1
1
<HTML><HEAD><TITLE>Manpage of TclCurl</TITLE>
4
Section: Easy inteface (n)<BR>Updated: 8 September 2008<BR>
4
Section: Easy inteface (n)<BR>Updated: 03 October 2011<BR>
5
5
<A NAME="lbAB"> </A>
9
TclCurl: - get a URL with FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, FILE or LDAP syntax.
9
TclCurl: - get a URL with FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, FILE, LDAP,
10
LDAPS, IMAP, IMAPS, POP, POP3, SMTP, SMTPS and gopher syntax.
10
11
<A NAME="lbAC"> </A>
61
62
<A NAME="lbAD"> </A>
62
63
<H2>DESCRIPTION</H2>
64
The TclCurl extension gives Tcl programmers access to the libcurl
65
library written by <a href="http://daniel.haxx.se">Daniel Stenberg</a>, with it you can download urls,
66
upload them and many other neat tricks, for more information check
67
<A HREF="http://curl.haxx.se">cURL's web page</A>
65
The TclCurl extension gives Tcl programmers access to the <a href="http://curl.haxx.se/libcurl/">libcurl</a>
66
library written by <a href="http://daniel.haxx.se/">Daniel Stenberg</a>, with it you can download urls,
67
upload them and many other neat tricks.
69
69
<A NAME="lbAE"> </A>
70
70
<H2>curl::init</H2>
158
158
option is mainly here to allow multi-threaded unix applications to still
159
159
set/use all timeout options etc, without risking getting signals.
161
If this option is set and libcurl has been built with the standard name resolver,
162
timeouts will not occur while the name resolve takes place. Consider building
163
libcurl with c-ares support to enable asynchronous DNS lookups, which enables
164
nice timeouts for name resolves without signals.
166
Setting <I>nosignal</I> to 1 makes libcurl NOT ask the system to ignore
167
SIGPIPE signals, which otherwise are sent by the system when trying to send
168
data to a socket which is closed in the other end. libcurl makes an effort to
169
never cause such SIGPIPEs to trigger, but some operating systems have no way
170
to avoid them and even on those that have there are some corner cases when
171
they may still happen, contrary to our desire. In addition, using
172
<I>ntlm_Wb</I> authentication could cause a SIGCHLD signal to be raised.
177
Set this option to 1 if you want to transfer multiple files according to a
178
file name pattern. The pattern can be specified as part of the
179
<B>-url</B> option, using an fnmatch-like pattern (Shell Pattern
180
Matching) in the last part of URL (file name).
182
By default, TClCurl uses its internal wildcard matching implementation. You
183
can provide your own matching function by the <B>-fnmatchproc</B> option.
185
This feature is only supported by the FTP download for now.
187
A brief introduction of its syntax follows:
191
ftp://example.com/some/path/*.txt (for all txt's from the root directory)
197
<DT>? - QUESTION MARK<DD>
198
Question mark matches any (exactly one) character.
200
ftp://example.com/some/path/photo?.jpeg
206
<DT>[ - BRACKET EXPRESSION<DD>
207
The left bracket opens a bracket expression. The question mark and asterisk have
208
no special meaning in a bracket expression. Each bracket expression ends by the
209
right bracket and matches exactly one character. Some examples follow:
211
<B>[a-zA-Z0-9]</B> or <B>[f-gF-G]</B> - character interval
213
<B>[abc]</B> - character enumeration
215
<B>[^abc]</B> or <B>[!abc]</B> - negation
217
<B>[[:</B><I>name</I><B>:]]</B> class expression. Supported classes are
218
<B>alnum</B>,<B>lower</B>, <B>space</B>, <B>alpha</B>, <B>digit</B>, <B>print</B>,
219
<B>upper</B>, <B>blank</B>, <B>graph</B>, <B>xdigit</B>.
221
<B>[][-!^]</B> - special case - matches only '-', ']', '[', '!' or '^'. These
222
characters have no special purpose.
224
<B>[\[\]\\]</B> - escape syntax. Matches '[', ']' or '\'.
226
Using the rules above, a file name pattern can be constructed:
228
ftp://example.com/some/path/[a-z[:upper:]\\].jpeg
163
236
<A NAME="lbAH"> </A>
164
237
<H2>Callback options</H2>
190
263
should return the actual number of bytes read, or '0' if you want to
191
264
stop the transfer.
266
If you stop the current transfer by returning 0 "pre-maturely" (i.e before
267
the server expected it, like when you've said you will upload N bytes and
268
you upload less than N bytes), you may experience that the server "hangs"
269
waiting for the rest of the data that won't come.
271
Bugs: when doing TFTP uploads, you must return the exact amount of data
272
that the callback wants, or it will be considered the final packet by the
273
server end and the transfer will end there.
193
275
<DT><B>-infile</B>
201
283
Name of the Tcl procedure that will invoked by TclCurl with a frequent
202
interval during operation (roughly once per second), no matter if data
284
interval during operation (roughly once per second or sooner), no matter if data
203
285
is being transfered or not. Unknown/unused
204
286
argument values passed to the callback will be set to zero (like if you
205
287
only download data, the upload size will remain 0), the prototype of the
242
326
1 incoming header, 2 outgoing header, 3 incoming data, 4 outgoing data,
243
327
5 incoming SSL data, 6 outgoing SSL data).
