       --retry'[Retry request if transient problems occur]':'<num>' \
    -  --ssl-no-revoke'[cert revocation checks (WinSSL)]':'Disable' \
       --cert-type'[Certificate file type (DER/PEM/ENG)]':'<type>' \
       --connect-to'[Connect to host]':'<HOST1:PORT1:HOST2:PORT2>' \
       --create-dirs'[Create necessary local directory hierarchy]' \
    +  --haproxy-protocol'[Send HAProxy PROXY protocol v1 header]' \
       --max-redirs'[Maximum number of redirects allowed]':'<num>' \
       {-n,--netrc}'[Must read .netrc for user name and password]' \
    +  {-x,--proxy}'[\[protocol://\]host\[:port\] Use this proxy]' \
       --proxy-crlfile'[Set a CRL list for proxy]':'<file>':_files \
       --sasl-ir'[Enable initial response in SASL authentication]' \
    -  --socks5-gssapi'[GSS-API auth for SOCKS5 proxies]':'Enable' \
    +  --socks5-gssapi-nec'[Compatibility with NEC SOCKS5 server]' \
    +  --ssl-allow-beast'[Allow security flaw to improve interop]' \
    +  --ftp-create-dirs'[Create the remote dirs if not present]' \
       --interface'[Use network INTERFACE (or address)]':'<name>' \
       --key-type'[Private key file type (DER/PEM/ENG)]':'<type>' \
       --netrc-file'[Specify FILE for netrc]':'<filename>':_files \
       {-N,--no-buffer}'[Disable buffering of the output stream]' \
       --proxy-service-name'[SPNEGO proxy service name]':'<name>' \
    -  --styled-output'[styled output for HTTP headers]':'Enable' \
    +  --remote-name-all'[Use the remote file name for all URLs]' \
    +  --ssl-no-revoke'[Disable cert revocation checks (WinSSL)]' \
       --max-filesize'[Maximum file size to download]':'<bytes>' \
       --negotiate'[Use HTTP Negotiate (SPNEGO) authentication]' \
       --no-keepalive'[Disable TCP keepalive on the connection]' \
       {-#,--progress-bar}'[Display transfer progress as a bar]' \
    -  {-x,--proxy}'[Use this proxy]':'[protocol://]host[:port]' \
    -  --proxy-anyauth'[any proxy authentication method]':'Pick' \
       {-Q,--quote}'[Send command(s) to server before transfer]' \
    -  --request-target'[the target for this request]':'Specify' \
    +  --socks5-gssapi'[Enable GSS-API auth for SOCKS5 proxies]' \
       {-u,--user}'[Server user and password]':'<user:password>' \
       {-K,--config}'[Read config from a file]':'<file>':_files \
       {-C,--continue-at}'[Resumed transfer offset]':'<offset>' \
       --data-raw'[HTTP POST data, '\''@'\'' allowed]':'<data>' \
    -  --disallow-username-in-url'[username in url]':'Disallow' \
       --krb'[Enable Kerberos with security <level>]':'<level>' \
       --proxy-ciphers'[SSL ciphers to use for proxy]':'<list>' \
       --proxy-digest'[Use Digest authentication on the proxy]' \
       --proxy-tlsuser'[TLS username for HTTPS proxy]':'<name>' \
    +  --styled-output'[Enable styled output for HTTP headers]' \
       {-b,--cookie}'[Send cookies from string/file]':'<data>' \
       --data-urlencode'[HTTP POST data url encoded]':'<data>' \
       --delegation'[GSS-API delegation permission]':'<LEVEL>' \
    @@ -134,7 +132,10 @@
       --post301'[Do not switch to GET after following a 301]' \
       --post302'[Do not switch to GET after following a 302]' \
       --post303'[Do not switch to GET after following a 303]' \
