From: Daniel Stenberg Date: Tue, 2 Jul 2024 22:04:39 +0000 (+0200) Subject: FEATURES.md: refresh X-Git-Tag: curl-8_9_0~127 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=38bdef0220cfc6c67c7e184255f539e2f04d4291;p=thirdparty%2Fcurl.git FEATURES.md: refresh - added lots of missing stuff - rearranged a little - remove all footnotes Closes #14086 --- diff --git a/docs/FEATURES.md b/docs/FEATURES.md index 3121fcc906..ef5fd0fc18 100644 --- a/docs/FEATURES.md +++ b/docs/FEATURES.md @@ -12,7 +12,6 @@ SPDX-License-Identifier: curl - multiple URLs in a single command line - range "globbing" support: [0-13], {one,two,three} - multiple file upload on a single command line - - custom maximum transfer rate - redirect stderr - parallel transfers @@ -20,39 +19,74 @@ SPDX-License-Identifier: curl - URL RFC 3986 syntax - custom maximum download time - - custom least download speed acceptable + - custom lowest download speed acceptable - custom output result after completion - guesses protocol from hostname unless specified - - uses .netrc + - supports .netrc - progress bar with time statistics while downloading - - "standard" proxy environment variables support - - compiles on win32 (reported builds on 70+ operating systems) + - standard proxy environment variables support + - have run on 101 operating systems and 28 CPU architectures - selectable network interface for outgoing traffic - IPv6 support on Unix and Windows - - happy eyeballs dual-stack connects + - happy eyeballs dual-stack IPv4 + IPv6 connects - persistent connections - SOCKS 4 + 5 support, with or without local name resolving + - *pre-proxy* support, for *proxy chaining* - supports username and password in proxy environment variables - operations through HTTP proxy "tunnel" (using CONNECT) - replaceable memory functions (malloc, free, realloc, etc) - - asynchronous name resolving (6) + - asynchronous name resolving - both a push and a pull style interface - - international domain names (10) + - international domain names (IDN) + - transfer late limiting + - stable API and ABI + - TCP keep alive + - TCP Fast Open + - DNS cache (that can be shared between transfers) + - non-blocking single-threaded parallel transfers + - unix domain sockets to server or proxy + - DNS-over-HTTPS + - uses non-blocking name resolves + - selectable name resolver backend + +## URL API + + - parses RFC 3986 URLs + - generates URLs from individual components + - manages "redirects" + +## Header API + + - easy access to HTTP response headers, from all contexts + - named headers + - iterate over headers + +## TLS + + - selectable TLS backend(s) + - TLS False Start + - TLS version control + - TLS session resumption + - key pinning + - mutual authentication + - Use dedicated CA cert bundle + - Use OS-provided CA store + - separate TLS options for HTTPS proxy ## HTTP - HTTP/0.9 responses are optionally accepted - HTTP/1.0 - HTTP/1.1 - - HTTP/2, including multiplexing and server push (5) + - HTTP/2, including multiplexing and server push - GET - PUT - HEAD - POST - multipart formpost (RFC 1867-style) - - authentication: Basic, Digest, NTLM (9) and Negotiate (SPNEGO) (3) + - authentication: Basic, Digest, NTLM (9) and Negotiate (SPNEGO) to server and proxy - - resume (both GET and PUT) + - resume transfers - follow redirects - maximum amount of redirects to follow - custom HTTP request @@ -65,26 +99,30 @@ SPDX-License-Identifier: curl - proxy authentication - time conditions - via HTTP proxy, HTTPS proxy or SOCKS proxy + - HTTP/2 or HTTP/1.1 to HTTPS proxy - retrieve file modification date - - Content-Encoding support for deflate and gzip + - Content-Encoding support for deflate, gzip, brotli and zstd - "Transfer-Encoding: chunked" support in uploads - - automatic data compression (11) + - HSTS + - alt-svc + - ETags + - HTTP/1.1 