Besides being a freakin' awesome swiss army knife for (any|every)thing network related, this is another reason to love #curl "curl shall forever remain independent. curl is not part of any umbrella organization, it is not owned or controlled by any company. It makes us entirely independent and free to do what we think is best for the community"
... and two new output functions: uuid and hex
The variable holds a 128 bit semi-random value. Output it like
{{random:hex}} to get it all as a 32 byte hex sequuence
{{random:uuid}} shows it as a ...
Three years ago I made the questionable decision to mail #curl stickers to everyone who filled in a form within 24 hours. oboy, that was a lot of work...
I plan on mentoring a summer project with a small team of undergrad students to add early data support to cURL over about 8 weeks starting in June. (#13528) I'd made a basic 8-week ish plan to help...
I'm Daniel Stenberg, maintainer and lead developer in the curl project. I stream curl related stuff. Release presentations, curl development and related topics.
wolfSSL_X509_check_host checks the peer name against the alt names and the common name.
Fixes #13487. Tested using the same reproducer as in the issue. Correct url passes check.
In the #curl project, being written in C, we always work on simplifying the code. One way is to use more internal helper functions and avoid direct use of some functions that are often involved in C mistakes/vulnerabilities.
To measure how this develops, we count number of these function calls used per every thousand lines of code. Over time. In a graph.
Brought to the curl-library list on March 7, 2024. Discussed since then. No particular objections have been heard except the worry that apple device people might miss Secure Transport.
Once #13539 ...
In the #curl project, we spend 3.3 days/day on running tests - around 140,000 tests per commit/PR. In addition to what every developer runs in their own systems of course.
Our test failure rate in CI jobs is at 0.004%, which is annoyingly high when running this many tests.
## Summary:
Octal Type Handling of Errors in IPv4 Mapped IPv6 Addresses in curl allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that...