    +  --proxy-anyauth'[Pick any proxy authentication method]' \
    +  --request-target'[Specify the target for this request]' \
       --trace-time'[Add time stamps to trace/verbose output]' \
    +  --disallow-username-in-url'[Disallow username in url]' \
       --dns-servers'[DNS server addrs to use]':'<addresses>' \
       {-G,--get}'[Put the post data in the URL and use GET]' \
       --limit-rate'[Limit transfer speed to RATE]':'<speed>' \
    @@ -148,21 +149,21 @@
       --metalink'[Process given URLs as metalink XML file]' \
       --tr-encoding'[Request compressed transfer encoding]' \
       --xattr'[Store metadata in extended file attributes]' \
    -  --ftp-skip-pasv-ip'[the IP address for PASV]':'Skip' \
       --pass'[Pass phrase for the private key]':'<phrase>' \
       --proxy-ntlm'[Use NTLM authentication on the proxy]' \
       {-S,--show-error}'[Show error even when -s is used]' \
    -  --ciphers'[of ciphers> SSL ciphers to use]':'<list' \
    +  --ciphers'[SSL ciphers to use]':'<list of ciphers>' \
       --form-string'[Specify multipart MIME data]':'<name=string>' \
       --login-options'[Server login options]':'<options>' \
       --tftp-blksize'[Set TFTP BLKSIZE option]':'<value>' \
    -  --tftp-no-options'[not send any TFTP options]':'Do' \
       {-v,--verbose}'[Make the operation more talkative]' \
    +  --ftp-skip-pasv-ip'[Skip the IP address for PASV]' \
       --proxy-key'[Private key for HTTPS proxy]':'<key>' \
       {-F,--form}'[Specify multipart MIME data]':'<name=content>' \
       --mail-from'[Mail from this address]':'<address>' \
       --oauth2-bearer'[OAuth 2 Bearer Token]':'<token>' \
       --proto'[Enable/disable PROTOCOLS]':'<protocols>' \
    +  --tftp-no-options'[Do not send any TFTP options]' \
       --tlsauthtype'[TLS authentication type]':'<type>' \
       --doh-url'[Resolve host names over DOH]':'<URL>' \
       --no-sessionid'[Disable SSL session-ID reusing]' \
    @@ -173,14 +174,13 @@
       --ftp-ssl-ccc'[Send CCC after authenticating]' \
       {-4,--ipv4}'[Resolve names to IPv4 addresses]' \
       {-6,--ipv6}'[Resolve names to IPv6 addresses]' \
    -  --netrc-optional'[either .netrc or URL]':'Use' \
       --service-name'[SPNEGO service name]':'<name>' \
       {-V,--version}'[Show version number and quit]' \
       --data-ascii'[HTTP POST ASCII data]':'<data>' \
       --ftp-account'[Account data string]':'<data>' \
    -  --compressed-ssh'[SSH compression]':'Enable' \
       --disable-eprt'[Inhibit using EPRT or LPRT]' \
       --ftp-method'[Control CWD usage]':'<method>' \
    +  --netrc-optional'[Use either .netrc or URL]' \
       --pubkey'[SSH Public key file name]':'<key>' \
       --raw'[Do HTTP "raw"; no transfer decoding]' \
       --anyauth'[Pick any authentication method]' \
    @@ -189,6 +189,7 @@
       --no-alpn'[Disable the ALPN TLS extension]' \
       --tcp-nodelay'[Use the TCP_NODELAY option]' \
       {-B,--use-ascii}'[Use ASCII/text transfer]' \
    +  --compressed-ssh'[Enable SSH compression]' \
       --digest'[Use HTTP Digest Authentication]' \
       --proxy-tlsv1'[Use TLSv1 for HTTPS proxy]' \
       --engine'[Crypto engine to use]':'<name>' \
Commits on Jan 16, 2019
  1. Fix typo in manpage

