Search
Items tagged with: Curl
You are all invited to #curl up 2025 in Prague. The annual curl event. For curl enthusiasts, users, developers and maintainers.
This is my favorite event of the year.
https://daniel.haxx.se/blog/2025/03/29/curl-up-2025/
curl up 2025
Soon, in the first weekend of May 2025, we are gathering curl enthusiasts in a room in the wonderful city Prague and we talk curl related topics over two full days. We call it curl up 2025. curl up is our annual curl event and physical meetup.daniel.haxx.se
Eleven years since the Facebook document "The Road To IPV6" that claimed #curl was "hostile" to it and I still feel offended. 😀
https://daniel.haxx.se/blog/2014/03/28/curl-and-the-road-to-ipv6/
curl and the road to IPv6
I'd like to comment Paul Saab's presentation from the other day at the World IPv6 Congress titled "The Road To IPv6 - Bumpy". Paul works for Facebook and in his talk he apparently mentioned curl (slide 24 of the PDF set).daniel.haxx.se
You can help #curl by testing this final release candidate, rc3, before the real release happens next week:
List support for SSL_CERT_FILE and SSL_CERT_DIR in TLS docs by bbodenmiller · Pull Request #16762 · curl/curl
List on TLS page as they are supported per https://curl.se/docs/manpage.htmlGitHub
Fix pluralization of seconds by dnicolson · Pull Request #16751 · curl/curl
This is similar to #16586. Can be tested with: curl --retry 2 xxx Before: curl: (6) Could not resolve host: xxx Warning: Problem : timeout. Will retry in 1 seconds. 2 retries left. curl: (6) Could...GitHub
A very common email reply to me:
"#curl is not deemed important enough for a support deal. I will instead submit a public issue/discussion item about [the discussed matter]"
CURLMOPT_SOCKETFUNCTION called with strange socket=0 · Issue #16799 · curl/curl
I did this I'm using a curl multi to to some http request, but I noticed the socket function is being called with weird socket fd=0 while fd 0 is not even managed by curl. I enabled trace with debu...GitHub
Two years ago we introduced the #libcurl header API, which also made it easier to extract headers with the #curl tool:
https://daniel.haxx.se/blog/2022/03/24/easier-header-picking-with-curl/
🛡️#Curl has been around for 26 years—and it’s still secure! How?
European Open Source Academy member, @bagder Stenberg, joined the latest episode of Security Weekly Productions, discussing how Curl and #libcurl have maintained security and reliability over decades.
A must-listen for #developers and #cybersecurity enthusiasts! 👨💻🔒
📺 Explore the episode : youtube.com/watch?v=0UavY_kKKic
👉 Learn more about the Academy : https://europeanopensource.academy/news/open-source-europe-enters-new-era-successful-first-european-open-source-awards-ceremony
#CyberSecurity #CurlProject #AppSec
Did you know that YOU can sponsor this year's #curl up? curl up is the annual curl developers meetup, this year taking place in May in Prague.
You can have your company name associated with the event while at the same time funding critical Internet infrastructure and one of the world's most widely used software components.
Just saying.
on this day, only twenty-five years ago, we shipped #curl 6.5 which introduced the fancy -w option
https://everything.curl.dev/usingcurl/verbose/writeout.html
Write out - everything curl
everything there is to know about curl, libcurl and the cURL projecteverything.curl.dev
I had forgotten this. Six years ago I researched the Refresh HTTP header field and came to the conclusion that #curl doesn't need to bother.
https://daniel.haxx.se/blog/2019/03/12/looking-for-the-refresh-header/
Looking for the Refresh header
The other day someone filed a bug on curl that we don't support redirects with the Refresh header. This took me down a rabbit hole of Refresh header research and I've returned to share with you what I learned down there.daniel.haxx.se
We got another "critical vulnerability" on #curl reported. I figured you might enjoy it.
"The authentication mechanism in cURL does not properly restrict the number of failed authentication attempts, allowing an attacker to brute-force credentials"
Yawn. Away, away you go.
Two years since the big #curl 25 year celebration I'm looking at project numbers from back then and compare them with current ones.
19,800 more lines of code
23 additional man pages
428 new test cases
83 more CI jobs
229 new authors
30,800 USD more in bug bounties
18 new command line options
14 more operating systems
4557 commits more
We're not slowing down.
