mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-12-27 06:59:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
67b0692f09
curl/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.md

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

149 lines
3.6 KiB
Markdown
Raw Normal View History

docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
---
curldown: Fix email address in Copyright The curldown conversion accidentally replaced daniel@haxx.se with just daniel.se. This reverts back to the proper email address in the curldown docs as well as in a few other stray places where it was incorrect (while unrelated to curldown). Reviewed-by: Daniel Stenberg <daniel@haxx.se> Closes: #12997
2024-02-28 18:28:10 +08:00
c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
SPDX-License-Identifier: curl
Title: CURLOPT_PINNEDPUBLICKEY
Section: 3
Source: libcurl
See-also:
- CURLOPT_CAINFO (3)
- CURLOPT_CAPATH (3)
- CURLOPT_SSL_VERIFYHOST (3)
- CURLOPT_SSL_VERIFYPEER (3)
docs: make each libcurl man specify protocol(s) The mandatory header now has a mandatory list of protocols for which the manpage is relevant. Most man pages already has a "PROTOCOLS" section, but this introduces a stricter way to specify the relevant protocols. cd2nroff verifies that at least one protocol is mentioned (which can be `*`). This information is not used just yet, but A) the PROTOCOLS section can now instead get generated and get a unified wording across all manpages and B) this allows us to more reliably filter/search for protocol specific manpages/options. Closes #13166
2024-03-21 18:50:20 +08:00
Protocol:
- TLS
docs/libcurl: add TLS backend info for all TLS options All man pages that are listed to be for TLS now must also specify exactly what TLS backends the option works for, or use All if they all work. cd2nroff makes sure this is done and that the listed backends exist. Closes #13168
2024-03-21 22:46:32 +08:00
TLS-backend:
- OpenSSL
- GnuTLS
- wolfSSL
- mbedTLS
- Secure Transport
- Schannel
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
---
# NAME
CURLOPT_PINNEDPUBLICKEY - pinned public key
# SYNOPSIS
~~~c
SSL: implement public key pinning Option --pinnedpubkey takes a path to a public key in DER format and only connect if it matches (currently only implemented with OpenSSL). Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt(). Extract a public RSA key from a website like so: openssl s_client -connect google.com:443 2>&1 < /dev/null | \ sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \ | openssl rsa -pubin -outform DER > google.com.der
2014-10-01 10:31:17 +08:00
#include <curl/curl.h>
docs: consistent manpage SYNOPSIS Make all libcurl related options use .nf (no fill) for the SYNOPSIS section - for consistent look. roffit then renders that section using <pre> (monospace font) in html for the website. Extended manpage-syntax (test 1173) with a basic check for it. Closes #8062
2021-11-26 21:20:18 +08:00
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PINNEDPUBLICKEY,
char *pinnedpubkey);
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
~~~
# DESCRIPTION
terminology: call them null-terminated strings Updated terminology in docs, comments and phrases to refer to C strings as "null-terminated". Done to unify with how most other C oriented docs refer of them and what users in general seem to prefer (based on a single highly unscientific poll on twitter). Reported-by: coinhubs on github Fixes #5598 Closes #5608
2020-06-25 17:38:25 +08:00
Pass a pointer to a null-terminated string as parameter. The string can be the
GHA: add a job scanning for "bad words" in markdown This means words, phrases or things we have decided not to use - words that are spelled right according to the dictionary but we want to avoid. In the name of consistency and better documentation. Closes #12764
2024-01-23 22:12:09 +08:00
filename of your pinned public key. The file format expected is "PEM" or
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
"DER". The string can also be any number of base64 encoded sha256 hashes
preceded by "sha256//" and separated by ";"
SSL: implement public key pinning Option --pinnedpubkey takes a path to a public key in DER format and only connect if it matches (currently only implemented with OpenSSL). Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt(). Extract a public RSA key from a website like so: openssl s_client -connect google.com:443 2>&1 < /dev/null | \ sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \ | openssl rsa -pubin -outform DER > google.com.der
2014-10-01 10:31:17 +08:00
When negotiating a TLS or SSL connection, the server sends a certificate
CURLOPT_PINNEDPUBLICKEY.3: added details
2014-10-30 21:56:53 +08:00
indicating its identity. A public key is extracted from this certificate and
docs: rewrite to present tense ... instead of using future tense. + numerous cleanups and improvements + stick to "reuse" not "re-use" + fewer contractions Closes #11713
2023-08-22 23:40:39 +08:00
if it does not exactly match the public key provided to this option, curl
aborts the connection before sending or receiving any data.
