The ideas behind these new long-term support curl release branches. How they work, why we do them, how the different from the normal curl releases and so on.
Thinking about storing TLS sessions more permanently, e.g. in a file. This would make these available the next time you start curl. Reusing them is beneficial for performance, especially now that w...
Out of the 561,454 projects OpenSSF has listed in their criticality_score project, for which they generate a "criticality score" for each single one, a certain hobby project is currently clocking in as number 100. (yeah, I mean #curl)
Fixes for wolfSSL OPENSSL_COEXIST expansion for MD4, MD5, and DES.
The wolf-native APIs and types used in the changes are all old/preexisting -- there wasn't any need for version gating on any ...
Join wolfSSL for an exclusive live webinar on December 5th at 10 AM PT featuring Daniel Stenberg, founder and lead developer of curl, to explore the launch of Rock-Solid curl, a long-term support version designed for users who prioritize security, st…
Here's the latest #curl hackerone issue I mentioned the other day: hackerone.com/reports/2871792 another one of those "we found a function call so therefore your program must be vulnerable".
Disclosed for educational purposes. Don't do this.
## Summary:
The vulnerability in the program arises from a classic buffer overflow, triggered by the unsafe use of the strcpy() function without bounds checking. The program copies data from a...
Description
curl offers a --user-agent option for modifying the User-Agent header supplied in its requests.
The man page section for this option explains how to use the --user-agent option, but doe...
Geeks of Mastodon, C writers and API whisperers, are you bored and without a short project? I would love for #CURL to be able to list Samba directories. Last year I made a PR allowing for local directories listing and wanted to do the the same for smb, but without success. I think succeeding requires knowledge of Windows APIs. I can provide some help getting it merged.
(Recap: I founded the curl project, I am still the lead developer and maintainer) When asking curl to get a URL it'll send the output to stdout by default.
Pretty trivial change, but I had to search the code (or just try it out) to find the answer to this, so I figure someone else will have to at some point, too.
Most (all?) other callbacks that can a...
Provide libcurl's memory functions as callbacks to replace nghttp2's own memory functions. This allows custom memory callbacks provided by users of libcurl to be used by nghttp2 as well.
Hi
I found the logic handling CURLOPT_HTTP_CONTENT_DECODING was broken in setopt: split Curl_vsetopt() into several sub functions.
This PR should fix it
This week, Jonathan Bennett and Randal Schwartz chat with Daniel Stenberg about curl! How many curl installs are there?! What’s the deal with CVEs? How has curl managed to not break its ABI f…
I am thrilled to announce: Rock-Solid curl: long term supported curl releases Basics We make long term support releases of curl that we call Rock-solid curl. We support each release branch for at least five years.
## Summary:
Suppose my HSTS cache file has the following content:
```
.domain.com "20241107 01:02:03"
.sub.domain.com "unlimited"
```
Now, I connect to https://sub.domain.com/. Suppose this domain...
I'm Daniel Stenberg, maintainer and lead developer in the curl project. I stream curl related stuff. Release presentations, curl development and related topics.
@bagder #curl (#libcurl, specifically) is used in Seat Leon (probably a VW-group thing); together with *a lot* of other #opensource (see the scrollbar).
The little men in your computer do this every time you open google.com0:00 Shell0:11 DNS Lookup0:21 TCP Connect0:30 TLS Negotiation1:14 Guitar Solo1:23 X509 ...
The gethostbyname(3) family was removed in POSIX-1.2008 in favor of getaddrinfo(3) introduced in POSIX-1.2001. Modern POSIX systems such as Sortix does not have gethostbyname nor the related defini...
@bagder Something you write is used in the Nintendo 3DS internet browser. It sadly does not say what exactly it is using but I would assume it is #curl.
Some of the wording in the MQTT.md file was confusing in terms of how the commands were used and what they did, so
I cleared up some of the wording to better explain the use case of each command.
![Nintendo 3DS XL on a wodden table showing the specifications screen of the internet browser.
"[...] Notices regarding other Open Source Software
Copyright (c) 1996 - 2009, Daniel Stenberg, <daniel@haxx.se>. [...]"](https://fedi.ml/photo/preview/640/604718 "Nintendo 3DS XL on a wodden table showing the specifications screen of the internet browser.
\"[...] Notices regarding other Open Source Software
Copyright (c) 1996 - 2009, Daniel Stenberg, <daniel@haxx.se>. [...]\"")
