ENABLE_IPV6 depends on HAVE_GETADDRINFO or you will get a
Curl_getaddrinfo_ex error. Enable IPv6 by default, disabling it if
struct sockaddr_in6 is not found in netinet/in.h.
Note that HAVE_GETADDRINFO_THREADSAFE is still not set as it needs more
platform checks even though POSIX requires a thread-safe getaddrinfo.
Verified on Arch Linux x86_64 with glibc 2.20-2 and Linux 3.16-rc7.
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Rather than always outputting an empty manual page for the '-M' option,
generate a full manual page as done by autotools. For simplicity in
CMake, always generate the gzipped page as it will not be used anyway
when zlib is not available.
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Option --pinnedpubkey takes a path to a public key in DER format and
only connect if it matches (currently only implemented with OpenSSL).
Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().
Extract a public RSA key from a website like so:
openssl s_client -connect google.com:443 2>&1 < /dev/null | \
sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
| openssl rsa -pubin -outform DER > google.com.der
For private keys, use the first match from: user-specified key file
(if provided), ~/.ssh/id_rsa, ~/.ssh/id_dsa, ./id_rsa, ./id_dsa
Note that the previous code only looked for id_dsa files. id_rsa is
now generally preferred, as it supports larger key sizes.
For public keys, use the user-specified key file, if provided.
Otherwise, try to extract the public key from the private key file.
This means that passing --pubkey is typically no longer required,
and makes the key-handling behavior more like OpenSSH.
As we weren't using the correct phonetic description and doing it correctly
involves funny letters that I'm sure will cause problems for people in a text
document so I instead rephrased it and link to a WAV file with a person
actually saying 'curl'.
Reported-By: Dimitar Boevski
Added support for Kerberos 5 to the email protocols following the recent
additions in 7.38.0.
Removed Kerberos 4 as this has been gone for a while now.
Only minor edits to make it generate nice HTML output using markdown, as
this document serves both in source release tarballs as on the web site.
URL: http://curl.haxx.se/docs/sslcerts.html