1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 ***************************************************************************/
22 #include "tool_setup.h"
23 #if defined(HAVE_STRCASECMP) && defined(HAVE_STRINGS_H)
27 #include "tool_panykey.h"
28 #include "tool_help.h"
29 #include "tool_libinfo.h"
30 #include "tool_version.h"
32 #include "memdebug.h" /* keep this as LAST include */
39 * The help output is generated with the following command
40 ---------------------------------------------------------
42 cd $srcroot/docs/cmdline-opts
51 static const struct helptxt helptext[] = {
52 {" --abstract-unix-socket <path>",
53 "Connect via abstract Unix domain socket"},
54 {" --alt-svc <file name>",
55 "Enable alt-svc with this cache file"},
57 "Pick any authentication method"},
59 "Append to target file when uploading"},
61 "Use HTTP Basic Authentication"},
63 "CA certificate to verify peer against"},
65 "CA directory to verify peer against"},
66 {"-E, --cert <certificate[:password]>",
67 "Client certificate file and password"},
69 "Verify the status of the server certificate"},
70 {" --cert-type <type>",
71 "Certificate file type (DER/PEM/ENG)"},
72 {" --ciphers <list of ciphers>",
73 "SSL ciphers to use"},
75 "Request compressed response"},
77 "Enable SSH compression"},
78 {"-K, --config <file>",
79 "Read config from a file"},
80 {" --connect-timeout <seconds>",
81 "Maximum time allowed for connection"},
82 {" --connect-to <HOST1:PORT1:HOST2:PORT2>",
84 {"-C, --continue-at <offset>",
85 "Resumed transfer offset"},
86 {"-b, --cookie <data|filename>",
87 "Send cookies from string/file"},
88 {"-c, --cookie-jar <filename>",
89 "Write cookies to <filename> after operation"},
91 "Create necessary local directory hierarchy"},
93 "Convert LF to CRLF in upload"},
95 "Get a CRL list in PEM format from the given file"},
98 {" --data-ascii <data>",
99 "HTTP POST ASCII data"},
100 {" --data-binary <data>",
101 "HTTP POST binary data"},
102 {" --data-raw <data>",
103 "HTTP POST data, '@' allowed"},
104 {" --data-urlencode <data>",
105 "HTTP POST data url encoded"},
106 {" --delegation <LEVEL>",
107 "GSS-API delegation permission"},
109 "Use HTTP Digest Authentication"},
113 "Inhibit using EPRT or LPRT"},
115 "Inhibit using EPSV"},
116 {" --disallow-username-in-url",
117 "Disallow username in url"},
118 {" --dns-interface <interface>",
119 "Interface to use for DNS requests"},
120 {" --dns-ipv4-addr <address>",
121 "IPv4 address to use for DNS requests"},
122 {" --dns-ipv6-addr <address>",
123 "IPv6 address to use for DNS requests"},
124 {" --dns-servers <addresses>",
125 "DNS server addrs to use"},
127 "Resolve host names over DOH"},
128 {"-D, --dump-header <filename>",
129 "Write the received headers to <filename>"},
130 {" --egd-file <file>",
131 "EGD socket path for random data"},
133 "Crypto engine to use"},
134 {" --expect100-timeout <seconds>",
135 "How long to wait for 100-continue"},
137 "Fail silently (no output at all) on HTTP errors"},
139 "Fail on first transfer error, do not continue"},
141 "Enable TLS False Start"},
142 {"-F, --form <name=content>",
143 "Specify multipart MIME data"},
144 {" --form-string <name=string>",
145 "Specify multipart MIME data"},
146 {" --ftp-account <data>",
147 "Account data string"},
148 {" --ftp-alternative-to-user <command>",
