Re: Not able to build curl on Windows using VS2008.
Hi Arif, On 09.12.2014 06:19, Arif Ali wrote: 3. created a folder 'deps' (as sibling of winbuild) extracted the two downloaded libs there as desktop\curl7.39 |_src |_winbuild | |_deps |_openssl-0.9.8zb-vc9-x86 | |_ lib | |_ include | |_ bin |_zlib-1.2.7-vc9-x86 |_ lib |_ include |_ bin 4. I executed following command C:\Users\arifs\Desktop\curl-7.39.0\winbuildnmake /f Makefile.vc mode=dll VC=9 W ITH_SSL=dll WITH_ZLIB=dll ENABLE_WINSSL=yes Microsoft (R) Program Maintenance Utility Version 9.00.30729.01 Copyright (C) Microsoft Corporation. All rights reserved. configuration name: libcurl-vc9-x86-release-dll-ssl-dll-zlib-dll-ipv6-sspi-winss l Could Not Find C:\Users\arifs\Desktop\curl-7.39.0\winbuild\LIBCURL_OBJS.inc Could Not Find C:\Users\arifs\Desktop\curl-7.39.0\winbuild\CURL_OBJS.inc I'm not familar with the MSVC stuff, but I think you have to run a batch file which creates these *.inc files before you can nmake ... cl.exe /O2 /DNDEBUG /MD /I. /I ../lib /I../include /nologo /W3 /EHsc /DW IN32 /FD /c /DBUILDING_LIBCURL /I../../deps/include /DUSE_SSLEAY /I../../deps /include/openssl /DHAVE_ZLIB_H /DHAVE_ZLIB /DHAVE_LIBZ /DUSE_WIN32_IDN here you see that you use an include path ../../deps/include/openssl which of course is wrong; either fix the directory structure, or fix the makefile ... 5) For trouble shooting I even placed deps on desktop , but even then it did not work. sorry, no offend to ya, but you really need to become familar with both the OS you use and the toolchain (aka VS2008) you use; developing is not just a few mouse clicks as those fancy GUI toolchains might lead to believe; you must become familar with the error messages you get back, understand them, and then you're also able to easily fix them ;-) Greetz, Gün. BTW. zlib is already since April 2013 at 1.2.8 and you should therefore consider to build that self too ;-) http://www.zlib.net/ --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Latest PEM file is not trusting yahoo.com and many other sites.
On 09.12.2014 09:48, Arif Ali wrote: Hello, I am using PEM file and following set of APIs on my windows-app. curl_easy_setopt( curl_handle, CURLOPT_SSLCERTTYPE,PEM ); curl_easy_setopt( curl_handle, CURLOPT_CAINFO, certFile ); //CA Cert Bundle curl_easy_setopt( curl_handle, CURLOPT_SSL_VERIFYPEER, 1 ); curl_easy_setopt( curl_handle, CURLOPT_SSL_VERIFYHOST, 1 ); Its not trusting the certificates of https://in.yahoo.com/ and one more https site. If i open both of these sites in firefox it does open Certificate issuer for both websites that are not opening are following Yahoo = VeriSign Class 3 Secure Server CA - G3 Another HTTPS site = Entrust Certification Authority - L1C I have taken the latest PEM file from http://curl.haxx.se/docs/caextract.html ok, but have you also read the note on that page? Quote: RSA-1024 removed Around early September 2014, Mozilla removed the trust bits from the certs in their CA bundle that were still using RSA 1024 bit keys. This may lead to TLS libraries having a hard time to verify some sites if the library in question doesn't properly support path discovery as per RFC 4158. (That includes OpenSSL and GnuTLS.) in addition we offer an older ca-bundle from before this remove for doenload too - please visit http://curl.haxx.se/docs/caextract.html again! Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Not able to build curl on Windows using VS2008.
Hi Arif, some more comments ... On 09.12.2014 10:07, Guenter wrote: On 09.12.2014 06:19, Arif Ali wrote: 3. created a folder 'deps' (as sibling of winbuild) extracted the two downloaded libs there as desktop\curl7.39 |_src |_winbuild | |_deps |_openssl-0.9.8zb-vc9-x86 | |_ lib | |_ include | |_ bin |_zlib-1.2.7-vc9-x86 |_ lib |_ include |_ bin dont use the desktop folder - thats really a bad habbit! Instead create a folder on the root of your drive, f.e. c:\projects here you see that you use an include path ../../deps/include/openssl which of course is wrong; either fix the directory structure, or fix the makefile ... anyway you choosed the wrong target, and I'm not sure (= have not yet checked) if there is already a winssl target with these project files - but you need winssl in order to use the Windows cert store, and not OpenSSL (and that would then anyway kill the dependency of OpenSSL). oh, and another point: please avoid top posting! See the footer of each mail (Etiquette link) for further info ... Günter. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Not able to build curl on Windows using VS2008.
Hi Arif, here's a quick way without fancy GUI which works: 1) open a Visual Studio 2008 command prompt 2) change dir to the root of your extracted curl-7.39.0 source 3) build with: nmake VC=vc9 vc-winssl 4) test: with: src\curl -V - should show ya: curl 7.39.0 (i386-pc-win32) libcurl/7.39.0 WinSSL Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smtp smtps telnet tftp Features: AsynchDNS Largefile SSPI SPNEGO NTLM SSL I've just tested above, and that really works! So simple it can be ... using zlib with libcurl doesnt bring much benefit, only the curl.exe tool uses zlib to compress the manual (AFAICT). Günter. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
strange build error with VC9
Hi all, I just tried to build 7.39.0 with VS2008 (aka VC9), and while I can build both vc-winssl and vc-zlib fine , the vc-winssl-zlib target breaks: Microsoft (R) Program Maintenance Utility Version 9.00.21022.08 Copyright (C) Microsoft Corporation. All rights reserved. cd lib nmake /f Makefile.vc9 cfg=release-winssl-zlib Microsoft (R) Program Maintenance Utility Version 9.00.21022.08 Copyright (C) Microsoft Corporation. All rights reserved. cl.exe /O2 /DNDEBUG /MD /DUSE_SCHANNEL /DHAVE_ZLIB_H /DHAVE_ZLIB /DHAVE_LIBZ /I d:\projects\dephttpd\zlib-1.2.8-sdk /DCURL_STATICLIB /I. /I../include /nologo /W3 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL /D_BIND_TO_CURRENT_VCLIBS_VERSION=1 /Forelease-winssl-zlib\amigaos.obj .\amigaos.c amigaos.c cl.exe /O2 /DNDEBUG /MD /DUSE_SCHANNEL /DHAVE_ZLIB_H /DHAVE_ZLIB /DHAVE_LIBZ /I d:\projects\dephttpd\zlib-1.2.8-sdk /DCURL_STATICLIB /I. /I../include /nologo /W3 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL /D_BIND_TO_CURRENT_VCLIBS_VERSION=1 /Forelease-winssl-zlib\asyn-ares.obj .\asyn-ares.c asyn-ares.c cl.exe /O2 /DNDEBUG /MD /DUSE_SCHANNEL /DHAVE_ZLIB_H /DHAVE_ZLIB /DHAVE_LIBZ /I d:\projects\dephttpd\zlib-1.2.8-sdk /DCURL_STATICLIB /I. /I../include /nologo /W3 /EHsc /DWIN32 /FD /c /DBUILDING_LIBCURL /D_BIND_TO_CURRENT_VCLIBS_VERSION=1 /Forelease-winssl-zlib\asyn-thread.obj .\asyn-thread.c asyn-thread.c d:\temp\curl-7.39.0\lib\urldata.h(252) : error C2016: C requires that a struct or union has at least one member d:\temp\curl-7.39.0\lib\urldata.h(252) : error C2061: syntax error : identifier 'CredHandle' d:\temp\curl-7.39.0\lib\urldata.h(253) : error C2061: syntax error : identifier 'time_stamp' d:\temp\curl-7.39.0\lib\urldata.h(253) : error C2059: syntax error : ';' d:\temp\curl-7.39.0\lib\urldata.h(256) : error C2059: syntax error : '}' d:\temp\curl-7.39.0\lib\urldata.h(259) : error C2016: C requires that a struct or union has at least one member d:\temp\curl-7.39.0\lib\urldata.h(259) : error C2061: syntax error : identifier 'CtxtHandle' d:\temp\curl-7.39.0\lib\urldata.h(260) : error C2061: syntax error : identifier 'time_stamp' d:\temp\curl-7.39.0\lib\urldata.h(260) : error C2059: syntax error : ';' d:\temp\curl-7.39.0\lib\urldata.h(261) : error C2059: syntax error : '}' d:\temp\curl-7.39.0\lib\urldata.h(340) : error C2061: syntax error : identifier 'SecPkgContext_StreamSizes' d:\temp\curl-7.39.0\lib\urldata.h(354) : error C2059: syntax error : '}' d:\temp\curl-7.39.0\lib\urldata.h(930) : error C2148: total size of array must not exceed 0x7fff bytes d:\temp\curl-7.39.0\lib\urldata.h(930) : error C2079: 'ssl' uses undefined struct 'ssl_connect_data' NMAKE : fatal error U1077: 'C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\BIN\cl.exe' : return code '0x2' Stop. NMAKE : fatal error U1077: 'C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\BIN\nmake.EXE' : return code '0x2' Stop. anybody an idea what goes here wrong?? Seems I'm a bit blind ATM, but I dont see how this is caused in urldata.h ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Not able to build curl on Windows using VS2008.