CURLOPT_PINNEDPUBLICKEY.3: mention error code
2015-09-17 14:50:51 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
This option is independent of option CURLOPT_SSL_VERIFYPEER(3). If you turn
off that option then the peer is still verified by public key.
docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER - Explain that peer verification via CURLOPT_PINNEDPUBLICKEY takes place even if peer verification via CURLOPT_SSL_VERIFYPEER is turned off. The behavior is verified by test2048. Bug: https://github.com/curl/curl/issues/2935#issuecomment-418371872 Reported-by: claudiusaiz@users.noreply.github.com Bug: https://github.com/curl/curl/discussions/11910 Reported-by: Hakan Sunay Halil Closes https://github.com/curl/curl/pull/11930
2023-09-25 13:41:20 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
On mismatch, *CURLE_SSL_PINNEDPUBKEYNOTMATCH* is returned.
docs: Add note about libcurl copying strings to CURLOPT_* manpages Closes #1169
2016-12-21 21:48:35 +08:00
The application does not have to keep the string around after setting this
option.
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
# DEFAULT
SSL: implement public key pinning Option --pinnedpubkey takes a path to a public key in DER format and only connect if it matches (currently only implemented with OpenSSL). Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt(). Extract a public RSA key from a website like so: openssl s_client -connect google.com:443 2>&1 < /dev/null | \ sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \ | openssl rsa -pubin -outform DER > google.com.der
2014-10-01 10:31:17 +08:00
NULL
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
# EXAMPLE
~~~c
docs: make all examples in all libcurl man pages compile Closes #12448
2023-12-04 17:50:42 +08:00
int main(void)
{
CURL *curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
curl_easy_setopt(curl, CURLOPT_PINNEDPUBLICKEY, "/etc/publickey.der");
/* OR
curl_easy_setopt(curl, CURLOPT_PINNEDPUBLICKEY,
"sha256//YhKJKSzoTt2b5FP18fvpHo7fJYqQCjAa3HWY3"
"tvRMwE=;sha256//t62CeU2tQiqkexU74Gxa2eg7fRbEg"
"oChTociMee9wno=");
*/
CURLOPT_PINNEDPUBLICKEY.3: added details
2014-10-30 21:56:53 +08:00
docs: make all examples in all libcurl man pages compile Closes #12448
2023-12-04 17:50:42 +08:00
/* Perform the request */
curl_easy_perform(curl);
}
CURLOPT_PINNEDPUBLICKEY.3: added details
2014-10-30 21:56:53 +08:00
}
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
~~~
# PUBLIC KEY EXTRACTION
cyassl: Implement public key pinning Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2015-04-05 13:48:16 +08:00
If you do not have the server's public key file you can extract it from the
server's certificate.
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
~~~
docs: reduce/avoid English contractions You're => You are Hasn't => Has not Doesn't => Does not Don't => Do not You'll => You will etc Closes #7930
2021-10-31 23:34:44 +08:00
# retrieve the server's certificate if you do not already have it
CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example - Show how a certificate can be obtained using OpenSSL. Bug: https://github.com/bagder/curl/pull/430 Reported-by: Daniel Hwang
2015-09-14 15:16:04 +08:00
#
# be sure to examine the certificate to see if it is what you expected
#
# Windows-specific:
# - Use NUL instead of /dev/null.
# - OpenSSL may wait for input instead of disconnecting. Hit enter.
docs: reduce/avoid English contractions You're => You are Hasn't => Has not Doesn't => Does not Don't => Do not You'll => You will etc Closes #7930
2021-10-31 23:34:44 +08:00
# - If you do not have sed, then just copy the certificate into a file:
CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example - Show how a certificate can be obtained using OpenSSL. Bug: https://github.com/bagder/curl/pull/430 Reported-by: Daniel Hwang