329
<DT><B>-chunkbgnproc</B>
332
Name of the procedure that will be called before a file will be transfered by
333
ftp, it should match the following prototype:
335
<B>ChunkBgnProc {remains}</B>
339
Where remains is the number of files left to be transfered (or skipped)
341
This callback makes sense only when using the <B>-wildcard</B> option.
343
<DT><B>-chunkbgnvar</B>
346
Name of the variable in the global scope that will contain the data of the file about
347
to be transfered. If you don't use this option '::fileData' will be used.
349
The available data is: filename, filetype (file, directory, symlink, device block, device char,
350
named pipe, socket, door or error if it couldn't be identified), time, perm, uid, gid,
351
size, hardlinks and flags.
353
<DT><B>-chunkendproc</B>
356
Name of the procedure that will be called after a file is transfered (or skipped)
357
by ftp, it should match the following prototype:
359
<B>ChunkEndProc {}</B>
362
It should return '0' if everyhting is fine and '1' if some error occurred.
364
<DT><B>-fnmatchProc</B>
367
Name of the procedure that will be called instead of the internal wildcard
368
matching function, it should match the following prototype:
370
<B>FnMatchProc {pattern string}</B>
373
Returns '0' if it matches, '1' if it doesn't.
246
376
<A NAME="lbAI"> </A>
247
377
<H2>Error Options</H2>
290
420
attempt to guess which protocol to use based on the given host name. If the
291
421
given protocol of the set URL is not supported, TclCurl will return the
292
422
<B>unsupported protocol</B> error when you call <B>perform</B>. Use
293
<B>curl::versioninfo</B> for detailed info on which protocols that are supported.
295
<B>NOTE</B>: this the one option required to be set
423
<B>curl::versioninfo</B> for detailed info on which protocols are supported.
425
Starting with version 7.22.0, the fragment part of the URI will not be send as
426
part of the path, which was the case previously.
428
<B>NOTE</B>: this is the one option required to be set before <B>perform</B> is called.
430
<DT><B>-protocols</B>
433
Pass a list in lowecase of protocols to limit what protocols TclCurl may use in the transfer. This
434
allows you to have a TclCurl built to support a wide range of protocols but still limit
435
specific transfers to only be allowed to use a subset of them.
437
Accepted protocols are 'http', 'https', 'ftp', 'ftps', 'scp', 'sftp', 'telnet', 'ldap',
441
<DT><B>-redirprotocols</B>
444
Pass a list in lowercase of accepted protocols to limit what protocols TclCurl may use in a transfer
445
that it follows to in a redirect when <B>-followlocation</B> is enabled. This allows you
446
to limit specific transfers to only be allowed to use a subset of protocols in redirections.
448
By default TclCurl will allow all protocols except for FILE and SCP. This is a difference
449
compared to pre-7.19.4 versions which unconditionally would follow to all protocols supported.
301
451
<DT><B>-proxy</B>
328
478
environment variables, include protocol prefix (<A HREF="http://)">http://)</A> and embedded
481
Since 7.22.0, the proxy string may be specified with a protocol:// prefix to
482
specify alternative proxy protocols. Use socks4://, socks4a://, socks5:// or
483
socks5h:// (the last one to enable socks5 and asking the proxy to do the resolving)
484
to request the specific SOCKS version
485
to be used. No protocol specified, http:// and all others will be treated as
331
488
<DT><B>-proxyport</B>
334
491
Use this option to set the proxy port to use unless it is specified in
335
the proxy string by <B>-proxy</B>.
492
the proxy string by <B>-proxy</B>. If not specified, TclCurl will default
493
-to using port 1080 for proxies.
337
495
<DT><B>-proxytype</B>
340
Pass the type of the proxy. Available options are 'http', 'socks4', 'socks4a'
341
and 'socks5', with the HTTP one being default.
498
Pass the type of the proxy. Available options are 'http', 'http1.0', 'socks4', 'socks4a',
499
<BLOCKQUOTE>man2html: unable to open or read file
504
If you set it to <I>http1.0</I>, it will only affect how libcurl speaks to a proxy
505
when CONNECT is used. The HTTP version used for "regular" HTTP requests is instead
506
controled with <I>httpversion</I>.
511
Pass a string, a comma-separated list of hosts which do not use a proxy, if one
512
is specified. The only wildcard is a single * character, which matches all hosts,
513
and effectively disables the proxy. Each name in this list is matched as either
514
a domain which contains the hostname, or the hostname itself. For example, local.com
515
would match local.com, local.com:80, and www.local.com, but not http://www.notlocal.com.
343
517
<DT><B>-httpproxytunnel</B>
347
521
operations through the given HTTP proxy. Do note that there is a big
348
522
difference between using a proxy and tunneling through it. If you don't know what
349
523
this means, you probably don't want this tunnel option.
525
<DT><B>-socks5gssapiservice</B>
528
Pass thee name of the service. The default service name for a SOCKS5 server is
529
rcmd/server-fqdn. This option allows you to change it.
531
<DT><B>-socks5gssapinec</B>
534
Pass a 1 to enable or 0 to disable. As part of the gssapi negotiation a protection
535
mode is negotiated. The rfc1961 says in section 4.3/4.4 it should be protected, but
536
the NEC reference implementation does not. If enabled, this option allows the
537
unprotected exchange of the protection mode negotiation.
