Search
Items tagged with: CURL
fix: securetransport doesn't work as expected when curl is built with multiple ssl backends by notjaywu · Pull Request #12704 · curl/curl
This PR is to fix the issue#12663 Given curl is built with multiple SSL backends, CAfile is set incorrectly when SecureTransport is the selected TLS backend.GitHub
asyn-ares: resolver timeout follows the c-ares mechanism by sunlin7 · Pull Request #12703 · curl/curl
Hi, The curl should set c-ares's timeout only for c-ares < 1.20.0. curl use a fixed timeout=2s for c-ares from commit: a181b4a, actually c-ares used default timeout to 2s since c-ares-1.20.0 rel...GitHub
docs: remove unnecessary line breaks in `.d` files by huangyxi · Pull Request #12696 · curl/curl
This pull request resolves the issue of inconsistent line breaks for the --tcp-fastopen and --connect-to options in the manpage. Script for identifying all affected files: grep -Pzl '\-\-\-\\n\\n' ...GitHub
If you didn't notice, the PDF and ePUB versions of everything #curl now also contain in-document links properly. Which for example makes the index a whole lot more useful!
PSL in #curl
PSL in this context stands for Public Suffix List. #curl is aware if built with support for it. This support is optional...
daniel.haxx.se/blog/2024/01/10…
wolfssl: Allow use of certificate chain by lealem47 · Pull Request #12634 · curl/curl
Fixes ZD#17158. Customer is using a certificate chain. Leaf cert + intermediate cert.GitHub
I'm thrilled to say that we will spend #curl sponsor money on development.
First out: @icing is engaged to work on QUIC using OpenSSL and some internal HTTP refactoring/cleanups. Starting now.
Thank you sponsors! curl.se/sponsors.html
The I in LLM stands for intelligence
On how people now use AI to submit security reports on #curl.
daniel.haxx.se/blog/2024/01/02…
"Buffer Overflow Vulnerability in WebSocket Handling".
A bot? An AI? Just a silly reporter? Another fine waste of #curl maintainer time.
curl disclosed on HackerOne: Buffer Overflow Vulnerability in...
## Summary: Hello security team, Hope you are doing well :) I would like to report a potential security vulnerability in the WebSocket handling code of the curl library. The issue is related to...HackerOne
fix implicit int compile error in ipv6 detection by a-n-n-a-l-e-e · Pull Request #12607 · curl/curl
ipv6 auto detection fails on clang 16 with error: type specifier missing, defaults to 'int'; ISO C99 and later do not support implicit int [-Wimplicit-int] fix the test stub to declare a return typ...GitHub
On this day in 1999, 24 years ago, we started hosting the #curl source code on Sourceforge. Like all the cool kids. CVS baby!
In 2010 we switched to using git, hosted on #GitHub: daniel.haxx.se/blog/2010/03/23…
Documentation: Fix incorrect C string escape in CURLOPT_POSTFIELDS by haydaralaidrus · Pull Request #12588 · curl/curl
The string literal incorrectly formatted. The backslashes in the JSON string not properly escaped, leading to invalid C syntax: const char *json = "{"name": "daniel"}"; Where it should be: const ch...GitHub
Place h3 at the front of ALPN by wangfuyu · Pull Request #12576 · curl/curl
Modify the ALPN of the ngtcp2 adaptation layer and place 'h3' at the front of the ALPN, consistent with the quiche adaptation layer.GitHub
lib: fix the Memory leak: as by zengwei2000 · Pull Request #12570 · curl/curl
lib: fix the Memory leak: as Signed-off-by: zengwei zengwei1@uniontech.comGitHub
A year ago we found #curl use in this Swiss TV-series Tschugger: daniel.haxx.se/blog/2022/12/19…
Any more recent sightings?
tests: Respect $TMPDIR when creating sockets by yedayak · Pull Request #12545 · curl/curl
When running on termux, where $TMPDIR isn't /tmp, running the tests failed, since the server config tried creating sockets in /tmp, without checking the temp dir config. Use the TMPDIR variable tha...GitHub
A funny detail about Open Source projects is that they are called "projects", as if they were somehow limited in time or ever can get done.
The #cURL "project" is a number of loosely coupled individual volunteers working on writing software together with a common mission: to do reliable data transfers with Internet protocols, as Open Source.
Everything #curl, right now:
Section titles: 981
Words: 106436
Lines: 16004
Non-space bytes: 562020
Average word length: 5.28 characters
Words per section: 108
Allow the actual use of maximum method name length by miyagawa · Pull Request #12534 · curl/curl
While reviewing #12311 ("Increase the maximum request method name length from 11 to 23"), I tested a few requests and noticed that, before the change (curl 8.4.0), 11 character request method (whic...GitHub
libssh: Improve the deprecation warning dismissal by 7heo · Pull Request #12520 · curl/curl
Previous code was compiler dependant, and dismissed all deprecation warnings indiscriminately. libssh provides a way to disable the deprecation warnings for libssh only, and naturally this is the p...GitHub
If you want to help us make everything #curl even better, I've created a few issues for things that are missing from the book:
github.com/bagder/everything-c…
Issues · bagder/everything-curl
The book documenting the curl project, the curl tool, libcurl and more. Simply put: everything curl. - Issues · bagder/everything-curlGitHub
You might be interested to know that @bagder also generates a fresh ePUB version of "Everything #curl" every day; it's available at daniel.haxx.se/everything-curl…
Starting now, I generate a fresh PDF version of everything #curl every day:
github.com/bagder/everything-c…
PDF · bagder/everything-curl · Discussion #323
Starting now, there is a daily updated PDF version of the book provided here: https://daniel.haxx.se/everything-curl/ It has some flaws that I still want to fix, but it is still highly readable and...GitHub
My curl commands were working.
But my equivalent ones using Python requests library were not.
I found this useful tool very useful!
Making it harder to do wrong
#curl is written in C. We try to write better C to reduce the risk of future vulnerabilities.
daniel.haxx.se/blog/2023/12/13…
people are also often obsessed by C vs non-C vulnerabilities, and in #curl the share of mistakes that are related to the programming language keep shrinking (just over 40% now)
This is WAY lower than what is commonly reported as a the general percentage. (60-70% is commonly repeated)