149 "String to replace USER [name]"},
150 {" --ftp-create-dirs",
151 "Create the remote dirs if not present"},
152 {" --ftp-method <method>",
153 "Control CWD usage"},
155 "Use PASV/EPSV instead of PORT"},
156 {"-P, --ftp-port <address>",
157 "Use PORT instead of PASV"},
159 "Send PRET before PASV"},
160 {" --ftp-skip-pasv-ip",
161 "Skip the IP address for PASV"},
163 "Send CCC after authenticating"},
164 {" --ftp-ssl-ccc-mode <active/passive>",
166 {" --ftp-ssl-control",
167 "Require SSL/TLS for FTP login, clear for transfer"},
169 "Put the post data in the URL and use GET"},
171 "Disable URL sequences and ranges using {} and []"},
172 {" --happy-eyeballs-timeout-ms <milliseconds>",
173 "How long to wait in milliseconds for IPv6 before trying IPv4"},
174 {" --haproxy-protocol",
175 "Send HAProxy PROXY protocol v1 header"},
177 "Show document info only"},
178 {"-H, --header <header/@file>",
179 "Pass custom header(s) to server"},
182 {" --hostpubmd5 <md5>",
183 "Acceptable MD5 hash of the host public key"},
185 "Allow HTTP 0.9 responses"},
192 {" --http2-prior-knowledge",
193 "Use HTTP 2 without HTTP/1.1 Upgrade"},
196 {" --ignore-content-length",
197 "Ignore the size of the remote resource"},
199 "Include protocol response headers in the output"},
201 "Allow insecure server connections when using SSL"},
202 {" --interface <name>",
203 "Use network INTERFACE (or address)"},
205 "Resolve names to IPv4 addresses"},
207 "Resolve names to IPv6 addresses"},
208 {"-j, --junk-session-cookies",
209 "Ignore session cookies read from file"},
210 {" --keepalive-time <seconds>",
211 "Interval time for keepalive probes"},
213 "Private key file name"},
214 {" --key-type <type>",
215 "Private key file type (DER/PEM/ENG)"},
217 "Enable Kerberos with security <level>"},
218 {" --libcurl <file>",
219 "Dump libcurl equivalent code of this command line"},
220 {" --limit-rate <speed>",
221 "Limit transfer speed to RATE"},
224 {" --local-port <num/range>",
225 "Force use of RANGE for local port numbers"},
228 {" --location-trusted",
229 "Like --location, and send auth to other hosts"},
230 {" --login-options <options>",
231 "Server login options"},
232 {" --mail-auth <address>",
233 "Originator address of the original email"},
234 {" --mail-from <address>",
235 "Mail from this address"},
236 {" --mail-rcpt <address>",
237 "Mail to this address"},
239 "Display the full manual"},
240 {" --max-filesize <bytes>",
241 "Maximum file size to download"},
242 {" --max-redirs <num>",
243 "Maximum number of redirects allowed"},
244 {"-m, --max-time <seconds>",
245 "Maximum time allowed for the transfer"},
247 "Process given URLs as metalink XML file"},
249 "Use HTTP Negotiate (SPNEGO) authentication"},
251 "Must read .netrc for user name and password"},
252 {" --netrc-file <filename>",
253 "Specify FILE for netrc"},
254 {" --netrc-optional",
255 "Use either .netrc or URL"},
257 "Make next URL use its separate set of options"},
259 "Disable the ALPN TLS extension"},
261 "Disable buffering of the output stream"},
263 "Disable TCP keepalive on the connection"},
265 "Disable the NPN TLS extension"},
267 "Disable SSL session-ID reusing"},
268 {" --noproxy <no-proxy-list>",
269 "List of hosts which do not use proxy"},
271 "Use HTTP NTLM authentication"},
273 "Use HTTP NTLM authentication with winbind"},