352
539
<DT><B>-interface</B>
370
557
This is the number of attempts TclCurl should do to find a working local port
371
558
number. It starts with the given <B>-localport</B> and adds
372
559
one to the number for each retry. Setting this value to 1 or below will make
373
TclCurl do only one try for exact port number. Note that port numbers by nature
560
TclCurl do only one try for each port number. Port numbers by nature
374
561
are a scarce resource that will be busy at times so setting this value to something
375
562
too low might cause unnecessary connection setup failures.
381
568
of seconds. Set to '0' to completely disable caching, or '-1' to make the
382
569
cached entries remain forever. By default, TclCurl caches this info for 60 seconds.
571
The name resolve functions of various libc implementations don't re-read name
572
server information unless explicitly told so (for example, by calling
573
<BR> <I>res_init(3)</I>). This may cause TclCurl to keep using the older server even
574
if DHCP has updated the server info, and this may look like a DNS cache issue.
384
576
<DT><B>-dnsuseglobalcache</B>
505
697
Pass a string as parameter, which should be [username]:[password] to use for
506
698
the connection to the HTTP proxy.
703
Pass a string with the user name to use for the transfer. It sets the user name
704
to be used in protocol authentication. You should not use this option together
705
with the (older) <B>-userpwd</B> option.
707
In order to specify the password to be used in conjunction with the user name
708
use the <B>-password</B> option.
713
Pass a string with the password to use for the transfer.
715
It should be used in conjunction with the <B>-username</B> option.
717
<DT><B>-proxyusername</B>
720
Pass a string with the user name to use for the transfer while connecting to Proxy.
722
It should be used in same way as the <B>-proxyuserpwd</B> is used, except that it
723
allows the username to contain a colon, like in the following example:
724
"sip:user@example.com".
726
Note the <B>-proxyusername</B> option is an alternative way to set the user name
727
while connecting to Proxy. It doesn't make sense to use them together.
729
<DT><B>-proxypassword</B>
732
Pass a string with the password to use for the transfer while connecting to Proxy. It
733
is meant to use together with <B>-proxyusername</B>.
508
735
<DT><B>-httpauth</B>
541
775
It uses a challenge-response and hash concept similar to Digest, to prevent the
542
776
password from being eavesdropped.
781
NTLM delegating to winbind helper. Authentication is performed by a separate
782
binary application that is executed when needed. The name of the application is
783
specified at libcurl's compile time but is typically /usr/bin/ntlm_auth.
785
Note that libcurl will fork when necessary to run the winbind application and kill
786
it when complete, calling waitpid() to await its exit when done. On POSIX operating
787
systems, killing the process will cause a SIGCHLD signal to be raised
788
(regardless of whether <B>-nosignal</B> is set). This behavior is subject to change
789
in future versions of libcurl.
805
<DT>Use it to tell TclCurl which authentication method(s) you want it to use for TLS authentication.<DD>
808
<DT><DT><B>tlsauthsrp</B>
812
TLS-SRP authentication. Secure Remote Password authentication for TLS is
813
defined in RFC 5054 and provides mutual authentication if both sides have a
814
shared secret. To use TLS-SRP, you must also set the
815
<B>-tlsauthusername</B> and <B>-tlsauthpassword</B> options.
817
You need to build libcurl with GnuTLS or OpenSSL with TLS-SRP support for this
823
<DT><B>-tlsauthusername</B>
826
Pass a string with the username to use for the TLS authentication method specified
827
with the <B>-tlsauthtype</B> option. Requires that the <B>-tlsauthpassword</B> option
830
<DT><B>-tlsauthpassword</B>
833
Pass a string with the password to use for the TLS authentication method specified
834
with the <B>-tlsauthtype</B> option. Requires that the <B>-tlsauthusername</B> option
558
837
<DT><B>-proxyauth</B>
595
874
encoding done by the server is ignored. See the special file
596
875
lib/README.encoding in libcurl docs for details.
877
<DT><B>-transferencoding</B>
880
Adds a request for compressed Transfer Encoding in the outgoing HTTP
881
request. If the server supports this and so desires, it can respond with the
882
HTTP resonse sent using a compressed Transfer-Encoding that will be
883
automatically uncompressed by TclCurl on receival.
885
Transfer-Encoding differs slightly from the Content-Encoding you ask for with
886
<B>-encoding</B> in that a Transfer-Encoding is strictly meant to
887
be for the transfer and thus MUST be decoded before the data arrives in the
888
client. Traditionally, Transfer-Encoding has been much less used and supported
889
by both HTTP clients and HTTP servers.
598
891
<DT><B>-followlocation</B>
604
897
that the server sends as part of a HTTP header.
606
<B>NOTE</B>: this means that the extension will re-send the same
607
request on the new location and follow new <B>Location: headers</B>
608
all the way until no more such headers are returned.
609
<B>-maxredirs</B> can be used to limit the number of redirects
899
This means that the extension will re-send the same request on the new location
900
and follow new <B>Location: headers</B> all the way until no more such headers are
901
returned. <B>-maxredirs</B> can be used to limit the number of redirects
610
902
TclCurl will follow.
904
Since 7.19.4, TclCurl can limit what protocols it will automatically follow.
