use libssh 0.11.0 new aio api to support async sftp upload for the curl built with libssh.GitHub
On Thursday Dec 5 I will run a webinar and tell you all about Rock-solid #curl long-term support releases.
Sign up here:
us02web.zoom.us/webinar/regist…
Join wolfSSL for an exclusive live webinar on December 5th at 10 AM PT featuring Daniel Stenberg, founder and lead developer of curl, to explore the launch of Rock-Solid curl, a long-term support version designed for users who prioritize security, st…Zoom
Here's the latest #curl hackerone issue I mentioned the other day: hackerone.com/reports/2871792 another one of those "we found a function call so therefore your program must be vulnerable".
Disclosed for educational purposes. Don't do this.
## Summary: The vulnerability in the program arises from a classic buffer overflow, triggered by the unsafe use of the strcpy() function without bounds checking. The program copies data from a...HackerOne
Description curl offers a --user-agent option for modifying the User-Agent header supplied in its requests. The man page section for this option explains how to use the --user-agent option, but doe...GitHub
Geeks of Mastodon, C writers and API whisperers, are you bored and without a short project?
I would love for #CURL to be able to list Samba directories. Last year I made a PR allowing for local directories listing and wanted to do the the same for smb, but without success. I think succeeding requires knowledge of Windows APIs.
I can provide some help getting it merged.
This is where I got stuck: github.com/colinleroy/curl/com…
(the magic should happen in smb_send_open_directory)
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS…GitHub
Ten years ago I explained why #curl defaults to stdout:
daniel.haxx.se/blog/2014/11/17…
(Recap: I founded the curl project, I am still the lead developer and maintainer) When asking curl to get a URL it'll send the output to stdout by default.daniel.haxx.se
Nine years ago I found out a #windows malware downloaded #curl from the curl website in order to spread itself...
daniel.haxx.se/blog/2015/11/16…
During October 2015 the curl web site sent out 1127 gigabytes of data. This was the first time we crossed the terabyte limit within a single month.daniel.haxx.se
Pretty trivial change, but I had to search the code (or just try it out) to find the answer to this, so I figure someone else will have to at some point, too. Most (all?) other callbacks that can a...GitHub
It all started on November 11, 1996:
everything.curl.dev/project/st…
#curl
everything there is to know about curl, libcurl and the cURL projecteverything.curl.dev
Provide libcurl's memory functions as callbacks to replace nghttp2's own memory functions. This allows custom memory callbacks provided by users of libcurl to be used by nghttp2 as well.GitHub
#curl is now officially running more than 200 CI jobs per PR.
Most of them run about 2000 tests each.
Almost 400K test runs in total.
#slowember is coming
I will travel three weeks this month making me (much) slower than usual this period.
This affects my ability to do a quick patch release for #curl, so we might ship one on December 11 instead: curl.se/mail/lib-2024-11/0019.…
Hi I found the logic handling CURLOPT_HTTP_CONTENT_DECODING was broken in setopt: split Curl_vsetopt() into several sub functions. This PR should fix itGitHub
FLOSS Weekly Episode 808: #curl
Me. Blabbing. Again.
hackaday.com/2024/11/06/floss-…
This week, Jonathan Bennett and Randal Schwartz chat with Daniel Stenberg about curl! How many curl installs are there?! What’s the deal with CVEs? How has curl managed to not break its ABI f…Hackaday
Rock-solid #curl: long-term support releases
daniel.haxx.se/blog/2024/11/07…
I am thrilled to announce: Rock-Solid curl: long term supported curl releases Basics We make long term support releases of curl that we call Rock-solid curl. We support each release branch for at least five years.daniel.haxx.se
## Summary: Suppose my HSTS cache file has the following content: ``` .domain.com "20241107 01:02:03" .sub.domain.com "unlimited" ``` Now, I connect to https://sub.domain.com/. Suppose this domain...HackerOne
I'm Daniel Stenberg, maintainer and lead developer in the curl project. I stream curl related stuff. Release presentations, curl development and related topics.Twitch
Let me introduce you to my new friend #curl 8.11.0
One vulnerability fixed, five changes, 266 bugfixes.
daniel.haxx.se/blog/2024/11/06…
curl 8.11.0 is released, featuring one security fix, five changes and 265 bugfixes.daniel.haxx.se
Hey,
#curl -v google.com as a metal song is a must see and hear experience. A masterpiece. I just love it.
youtube.com/watch?v=atcqMWqB3h…
The little men in your computer do this every time you open google.com0:00 Shell0:11 DNS Lookup0:21 TCP Connect0:30 TLS Negotiation1:14 Guitar Solo1:23 X509 ...YouTube
The gethostbyname(3) family was removed in POSIX-1.2008 in favor of getaddrinfo(3) introduced in POSIX-1.2001. Modern POSIX systems such as Sortix does not have gethostbyname nor the related defini...GitHub
everything there is to know about curl, libcurl and the cURL projecteverything.curl.dev
#curl source code age
daniel.haxx.se/blog/2024/10/31…
(what happened live here on mastodon converted into a blog post)
In every software project that has been around for a while there is of course newer code and older code.daniel.haxx.se
#curl source code age, raw line numbers
Next I'll see if I can make a version where the early code stays at the bottom of the graph.
#curl source code age (take 2)
How large share of the code was written after a certain date, over time.
Some of the wording in the MQTT.md file was confusing in terms of how the commands were used and what they did, so I cleared up some of the wording to better explain the use case of each command.GitHub
The videos on my YouTube channel have now been viewed 250,000 times combined
Mastering the #curl command line alone has had more than 54K views to date:
The slides = https://www.slideshare.net/DanielStenberg7/mastering-the-curl-command-linepdf0:00 Mastering the curl command line0:16 Daniel Stenberg0:36 curl s...YouTube
decomplexifying #curl
daniel.haxx.se/blog/2024/10/27…
(I wrote about this topic in my weekly email this week. This is the blog version, somewhat extended.) Easy to read Two contributing factors that make code hard to read are function length and function complexity.daniel.haxx.se
QUIC backends use flow control windows initially set to 128KB. In #14880, the maximum size used by the quiche backend was increased to 1280KB, but that of the ngtcp2 backend remained at 128KB. With...GitHub
If you have built #curl for visionOS, maybe you can help this user out?
github.com/curl/curl/discussio…
Hi, I'm recently wrapping a C libaray, which depends on CURL, into a swift package. It is then used for building a native visionOS app. I've been following the official document for building from s...GitHub
There are uses of %lx and %zx in the codebase, but parsefmt interpreted them as %x.GitHub
![Nintendo 3DS XL on a wodden table showing the specifications screen of the internet browser.
"[...] Notices regarding other Open Source Software
Copyright (c) 1996 - 2009, Daniel Stenberg, <daniel@haxx.se>. [...]"](https://fedi.ml/photo/preview/640/604718 "Nintendo 3DS XL on a wodden table showing the specifications screen of the internet browser.
\"[...] Notices regarding other Open Source Software
Copyright (c) 1996 - 2009, Daniel Stenberg, <daniel@haxx.se>. [...]\"")