On 09.12.2014 12:37, Daniel Stenberg wrote: zlib can also be used for CURLOPT_ACCEPT_ENCODING and (the hardly ever used CURLOPT_TRANSFER_ENCODING). I somehow knew I missed something ... :-P Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: strange build error with VC9
On 09.12.2014 12:43, Guenter wrote: Hi all, I just tried to build 7.39.0 with VS2008 (aka VC9), and while I can build both vc-winssl and vc-zlib fine , the vc-winssl-zlib target breaks: ok, found it - WINDOWS_SSPI=1 was missing for winssl-zlib; fixing it ASAP ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Query regarding SSL certificates not about libCurl
Hi Arif, On 08.12.2014 07:31, Arif Ali wrote: Hello Guenter, I downloaded these binaries , but I also need the libcurl.lib inorder to link it with my visual studio project. Are those filea also posted somewhere? yes, but unfortunately the devel packages are *not* build with WinSSL which is what you want in order to use the Windows cert store ... please tell a bit more what OS (32/64 bit) and what compiler you intend to use and I or someone else can probably build a devel package for ya ... just a note: my binary packages are build with the MinGW compiler, and if you want to use them then you should also use that compiler; if you instead want to use a MSVC compiler then you are more or less on your own and its best that you build it yourself since there are too many different versions out, and usually in order to have lesser trouble its recommended that everything is build with the same compiler and linked against same runtime libs ... Günter. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Query regarding SSL certificates not about libCurl
On 05.12.2014 14:41, Tor Arntsen wrote: On 1 December 2014 at 20:57, Dan Fandrich d...@coneharvesters.com wrote: On Mon, Dec 01, 2014 at 03:46:20PM +0530, Arif Ali wrote: If I do not want to build and use only binaries. How do you run your software then if not in binary form? I think he meant the issue of (downloading and) using only pre-compiled binaries instead of having to build them first. but then he should 1st provide for which OS ... but he does not seem to read the list posts and instead did put himself into CC (as I just did too); well if my magic sphere is right he might use Windows; then use one of those binaries: http://curl.haxx.se/gknw.net/7.39.0/dist-w32/?P=*winssl* http://curl.haxx.se/gknw.net/7.39.0/dist-w64/?P=*winssl* no additional setting needed - these binaries work as is with the Windows cert store. Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: libcurl.res : format not recognized
Hi Eric, On 18.11.2014 09:21, HiLow wrote: Oh ! It would be nice. For my project built against TDM MinGW64, I pass this to the resource compiler when 32-bit target : -F pe-i386 https://github.com/bagder/curl/commit/46ae340f249465b94c42e9836b9d94d74c965361 you can either directly checkout from git, or wait for the next snapshot tomorrow early morning, and test it; or just add this simple change manually to your local Makefile.m32 ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: libcurl.res : format not recognized
Hi Eric, On 18.11.2014 13:53, Guenter wrote: On 18.11.2014 09:21, HiLow wrote: Oh ! It would be nice. For my project built against TDM MinGW64, I pass this to the resource compiler when 32-bit target : -F pe-i386 https://github.com/bagder/curl/commit/46ae340f249465b94c42e9836b9d94d74c965361 you can either directly checkout from git, or wait for the next snapshot tomorrow early morning, and test it; or just add this simple change manually to your local Makefile.m32 ... a follow-up to add -m32 to CFLAGS: https://github.com/bagder/curl/commit/4bc47bec574ba843150bf897299eaf892cdbeff1 Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: libcurl.res : format not recognized
Hi, On 17.11.2014 22:40, HiLow wrote: I new in libcurl and just at stage of building from curl-7.39.0.zip source package. I'm trying to build two target : a 32-bit and a 64-bit releases under Windows 7 against TDM64-GCC (aka. MinGW-W64). It's OK for the 64-bit build, but not about 32 bit one. Here is the command line I use to build this x86 target : mingw32-make mingw32 -j8 ARCH=w32 CFLAGS=-m32 -Os CXXFLAGS=-m32 -Os LDFLAGS=-m32 And here is the error I receive : libcurl.res: file not recognized: File format not recognized collect2.exe: error: ld returned 1 exit status mingw32-make[1]: *** [libcurl.dll] Error 1 sounds to me that this TDM toolchain is somehow broken ... PS : and I have a minor question about my current building process under Windows : how to indicate the output directory where will be built the binaries (static lib, dll and associated .a) ? At this time, every build is created under the lib subdirectory, but what if I want both a 32-bit and 64-bit releases : should I have two libcurl install/trees ? using the static makefiles with MinGW(64) is not mandatory, but just a quick method to build without configure ... if you want to have install targets I'd suggest you use MSYS/MinGW and set your target through --host ... I do use these static makefiles to build both 32 and 64 bit targets with various build options, but I use the normal MinGW and MinGW64 toolchains and not the TDM one since I had problems with this too when I tried it a while ago ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: libcurl.res : format not recognized
Hi again, On 18.11.2014 00:39, Guenter wrote: On 17.11.2014 22:40, HiLow wrote: And here is the error I receive : libcurl.res: file not recognized: File format not recognized collect2.exe: error: ld returned 1 exit status mingw32-make[1]: *** [libcurl.dll] Error 1 sounds to me that this TDM toolchain is somehow broken ... probably we can add a RESFLAG to the mingw32 makefiles which you can set to solve this issue; do you know how you can control TDM's windres to build a 32-bit resource? Perhaps check the commandline help for such an option ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
some thoughts about mk-ca-bundle.pl
Hi, in march 2011 someone contributed code to mk-ca-bundle.pl which did make use of the mirror function, and AFAIK which in turn checked via a HEAD request if there was a new version of certdata.txt, and stopped the script when certdata.txt had the same version as a local stored copy ... now since we use the new place with certdata.txt downloaded from HG this seems no longer possible, and another one contributed code to do a similar job ... however to me this seems to be total overkill; currently we do: 1) always download certdata.txt (since we dont know about its age due to HEAD no longer working) 2) create a SHA1 checksum of the downloaded certdata.txt 3) parse the ca-bundle.crt for the stored SHA1 checksum 4) compare those 2 SHA1 checksums and then decide if we should create a new ca-bundle.crt or not now usually the download of the certdata.txt file is most of the script's execution time, while creating a new ca-bundle.crt takes only a second or two on nowaday's machines ... at a minimum I would like to change the SHA1 checksum to MD5 since we dont use it here for security but only as checksum over certdata.txt; this would make the script more compatible with older Perl versions where Digest::SHA might not be part of the Perl core ... more I would like to remove this checking completely, and just allways create a fresh ca-bundle.crt and backup the old, as we did years ago; this checking makes no real sense to me since we have anyway already downloaded a fresh certdata.txt, and would probably only save a second execution time for creating a fresh ca-bundle.crt while we did already use 5 or more secs to download certdata.txt + time to create the checksum ... comments please! Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] openssl: make it possible to build without SSLv3
Hi Ray, On 08.11.2014 20:43, Ray Satiro wrote: I'm under the impression it's possible regardless. Following the changes to disable SSLv3 by default at one point I had tested against OpenSSL built with no-ssl3 and when I tried SSLv3 in curl I received an unsupported protocol error message. Maybe I forgot to recompile libcurl. here's a probably related thread from the httpd view: http://mail-archives.apache.org/mod_mbox/httpd-dev/201410.mbox/%3c54501f91.2080...@aldan.algebra.com%3E Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Problem with ca-bunble.crt file
Hi, On 04.11.2014 12:01, Praveen Pvs wrote: Could you please let me know if something is wrong in the crt file yes, your file is bad; a simple quick test shows this: curl --cacert ca-bundle.crt -I https://www.google.com curl: (77) error setting certificate verify locations: CAfile: ca-bundle.crt CApath: none and also how to validate the crt file? hmm, sure this is possible, but I dont know an easy way; but anyway your ca-bundle is 2 years old, so anyway time for generating a fresh one; the libcurl sources come with a mk-ca-bundle.pl script which you can use, or you can just download a fresh one here: http://curl.haxx.se/docs/caextract.html Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Problem with ca-bunble.crt file
Hi, On 04.11.2014 12:51, Guenter wrote: On 04.11.2014 12:01, Praveen Pvs wrote: and also how to validate the crt file? hmm, sure this is possible, but I dont know an easy way; it seems to me that you have added some own certs at the end of the file (starting at line 3851); remove these and your ca-bundle.crt is ok again. Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: building with nghttp2 + ssl
Hi Lucas, On 29.10.2014 17:33, Lucas Pardue wrote: Forgive me if I am missing something here but was the removal of NPN support intentional? The following changes seem to have done that for me: https://github.com/bagder/curl/commit/e42e3a4facfca971b5e09e8351312946ccb25e79#diff-7dafef8d70eee3940c9184e4e4e93448 and https://github.com/bagder/curl/commit/357a15a6492ac0496abe952fae70aef7da017158#diff-7dafef8d70eee3940c9184e4e4e93448 I cant see how that can be; formerly the check was: #if defined(HAVE_SSL_CTX_SET_ALPN_PROTOS) \ defined(HAVE_SSL_CTX_SET_ALPN_SELECT_CB) # define HAS_ALPN 1 #endif which means we look specially for ALPN functions present; also I tried to compile against 1.0.1j and found these functions were not present; instead they are only available with 1.0.2 (which is not yet released but in beta3 currently). To me it looks as if this commit removed NPN support, or at least made ALPN mandatory: 8b6654224ba5f7ab358f4ebdb8270c3d92fd61df Since the above changes, I can no longer build curl, receiving the error message error http2 builds require OpenSSL with ALPN support!. sure? Did you really build after Feb 3, 2014 and before my latest change, and it did work? That would really suprise me ...; but maybe I'm missing something ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: building with nghttp2 + ssl
Hi Daniel, On 29.10.2014 21:35, Guenter wrote: On 29.10.2014 20:46, Daniel Stenberg wrote: It shouldn't be. OpenSSL 1.0.1 supports NPN and we can have nghttp2 use that. I was going to ask Fabian Frank if it was intentional to make ALPN mandatory ... And even more: we can even allow nghttp2 + an OpenSSL version without both ALPN and NPN like for the case when users are fine with doing http2 only over plain-text http. Please try out the attached patch and see if it makes things better for you! looks good (while I've not yet tested it, but will do asap); builds works fine with OpenSSL 1.0.1j: src\curl -V curl 7.38.1-20141029 (i386-pc-win32) libcurl/7.38.1-20141029 OpenSSL/1.0.1j zlib/1.2.8 nghttp2/0.6.4 Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smtp smtps telnet tftp Features: AsynchDNS Largefile NTLM SSL libz HTTP2 src\curl -kI --http2 https://nghttp2.org HTTP/2.0 200 accept-ranges:bytes content-length:21534 content-type:text/html date:Wed, 29 Oct 2014 21:31:50 GMT etag:54422f7b-541e last-modified:Sat, 18 Oct 2014 09:14:35 GMT server:nghttpx nghttp2/0.6.5-DEV via:1.1 nghttpx strict-transport-security:max-age=31536000 src\curl -kI --http2 https://nghttp2.org:3456/ HTTP/2.0 200 server:lucid content-type:text/html; charset=utf-8 Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: building with nghttp2 + ssl
Hi Daniel, On 26.10.2014 16:48, Daniel Stenberg wrote: I'm fine with doing this check as long as we can be reasonably sure it is the correct one. But then I'd also suggest we remove the checks from configure again since they are then pointless and unnecessary. I believe we can - OpenSSL 1.0.2 is already beta3, so very unlikely that these functions are removed again; and even if so then its just a matter of increasing the version number to be checked ... see also the 1st part of vtls/openssl.c where are already many such feature tests based on the version number ... Alternatively, we add this new check as an OR to the former check so that we can detect the functions with configure OR deem them present based on the version number. I dont think this is necessary; if the configure check remains then it should be modified to bail out if nghttp2 + ssl is enabled and OpenSSL version is not sufficient; that would have the benefit that the user would already be informed at configure stage instead of getting a compilation break close to the end of make stage ... but I would need a helping hand here since I fear I probably break configure when implementing this self ... :-( Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
release and daily-snapshot tarballs
Hi Daniel, I see in both release and daily-snapshot tarballs in src folder a file version.h which seems not in git repo and looks like a hangover from before renaming to tool_version.h ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: release and daily-snapshot tarballs
Hi Dennis,
On 27.10.2014 02:54, dev wrote:
Unrelated, but sort of related.