905
The accepted protocols are set with <B>-redirprotocols</B> and it excludes the FILE
612
908
<DT><B>-unrestrictedauth</B>
629
925
<DT><B>-post301</B>
632
An 1 tells TclCurl to respect RFC 2616/10.3.2 and not
633
convert POST requests into GET requests when following a 301 redirection. The
634
non-RFC behaviour is ubiquitous in web browsers, so the conversion is done
635
by default to maintain consistency. However, a server may require
636
a POST to remain a POST after such a redirection. This option is meaningful
637
only when setting <B>-followlocation</B>.
928
Controls how TclCurl acts on redirects after POSTs that get a 301 or 302 response back.
929
A "301" as parameter tells the TclCurl to respect RFC 2616/10.3.2 and not convert POST
930
requests into GET requests when following a 301 redirection. Passing a "302" makes
931
TclCurl maintain the request method after a 302 redirect. "all" is a convenience string
932
that activates both behaviours.
934
The non-RFC behaviour is ubiquitous in web browsers, so the extension does the conversion
935
by default to maintain consistency. However, a server may require a POST to remain a POST
936
after such a redirection.
938
This option is meaningful only when setting <B>-followlocation</B>
940
The option used to be known as <B>-post301</B>, which should still work but is know
966
1273
<A NAME="lbAM"> </A>
1274
<H2>SMTP options</H2>
1278
<DT><B>-mailfrom</B>
1281
Pass a string to specify the sender address in a mail when sending an SMTP mail with TclCurl.
1283
<DT><B>-mailrcpt</B>
1286
Pass a list of recipients to pass to the server in your SMTP mail request.
1288
Each recipient in SMTP lingo is specified with angle brackets (<>), but should you not use an
1289
angle bracket as first letter, TclCurl will assume you provide a single email address only and
1290
enclose that with angle brackets for you.
1293
<A NAME="lbAN"> </A>
1294
<H2>TFTP option</H2>
1298
<DT><B>tftpblksize</B>
1302
Specify the block size to use for TFTP data transmission. Valid range as per RFC 2348 is 8-65464 bytes.
1303
The default of 512 bytes will be used if this option is not specified. The specified block size will
1304
only be used pending support by the remote server. If the server does not return an option acknowledgement
1305
or returns an option acknowledgement with no blksize, the default of 512 bytes will be used.
1308
<A NAME="lbAO"> </A>
967
1309
<H2>FTP options</H2>
978
1320
just a '-' to let the library use your systems default IP address. Default FTP
979
1321
operations are passive, and thus will not use PORT.
1323
The address can be followed by a ':' to specify a port, optionally followed by a '-'
1324
o specify a port range. If the port specified is 0, the operating system will pick
1325
a free port. If a range is provided and all ports in the range are not available,
1326
libcurl will report CURLE_FTP_PORT_FAILED for the handle. Invalid port/range settings
1327
are ignored. IPv6 addresses followed by a port or portrange have to be in brackets.
1328
IPv6 addresses without port/range specifier can be in brackets.
1330
Examples with specified ports:
1332
<BR> eth0:0 192.168.1.2:32000-33000 curl.se:32123 [::1]:1234-4567
1334
You disable PORT again and go back to using the passive version by setting this option to
981
1337
<DT><B>-quote</B>
986
1342
before the CWD command).If you do not want to transfer any files, set
987
1343
<B>nobody</B> to '1' and <B>header</B> to '0'.
1345
Prefix the command with an asterisk (*) to make TclCurl continue even if the command
1346
fails as by default TclCurl will stop.
1348
Disable this operation again by setting an empty string to this option.
989
1350
Keep in mind the commands to send must be 'raw' ftp commands, for example, to
990
1351
create a directory you need to send <B>mkd Test</B>, not <B>mkdir Test</B>.
1016
1377
only files in their response to NLST, they might not include subdirectories
1017
1378
and symbolic links.
1380
Setting this option to 1 also implies a directory listing even if the URL
1381
doesn't end with a slash, which otherwise is necessary.
1383
Do NOT use this option if you also use <B>-wildcardmatch</B> as it will
1384
effectively break that feature.
1019
1386
<DT><B>-append</B>
1022
1389
A 1 parameter tells the extension to append to the remote file instead of
1023
1390
overwriting it. This is only useful when uploading to a ftp site.
1025
<DT><B>-ftpuseeprt</B>
1392
<DT><B>-ftpusepret</B>
1028
1395
Set to 1 to tell TclCurl to use the EPRT (and LPRT) command when doing
1038
1405
first attempt to use EPSV before using PASV, but if you pass a zero to this
1039
1406
option, it will not try using EPSV, only plain PASV.
1408
<DT><B>-ftpusepret</B>
1412
Set to one to tell TclCurl to send a PRET command before PASV (and EPSV). Certain
1413
FTP servers, mainly drftpd, require this non-standard command for directory listings
1414
as well as up and downloads in PASV mode. Has no effect when using the active FTP
1041
1417
<DT><B>-ftpcreatemissingdirs</B>
1049
1425
creation will fail if a file of the same name as the directory to create
1050
1426
already exists or lack of permissions prevents creation.