trailers, both sending and getting -## HTTPS (1) +## HTTPS - - (all the HTTP features) - - HTTP/3 experimental support + - HTTP/3 - using client certificates - verify server certificate - via HTTP proxy, HTTPS proxy or SOCKS proxy - select desired encryption - - select usage of a specific SSL version + - select usage of a specific TLS version + - ECH ## FTP - download - authentication - - Kerberos 5 (12) + - Kerberos 5 - active/passive using PORT, EPRT, PASV or EPSV - single file size information (compare to HTTP HEAD) - 'type=' URL support @@ -102,20 +140,24 @@ SPDX-License-Identifier: curl - customizable to retrieve file modification date - no directory depth limit -## FTPS (1) +## FTPS - implicit `ftps://` support that use SSL on both connections - explicit "AUTH TLS" and "AUTH SSL" usage to "upgrade" plain `ftp://` connection to use SSL for both or one of the connections -## SCP (8) +## SSH (both SCP and SFTP) + - selectable SSH backend + - known hosts support + - public key fingerprinting - both password and public key auth -## SFTP (7) +## SFTP - both password and public key auth - with custom commands sent before/after the transfer + - directory listing ## TFTP @@ -128,7 +170,7 @@ SPDX-License-Identifier: curl - custom telnet options - stdin/stdout I/O -## LDAP (2) +## LDAP - full LDAP URL support @@ -151,8 +193,8 @@ SPDX-License-Identifier: curl ## SMTP - - authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (9), Kerberos 5 - (4) and External. + - authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM, Kerberos 5 and + External - send emails - mail from support - mail size support @@ -160,7 +202,7 @@ SPDX-License-Identifier: curl - multiple recipients - via http-proxy -## SMTPS (1) +## SMTPS - implicit `smtps://` support - explicit "STARTTLS" usage to "upgrade" plain `smtp://` connections to use SSL @@ -169,15 +211,15 @@ SPDX-License-Identifier: curl ## POP3 - authentication: Clear Text, APOP and SASL - - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (9), - Kerberos 5 (4) and External. + - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM, + Kerberos 5 and External - list emails - retrieve emails - enhanced command support for: CAPA, DELE, TOP, STAT, UIDL and NOOP via custom requests - via http-proxy -## POP3S (1) +## POP3S - implicit `pop3s://` support - explicit `STLS` usage to "upgrade" plain `pop3://` connections to use SSL @@ -186,8 +228,8 @@ SPDX-License-Identifier: curl ## IMAP - authentication: Clear Text and SASL - - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (9), - Kerberos 5 (4) and External. + - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM, + Kerberos 5 and External - list the folders of a mailbox - select a mailbox with support for verifying the `UIDVALIDITY` - fetch emails with support for specifying the UID and SECTION @@ -196,7 +238,7 @@ SPDX-License-Identifier: curl STORE, COPY and UID via custom requests - via http-proxy -## IMAPS (1) +## IMAPS - implicit `imaps://` support - explicit "STARTTLS" usage to "upgrade" plain `imap://` connections to use SSL @@ -205,21 +247,3 @@ SPDX-License-Identifier: curl ## MQTT - Subscribe to and publish topics using URL scheme `mqtt://broker/topic` - -## Footnotes - - 1. requires a TLS library - 2. requires OpenLDAP or WinLDAP - 3. requires a GSS-API implementation (such as Heimdal or MIT Kerberos) or - SSPI (native Windows) - 4. requires a GSS-API implementation, however, only Windows SSPI is - currently supported - 5. requires nghttp2 - 6. requires c-ares - 7. requires libssh2, libssh or wolfSSH - 8. requires libssh2 or libssh - 9. requires OpenSSL, GnuTLS, mbedTLS, Secure Transport or SSPI - (native Windows) - 10. requires libidn2 or Windows - 11. requires libz, brotli and/or zstd - 12. requires a GSS-API implementation (such as Heimdal or MIT Kerberos)