My nightly build log shows that something has been broken for a while :
[snip]
there's a more simple way to check for latest builds ...
examine the daily snapshot download page source, there you find tags
from which you can very easily obtain latest tarball; f.e. I use in a
shell script:
SNAPURL=http://curl.haxx.se/snapshots/;
SNAPEXT=tar.bz2
NEWEST=$(wget -q -O - ${SNAPURL} | sed -ne s/^NEWEST ${SNAPEXT} //p)
test -z ${NEWEST} echo -e ERROR: couldnt find 'NEWEST ${SNAPEXT}'
tag! exit 1
echo -e Newest tarball is ${NEWEST}
if test ! -f ${NEWEST}; then
echo -e Downloading tarball ${NEWEST}
wget -q -O ${NEWEST} ${SNAPURL}${NEWEST}
test $? -ne 0 echo -e ERROR: downloading tarball failed! exit 1
fi
if you prefer tar.gz then set SNAPEXT to this extension ...
another way is this script:
http://curl.haxx.se/dev/autocurl.txt
HTH, Gün.
---
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: release and daily-snapshot tarballs
Hi Dennis, On 27.10.2014 05:18, dev wrote: I'm using the method Daniel suggested to me. which goes directly to the git source. I *was* scrapeing the download page. and what was wrong with it? Could do that again or just wait for the git release notes to get in sync with the actual version. these mismatches happened a couple of times in the past, and I guess they will happen in the future too; its not clear from the beginning if the next release will end up with a new major version, or only with a minor bumb ... on the other side the tags on the download page are always reliable because they are written *automatically* when the tarballs are created, so they reflect *always* the correct filename (unless the tarball script is broken) ... I hate re-writing something that was working just fine. Just fine. the snippet I showed you in last mail is really fairly simple, so no big deal to intregrate it into another script ... well, your choice - I only wanted to help ... ;-) Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: building with nghttp2 + ssl
Hi Daniel, On 24.10.2014 22:49, Daniel Stenberg wrote: I've used the development OpenSSL 1.1.0 off their git when toying with this. ok; found the required functions are with OpenSSL 1.0.2beta3, therefore I would like to change the check for HAS_ALPN like this: --- lib/vtls/openssl.c.orig Wed Sep 03 15:22:36 2014 +++ lib/vtls/openssl.c Sat Oct 25 18:11:52 2014 @@ -1415,16 +1415,12 @@ #ifdef USE_NGHTTP2 #undef HAS_ALPN -#if defined(HAVE_SSL_CTX_SET_ALPN_PROTOS) \ - defined(HAVE_SSL_CTX_SET_ALPN_SELECT_CB) -# define HAS_ALPN 1 +#if OPENSSL_VERSION_NUMBER = 0x10002000L !defined(OPENSSL_NO_NEXTPROTONEG) \ + !defined(OPENSSL_NO_TLSEXT) +#define HAS_ALPN #endif - -#if !defined(HAVE_SSL_CTX_SET_NEXT_PROTO_SELECT_CB) || \ - defined(OPENSSL_NO_NEXTPROTONEG) -# if !defined(HAS_ALPN) -#error http2 builds require OpenSSL with NPN or ALPN support -# endif +#ifndef HAS_ALPN +# error http2 builds require OpenSSL with NPN or ALPN support #endif configure.ac line 1574 - 1576 test for the presense of those functions when OpenSSL is used. ok, thanks; I think the above proposed checking is more friendly to non-configure platforms like Windows or NetWare, and unless you object I would like to commit this ... I didnt yet look at the configure checks, but unless these bail out if you build with nghttp2 + insufficient OpenSSL we might then remove them ... with the above patch applied I'm able to build and link fine with OpenSSL 1.0.2beta3, and so far basic testing seems to pass: curl -V curl 7.38.0 (i386-pc-win32) libcurl/7.38.0 OpenSSL/1.0.2 zlib/1.2.8 nghttp2/0.6.4 Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smtp smtps telnet tftp Features: AsynchDNS IPv6 Largefile SSPI SPNEGO NTLM SSL libz HTTP2 curl -kI --http2 https://nghttp2.org HTTP/2.0 200 accept-ranges:bytes content-length:21534 content-type:text/html date:Sat, 25 Oct 2014 16:59:53 GMT etag:54422f7b-541e last-modified:Sat, 18 Oct 2014 09:14:35 GMT server:nghttpx nghttp2/0.6.5-DEV via:1.1 nghttpx strict-transport-security:max-age=31536000 curl -kI https://nghttp2.org:3456/ curl: (52) Empty reply from server curl -kI --http2 https://nghttp2.org:3456/ HTTP/2.0 200 server:lucid content-type:text/html; charset=utf-8 anything else I can test? Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Minimal versions of dependencies
Hi Daniel, On 23.10.2014 09:31, Daniel Stenberg wrote: On Thu, 23 Oct 2014, Daniel Stenberg wrote: GnuTLS 2.8.0 was released in May 2009 so it is *terribly* old. 2.10.0 came in June 2010. Argh, I meant to say _not_ terribly old. 5 years is nothing! =) naaa, 2.8.1 was tagged 10 Jun 2009, and I agree that 5+ years is definitely *terribly* old, especially for a security-related library ;-) Its definitely time to rebuild my old Linux box where these autobuilds run, but currently its not on top of my todo list since its an internal box which doesnt export any services to the world ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: SFTP problems
Hi Daniel, On 21.10.2014 13:35, Daniel Karunairatnam wrote: is it the 3.34MB file under win32-generic on this page? http://curl.haxx.se/download.html are you running windows 8? and if it is that file. how do I compile the example code? there is no libcurl.lib file and visual studio studio throws up a link error in response. I think what Ray mainly wanted to say is that sftp basically works on Windows (and also on Windows 8). But these binaries are build with the MinGW compiler, and even if it might be possible to use the *.a libs (after converting to .lib) from MSVC it is not recommended; in general it is also not recommended to use MSVC pre-build binaries with MSVC unless you know exactly with which MSVC version + settings they were build. That means for you that you should build libcurl + any needed dependency libs with *your* MSVC version from scratch, and then build your example and link against your own created libs. For your use case you would have to build at least: OpenSSL libssh2 (linked against your OpenSSL version) libcurl (linked against your libssh2 version) HTH, Günter. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Questions and proposals about SSL and pinned public key
On 14.10.2014 16:25, Patrick Monnerat wrote: and I think coding our own PEM--DER conversion is not a huge job (we already have base64 support). could also be useful for LDAP ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Multi interface: mis-match in number of requests sent to number of responses received
On 06.10.2014 14:01, Daniel Stenberg wrote: On Mon, 6 Oct 2014, nikhil ap wrote: In certain other cases, after 200OK is processed but curl is immediately sending reset. I would also like to know why. After 2000K what? Are you talking about TCP reset? Can you please elaborate on what you mean. hehe, he wrote 200 OK but missed the blank ;-) but I did also 1st read it as 2000K Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Failures while building on cygwin
Hi Michael, On 26.09.2014 19:48, Michael Osipov wrote: this must be some cygwin quirk. I guess, I have to inquire with the cygwmin mailing list. indeed. I would try to re-install the c-development package (the one which contains gcc, ld, ar, etc.); perhaps this helps ... Günter. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Enhancements to mk-ca-bundle
Hi Partick, thanks for the ping and sorry for not returning to you earlier ... On 21.04.2014 19:20, Patrick Watson wrote: Hi everyone, I just wanted to make sure that this patch hadn't been overlooked. Is there anything more I can do to streamline it's adoption? nope. I had some probs with my hardware - my Linux server's mainboard where I have many git repos, various toolchains, autobuilds etc. went mad, and it took a while to find a proper replacement ... Hopefully I can take a look at your work this weekend - though no promise! Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Visual Studio Project Files
On 05.04.2014 19:34, Steve Holme wrote: I have been saying on here for a long, long time that I would share my Visual Studio project files (Though I did email a few copies out last year) and finally after some rework of these files, settings and re-organisation of the directory structure I have pushed an introductory commit of said files - commit 11025613b9. Currently we provide very limited Visual Studio IDE support for building curl and libcurl via the files in the VS directory – currently only VC6 (aka Visual Studio 6 / 98) and VC8 (aka Visual Studio 2005) so even this support is quite old ☹ Furthermore these files only support 32-bit Release and Debug builds without any support for 64-bit builds (possible in VC8 and above) or any of the third-party libraries we integrated with (such as OpenSSL, SSPI andSChannel, libSSH2, etc…). ... Things that I would like to do next: * Add VC6, VC7, VC7.1, VC9, VC10, VC11 and VC12 variants * Update the release process to generate the project files from the templates * Integrate with other third-party libraries such as zlib and WinIDN * Remove the older VS folder base files * Get the test suite integrated and compiling under Visual Studio Any ideas, suggestions or comment are as always much appreciated ;-) hmmm, do you really think thats all needed? here my thoughts: - only very few folks really work on developing the library or curl tool itself, so why should they prefer project files over the nmake files? Which benefit would it have? - AFAIK it was all the time possible to just import our distributed nmake files and create project files from them ... - AFAIK most of the VS Express versions cant deal with project files, so the benefit (if any) would only apply to those using the commercial versions of the M$ compilers tools ... - its much work to maintain all those separate project files (even if you volunteer to do it - there might be times when you're swamped with other work); I believe it would be better to use a similar approach as what we did up to now with the nmake files: use one template and create the different versions from the template with some sed rules ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: AW: Re: problems making curl-7.36.0 from sources on Windows
Hi Frank, On 03.04.2014 12:26, Frank Haferkorn wrote: ./configure --with-winssl From a cygwin shell ... Can you help me with this? since winssl implies you want to get a native windows build its probably better if you use MSYS instead of Cygwin; or at least add something like --host=x86-mingw32 to the configure flags Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [bagder/curl] 420d9f: Rework Open Watcom make files to use standard Wmak...