1428
If set to 2, TclCurl will retry the CWD command again if the subsequent MKD
1429
command fails. This is especially useful if you're doing many simultanoeus
1430
connections against the same server and they all have this option enabled,
1431
as then CWD may first fail but then another connection does MKD before this
1432
connection and thus MKD fails but trying CWD works
1052
1434
<DT><B>-ftpresponsetimeout</B>
1078
1460
This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
1083
You can use ftps:// URLs to explicitly switch on SSL/TSL for the control
1084
connection and the data connection.
1086
Alternatively, and what seems to be the recommended way, you can set the
1087
option to one of these values:
1089
<DL COMPACT><DT><DD>
1094
Do not attempt to use SSL
1098
Try using SSL, proceed anyway otherwise.
1102
Use SSL for the control conecction or fail with "use ssl failed" (64).
1106
Use SSL for all communication or fail with "use ssl failed" (64).
1111
1462
<DT><B>-ftpsslauth</B>
1115
1466
Pass TclCurl one of the values from below, to alter how TclCurl issues
1116
1467
"AUTH TLS" or "AUTH SSL" when FTP over SSL is activated (see <B>-ftpssl</B>).
1118
You may need this option because of servers like BSDFTPD-SSL from
1119
<A HREF="http://bsdftpd-ssl.sc.ru/">http://bsdftpd-ssl.sc.ru/</A> "which won't work properly when "AUTH SSL" is issued
1469
You may need this option because of servers like <a href="http://bsdftpd-ssl.sc.ru/">BSDFTPD-SSL</A>
1470
which won't work properly when "AUTH SSL" is issued
1120
1471
(although the server responds fine and everything) but requires "AUTH TLS"
1123
1474
<DL COMPACT><DT><DD>
1463
<A NAME="lbAP"> </A>
1821
Pass a list of strings with host name resolve information to use for requests with
1824
Each single name resolve string should be written using the format
1825
HOST:PORT:ADDRESS where HOST is the name TclCurl will try to resolve, PORT is
1826
the port number of the service where TclCurl wants to connect to the HOST and
1827
ADDRESS is the numerical IP address. If libcurl is built to support IPv6,
1828
ADDRESS can be either IPv4 or IPv6 style addressing.
1830
This option effectively pre-populates the DNS cache with entries for the
1831
host+port pair so redirects and everything that operations against the
1832
HOST+PORT will instead use your provided ADDRESS.
1834
You can remove names from the DNS cache again, to stop providing these fake
1835
resolves, by including a string in the linked list that uses the format
1836
"-HOST:PORT". The host name must be prefixed with a dash, and the host name
1837
and port number must exactly match what was already added previously.
1842
Pass a one of the values from below to make TclCurl use your desired level of SSL for the transfer.
1843
This is for enabling SSL/TLS when you use FTP, SMTP, POP3, IMAP etc.
1845
You can use ftps:// URLs to explicitly switch on SSL/TSL for the control
1846
connection and the data connection.
1848
Alternatively you can set the option to one of these values:
1850
<DL COMPACT><DT><DD>
1855
Do not attempt to use SSL
1859
Try using SSL, proceed anyway otherwise.
1863
Use SSL for the control conecction or fail with "use ssl failed" (64).
1867
Use SSL for all communication or fail with "use ssl failed" (64).
1873
<A NAME="lbAR"> </A>
1464
1874
<H2>SSL and security options</H2>
1565
1977
alternate certificates with the <B>-cainfo</B> or the <B>-capath</B> options.
1567
1979
When <B>-sslverifypeer</B> is nonzero, and the verification fails to prove that the certificate
1568
is authentic, the connection fails. When the option is zero, the connection succeeds regardless.
1980
is authentic, the connection fails. When the option is zero, the peer certificate verification
1981
succeeds regardless.
1570
1983
Authenticating the certificate is not by itself very useful. You typically want to ensure
1571
1984
that the server, as authentically identified by its certificate, is the server you mean to
1572
be talking to, use <B>-sslverifyhost</B> to control that.
1985
be talking to, use <B>-sslverifyhost</B> to control that. The check that the host name in
1986
the certificate is valid for the host name you're connecting to is done
1987
independently of this option.
1574
1989
<DT><B>-cainfo</B>
1599
2017
Pass the directory holding multiple CA certificates to verify the peer with.
1600
The certificate directory must be prepared using the openssl c_rehash utility.
2018
If libcurl is built against OpenSSL, the certificate directory must be prepared
2019
using the openssl c_rehash utility.
1601
2020
This only makes sense when used in combination with the <B>-sslverifypeer</B>
1602
2021
option, if it is set to zero, <B>-capath</B> need not even indicate an accessible
1620
2040
This option makes sense only when used in combination with the <B>-sslverifypeer</B>
1623
<DT><B>-randomfile</B>
1626
Pass a file name. The file will be used to read from to seed the random engine
1627
for SSL. The more random the specified file is, the more secure will the SSL
1630
<DT><B>-egdsocket</B>
1633
Pass a path name to the Entropy Gathering Daemon socket. It will be used to seed
1634
the random engine for SSL.
2043
A specific error code (CURLE_SSL_CRL_BADFILE) is defined with the option. It is returned
2044
when the SSL exchange fails because the CRL file cannot be loaded. A failure in certificate
2045
verification due to a revocation information found in the CRL does not trigger this specific
1636
2048
<DT><B>-sslverifyhost</B>
1657
2069
When the value is 0, the connection succeeds regardless of the names in
1658
2070
the certificate.