274 {" --oauth2-bearer <token>",
275 "OAuth 2 Bearer Token"},
276 {"-o, --output <file>",
277 "Write to file instead of stdout"},
279 "Perform transfers in parallel"},
281 "Maximum concurrency for parallel transfers"},
283 "Pass phrase for the private key"},
285 "Do not squash .. sequences in URL path"},
286 {" --pinnedpubkey <hashes>",
287 "FILE/HASHES Public key to verify peer against"},
289 "Do not switch to GET after following a 301"},
291 "Do not switch to GET after following a 302"},
293 "Do not switch to GET after following a 303"},
294 {" --preproxy [protocol://]host[:port]",
295 "Use this proxy first"},
296 {"-#, --progress-bar",
297 "Display transfer progress as a bar"},
298 {" --proto <protocols>",
299 "Enable/disable PROTOCOLS"},
300 {" --proto-default <protocol>",
301 "Use PROTOCOL for any URL missing a scheme"},
302 {" --proto-redir <protocols>",
303 "Enable/disable PROTOCOLS on redirect"},
304 {"-x, --proxy [protocol://]host[:port]",
307 "Pick any proxy authentication method"},
309 "Use Basic authentication on the proxy"},
310 {" --proxy-cacert <file>",
311 "CA certificate to verify peer against for proxy"},
312 {" --proxy-capath <dir>",
313 "CA directory to verify peer against for proxy"},
314 {" --proxy-cert <cert[:passwd]>",
315 "Set client certificate for proxy"},
316 {" --proxy-cert-type <type>",
317 "Client certificate type for HTTPS proxy"},
318 {" --proxy-ciphers <list>",
319 "SSL ciphers to use for proxy"},
320 {" --proxy-crlfile <file>",
321 "Set a CRL list for proxy"},
323 "Use Digest authentication on the proxy"},
324 {" --proxy-header <header/@file>",
325 "Pass custom header(s) to proxy"},
326 {" --proxy-insecure",
327 "Do HTTPS proxy connections without verifying the proxy"},
328 {" --proxy-key <key>",
329 "Private key for HTTPS proxy"},
330 {" --proxy-key-type <type>",
331 "Private key file type for proxy"},
332 {" --proxy-negotiate",
333 "Use HTTP Negotiate (SPNEGO) authentication on the proxy"},
335 "Use NTLM authentication on the proxy"},
336 {" --proxy-pass <phrase>",
337 "Pass phrase for the private key for HTTPS proxy"},
338 {" --proxy-pinnedpubkey <hashes>",
339 "FILE/HASHES public key to verify proxy with"},
340 {" --proxy-service-name <name>",
341 "SPNEGO proxy service name"},
342 {" --proxy-ssl-allow-beast",
343 "Allow security flaw for interop for HTTPS proxy"},
344 {" --proxy-tls13-ciphers <list>",
345 "TLS 1.3 ciphersuites for proxy (OpenSSL)"},
346 {" --proxy-tlsauthtype <type>",
347 "TLS authentication type for HTTPS proxy"},
348 {" --proxy-tlspassword <string>",
349 "TLS password for HTTPS proxy"},
350 {" --proxy-tlsuser <name>",
351 "TLS username for HTTPS proxy"},
353 "Use TLSv1 for HTTPS proxy"},
354 {"-U, --proxy-user <user:password>",
355 "Proxy user and password"},
356 {" --proxy1.0 <host[:port]>",
357 "Use HTTP/1.0 proxy on given port"},
358 {"-p, --proxytunnel",
359 "Operate through an HTTP proxy tunnel (using CONNECT)"},
361 "SSH Public key file name"},
363 "Send command(s) to server before transfer"},
364 {" --random-file <file>",
365 "File for reading random data from"},
366 {"-r, --range <range>",
367 "Retrieve only the bytes within RANGE"},
369 "Do HTTP \"raw\"; no transfer decoding"},
370 {"-e, --referer <URL>",
372 {"-J, --remote-header-name",
373 "Use the header-provided filename"},
