-
Notifications
You must be signed in to change notification settings - Fork 0
/
astroget.doc
160 lines (117 loc) · 4.45 KB
/
astroget.doc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
=== URI schemes ===
- receive
= range
+ send
data: -
file: -=
finger: - (both "user@host" and "host/user" are supported)
gemini: -+ (if sending, automatically changes the scheme to "titan")
gopher: -
hashed: -=
http: -= (sending is not implemented yet but may be in future)
https: -= (sending is not implemented yet but may be in future)
nex: -
nntp: -+
scorpion: -=+
scorpions: -=+
spartan: -+
titan: +
=== Switches ===
-A #
Specify a IP address and port number (with a colon in between) to use
instead of resolving the host name in the URL.
-B #
Specify base URL to be relative to. If not specified, then the URL will
be relative to the current directory.
-C #
Specify file name for client certificate (PEM format).
-D
Delete a remote file. (Not valid for all protocols.)
-K #
Specify file name for private key of client certificate (PEM format).
-L #
Follow redirects. Specify maximum number of redirects, and optionally any
further redirect options.
-O
Allow a remote file to be overwritten. (Some protocols cannot distinguish
overwriting an existing file vs creating a new file; in that case, this
switch is meaningless.)
-Q
Only display the components of the parsed URL and terminate; do not try
to download or upload anything, and do not make any network accesses.
-R #
Define address restriction. Use letters A B C to restrict access to
the specified ranges LAN addresses (A for 10.x.x.x, B for 172.16.x.x,
and C for 192.168.x.x). If this switch is used, then addresses with
127.x.x.x are always blocked, and local files are also always blocked.
You can specify -R0 if you only want to block loopback and files. (If
used with -A then the only effect of -R is to block local files.)
-T #
TLS options.
-V #
For Scorpion, set new version code for uploaded file.
-Y #
ULFI testing mode.
-h
Write headers (in Scorpion format) to stdout. If not specified, then
status codes other than 2x, 7x, and 8x are errors. (If -O is not
specified, then 71 is also an error, even if -h is specified.)
-i #
Upload the specified number of bytes from stdin.
-n
Disable buffering.
-o #
Set output file. If not specified, it will be written to stdout. If the
file already exists, it will continue from where it left off; this is
only possible for protocols that allow range requests.
-p
Display progress indicator on stderr. (It will write a carriage return
before each progress display.)
-r #
Make a range request. The value must be two numbers with - in between,
being zero-based byte offsets; it includes the beginning and excludes
the ending offset. The ending offset can be omitted if you want to
download everything up to the end of the file.
-t #
Set MIME or ULFI type for uploaded file. The default value depends on
the protocol, and some protocols have other restrictions, or do not
allow this at all (e.g. NNTP only allows "message/rfc822").
-u #
Specify file to upload. This must be a seekable file, so that it can
measure the size of the input file.
-v #
For Scorpion, set version of remote file to replace. For Gemini, set
the value of the security token for uploads using Titan.
=== Redirect options ===
A = Disallow redirects to different IP addresses than the first one.
d = Discard client certificates after a redirect.
D = Discard client certificates after a redirect if the scheme, host,
and/or port are different from the original.
h = Allow other host names.
p = Allow other port numbers.
s = Allow other schemes, except "file" scheme.
S = Allow other schemes, including "file" scheme.
x = Same as "shp".
X = Same as "Shp".
=== TLS options ===
TLS options have + or - followed by the OpenSSL options and/or any
private options (described below), each of which is a single character.
If you start with = then it is like + but clears existing options first.
See OpenSSL documentation for the meaning of the OpenSSL options.
0 = Disable SNI
1 = SSL_OP_NO_TLSv1
2 = SSL_OP_NO_SSLv2
3 = SSL_OP_NO_SSLv3
A = SSL_OP_ALL
C = SSL_OP_CIPHER_SERVER_PREFERENCE
E = Write error messages to stderr
L = SSL_OP_LEGACY_SERVER_CONNECT
S = SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
T = SSL_OP_NO_TICKET
U = SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
c = SSL_OP_NO_COMPRESSION
r = SSL_OP_TLS_ROLLBACK_BUG
s = SSL_OP_SINGLE_DH_USE
x = Follow by a hexadecimal number to use a numbered OpenSSL option.
After the options above you may optionally have a comma and then the
cipher list (according to SSL_CTX_set_cipher_list function).