2072
The default value for this option is 2.
1662
2074
This option controls the identity that the server <I>claims</I>. The server
1663
could be lying. To control lying, see <B>sslverifypeer</B>.
2075
could be lying. To control lying, see <B>-sslverifypeer</B>. If libcurl is built
2076
against NSS and <B>-verifypeer</B> is zero, <B>-verifyhost</B> is ignored.
2078
<DT><B>-certinfo</B>
2081
Set to '1' to enable TclCurl's certificate chain info gatherer. With this enabled, TclCurl
2082
(if built with OpenSSL) will extract lots of information and data about the certificates
2083
in the certificate chain used in the SSL connection. This data can then be to extracted
2084
after a transfer using the <B>getinfo</B> command and its option <B>certinfo</B>.
2086
<DT><B>-randomfile</B>
2089
Pass a file name. The file will be used to read from to seed the random engine
2090
for SSL. The more random the specified file is, the more secure the SSL
2093
<DT><B>-egdsocket</B>
2096
Pass a path name to the Entropy Gathering Daemon socket. It will be used to seed
2097
the random engine for SSL.
1665
2099
<DT><B>-sslcypherlist</B>
1701
2135
to NULL to disable kerberos4. Set the string to "" to disable kerberos
1702
2136
support for FTP.
2138
<DT><B>-gssapidelegation</B>
2141
Set the option to 'flag' to allow unconditional GSSAPI credential delegation. The delegation
2142
is disabled by default since 7.21.7. Set the parameter to 'policyflag' to delegate only if
2143
the OK-AS-DELEGATE flag is set in the service ticket in case this feature is supported by the
2144
GSSAPI implementation and the definition of GSS_C_DELEG_POLICY_FLAG was available at compile-time.
1705
<A NAME="lbAQ"> </A>
2148
<A NAME="lbAS"> </A>
1706
2149
<H2>SSH options</H2>
1745
2188
<DT><B>-publickeyfile</B>
1748
Pass the file name for your public key. If not used, TclCurl defaults to using <B>~/.ssh/id_dsa.pub</B>.
2191
Pass the file name for your public key. If not used, TclCurl defaults to using <B>$HOME/.ssh/id_dsa.pub</B>.
2192
HOME environment variable is set, and just <B>id_dsa</B> in the current directory if not.
1750
2194
<DT><B>-privatekeyfile</B>
1753
Pass the file name for your private key. If not used, TclCurl defaults to using <B>~/.ssh/id_dsa</B>.
2197
Pass the file name for your private key. If not used, TclCurl defaults to using <B>$HOME/.ssh/id_dsa.pub</B>.
2198
HOME environment variable is set, and just <B>id_dsa</B> in the current directory if not.
1754
2199
If the file is password-protected, set the password with <B>-keypasswd</B>.
1757
<A NAME="lbAR"> </A>
2201
<DT><B>-sshknownhosts</B>
2204
Pass a string holding the file name of the known_host file to use. The known_hosts
2205
file should use the OpenSSH file format as supported by libssh2. If this file is
2206
specified, TclCurl will only accept connections with hosts that are known and present
2207
in that file, with a matching public key. Use <B>-sshkeyproc</B> to alter the default
2208
behavior on host and key (mis)matching.
2210
<DT><B>-sshkeyproc </B>
2213
Pass a the name of the procedure that will be called when the known_host matching has
2214
been done, to allow the application to act and decide for TclCurl how to proceed. The
2215
callback will only be called if <B>-knownhosts</B> is also set.
2217
It gets passed a list with three elements, the first one is a list with the type of the
2218
key from the known_hosts file and the key itself, the second is another list with
2219
the type of the key from the remote site and the key itslef, the third tells you
2220
what TclCurl thinks about the matching status.
2222
The known key types are: "rsa", "rsa1" and "dss", in any other case "unknown" is given.
2224
TclCurl opinion about how they match may be: "match", "mismatch", "missing" or "error".
2226
The procedure must return:
2227
<DL COMPACT><DT><DD>
2232
The host+key is accepted and TclCurl will append it to the known_hosts file before
2233
continuing with the connection. This will also add the host+key combo to the known_host
2234
pool kept in memory if it wasn't already present there. The adding of data to
2235
the file is done by completely replacing the file with a new copy, so the permissions of
2236
the file must allow this.
2240
The host+key is accepted, TclCurl will continue with the connection. This will also add
2241
the host+key combo to the known_host pool kept in memory if it wasn't already present
2246
The host+key is rejected. TclCurl will close the connection.
2250
The host+key is rejected, but the SSH connection is asked to be kept alive. This feature
2251
could be used when the app wants to somehow return back and act on the host+key situation
2252
and then retry without needing the overhead of setting it up from scratch again.
2257
Any other value will cause the connection to be closed.
2260
<A NAME="lbAT"> </A>
1758
2261
<H2>Other options</H2>
1765
2268
Name of the Tcl array variable where TclCurl will store the headers returned
1768
When a server sends a chunked encoded transfer, it may contain a
1769
trailer. That trailer is identical to a HTTP header and if such a trailer is
1770
received it is passed to the application using this callback as well. There
1771
are several ways to detect it being a trailer and not an ordinary header: 1)
1772
it comes after the response-body. 2) it comes after the final header line (CR
1773
LF) 3) a Trailer: header among the response-headers mention what header to
1774
expect in the trailer.