Hi Gisle, On 03.03.2014 16:13, Gisle Vanem wrote: GitHub nore...@github.com wrote: Changed paths: M lib/Makefile.Watcom M src/Makefile.Watcom Log Message: --- Rework Open Watcom make files to use standard Wmake features Jiri, Daniel. Can one of you please change my email-address in those headers? To: gva...@yahoo.no. And since these files are heavily changed since I started writing them (in 2005!), add Jiri's + Gunther's + Yang's etc. addresses there too. honestly: are you really after receiving direct emails from users asking you about problems with a Makefile you hacked up 9 years ago and which was changed a couple of times after that even by others?? ;-) IIRC we had a similar discussion already a while ago regarding the *.m32 files, and we finally agreed that we should just add our project header and remove any names of individuals entirely - anyway all names appear already in the contributor list; but if you really think that authors should be named then at least lets do it without email addresses so that users always contact us through the mailing lists ... greets, Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Enhancements to mk-ca-bundle
Hi Patrick, On 26.02.2014 01:39, Patrick Watson wrote: I've been working on a few enhancements to cURL's mk-ca-bundle Perl script and would like to solicit functionality feedback before submitting a patch. thanks for coming here and considering to push your enhancements upstream ... but currently I'm not yet sure if your special add-ons are useful for a broader (lib)curl user community; they sound a bit like it would be better to create a new prorgam conv-certdata.pl or something like that ... dont get me wrong here (and I only express my personal oppinion) but in the past mk-ca-bundle.pl showed that it was sensible to changes done in certdata.txt, and the more checks are included the more sensible it will be (that's probaly also derived from the simple and/or stupid way I hacked it up initially) ... also since it is part of our libcurl project we all need to maintain it and try to keep it going for our purpose, and the more complex it becomes its probably also more complex to maintain from our side ... but that doesnt mean that I'm against any enhancements as long as these are done in a way which: - keep the script running on multiple platforms including Windows - keep current speed of the default mode == Main change == Today, mk-ca-bundle outputs all certificates within Mozilla's certdata file containing the purpose CKA_TRUST_SERVER_AUTH at trust level CKT_NSS_TRUSTED_DELEGATOR, i.e. CAs trusted to issue SSL server certs. At NCR, we need the ability to generate a bundle containing the explicitly untrusted certs (for a blacklist) as well as CAs trusted for other purposes, such as code signing. Therefore, I have enhanced mk-ca-bundle to take a list of trust purposes and trust levels on the command line. It'll then output all certificates which are trusted for at least one of the requested purposes at one of the requested trust levels. Example (using y and z as placeholders for the TBD parameter flags): perl mk-ca-bundle -y SERVER_AUTH,CODE_SIGNING -z NOT_TRUSTED This would generate a bundle containing all certificates which are not trusted for either SSL server auth or for code signing. ** Does anyone have an opinion on which flags are used for these command line parameters? -p could be used for the purpose list, but an intuitive letter for the trust level isn't available since both -t and -l are already used. hmm, perhaps we can use -p in the sense of 'parameters' and then use a sytax like: -p purpose[:trust_level] ** The default behavior remains as before: output only SSL server trusted CAs. ** Are there any objections to this change? no. == Auxiliary changes == (Plain text mode example attached for a single cert) When outputting in plain text mode (flag -t), I've added the ability to output several different cert hashes. I did this because the previous output was MD5, which is inconvenient since Windows normally displays the certificate thumbprint using SHA1. I wanted to maintain compatibility with any applications/processes out there that still use the MD5 hash, so I just added SHA1 and SHA256 outputs. However, this slows down the generation process since we go from creating 1 hash to creating 3. ATM I've not looked into the script for longer, but IIRC the hash is done by openssl commandline, or? Cant we let this generate the additional hashes which is probably faster than doing it with perl? ** Is this acceptable to everyone? If need be, we could add a command line parameter to allow picking a hash algorithm. makes probably sense ... When outputting the certificate, I also write out the certificate trust information. I find this to be useful for troubleshooting. ** Is this acceptable to everyone? hmmm, I would prefer to keep the current short format as is since the SSL backends must scan those files again and again, and skipping those 'comments' which are not used for SSL needs time; when doing the full output this would probably be ok - but perhaps also not bad to only do it optional ... ** Should this be output only in plain text mode (flag -t)? I yep, I think ... currently output it in both modes since it cannot be recovered from the certificate PEM encoding. ** Do you have an opinion on if this is output before or after the line? I currently output before the line since I want to conceptually separate it from the certificate itself. After all, the trust we place in the cert is not an attribute of the cert itself. no idea yet ... Again - all I wrote is only my personal opinion, and I would love to hear some comments from others what they think about such enhancements ... since it appears that you did already all those enhancements, maybe you can post a patch with what you currently have which applies cleanly against current version in our GIT so that we can take a closer look and play a bit with it on different platforms? thanks, Gün. --- List admin:
Re: old topic: EPSV vs PASV
On 05.02.2014 00:18, Daniel Stenberg wrote: On Tue, 4 Feb 2014, Guenter wrote: I can re-create the problem also with the curl commandline: curl -v -O ftp://skytraq:skytraq@60.250.205.31/ephemeris/Eph.dat Is it curl's connect back to the new port that fails? When I try it, it connects back fine to the server but it never seems to receive any data. Can you show us a full log of the failure? see below (ans also attached) - appologies that its an older version, but its just what ships with the SuSE version of this box: curl 7.28.1 (x86_64-suse-linux-gnu) libcurl/7.28.1 OpenSSL/1.0.1e zlib/1.2.7 libidn/1.25 libssh2/1.4.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP #: curl -v -O ftp://skytraq:skytraq@60.250.205.31/ephemeris/Eph.dat * About to connect() to 60.250.205.31 port 21 (#0) * Trying 60.250.205.31... % Total% Received % Xferd Average Speed TimeTime Time Current Dload Upload Total SpentLeft Speed 0 00 00 0 0 0 --:--:-- --:--:-- --:--:-- 0* connected * Connected to 60.250.205.31 (60.250.205.31) port 21 (#0) 0 00 00 0 0 0 --:--:-- --:--:-- --:--:-- 0 220-FileZilla Server version 0.9.24 beta 220-written by Tim Kosse (tim.ko...@gmx.de) 220 Please visit http://sourceforge.net/projects/filezilla/ USER skytraq 331 Password required for skytraq PASS skytraq 0 00 00 0 0 0 --:--:-- 0:00:01 --:--:-- 0 230 Logged on PWD 257 / is current directory. * Entry path is '/' CWD ephemeris 250 CWD successful. /ephemeris is current directory. EPSV * Connect data stream passively 0 00 00 0 0 0 --:--:-- 0:00:02 --:--:-- 0 229 Entering Extended Passive Mode (|||3113|) * Trying 60.250.205.31... 0 00 00 0 0 0 --:--:-- 0:00:03 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:04 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:05 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:06 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:07 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:08 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:09 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:10 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:11 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:12 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:13 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:14 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:15 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:16 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:17 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:18 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:19 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:20 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:21 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:22 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:23 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:24 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:25 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:26 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:27 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:28 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:29 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:30 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:31 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:32 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:33 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:34 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:35 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:36 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:37 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:38 --:--:-- 0 0 00 00 0 0 0 --:--:-- 0:00:39 --:--:-- 0 0 00 00 0
Re: old topic: EPSV vs PASV
Hi, On 05.02.2014 23:35, Guenter wrote: On 05.02.2014 00:18, Daniel Stenberg wrote: On Tue, 4 Feb 2014, Guenter wrote: I can re-create the problem also with the curl commandline: curl -v -O ftp://skytraq:skytraq@60.250.205.31/ephemeris/Eph.dat Is it curl's connect back to the new port that fails? When I try it, it connects back fine to the server but it never seems to receive any data. Can you show us a full log of the failure? I've just compiled recent curl version linked statically on another box, and 7.35.0 seems to recover after ~65 sec from the EPSV error and then continues and downloads the file - see attached log; so seems that our current version behaves ok; sorry for not testing with recent version in 1st place :-P Gün. log_skytraq2.txt.gz Description: GNU Zip compressed data --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: make mingw32 fails
On 04.02.2014 07:53, Daniel Stenberg wrote: On Sat, 1 Feb 2014, Thomas Braun wrote: Unfortunately the compilation fails because the object files from the vtls folder are expected in lib/vtls but in fact they are in lib. Attached is a patch which hopefully explains the problem. Thanks! But why are the object files not in vtls? The path to the source file works so it should just generate the object files there too! Isn't it the compiler line that should rather be improved? It feels like it could be made better than a copy. Like making $(CC) $(INCLUDES) $(CFLAGS) -c $ use -o $@ or something? I'll take a look into it asap ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
old topic: EPSV vs PASV
Hi all, I'm using a software [1] with a Skytraq gps device, and this code uses internally libcurl for downloading AGPS data ... the FTP download fails for me - probably Skytraq has meanwhile changed their FTP server (now FileZilla server) and / or their firewall, whatever ... I can re-create the problem also with the curl commandline: curl -v -O ftp://skytraq:skytraq@60.250.205.31/ephemeris/Eph.dat if I use --disable-epsv the download works fine ... a related topic came already up 3 years ago [2]; also I tested with wget and no issue with the download ... perhaps some others may test the above curl commandline and post here results - might be that this issue is caused by my ISP, who knows ... [1] https://code.google.com/p/skytraq-datalogger/ [2] http://curl.haxx.se/mail/lib-2011-02/0059.html thanks, Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: curl-7.33 pre-built dynamic library
Hi, On 04.12.2013 18:57, Ali Nikzad wrote: I am using the 32-bit dynamic pre-built binaries of libcurl 7.33 in a C++ application. I downloaded the msi installation of the files from www.confusedbycode.com/curl/ . When I install the msi in my machine and use the dlls everything works fine. But when I port those dlls and use them in another machine without installing the msi, libcurl does not work. I wonder what happens in installation that I am missing. Should I register the dlls in the second machine manually? I guess that some dependend DLLs will be located in other folders which you then dont copy ... but you should really ask this question to those folks who built the MSI installer ;-) Another way to find out the dependencies of your binaries is using this tool: http://www.dependencywalker.com/ HTH, Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH v4] Add connection delay to Happy Eyeballs.