    ghedo committed Jan 16, 2019
Commits on Jan 27, 2018
  1. docs: fix typos in man pages

    ghedo authored and jay committed Jan 24, 2018
    Closes #2266
Commits on Nov 24, 2017
  1. connect: add support for new TCP Fast Open API on Linux

    ghedo authored and bagder committed Nov 5, 2017
    The new API added in Linux 4.11 only requires setting a socket option
    before connecting, without the whole sento() machinery.
    
    Notably, this makes it possible to use TFO with SSL connections on Linux
    as well, without the need to mess around with OpenSSL (or whatever other
    SSL library) internals.
    
    Closes #2056
Commits on Oct 24, 2017
  1. libcurl-tutorial.3: fix typo

    ghedo authored and bagder committed Oct 23, 2017
    closes #2008
Commits on Oct 23, 2017
  1. curl_mime_filedata.3: fix typos

    ghedo committed Oct 23, 2017
Commits on Aug 12, 2017
  1. docs: fix typo funtion -> function

    ghedo authored and bagder committed Aug 12, 2017
    Closes #1770
  2. docs: fix typo stuct -> struct

    ghedo committed Aug 12, 2017
Commits on Jan 15, 2017
  1. http2: disable server push if not requested

    ghedo committed Dec 10, 2016
    Ref: #1160
Commits on Jan 14, 2017
  1. http: print correct HTTP string in verbose output when using HTTP/2

    ghedo committed Jan 13, 2017
    Before:
    ```
     % src/curl https://sigsegv.ninja/ -v --http2
    ...
    > GET / HTTP/1.1
    > Host: sigsegv.ninja
    > User-Agent: curl/7.52.2-DEV
    > Accept: */*
    >
    ...
    ```
    
    After:
    ```
     % src/curl https://sigsegv.ninja/ -v --http2
    ...
    > GET / HTTP/2
    > Host: sigsegv.ninja
    > User-Agent: curl/7.52.2-DEV
    > Accept: */*
    >
    ```
Commits on Apr 18, 2016
  1. connect: implement TCP Fast Open for Linux

    ghedo authored and bagder committed Apr 3, 2016
    Closes #660
  2. tool: add --tcp-fastopen option

    ghedo authored and bagder committed Feb 16, 2016
  3. connect: implement TCP Fast Open for OS X

    ghedo authored and bagder committed Feb 16, 2016
  4. url: add CURLOPT_TCP_FASTOPEN option

    ghedo authored and bagder committed Feb 16, 2016
Commits on Jan 11, 2016
  1. scripts: don't generate and install zsh completion when cross-compiling

    ghedo authored and bagder committed Jan 11, 2016
  2. scripts: fix zsh completion generation

    ghedo authored and bagder committed Dec 27, 2015
    The script should use the just-built curl, not the system one. This fixes
    zsh completion generation when no system curl is installed.
  3. zsh.pl: fail if no curl is found

    ghedo authored and bagder committed Dec 27, 2015
    Instead of generation a broken completion file.
Commits on Sep 19, 2015
  1. openssl: don't output certinfo data

    ghedo authored and bagder committed Sep 14, 2015
Commits on Aug 21, 2015
  1. openssl: handle lack of server cert when strict checking disabled

    ghedo authored and bagder committed Aug 21, 2015
    If strict certificate checking is disabled (CURLOPT_SSL_VERIFYPEER
    and CURLOPT_SSL_VERIFYHOST are disabled) do not fail if the server
    doesn't present a certificate at all.
    
    Closes #392
Commits on Aug 12, 2015
  1. docs: fix typos

    ghedo authored and bagder committed Aug 12, 2015
    closes #376
Commits on May 23, 2015
  1. scripts: add zsh.pl for generating zsh completion

    ghedo authored and bagder committed May 7, 2015
Commits on May 8, 2015
  1. tool_help: fix formatting for --next option

    ghedo authored and bagder committed May 7, 2015
Commits on May 4, 2015
  1. gtls: properly retrieve certificate status

    ghedo authored and bagder committed May 4, 2015
    Also print the revocation reason if appropriate.
Commits on Apr 22, 2015
  1. curl.1: fix typo

    ghedo authored and dfandrich committed Apr 22, 2015
Commits on Mar 20, 2015
  1. curl: add --false-start option

    ghedo authored and kdudka committed Feb 14, 2015
  2. nss: add support for TLS False Start

    ghedo authored and kdudka committed Feb 14, 2015
  3. url: add CURLOPT_SSL_FALSESTART option

    ghedo authored and kdudka committed Feb 14, 2015
    This option can be used to enable/disable TLS False Start defined in the RFC
    draft-bmoeller-tls-falsestart.
  4. gtls: implement CURLOPT_CERTINFO

    ghedo authored and Patrick Monnerat committed Mar 20, 2015
  5. openssl: try to avoid accessing OCSP structs when possible

    ghedo authored and bagder committed Mar 20, 2015
Commits on Mar 10, 2015
  1. gtls: correctly align certificate status verification messages

    ghedo authored and bagder committed Mar 9, 2015
  2. gtls: don't print double newline after certificate dates

    ghedo authored and bagder committed Mar 9, 2015
  3. gtls: print negotiated TLS version and full cipher suite name

    ghedo authored and bagder committed Mar 9, 2015
    Instead of priting cipher and MAC algorithms names separately, print the
    whole cipher suite string which also includes the key exchange algorithm,
    along with the negotiated TLS version.
Older
You can’t perform that action at this time.