It was previously unlimited by default, but that's not a sensible
default. While changing this has a remote risk of breaking an existing
use case, I figure it is more likely to actually save users from loops.
Closes#11581
- If the user set a legacy algorithm list (CURLOPT_SSL_CIPHER_LIST) then
use the SCHANNEL_CRED legacy structure to pass the list to Schannel.
- If the user set both a legacy algorithm list and a TLS 1.3 cipher list
then abort.
Although MS doesn't document it, Schannel will not negotiate TLS 1.3
when SCHANNEL_CRED is used. That means setting a legacy algorithm list
limits the user to earlier versions of TLS.
Prior to this change, since 8beff435 (precedes 7.85.0), libcurl would
ignore legacy algorithms in Windows 10 1809 and later.
Reported-by: zhihaoy@users.noreply.github.com
Fixes https://github.com/curl/curl/pull/10741
Closes https://github.com/curl/curl/pull/10746
- Update the OpenSSL connect state machine to handle
SSL_ERROR_WANT_RETRY_VERIFY.
This allows libcurl users that are using custom certificate validation
to suspend processing while waiting for external I/O during certificate
validation.
Closes https://github.com/curl/curl/pull/11499
It can be used multiple times. Use %output{>>name} to append.
Add docs. Test 990 and 991 verify.
Idea: #11400
Suggested-by: ed0d2b2ce19451f2
Closes#11416
Add support for command line variables. Set variables with --variable
name=content or --variable name@file (where "file" can be stdin if set
to a single dash (-)).
Variable content is expanded in option parameters using "{{name}}"
(without the quotes) if the option name is prefixed with
"--expand-". This gets the contents of the variable "name" inserted, or
a blank if the name does not exist as a variable. Insert "{{" verbatim
in the string by prefixing it with a backslash, like "\\{{".
Import an environment variable with --variable %name. It makes curl exit
with an error if the environment variable is not set. It can also rather
get a default value if the variable does not exist, using =content or
@file like shown above.
Example: get the USER environment variable into the URL:
--variable %USER
--expand-url = "https://example.com/api/{{USER}}/method"
When expanding variables, curl supports a set of functions that can make
the variable contents more convenient to use. It can trim leading and
trailing white space with "trim", output the contents as a JSON quoted
string with "json", URL encode it with "url" and base 64 encode it with
"b64". To apply functions to a variable expansion, add them colon
separated to the right side of the variable. They are then performed in
a left to right order.
Example: get the contents of a file called $HOME/.secret into a variable
called "fix". Make sure that the content is trimmed and percent-encoded
sent as POST data:
--variable %HOME=/home/default
--expand-variable fix@{{HOME}}/.secret
--expand-data "{{fix:trim:url}}"
https://example.com/
Documented. Many new test cases.
Co-brainstormed-by: Emanuele Torre
Assisted-by: Jat Satiro
Closes#11346
Introduce a --enable-form-api configure option to control its inclusion
in builds. The condition name defined for it is CURL_DISABLE_FORM_API.
Form api code is dependent of MIME: configure and CMake handle this
dependency automatically: CMake by making it a dependent option
explicitly, configure by inheriting the MIME value by default and
rejecting explicit incompatible values.
"form-api" is now a new hidden test feature.
Update libcurl modules to respect this option and adjust tests
accordingly.
Closes#9621
Fix the distcheck CI failure and delete more NSS references.
Follow-up to 7c8bae0d9c
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes#11548
Year ranges in copyrights were dropped in commits [1] and [2].
Verification of year ranges in copyrights was dropped from script
'scripts/copyright.pl' in commit [3]. However, the corresponding
passages in file 'docs/CONTRIBUTE.md' weren't updated.
Drop mentions of copyright year ranges from 'docs/CONTRIBUTE.md'.
[1] 2bc1d775f (copyright: update all copyright lines and remove year
ranges, 2023-01-02)
[2] c46761bd8 (tests/http: remove year ranges from copyrights,
2023-03-14)
[3] 0e293bacb (copyright.pl: cease doing year verifications, 2023-01-28)
Closes#11504
File 'docs/CONTRIBUTE.md' includes a description of how one should write
commit messages in the curl project. Different possible parts of the
message are enclosed in square brackets. One exception is the section
describing how the curl project doesn't use "Signed-off-by" commit
trailers [1], which is enclosed in an opening curly brace paired with a
closing square bracket.
Fix the enclosing square brackets in description of "Signed-off-by"
trailers in commit messages in file 'docs/CONTRIBUTE.md'.
[1] See description of option '--signoff' in Git documentation:
https://git-scm.com/docs/git-commitCloses#11504
follow-up from 099f41e097
I just thought of checking all the other files with .RE, and I found 6
other files that were missing .IP at the end.
Closes#11375
quote.d was missing a .IP at the end which caused the paragraphs
generated for See-also, Multi, and Example to not be indented correctly.
I also remove a redundant "This option can be used multiple times.", and
replaced .IP "item" with .TP .B "item" to make more clear which lines
are part of the list of commands and which aren't.
Closes#11371
This shows how to setup OpenSSL mutex callbacks, but this is not
necessary since OpenSSL 1.1.0 - meaning that no currently supported
OpenSSL version requires this anymore
Closes#11341