1776
2271
<DT><B>-bodyvar</B>
1805
2300
Pass a number as a parameter, containing the value of the permissions that will
1806
2301
be assigned to newly created files on the remote server. The default value is 0644,
1807
but any valid value can be used. The only protocols that can use this are <A HREF="sftp://,">sftp://,</A>
1808
scp:// and <A HREF="file://.">file://.</A>
2302
but any valid value can be used. The only protocols that can use this are sftp://,
1810
2305
<DT><B>-newdirectoryperms</B>
1813
2308
Pass a number as a parameter, containing the value of the permissions that will be
1814
2309
assigned to newly created directories on the remote server. The default value is 0755,
1815
but any valid value can be used. The only protocols that can use this are <A HREF="sftp://,">sftp://,</A> scp://
1816
and <A HREF="file://.">file://.</A>
1819
<A NAME="lbAS"> </A>
2310
but any valid value can be used. The only protocols that can use this are sftp://, scp://
2314
<A NAME="lbAU"> </A>
2315
<H2>Telnet options</H2>
2319
<DT><B>-telnetoptions</B>
2322
Pass a list with variables to pass to the telnet negotiations. The variables should be in
2323
the format <option=value>. TclCurl supports the options 'TTYPE', 'XDISPLOC' and 'NEW_ENV'.
2324
See the TELNET standard for details.
2327
<A NAME="lbAV"> </A>
1820
2328
<H2>NOT SUPPORTED</H2>
1822
2330
Some of the options libcurl offers are not supported, I don't think them
1871
2379
Unsupported protocol. This build of TclCurl has no support for this protocol.
1873
2381
Very early initialization code failed. This is likely to be and internal error
2382
or a resource problem where something fundamental couldn't get done at init time.
1876
2384
URL malformat. The syntax was not correct.
2386
A requested feature, protocol or option was not found built-in in this libcurl
2387
due to a build-time decision. This means that a feature or option was not
2388
enabled or explicitly disabled when libcurl was built and in order to get it
2389
to function you have to get a rebuilt libcurl.
1878
2391
Couldn't resolve proxy. The given proxy host could not be resolved.
1939
2452
SSL connect error. The SSL handshaking failed, the error buffer may have
1940
2453
a clue to the reason, could be certificates, passwords, ...
1942
FTP bad download resume. Couldn't continue an earlier aborted download, probably
1943
because you are trying to resume beyond the file size.
2455
The download could not be resumed because the specified offset was out of the
1945
2458
A file given with FILE:// couldn't be read. Did you checked the permissions?
1959
2472
Too many redirects. When following redirects, TclCurl hit the maximum amount, set
1960
2473
your limit with --maxredirs
1962
Unknown TELNET option specified.
2475
An option passed to TclCurl is not recognized/known. Refer to the appropriate
2476
documentation. This is most likely a problem in the program that uses
2477
TclCurl. The error buffer might contain more specific information about which
2478
exact option it concerns.
1964
2480
A telnet option string was illegally formatted.
2024
2540
Failed to load CRL file
2026
2542
Issuer check failed
2544
The FTP server does not understand the PRET command at all or does not support
2545
the given argument. Be careful when using <B>-customrequest</B>, a
2546
custom LIST command will be sent with PRET CMD before PASV as well.
2548
Mismatch of RTSP CSeq numbers.
2550
Mismatch of RTSP Session Identifiers.
2552
Unable to parse FTP file list (during FTP wildcard downloading).
2554
Chunk callback reported error.
2029
<A NAME="lbAU"> </A>
2557
<A NAME="lbAX"> </A>
2030
2558
<H2>curlHandle getinfo option</H2>
2032
2560
Request internal information from the curl session with this procedure.
2241
2786
TclCurl ended up in when logging on to the remote FTP server. Returns an empty
2242
2787
string if something is wrong.
2792
Returns list with information about the certificate chain, assuming you had the
2793
<B>-certinfo</B> option enabled when the previous request was done. The list
2794
first item reports how many certs it found and then you can extract info for each
2795
of those certs by following the list. The info chain is provided in a series of data
2796
in the format "name:content" where the content is for the specific named data.
2798
NOTE: this option is only available in libcurl built with OpenSSL support.
2800
<DT><B>conditionunmet</B>
2803
Returns the number 1 if the condition provided in the previous request
2804
didn't match (see <I>timecondition</I>), you will get a zero if the condition
2245
<A NAME="lbAV"> </A>
2808
<A NAME="lbAY"> </A>
2246
2809
<H2>curlHandle cleanup</H2>
2248
2811
This procedure must be the last one to call for a curl session. It is the
2270
2833
It does not change the following information kept in the handle: live
2271
2834
connections, the Session ID cache, the DNS cache, the cookies and shares.
2273
<A NAME="lbAX"> </A>
2836
<A NAME="lbBA"> </A>
2274
2837
<H2>curlHandle duphandle</H2>
2276
2839
This procedure will return a new curl handle, a duplicate,
2288
2851
A new curl handle or an error message if the copy fails.
2291
<A NAME="lbAY"> </A>
2854
<A NAME="lbBB"> </A>
2292
2855
<H2>curlHandle pause</H2>
2294
2857
You can use this command from within a progress callback procedure
2295
2858
to pause the transfer.