Hi Björn, On 05.11.2013 23:59, Björn Stenberg wrote: Steve Holme wrote: * The OpenSuSE 12.1 build is reporting valgrind memory issues in test 583. Whilst we typically see in use at exit: 656 bytes in 4 blocks is there possibly something else connect wise that is making this test fail? [2] This looks odd. I'll take a deeper look tomorrow. the error reported is: Open file descriptor created at ../../curl/lib/connect.c:1260 and this doesnt only happen with my OpenSUSE builds but also with Tor's Solaris builds; see: http://curl.haxx.se/dev/log.cgi?id=20131105234705-11595#prob19 and: http://curl.haxx.se/dev/log.cgi?id=20131105081744-17770#prob10 Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Reading gmail with imap unsuccessful on Win32
Hi Mark, On 26.10.2013 11:31, Mark Hessling wrote: Also tried with curl -6 on the Windows machine, but the curl.exe I have does not have IPV6 support built in. see here for a IPv6-aware 32bit-binary: http://curl.haxx.se/gknw.net/7.33.0/dist-w32/ and here for 64-bit: http://curl.haxx.se/gknw.net/7.33.0/dist-w64/ Greets, Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [RELEASE] curl and libcurl 7.33.0 is out!
On 17.10.2013 21:41, Mike Mio wrote: On Monday, October 14, 2013 2:05 PM, daniel.haxx.se wrote: ... yet another curl and libcurl release ... Download from: http://curl.haxx.se/download.html Curl and libcurl 7.33.0 That's great! May I request that the Win32 libCURL binaries be updates when convenient? Binaries are now available from the download page ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Get the directory of remote machine
Hi, On 19.09.2013 21:10, Igor Korot wrote: Is it possible to get the directory of the remote machine? What I'm looking for is the procedure to check for an updated file. I will connect to the remote server and get the directory sorted by date. If the last file's date and the file I have locally are from the same date - skip download. Otherwise get the newer file. Or maybe there is an easier process? if you also design the server side then you can also use http and use libcurl to get the headers only; usually the 'Last-modified' header tells you the remote date. You can test this also with the curl commandline with option -I. Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Windows autobuilds broken since df69440d05f1133a9053e19a9bf576c8b13514b9
Hi all, somehow the commit df69440d05f1133a9053e19a9bf576c8b13514b9 broke the Windows autobuilds; ATM I'm a bit clueless why the compiler breaks only for Windows builds while other platforms work fine ... please take a look at it - some other eyes or minds may have an idea - hopefully ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: PATCH: prevent a double free() with a malformed LDAP URL
On 09.09.2013 09:41, Daniel Stenberg wrote: On Sun, 8 Sep 2013, Nick Zitzmann wrote: I applied the patch, and it did un-break the build for me, and it also passes all of the unit tests for what it's worth. Thanks, I pushed this now. did you mean size_t here? http://curl.haxx.se/dev/log.cgi?id=20130910104512-7022#prob1 Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: PATCH: prevent a double free() with a malformed LDAP URL
On 07.09.2013 17:32, Nick Zitzmann wrote:
I'm pretty sure lines 90-91 of lib/ldap.c is the culprit:
===
#undef LDAPURLDesc
#define LDAPURLDesc CURL_LDAPURLDesc
===
#undef doesn't work on typedef'd data structures, and LDAPURLDesc is
declared as a typedef struct on Mountain Lion's built-in libldap.
yep, same with NetWare - from ldap.h:
/*
* types for ldap URL handling
*/
typedef struct ldap_url_desc {
struct ldap_url_desc *lud_next;
char*lud_scheme;
char*lud_host;
int lud_port;
char*lud_dn;
char**lud_attrs;
int lud_scope;
char*lud_filter;
char**lud_exts;
int lud_crit_exts;
} LDAPURLDesc;
Gün.
---
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: PATCH: prevent a double free() with a malformed LDAP URL
On 06.09.2013 13:33, Daniel Stenberg wrote: On Thu, 5 Sep 2013, Geoff Beier wrote: I've attached a modified version of your patch to show what I mean. That's been tested on win32, and confirmed expected behavior for both malformed and well-formed ldap urls. Lovely, thanks! I edited it slightly and it is now pushed to git. seems NetWare CLDAP SDK doesnt like it: http://curl.haxx.se/dev/log.cgi?id=20130906231203-16410#prob1 though hadnt time to look into it - just only saw the failing autobuild ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: PATCH: prevent a double free() with a malformed LDAP URL
Hi, On 05.09.2013 06:14, Geoff Beier wrote: (As an aside, do you know of a good git package for Windows that's not based on msys? I'm afraid to install msys-git on there because that system already has a load-bearing installation of msys and I really don't want to troubleshoot any conflicts that might occur if I try to make the two coexist.) what's wrong with msys-git? You dont need to install anything - just download the portable version (7z-archive), extract it to your HD and create a link on the desktop to git-bash.bat and done - no need to add it to the system path or such ... HTH, Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Are libcurldll.a and libssh2dll.a meant to be named as such?
Hi, On 17.08.2013 05:17, K. Frank wrote: Thanks for the follow-up. I like your reasoning. I don't really know the history and reasoning behind the typical mingw library naming system, and hadn't realized that it limits one's flexibility in choosing which libraries to link statically vs. dynamically. this is no typical mingw naming system but the general behaviour of windows-targeted configure builds. Just to be clear, I'm not complaining or asking for any change -- the current system works just fine for me. I was just curious about the apparent inconsistency. Also, do I surmise correctly that the naming convention for libcurl differs from that of, say, libcrypto because libcrypto is a separate project that you just use, and you don't elect to force your preferred naming convention on them? exactly; libcurl and libssh2 are under my control - OpenSSL is not. Beside that the naming for libcurl existed already long before I took over maintaining the static MinGW makefiles; I just kept it this way, and I adopted it to libssh2 ... since building OpenSSL native on Windows with MinGW is really a pain I do cross-compile it on Linux; if I would do same for libcurl and libssh2 then the naming would be equal (*.dll.a); but for now I stay with building the binaries (lots of different combos which are not all listed on the download page; see http://curl.haxx.se/gknw.net/7.32.0/ ); if I would want to build these all with MinGW configure, or even cross-compile on Linux (which would be way faster) that would nevertheless take probably half a day - while compilation of one combo with the static makefiles takes only ~1-2mins (I build the win32 bins on an old 2.8MHz P4 running W2K3sp2 and the win64 bins on a 1.8GHz 2-core Atom running W7sp1-x64) ... I struggle enough already with configure while building Linux and Android targets, so I dont wanna add some more for Windows targets ... ;-) If I would want to cross-compile Windows binaries on Linux + provide latest versions of dependencies then I would also have to: - compile + install the dependencies into the cross compiler (bad thing since then no longer package management works) or: - build RPMs of the newer deps so that I can cleanly install/uninstall them with the package manager (the 'right' way but a lot of initial work until that flies for all deps) or: - specify separate locations of each newer dependency (always a hard way until this finally works as desired) Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Are libcurldll.a and libssh2dll.a meant to be named as such?
Hi,
On 14.08.2013 15:06, K. Frank wrote:
I downloaded the 64-bit mingw-w64 version of libcurl:
curl-7.31.0-devel-mingw64.7z
and installed it by unzipping the file.
In its lib64 directory I find
libcurldll.a
libssh2dll.a
I might have expected them to be named
libcurl.dll.a
libssh2.dll.a
with an additional dot ('.') preceding the dll.
This would have been consistent with the naming of the other
libraries, e.g., libcrypto.dll.a, and seemingly more consistent
with the naming of the .a and .def files.
true, but ...
It's hardly a big deal -- in my compile command I specify
-lcurldll rather than -lcurl, and everything works. But
I'm wondering if this choice of naming was intentional, and
if so, what the reasoning is.
its exactly that: you can easily decide to link either statically or
dynamically; if you have both a libcurl.a and libcurl.dll.a in the same
directory the linker will always prefer to link against the *.dll.a; if
you specify -static then that counts for *all* libs; you cant f.e. link
one library statically and another dynamically unless you remove the
dynamic link libraries for those libs you want to link statically ...
if I have a lot of time (very unlikely ATM) then I might dig into the
MinGW makefiles, and modify them to use -l only for dynamic linkage and
for static linkage only add the static lib with full path - that should
work ...
Gün.
---
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
install mk-ca-bundle.pl ?
Hi all, I just found some posts about the fact that 'make install' does install the docu for mk-ca-bundle.pl, but not the script itself ... :-) I'm not sure if we should now remove the obviously useless installation of the docu, or if we should add installation of the script ... oppinions? Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: VMS - shared libcurl files, updated gnv build files.