374 {"-O, --remote-name",
375 "Write output to a file named as the remote file"},
376 {" --remote-name-all",
377 "Use the remote file name for all URLs"},
378 {"-R, --remote-time",
379 "Set the remote file's time on the local output"},
380 {"-X, --request <command>",
381 "Specify request command to use"},
382 {" --request-target",
383 "Specify the target for this request"},
384 {" --resolve <host:port:address[,address]...>",
385 "Resolve the host+port to this address"},
387 "Retry request if transient problems occur"},
388 {" --retry-connrefused",
389 "Retry on connection refused (use with --retry)"},
390 {" --retry-delay <seconds>",
391 "Wait time between retries"},
392 {" --retry-max-time <seconds>",
393 "Retry only within this period"},
394 {" --sasl-authzid <identity> ",
395 "Use this identity to act as during SASL PLAIN authentication"},
397 "Enable initial response in SASL authentication"},
398 {" --service-name <name>",
399 "SPNEGO service name"},
401 "Show error even when -s is used"},
404 {" --socks4 <host[:port]>",
405 "SOCKS4 proxy on given host + port"},
406 {" --socks4a <host[:port]>",
407 "SOCKS4a proxy on given host + port"},
408 {" --socks5 <host[:port]>",
409 "SOCKS5 proxy on given host + port"},
411 "Enable username/password auth for SOCKS5 proxies"},
413 "Enable GSS-API auth for SOCKS5 proxies"},
414 {" --socks5-gssapi-nec",
415 "Compatibility with NEC SOCKS5 server"},
416 {" --socks5-gssapi-service <name>",
417 "SOCKS5 proxy service name for GSS-API"},
418 {" --socks5-hostname <host[:port]>",
419 "SOCKS5 proxy, pass host name to proxy"},
420 {"-Y, --speed-limit <speed>",
421 "Stop transfers slower than this"},
422 {"-y, --speed-time <seconds>",
423 "Trigger 'speed-limit' abort after this time"},
426 {" --ssl-allow-beast",
427 "Allow security flaw to improve interop"},
429 "Disable cert revocation checks (Schannel)"},
437 "Where to redirect stderr"},
439 "Enable styled output for HTTP headers"},
440 {" --suppress-connect-headers",
441 "Suppress proxy CONNECT response headers"},
443 "Use TCP Fast Open"},
445 "Use the TCP_NODELAY option"},
446 {"-t, --telnet-option <opt=val>",
447 "Set telnet option"},
448 {" --tftp-blksize <value>",
449 "Set TFTP BLKSIZE option"},
450 {" --tftp-no-options",
451 "Do not send any TFTP options"},
452 {"-z, --time-cond <time>",
453 "Transfer based on a time condition"},
454 {" --tls-max <VERSION>",
455 "Set maximum allowed TLS version"},
456 {" --tls13-ciphers <list>",
457 "TLS 1.3 ciphersuites (OpenSSL)"},
458 {" --tlsauthtype <type>",
459 "TLS authentication type"},
462 {" --tlsuser <name>",
465 "Use TLSv1.0 or greater"},
467 "Use TLSv1.0 or greater"},
469 "Use TLSv1.1 or greater"},
471 "Use TLSv1.2 or greater"},
473 "Use TLSv1.3 or greater"},
475 "Request compressed transfer encoding"},
477 "Write a debug trace to FILE"},
478 {" --trace-ascii <file>",
479 "Like --trace, but without hex output"},
481 "Add time stamps to trace/verbose output"},
482 {" --unix-socket <path>",
483 "Connect through this Unix domain socket"},
484 {"-T, --upload-file <file>",
485 "Transfer local FILE to destination"},
489 "Use ASCII/text transfer"},
490 {"-u, --user <user:password>",
491 "Server user and password"},
492 {"-A, --user-agent <name>",
493 "Send User-Agent <name> to server"},
495 "Make the operation more talkative"},