2297
<A NAME="lbAZ"> </A>
2860
<A NAME="lbBC"> </A>
2298
2861
<H2>curlHandle resume</H2>
2300
2863
Resumes a transfer paused with <B>curlhandle pause</B>
2302
<A NAME="lbBA"> </A>
2865
<A NAME="lbBD"> </A>
2303
2866
<H2>curl::transfer</H2>
2305
2868
In case you do not want to use persistant connections you can use this
2516
<A NAME="lbBG"> </A>
3086
<A NAME="lbBJ"> </A>
2517
3087
<H2>curl::easystrerror errorCode</H2>
2519
3089
This procedure returns a string describing the error code passed in the argument.
2521
<A NAME="lbBH"> </A>
3091
<A NAME="lbBK"> </A>
2522
3092
<H2>SEE ALSO</H2>
2524
<I>curl, <A HREF="http://curl.haxx.se/docs/httpscripting.html">The art of HTTP scripting</A> RFC 2396,</I>
3094
<I>curl, <a href="http://curl.haxx.se/docs/httpscripting.html">The art of HTTP scripting</A>, RFC 2396,</I>
2539
3109
<DT><A HREF="#lbAJ">Network options</A><DD>
2540
3110
<DT><A HREF="#lbAK">Names and Passwords options</A><DD>
2541
3111
<DT><A HREF="#lbAL">HTTP options</A><DD>
2542
<DT><A HREF="#lbAM">FTP options</A><DD>
2543
<DT><A HREF="#lbAN">Protocol options</A><DD>
2544
<DT><A HREF="#lbAO">Connection options</A><DD>
2545
<DT><A HREF="#lbAP">SSL and security options</A><DD>
2546
<DT><A HREF="#lbAQ">SSH options</A><DD>
2547
<DT><A HREF="#lbAR">Other options</A><DD>
2548
<DT><A HREF="#lbAS">NOT SUPPORTED</A><DD>
2549
<DT><A HREF="#lbAT">curlHandle perform</A><DD>
2550
<DT><A HREF="#lbAU">curlHandle getinfo option</A><DD>
2551
<DT><A HREF="#lbAV">curlHandle cleanup</A><DD>
2552
<DT><A HREF="#lbAW">curlHandle reset</A><DD>
2553
<DT><A HREF="#lbAX">curlHandle duphandle</A><DD>
2554
<DT><A HREF="#lbAY">curlHandle pause</A><DD>
2555
<DT><A HREF="#lbAZ">curlHandle resume</A><DD>
2556
<DT><A HREF="#lbBA">curl::transfer</A><DD>
2557
<DT><A HREF="#lbBB">curl::version</A><DD>
2558
<DT><A HREF="#lbBC">curl::escape url</A><DD>
2559
<DT><A HREF="#lbBD">curl::unescape url</A><DD>
2560
<DT><A HREF="#lbBE">curl::curlConfig option</A><DD>
2561
<DT><A HREF="#lbBF">curl::versioninfo option</A><DD>
2562
<DT><A HREF="#lbBG">curl::easystrerror errorCode</A><DD>
2563
<DT><A HREF="#lbBH">SEE ALSO</A><DD>
3112
<DT><A HREF="#lbAM">SMTP options</A><DD>
3113
<DT><A HREF="#lbAN">TFTP option</A><DD>
3114
<DT><A HREF="#lbAO">FTP options</A><DD>
3115
<DT><A HREF="#lbAP">Protocol options</A><DD>
3116
<DT><A HREF="#lbAQ">Connection options</A><DD>
3117
<DT><A HREF="#lbAR">SSL and security options</A><DD>
3118
<DT><A HREF="#lbAS">SSH options</A><DD>
3119
<DT><A HREF="#lbAT">Other options</A><DD>
3120
<DT><A HREF="#lbAU">Telnet options</A><DD>
3121
<DT><A HREF="#lbAV">NOT SUPPORTED</A><DD>
3122
<DT><A HREF="#lbAW">curlHandle perform</A><DD>
3123
<DT><A HREF="#lbAX">curlHandle getinfo option</A><DD>
3124
<DT><A HREF="#lbAY">curlHandle cleanup</A><DD>
3125
<DT><A HREF="#lbAZ">curlHandle reset</A><DD>
3126
<DT><A HREF="#lbBA">curlHandle duphandle</A><DD>
3127
<DT><A HREF="#lbBB">curlHandle pause</A><DD>
3128
<DT><A HREF="#lbBC">curlHandle resume</A><DD>
3129
<DT><A HREF="#lbBD">curl::transfer</A><DD>
3130
<DT><A HREF="#lbBE">curl::version</A><DD>
3131
<DT><A HREF="#lbBF">curl::escape url</A><DD>
3132
<DT><A HREF="#lbBG">curl::unescape url</A><DD>
3133
<DT><A HREF="#lbBH">curl::curlConfig option</A><DD>
3134
<DT><A HREF="#lbBI">curl::versioninfo option</A><DD>
3135
<DT><A HREF="#lbBJ">curl::easystrerror errorCode</A><DD>
3136
<DT><A HREF="#lbBK">SEE ALSO</A><DD>
2566
This document was created by man2html,
2567
using the manual pages.<BR>
3139
This document was created by man2html, using the manual pages.<BR>