Hi John, On 02.08.2013 01:28, John E. Malmberg wrote: Any clues as to what I can do to prevent this? make sure that the attachment is treated as binary, f.e. gzip it. Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Upload failed for a file having unicode characters in its name
Hi, On 24.07.2013 09:32, Mohammad Alam wrote: see below link http://curl.haxx.se/mail/lib-2006-04/att-0064/sampleconv Above example claims to addressed unicode issue but when I tried to use sample code then getting compilation errors for following functions platform_a2e platform_e2a platform_u2e Let me know where I could found the definitions of above function.? Is there exist another way to address above issue? it would help if you would also read the code and specially the comments instead of just compiling it ;-) quote The platform_xxx calls represent platform-specific conversion routines. /quote so these are defined nowhere but need to be replaced by true conv functions. If you need unicode support on Windows you should try to build your own libcurl with the proper define (without looking it up I think its _UNICODE or something like that); that should switch usage of Windows functions from functionA to functionW ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: x64 libcurl
Hi, On 09.07.2013 08:50, Jamey Kirby wrote: I am trying to build libcurl for x64, I finally got it almost working. I can build x86 with no problems. Fails when it tried to compile amigaos for x64. How do I tell it to only build vc-x64? Here is my build line: nmake /f Makefile.vc10 MACHINE=x64 cfg=release Works when I select x86, but amigaos fails and build fails when I select x64 Here is the error line: release\amigaos.obj : fatal error LNK1112: module machine type 'X86' conflicts with target machine type 'x64' I saw exactly same error few days back, and thats because I didnt set MACHINE properly ... with MSVC you can open 2 different commandline windows: one 'normal' which defaults to x86, and another one for x64 (see menu entries form MSVC) ... I guess I have run slam into the downside of open source; no one to scream at and throw money at to get an issue resolved. libcurl x86 works great in the project. What is so complex that this is not working? Maybe that is why there is no native x64 libcurl; no one has figured out how to do it yet... nonsense - libcurl can compile fine for any x64 OS, and even for Windows ... if you still need help with this then please let me know what MSVC version you need to use, and what dependencies (features) you need with libcurl, and I'm able to help you - you can contact me off list if you wish. Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: x64 libcurl
On 09.07.2013 09:41, Jamey Kirby wrote: Looks like x64 simply does not work :( clearly not true - see here where we have an autobuild which runs daily and compiles the vc-x64 target fine with VC9: http://curl.haxx.se/dev/log.cgi?id=20130708135121-14345 Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: x64 libcurl
Hi Jamey, please dont top-post! On 09.07.2013 19:10, Jamey Kirby wrote: Looks like this is the issue: Microsoft (R) C/C++ Optimizing Compiler Version 18.00.20617.1 for x86 Copyright (C) Microsoft Corporation. All rights reserved. I started building with 2013 last night before I went to sleep. IMO trying all available MSVC versions is not the solution but instead can only increase your frustration - as you see from the makefile suffix we have only tested up to VC10 - if later versions work without issues is not guaranteed; but I can tell you for sure that VC10 works; did just today a build ... before you get mad just drop me a mail and I'm sure we will sort it out, f.e. with a remote session ... ! Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Makefile adjustments to solve link error (on Windows 8, VC10)
Hi Boris, On 08.07.2013 13:55, malinow...@ftw.at wrote: and 3rd you should explain from where dotdot.* is coming from, and where it is documented; a quick search didnt reveal anything useful, so please tell us a bit more ... its in lib/dotdot.c curl commit 7877619 dotdot: introducing dot file path cleanup ah, ok - sorry, I didnt look into our own git to see what went in after recent release :-P just fixed in git with b7a9331..e014699 Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Makefile adjustments to solve link error (on Windows 8, VC10)
On 06.07.2013 13:47, Guenter wrote: Hi Boris, On 04.07.2013 17:25, malinow...@ftw.at wrote: running testcurl.pl on Windows 8, VC10, I had to remove the curl_rand.obj, and add the dotdot.obj to make the linker happy. With those changes both exe and lib were created successfully. See attached patch (for VC10, also included in the patch). 1st you cant just switch the Makefiles to use VC10 from now on - we want to keep backward compatiblity. 2nd it would help to understand why your patch is required with VC10 if you would post the error message you get when compiling with VC10; and 3rd you should explain from where dotdot.* is coming from, and where it is documented; a quick search didnt reveal anything useful, so please tell us a bit more ... in addition I've just checked builds of targets vc-sspi and vc-x64 with VC10 on Windows 8.1 and found no issues: C:\projects\curl-7.31.0\srccurl -V curl 7.31.0 (x86_64-pc-win32) libcurl/7.31.0 Protocols: dict file ftp gopher http imap ldap pop3 rtsp smtp telnet tftp Features: AsynchDNS Largefile so I dont think there's any problem with VC10 ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Makefile adjustments to solve link error (on Windows 8, VC10)
Hi Boris, On 04.07.2013 17:25, malinow...@ftw.at wrote: running testcurl.pl on Windows 8, VC10, I had to remove the curl_rand.obj, and add the dotdot.obj to make the linker happy. With those changes both exe and lib were created successfully. See attached patch (for VC10, also included in the patch). 1st you cant just switch the Makefiles to use VC10 from now on - we want to keep backward compatiblity. 2nd it would help to understand why your patch is required with VC10 if you would post the error message you get when compiling with VC10; and 3rd you should explain from where dotdot.* is coming from, and where it is documented; a quick search didnt reveal anything useful, so please tell us a bit more ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
sepheaders.c example
Hi,
while porting some code to Lua and looking through our samples I came
over sepheaders.c; the code looks a bit strange to me - I wonder why a
body file is created and opended, but then not used at all? Instead
there's only a hint comment about what to use when we want to have the
output somewhere else than stdout ...
any objections to apply below patch?
--- sepheaders.c.orig 2012-12-11 23:32:22.0 +0100
+++ sepheaders.c2013-06-20 17:34:53.454223316 +0200
@@ -59,18 +59,17 @@
curl_easy_cleanup(curl_handle);
return -1;
}
- bodyfile = fopen(bodyfilename,w);
+ bodyfile = fopen(bodyfilename,wb);
if (bodyfile == NULL) {
curl_easy_cleanup(curl_handle);
return -1;
}
- /* we want the headers to this file handle */
+ /* we want the headers be written to this file handle */
curl_easy_setopt(curl_handle, CURLOPT_WRITEHEADER, headerfile);
- /*
- * Notice here that if you want the actual data sent anywhere else but
- * stdout, you should consider using the CURLOPT_WRITEDATA option. */
+ /* we want the body be written to this file handle instead of stdout */
+ curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, bodyfile);
/* get it! */
curl_easy_perform(curl_handle);
@@ -78,6 +77,9 @@
/* close the header file */
fclose(headerfile);
+ /* close the body file */
+ fclose(bodyfile);
+
/* cleanup curl stuff */
curl_easy_cleanup(curl_handle);
Gün.
---
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: sepheaders.c example
On 20.06.2013 20:13, Daniel Stenberg wrote: On Thu, 20 Jun 2013, Guenter wrote: any objections to apply below patch? Looks fine to me! after posting I tested on Windows too, and found that I get there empty lines due to the fact that the headers have already trailing crlf; so changed open mode for headerfile also to 'wb' to avoid adding another crlf by Windows. Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: site contents now off git
On 16.06.2013 23:26, Daniel Stenberg wrote: On Fri, 24 May 2013, Guenter wrote: not sure if its related to this move, but the following doc page looks a bit ugly: http://curl.haxx.se/libcurl/c/curl_version_info.html seems some newlines are missing ... Thanks for pointing this out. Turns out 'roffit' didn't properly parse nroff instructions case insensitively, so once I fixed that the page looks much better! I believe this will also fix a few other pages... Fix: https://github.com/bagder/roffit/commit/6e722b6195d1 great - indeed looks much better now! Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: site contents now off git
Hi Daniel, On 13.05.2013 19:44, Daniel Stenberg wrote: I've just switched the web site to now update its contents automatically from this git repository: https://github.com/bagder/curl-www Please point out any problems you encounter as I'm sure there are some flaws left due to this transition. not sure if its related to this move, but the following doc page looks a bit ugly: http://curl.haxx.se/libcurl/c/curl_version_info.html seems some newlines are missing ... not sure, but I thought that looked better when I last time read it ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: AW: How to include sftp support in libcurl
Hi, On 22.04.2013 17:46, alexander.elg...@external.t-systems.com wrote: Von: curl-library [curl-library-boun...@cool.haxx.se] im Auftrag von Yong Liaw [yong.l...@transmax.com.au] Gesendet: Montag, 22. April 2013 03:05 An: curl-library@cool.haxx.se Betreff: How to include sftp support in libcurl How can I include the sftp when building the libcurl? I already have libeay32.dll and ssleay32.dll in my development path. Do I need libssh2.lib as well for sftp? yes. Does this help you? ... FTPS is active with these features enabled I dont think so; he wants sftp and not ftps ... also he uses MSVC which doesnt work with configure; but probably this document helps: http://curl.haxx.se/libcurl/c/Using-libcurl-with-SSH-support-in-Visual-Studio-2010.pdf which is linked to directly from our main site at http://curl.haxx.se/ Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] Utils: Fix lost OpenSSL output with -t.
Hi Richard, On 12.04.2013 20:31, Richard Michael wrote: Tested and works well for me, thanks! great! Thanks for verifying. Nice obvious solution to close then re-open the tempfile around writing it with the new pipe. I definitely was not thinking! :-) thats kinda back to the roots ;-) if you look at the file's history you can see that I did exactly this already from the beginning - no idea why it was then removed when STDOUT came into play ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Curl - SQLite and temp files - large dentry cache
Hi Rocky, On 11.04.2013 05:40, Rocky Downs wrote: I was not able to find a mention of temporary files created by curl (indirectly it seems) anywhere, so I thought I would ask here. I also was not able to see any link to SQLite in the source code. libcurl itself doesnt make use of SQLite; but if your libcurl version is build against NSS then this might be the culprit ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Curl - SQLite and temp files - large dentry cache
On 11.04.2013 05:40, Rocky Downs wrote: Does anyone know why these temporary files are created and if there is anything I can do to avoid this? you can probably build your own libcurl using OpenSSL instead of NSS for the SSL support, and then link statically against it ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Hi Mike, On 10.04.2013 21:54, Michael-O wrote: I strongly support this approach because its clear and makes everything explicit. I would even go one step further: Add an alias for ENABLE_THREADS_WIN32 as ENABLE_ASYNC_DNS if this define is for DNS only. Threads win22 says absolutely nothing at least to me. Compile commands could be: mingw32-make mingw32-(ares|adyn|sdyn|dyn) where dyn == adyn. This would be fully backward compatible, right? no; dyn is already used to build with dynamic linking (wasnt my idea but historically already in this makefile when I entered this project); the default build is therefore a static linking of curl. I've just commited a patch which makes it now possible to build all resolver flavours without further hacking: http://svwe10.itex.at/cgit/cgit.cgi/curl.git/commit/?id=96ffe645fd2494f14780f7c105fcfeeb8ca7d94f mingw32-make mingw32-sync -- builds with synchronous resolver mingw32-make mingw32-ares -- builds with ares asynchronous resolver mingw32-make mingw32 -- builds with win32 asynchronous resolver of course feel free to use: mingw32-make mingw32-async -- builds with win32 asynchronous resolver because all options not recognized are silently ignored ... :-P in addition I've commited another small fix for the c-ares MinGW makefile in order to automatically create ares_build.h when building from Git: http://svwe10.itex.at/cgit/cgit.cgi/c-ares.git/commit/?id=2004a7a1115e25128170e40470eba8603f7080da please test if you have some cpu cycles ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: certificate verification against system cert (?) when custom CAINFO is set
On 11.04.2013 21:06, David Strauss wrote: What is the output of curl -V? The SSL/TLS library cURL is linked to has a major impact on how it performs system-level validation. air:~ dima$ curl --version curl 7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp Features: AsynchDNS GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz (that info was already in OP's initial post) Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
hi Gisle, On 10.04.2013 12:37, Gisle Vanem wrote: Guenter li...@gknw.net wrote: How can USE_THREADS_WIN32 both be defined and set to 0? The USE_THREADS_WIN32 == 0 part is superfluous AFAICS. well, simply by -DUSE_THREADS_WIN32=0 ... I think you know I already knew that. sorry; I didnt think further about, but that was just the answer to your question as I understood it; and to be 100% sure I quickly checked it with the test sample ... also I wouldnt be much surprised if the test sample would give other results with other preprocessors than the one from gcc ... Just that it's highly suspicious that it was needed. I forgot the reason behind this and possibly in some time, nobody will understand the historic reason. honestly I'm not happy with that hack, and if someone has something better in mind please speak up! Me neither. That's why I reacted on this tree-state logic. lets 1st get the pending release out of the door; the current 'logic' seems at least to work better than what we had before; and after the release we should check for a better solution like Yang suggested - but that would then cause to modify all Windows static makefiles, and a bunch of testing would then be required too (for which I have not the time ATM). Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] Utils: Fix lost OpenSSL output with -t.