497 "Show version number and quit"},
498 {"-w, --write-out <format>",
499 "Use output FORMAT after completion"},
501 "Store metadata in extended file attributes"},
506 # define PRINT_LINES_PAUSE 23
510 # define PRINT_LINES_PAUSE 16
518 static const struct feat feats[] = {
519 {"AsynchDNS", CURL_VERSION_ASYNCHDNS},
520 {"Debug", CURL_VERSION_DEBUG},
521 {"TrackMemory", CURL_VERSION_CURLDEBUG},
522 {"IDN", CURL_VERSION_IDN},
523 {"IPv6", CURL_VERSION_IPV6},
524 {"Largefile", CURL_VERSION_LARGEFILE},
525 {"SSPI", CURL_VERSION_SSPI},
526 {"GSS-API", CURL_VERSION_GSSAPI},
527 {"Kerberos", CURL_VERSION_KERBEROS5},
528 {"SPNEGO", CURL_VERSION_SPNEGO},
529 {"NTLM", CURL_VERSION_NTLM},
530 {"NTLM_WB", CURL_VERSION_NTLM_WB},
531 {"SSL", CURL_VERSION_SSL},
532 {"libz", CURL_VERSION_LIBZ},
533 {"brotli", CURL_VERSION_BROTLI},
534 {"CharConv", CURL_VERSION_CONV},
535 {"TLS-SRP", CURL_VERSION_TLSAUTH_SRP},
536 {"HTTP2", CURL_VERSION_HTTP2},
537 {"HTTP3", CURL_VERSION_HTTP3},
538 {"UnixSockets", CURL_VERSION_UNIX_SOCKETS},
539 {"HTTPS-proxy", CURL_VERSION_HTTPS_PROXY},
540 {"MultiSSL", CURL_VERSION_MULTI_SSL},
541 {"PSL", CURL_VERSION_PSL},
542 {"alt-svc", CURL_VERSION_ALTSVC},
543 {"ESNI", CURL_VERSION_ESNI},
549 puts("Usage: curl [options...] <url>");
550 for(i = 0; helptext[i].opt; i++) {
551 printf(" %-19s %s\n", helptext[i].opt, helptext[i].desc);
552 #ifdef PRINT_LINES_PAUSE
553 if(i && ((i % PRINT_LINES_PAUSE) == 0))
560 featcomp(const void *p1, const void *p2)
562 /* The arguments to this function are "pointers to pointers to char", but
563 the comparison arguments are "pointers to char", hence the following cast
565 #ifdef HAVE_STRCASECMP
566 return strcasecmp(* (char * const *) p1, * (char * const *) p2);
567 #elif defined(HAVE_STRCMPI)
568 return strcmpi(* (char * const *) p1, * (char * const *) p2);
570 return strcmp(* (char * const *) p1, * (char * const *) p2);
574 void tool_version_info(void)
576 const char *const *proto;
578 printf(CURL_ID "%s\n", curl_version());
579 #ifdef CURL_PATCHSTAMP
580 printf("Release-Date: %s, security patched: %s\n",
581 LIBCURL_TIMESTAMP, CURL_PATCHSTAMP);
583 printf("Release-Date: %s\n", LIBCURL_TIMESTAMP);
585 if(curlinfo->protocols) {
586 printf("Protocols: ");
587 for(proto = curlinfo->protocols; *proto; ++proto) {
588 printf("%s ", *proto);
590 puts(""); /* newline */
592 if(curlinfo->features) {
593 char *featp[ sizeof(feats) / sizeof(feats[0]) + 1];
597 for(i = 0; i < sizeof(feats)/sizeof(feats[0]); i++) {
598 if(curlinfo->features & feats[i].bitmask)
599 featp[numfeat++] = (char *)feats[i].name;
602 featp[numfeat++] = (char *)"Metalink";
604 qsort(&featp[0], numfeat, sizeof(char *), featcomp);
605 for(i = 0; i< numfeat; i++)
606 printf(" %s", featp[i]);
607 puts(""); /* newline */
609 if(strcmp(CURL_VERSION, curlinfo->version)) {
610 printf("WARNING: curl and libcurl versions do not match. "
611 "Functionality may be affected.\n");
615 void tool_list_engines(void)
617 CURL *curl = curl_easy_init();
618 struct curl_slist *engines = NULL;
620 /* Get the list of engines */
621 curl_easy_getinfo(curl, CURLINFO_SSL_ENGINES, &engines);
623 puts("Build-time engines:");
625 for(; engines; engines = engines->next)
626 printf(" %s\n", engines->data);
632 /* Cleanup the list of engines */
633 curl_slist_free_all(engines);
634 curl_easy_cleanup(curl);