2015-09-14 15:16:04 +08:00
# Lines from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE-----.
#
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
openssl s_client -servername www.example.com -connect www.example.com:443 \
< /dev/null | sed -n "/-----BEGIN/,/-----END/p" > www.example.com.pem
CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example - Show how a certificate can be obtained using OpenSSL. Bug: https://github.com/bagder/curl/pull/430 Reported-by: Daniel Hwang
2015-09-14 15:16:04 +08:00
SSL: Pinned public key hash support
2015-07-01 08:23:54 +08:00
# extract public key in pem format from certificate
CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com closes #443
2015-09-20 22:08:15 +08:00
openssl x509 -in www.example.com.pem -pubkey -noout > www.example.com.pubkey.pem
CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example - Show how a certificate can be obtained using OpenSSL. Bug: https://github.com/bagder/curl/pull/430 Reported-by: Daniel Hwang
2015-09-14 15:16:04 +08:00
SSL: Pinned public key hash support
2015-07-01 08:23:54 +08:00
# convert public key from pem to der
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
openssl asn1parse -noout -inform pem -in www.example.com.pubkey.pem \
-out www.example.com.pubkey.der
CURLOPT_PINNEDPUBLICKEY.3: Improve pubkey extraction example - Show how a certificate can be obtained using OpenSSL. Bug: https://github.com/bagder/curl/pull/430 Reported-by: Daniel Hwang
2015-09-14 15:16:04 +08:00
SSL: Pinned public key hash support
2015-07-01 08:23:54 +08:00
# sha256 hash and base64 encode der to string for use
CURLOPT_PINNEDPUBLICKEY.3: replace test.com with example.com closes #443
2015-09-20 22:08:15 +08:00
openssl dgst -sha256 -binary www.example.com.pubkey.der | openssl base64
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
~~~
SSL: Pinned public key hash support
2015-07-01 08:23:54 +08:00
The public key in PEM format contains a header, base64 data and a
cyassl: Implement public key pinning Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2015-04-05 13:48:16 +08:00
footer:
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
~~~
cyassl: Implement public key pinning Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2015-04-05 13:48:16 +08:00
-----BEGIN PUBLIC KEY-----
[BASE 64 DATA]
-----END PUBLIC KEY-----
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
~~~
# AVAILABILITY
CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting
2016-09-19 05:56:13 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
## PEM/DER support
GSKit: restore pinnedpubkey functionality inadvertently removed in 283babfaf8d8f3bab9d3c63cea94eb0b84e79c37 Closes #2263
2018-01-26 05:47:49 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
7.39.0: OpenSSL, GnuTLS
CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting
2016-09-19 05:56:13 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
7.43.0: wolfSSL
CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting
2016-09-19 05:56:13 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
7.47.0: mbedTLS
SecureTransport/DarwinSSL: Implement public key pinning Closes #1400
2017-04-18 07:47:51 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
7.54.1: Secure Transport on macOS 10.7+/iOS 10+
SChannel/WinSSL: Implement public key pinning Closes #1429
2017-04-19 12:31:23 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
7.58.1: Schannel
CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting
2016-09-19 05:56:13 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
## sha256 support
CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting
2016-09-19 05:56:13 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
7.44.0: OpenSSL, GnuTLS and wolfSSL
CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting
2016-09-19 05:56:13 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
7.47.0: mbedTLS
SecureTransport/DarwinSSL: Implement public key pinning Closes #1400
2017-04-18 07:47:51 +08:00
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
7.54.1: Secure Transport on macOS 10.7+/iOS 10+
7.58.1: Schannel
SChannel/WinSSL: Implement public key pinning Closes #1429
2017-04-19 12:31:23 +08:00
PolarSSL: Implement public key pinning
2016-04-22 09:21:45 +08:00
Other SSL backends not supported.
docs: introduce "curldown" for libcurl man page format curldown is this new file format for libcurl man pages. It is markdown inspired with differences: - Each file has a set of leading headers with meta-data - Supports a small subset of markdown - Uses .md file extensions for editors/IDE/GitHub to treat them nicely - Generates man pages very similar to the previous ones - Generates man pages that still convert nicely to HTML on the website - Detects and highlights mentions of curl symbols automatically (when their man page section is specified) tools: - cd2nroff: converts from curldown to nroff man page - nroff2cd: convert an (old) nroff man page to curldown - cdall: convert many nroff pages to curldown versions - cd2cd: verifies and updates a curldown to latest curldown This setup generates .3 versions of all the curldown versions at build time. CI: Since the documentation is now technically markdown in the eyes of many things, the CI runs many more tests and checks on this documentation, including proselint, link checkers and tests that make sure we capitalize the first letter after a period... Closes #12730
2024-01-17 18:32:44 +08:00
# RETURN VALUE
SSL: implement public key pinning Option --pinnedpubkey takes a path to a public key in DER format and only connect if it matches (currently only implemented with OpenSSL). Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt(). Extract a public RSA key from a website like so: openssl s_client -connect google.com:443 2>&1 < /dev/null | \ sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \ | openssl rsa -pubin -outform DER > google.com.der
2014-10-01 10:31:17 +08:00
Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
Reference in New Issue Copy Permalink