Raised an issue to discuss how to improve curl's MQTT message output.
https://github.com/curl/curl/issues/16633
Comments and insight requested to plan a possible PR as I can't see a way to fix it without it being a breaking change to current behaviour.
No way to parse multiple MQTT messages from the output stream · Issue #16633 · curl/curl
I did this I ran curl mqtt://test.mosquitto.org/curl/test --output test.out -N Then in a different terminal curl mqtt://test.mosquitto.org/curl/test -d "helloWorld" curl mqtt://test.mosquitto.org/c...GitHub
Fix pkcs11 uri checking for key files. by martxel · Pull Request #16591 · curl/curl
I have found this issue when trying to use the new PKCS#11 provider support in curl. I was getting the following error when trying to use a pkcs11 uri as a key, in curl 8.12.1: * crypto provider no...GitHub
Remember: when you run #curl shipped by Apple with the --cacert flag it won't behave like #curl does everywhere else. As I wrote about last year. I think they're doing it wrong. They think its fine.
https://daniel.haxx.se/blog/2024/03/08/the-apple-curl-security-incident-12604/
the Apple curl security incident 12604
tldr: Apple thinks it is fine. I do not. On December 28 2023, bugreport 12604 was filed in the curl issue tracker. We get a lot issues filed most days so this fact alone was hardly anything out of the ordinary.daniel.haxx.se
#curl release candidate 1 for the pending release is here: https://curl.se/rc/
We'll appreciate if you take it for a spin and report any problems you find.
request: clear sendbuf_hds_len when resetting request bufq by Aearsis · Pull Request #16573 · curl/curl
Without this, any usage of sendbuf_hds_len on a retried request is wrong. We noticed by getting debug callbacks with incorrect header len. We did not figure out how to trigger the retries in a test...GitHub
The #curl roadmap 2025 webinar happens later today:
https://daniel.haxx.se/blog/2025/02/25/the-curl-roadmap-webinar-2025/
The curl roadmap webinar 2025
On March 6 2025 at 18:00 UTC, I am doing a curl roadmap webinar, talking through a set of features and things I want to see happen in curl during 2025. Figure out my local time.daniel.haxx.se
Right now, we have less than ten open issues for the #curl project
https://github.com/curl/curl/issues
Issues · curl/curl
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP...GitHub
CURLWS_CONT bugfix by roberte777 · Pull Request #16512 · curl/curl
Currently, CURLWS_CONT does not function as specified by the docs. This is an attempt to modify its behavior to be more inline with documentation. This is my second attempt and attempts to implemen...GitHub
At 21.4 days since the previous #curl release, we count merged in git since:
Bugfixes: 169 (7.91 per day)
Commit authors: 30, 12 new (total 1354)
Contributors: 42, 20 new (total 3363)
Commits: 262 (total 34545)
People are insane over here.
There was a question posed on the #curl IRC channel whether there's ever going to be a need to raise addressing or offsets from 64-bit to something larger, such as 128-bit.
I argue there is no need to do this. 64-bit can already address a very large amount of data. For example, many operating systems and filesystems have a limit of 2**64 for file sizes. But it is difficult to wrap your head around this; how much data can such a file really hold?
Some estimates (*) say that there's going to be around 181 ZB (zettabytes) of data in the world by the end of 2025.
This is only 9812 files if each file holds 2**64 bytes.
*) https://rivery.io/blog/big-data-statistics-how-much-data-is-there-in-the-world/
Big data statistics: How much data is there in the world?
Data is growing at a faster rate than ever before. 90% percent of the world’s data was created in the last two years. And every two years, the volume of data across the world doubles in size.Kevin Bartley (Rivery)
"Three generations in my family have used and loved #curl! That’s the kind of reliability you don’t see often in software." / Kalyani Pawar
💚
Three years ago today, the --json option shipped in a #curl release for the first time.
https://daniel.haxx.se/blog/2022/02/02/curl-dash-dash-json/
curl dash-dash-json
The curl "cockpit" is yet again extended with a new command line option: --json. The 245th command line option.daniel.haxx.se
say hello to #curl's 268th command line option --upload-flags (just merged in master)
Use it to set properties for your IMAP upload: answered, deleted, draft, flagged, or seen