Hi Richard, On 04.04.2013 11:55, Richard Michael wrote: The OpenSSL pipe wrote to the final CA bundle file, but the encoded PEM output wrote to a temporary file. Consequently, the OpenSSL output was lost when the temp file was renamed to the final file at script finish (overwriting the final file written earlier by openssl). This simple fix captures openssl command output, then write to the temporary file. --- thanks, verified and just pushed! Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Hi Mike, On 09.04.2013 20:01, Michael-O wrote: Günter, were you able to look at the Makefiles of c-ares and curl? yes, today commited two patches - one for curl and one for c-ares ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Hi Mike, On 09.04.2013 20:46, Michael-O wrote: Am 2013-04-09 20:31, schrieb Guenter: yes, today commited two patches - one for curl and one for c-ares ... Do you want to to clone from Git and test it? sure, that would be great! But remember that Daniel might at any time tag and release ... so only a short while for last-minute hot-fixes :-P the fixes are trivial: http://svwe10.itex.at/cgit/cgit.cgi/c-ares.git/commit/?id=c95041c6a1dcbd1882711a6551f957dd15f026f7 and: http://svwe10.itex.at/cgit/cgit.cgi/curl.git/commit/?id=658ec97055456f739222aa2a5719a4d403ced99a Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] Utils: Fix lost OpenSSL output with -t.
On 09.04.2013 18:08, Guenter wrote: On 04.04.2013 11:55, Richard Michael wrote: The OpenSSL pipe wrote to the final CA bundle file, but the encoded PEM output wrote to a temporary file. Consequently, the OpenSSL output was lost when the temp file was renamed to the final file at script finish (overwriting the final file written earlier by openssl). This simple fix captures openssl command output, then write to the temporary file. --- thanks, verified and just pushed! it seems that my verification was incomplete; looking again at the patch I felt that it would not work on Windows, and in fact it didnt, sigh! So I hacked up another patch which should now hopefully again work with all options *and* on all platforms ... but still what I cant get is what the motivation was for the former patch which made the script able to output to STDOUT ...?? Wasnt this script meant all the times for creating a *file* ca-bundle.crt? Hell for what reason is it good that it now can output to STDOUT? What can someone do with this output on STDOUT? Perhaps use it as CGI or what? Even then why not just send the file? /me lacks of fantasy to get this ... :-P anyway, I think I got it now working again - but someone else please please give it a try and test with different options ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Hi Gisle,
On 10.04.2013 00:07, Gisle Vanem wrote:
Thanks for fixing this. I wrote about this in this thread:
http://curl.haxx.se/mail/lib-2013-01/0131.html
earlier this year. Your patch below looks good here.
Except:
+#if !defined(USE_ARES) !defined(USE_THREADS_WIN32)
# define USE_THREADS_WIN32 1
+#elif defined(USE_THREADS_WIN32) USE_THREADS_WIN32 == 0
+# undef USE_THREADS_WIN32
#endif
How can USE_THREADS_WIN32 both be defined and set to 0?
The USE_THREADS_WIN32 == 0 part is superfluous AFAICS.
well, simply by -DUSE_THREADS_WIN32=0 ...
try this:
#include stdio.h
int main() {
#if !defined(TEST)
printf(TEST: undefined\n);
#else
printf(TEST: defined\n);
#if TEST = 0
printf(TEST: %d\n, TEST);
#endif
#endif
return 0;
}
gcc -Wall -O2 tdef.c -o tdef ; ./tdef
TEST: undefined
gcc -Wall -O2 -DTEST tdef.c -o tdef ; ./tdef
TEST: defined
TEST: 1
gcc -Wall -O2 -DTEST=0 tdef.c -o tdef ; ./tdef
TEST: defined
TEST: 0
gcc -Wall -O2 -DTEST=1 tdef.c -o tdef ; ./tdef
TEST: defined
TEST: 1
so that means if we have somewhere in the code:
#ifdef USE_THREADS_WIN32
it will be processed no matter if you define USE_THREADS_WIN32=1 or
USE_THREADS_WIN32=0, hence its needed to explicitely undef it if we see
it defined to 0 so that we are able to have both USE_ARES *and*
USE_THREADS_WIN32 undefined in order to use the syncronous DNS ...
then we must keep in mind that neither USE_ARES nor USE_THREADS_WIN32 is
defined we want keep to default to USE_THREADS_WIN32=1 , argh ..
this is necessary in order to not break previous behaviour ...
honestly I'm not happy with that hack, and if someone has something
better in mind please speak up!
Gün.
---
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] Utils: Fix lost OpenSSL output with -t.
Hi Richard, On 10.04.2013 01:15, Richard Michael wrote: Sorry you've had to spend time on this. naaa, no sorry - we thank you that you found the bug!! And even with your patch it was already better than before cause it was completely broken; with you patch it worked at least on Linux ... if you have a spare cpu cycle perhaps you can test the current version if it still works fine for ya? diff: http://svwe10.itex.at/cgit/cgit.cgi/curl.git/commit/?id=577703495e2ed11c4470f2636fae0c84f0c03bbd raw file: http://svwe10.itex.at/cgit/cgit.cgi/curl.git/plain/lib/mk-ca-bundle.pl?id=577703495e2ed11c4470f2636fae0c84f0c03bbd thanks! --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] mk-ca-bundle.pl: Fix clobbered openssl output.
On 04.04.2013 12:39, Richard Michael wrote: Output during mk-ca-bundle.pl is written to a temporary file which is renamed to the final file after the certificate processing loop terminates. When passing -t to roundtrip certificates through OpenSSL, the output from openssl is erroneously written to the final file during the loop then consequently lost when the temporary file is renamed over top of the final file. The problem becomes that both the mk-ca-bundle and the subshell write to the temporary output file. I tried autoflushing, but there's no getting around two processes writing to the same file. IPC::Run does not appear to part of a Perl standard distribution, so I didn't fix this with a bidirectional pipe/filehandle. Instead, do a simple fix capturing openssl's output, then write it to the open temporary file. Hardly worth this much discussion. ;-) well, its always good though to explain what you see happen and why your patch is needed! I'm sure that the script worked initially when I wrote it (long ago) since I did a fair amount of testing also with the -t flag; so I assume the breakage came a while ago when someone else introduced the print splitting to STDOUT / STDERR and a couple of other modifications; obviously nobody of us did test this patch with openssl ... ;-) thanks for your patch! I hope I can take a look at it this weekend ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] mk-ca-bundle.pl: 64 char wrapped PEMs
Hi Richard, On 03.04.2013 19:13, Richard Michael wrote: mk-ca-bundle currently wraps PEM certs at 76 chars. I suspect 64 chars would be more helpful, as it's consistent OpenSSL's (correct) PEM output. It's a fairly trivial issue, but it may have consequences of which I'm not aware. Any thoughts? I dont think this is worth to change; all base64 encoders/decoders I'm aware of can deal with any wrap; also its possible to let mk-ca-bundle.pl use OpenSSL for the conversion so that there should be no difference at all if you use that option - isnt this enough? The non-openssl output would anyway look other even when wraped at 64 chars than the openssl one, and thus isnt directly comarable, and certainly not diff-able with a tool. Moreover, with a multitude of certificate formats and acronyms in the SSL domain, it is useful to output consistently formatted PEM certificates such that users are not confused by different looking certificates, despite identical technical function. a holy wish ... but what I think is worth to try is convincing the author of MIME::Base64 to add a parameter / setting to the module so that one can control the wrap ;-) Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] mk-ca-bundle.pl: 64 char wrapped PEMs
Hi Richard, On 03.04.2013 23:51, Richard Michael wrote: 0/ I am primarily concerned with the format of the CA bundle file, not with the possibility of parsing the file with an encoder/decoder. I have not investigated coders other than OpenSSL, but I believe you [that they will handle 76 character wrapped PEMs]. ok, thinking twice about it you got me half convinced, and I just applied a modified patch: I added an option so that you can now set the wrap - but it still defaults to 76; I hope that makes all users then happy: those who compare a certdata generated with an older version of the script against a new one; and those who like any other wrapping (like you). 1/ (I assume you mean -t?) I did not notice, because -h does not mention OpenSSL generated output. But -- First, this grows the output file size by quite a bit. That said, I would do this for myself locally, the verbose ca-bundle content is helpful. Thank you for mentioning it. Second, the option -t is broken. The output file ( $crt) used in the TMP pipe is clobbered when the temp output file (ca-bundle.crt.~) is renamed (to $crt) at the end of the script. :-) oh! Something to fix then :-P you have another patch ready? Third, I wanted to change the default output of mk-ca-bundle. and this is something I dont want; the script lives in the source for a while now, and others may then scream that we changed it ... Do you mean that the 64 character wrapped MIME::Base64 output will not be identical to the OpenSSL PEM Base64? In the certificates I examine after my patch, the outputs were identical. Could you explain further please? ok, when you look at one single cert then the output is same I think ... a holy wish ... Not so holy! Such a user is me. :-) I was confused by 76 vs. 64 character PEMs when I was learning SSL subject matter many years ago. So again, I think it would be helpful to be consistent [with openssl and the PEM RFC] with the format of the bundle file. ok, 3/4 convinced It's an XS C file; beyond what I am willing to take on for this issue. sure, but posting a ticket with an enhancement request would be fine ... (/me too lazy ...) please check the current version if that works for ya; colored change view: https://github.com/bagder/curl/commit/8efd74de4604ba1114fa191b393f46c7395c8858 raw: https://raw.github.com/bagder/curl/8efd74de4604ba1114fa191b393f46c7395c8858/lib/mk-ca-bundle.pl Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Hi Michael, On 01.04.2013 12:37, Michael-O wrote: As a side note: when running the configure script in cygwin either for curl or c-ares the script hangs on checking types of args and return type for recvfrom... [1] Though my machine is quite old, the script runs in a decent time except that test. I really think that this is the same problem as with the DNS resolver. I doubt this since AFAICT configure doesnt make any tests over the network ... but: this test is by far really the slowest of all configure tests; I've just tested on an older box (old Cygwin on W2K3r2, P4 2.8GHz 2GB RAM) and this test took over 180 seconds; the whole configure run took: time ./configure [snip] real22m27.235s user0m46.476s sys 2m41.462s then I just tested on a more modern box (recent SuSE Linux, AMD Phenom II X4 965 8GB RAM) and even there this test took ~20 seconds where all other tests took only fracts of seconds - so here the recvfrom test took ~35% of the whole time configure needed: time ./configure [snip] real0m58.441s user0m26.424s sys 0m24.257s Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Michael, On 31.03.2013 17:18, Michael-O wrote: I am on Windows XP SP3 32 bits, I have compiled curl with MingW32 with GCC 4.5.2. you should upgrade to a newer MinGW version; in the past it turned out that exactly this version had some issues [1][2] ... Gün. [1] http://curl.haxx.se/mail/lib-2013-02/0286.html [2] http://curl.haxx.se/mail/lib-2013-02/0334.html --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Hi Gisle, On 01.04.2013 17:51, Gisle Vanem wrote: BTW. Gunter, your testspeed.bat file writes the test-file to disk and then deletes it right after. IMHO when testing just network speed, (and rule out a slow disk) you could write to the NUL-device and possibly eliminate some timing errors: curl -s -A %UAGENT% -w %OUTFMT% -o NUL %BASEURL%/%DLFILE% there's always somewhere room for improvements! Thanks very much, that's really a good idea! Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Hi Michael, On 01.04.2013 22:36, Michael-O wrote: I have created an issue for this: https://www.virtualbox.org/ticket/11663 Daniel, you may want to add this as a known issue. 1st we need to know if this is also an issue with the default windows resolver; so have you also tested with a non-c-ares build? If it only occures with c-ares then this is only an issue with this lib, but not with libcurl. Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Name lookup/DNS resolution mechanism of libcurl
Hi Michael, On 01.04.2013 23:24, Michael-O wrote: Am 2013-04-01 22:52, schrieb Guenter: 1st we need to know if this is also an issue with the default windows resolver; so have you also tested with a non-c-ares build? If it only occures with c-ares then this is only an issue with this lib, but not with libcurl. How can I know? I have compiled plain vanilla with mingw. I presume that Features: AsynchDNS is standard windows resolver. That's what Daniel wrote as first reply. yep; somehow I must have mixed this up with c-ares, sorry about! Was probably because Gisle wrote about c-ares; but again: I mixed things up! I have built now c-ares 1.9.1 with 'mingw32-make -f Makefile.m32' and tried to compile curl against it: 1. Added #define HTTP_ONLY and uncommented #define USE_ARES in config-win32.h 2. Set LIBCARES_PATH=E:\Downloads\c-ares-1.9.1 3. Finally compiled curl with mingw32-make mingw32-winssl-ares But the linking fails with: [snip] What now? oh! seems that c-ares is build static only while libcurl tries to link the dynamic one; I will look into this; probably something wrong with the makefiles Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: actual version: HTTP redirect - https target
Hi, Am 20.03.2013 19:10, schrieb Harald Latzko: curl_global_init(CURL_GLOBAL_ALL); curl_handle = curl_easy_init(); curl_easy_setopt(curl_handle, CURLOPT_URL, url); curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1); curl_easy_setopt(curl_handle, CURLOPT_FAILONERROR, 1); curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER, 0); curl_easy_setopt(curl_handle, CURLOPT_FOLLOWLOCATION, 1); curl_easy_setopt(curl_handle, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); So I would expect that the target ressource would be retrieved successfully, but I'm receiveing an HTTP 302 return code. What am I doing wrong? option params are long [1]; try: curl_easy_setopt(curl_handle, CURLOPT_FOLLOWLOCATION, 1L); Gün. [1] http://curl.haxx.se/libcurl/c/curl_easy_setopt.html --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Hardwiring the CA cert bundle
Hi Katie, Am 03.03.2013 22:10, schrieb Katie Scott: I can now compile the program so that it posts and xml file and receives the pdf as a response from the server - using https. To get it to work I built libcurl with static support for SSL (and SSH) why? If you *only* need https you also only need SSL support and not SSH. and added a #define that points to the cert bundle in the compilation of libcurl with: #define CURL_CA_BUNDLE C:\\Projects\\curl_certs That last bit is to work around a 'bug' in the Windows implementation of curl_easy_setopt(CURLOPT_CAPATH, ... That is - when I defined the fully qualified filename to the ca-bundle in the static library - it worked. I am relieved but still puzzled as to why that should be a Windows issue. Thanks again for the clues. have you tried to use forward slashes with the ca-path? F.e.: curl_easy_setopt(CURLOPT_CAPATH, c:/Projects/curl_certs) AFAICT the Windows file open APIs work also with forward slashes, and that saves you from escaping the backslashes ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: prebuilt libcurl static library for android NDK
Hi Alex, Am 27.02.2013 15:33, schrieb Alex Powell: Dear Guenter, Having just been through the process of building for Android I can happily say the Install.html document was of little useful value without much hunting around the internet, downloading all of android, mucking about with various things and eventually writing a 20 line shell script to set all the various aspects of the system up (this was for an SSL build). Most of this blame lies at the door of Android's SDK (that has a habit of changing between releases - now on 4.6 or 4.7 tools), though actually once it was clear what all the bits were for it started to go faster. Currently the help is vague, and you must *really* understand the gubbins of the NDK to have a fighting chance. I dont think so. Also I dont see that you followed any of the suggestions from INSTALL like creating the standalone toolchain and using a clean cross-compile; instead you use paths into the original NDK, muck up with a bunch of CFLAGS and LDFLAGS, etc. I dont think this is the recommend way to build a C library for Android. Look, I started same and had link-time issues as well as run-time ones, I then googled and found that these probs are very common, and a whole lot of others faced same or similar issues; then I came over a hint on Stackoverflow from someone sugegsting to create the standalone toolchain, and after I did this magically everything went smooth; I could cross-compile OpenSSL, libssh2, libmetalink and finally libcurl just fine without any issues ... so I dont think its worth to add such a script and start to confuse more developers with this; maybe that you really need such in your special case, but I currently dont believe its right to recommend such; the binaries you find on the curl website were tested by me on Android 2.3, 3.2, and 4.0.x, and run on all platforms fine; maybe I add soon also a devel-package which holds at least static libcurl and its static dependency libs (dynamic linkage is another story since you cant always install to same location on all devices; f.e. if you have R/O system partitions; thus making it hard to provide the correct *.la files). Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: prebuilt libcurl static library for android NDK
Hi Alex, Am 04.03.2013 03:51, schrieb Guenter: I dont think so. Also I dont see that you followed any of the suggestions from INSTALL like creating the standalone toolchain and using a clean cross-compile; instead you use paths into the original NDK, muck up with a bunch of CFLAGS and LDFLAGS, etc. oh, forgot to show you an example of how nicely the standalone toolchain can work if you correctly install any dependencies into that standalone toolchain and make sure that pkg-config properly works; see here for my autobuilds which use *only* the configure line as shown at the top of the logs (no CFLAGS, no LDFLAGS), f.e.: http://curl.haxx.se/dev/log.cgi?id=20130303234342-24327 Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: DarwinSSL in infinite loop when server stops arbitrarily?
Hi Nick, I've posted this already to you privately, but in case your spam filter doesnt like attachments I thought I post here again and with links ... Am 04.03.2013 02:49, schrieb Nick Zitzmann: Okay, so I did this: 1. Saved the code in your message as a text file called testserver.py 2. Exported my test server's certificate from Keychain Access as a PEM to the same folder as testserver.py, as server.pem 3. Ran the server: python testserver.py The server ran, but any time I try to connect curl to it, it connects and then hangs up during the SSL handshake, returning errSSLConnectionRefused when SSLHandshake() is called. Something similar is happening when I try connecting with OpenSSL, so it's not the engine. Am I missing a step, or how do I get this to work? I'm using Mountain Lion Server, and I'm using the stock Python interpreter with no add-ons installed. probably your server.pem is incomplete; I guess it needs cert + key in one file; I did just test this on Linux as well as on Linux and it worked on both platforms with recent curl 7.29.0 and with older one ... (for nicer output I added a \n after Hello World!, but it worked also without). Python server script + server.pem: http://svwe10.itex.at/downloads/curltest/pyhttpd.tar.gz Results from my tests: http://svwe10.itex.at/downloads/curltest/curltest.txt HTH, Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: DarwinSSL in infinite loop when server stops arbitrarily?
Am 04.03.2013 04:55, schrieb Guenter: I did just test this on Linux as well as on Linux and it whoops - should read: I did just test this on Linux as well as on Windows ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: CURLOPT_CAPATH on Windows
Hi Katie, Am 02.03.2013 18:22, schrieb Katie Scott: I ran across: The CURLOPT_CAPATH http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTCAPATH function apparently does not work in Windows due to some limitation in openssl. Is this still current? If so - can I get some clues from a Windows programmer as to how to work around that. see lib/curl_setuop.h: /* non-configure builds may define CURL_WANTS_CA_BUNDLE_ENV */ #if defined(CURL_WANTS_CA_BUNDLE_ENV) !defined(CURL_CA_BUNDLE) #define CURL_CA_BUNDLE getenv(CURL_CA_BUNDLE) #endif that means that you can either: 1) #define CURL_CA_BUNDLE /path/to/ca-bundle.crt at compiletime or 2) #define CURL_WANTS_CA_BUNDLE_ENV at compiletime and then set CURL_CA_BUNDLE=/path/to/ca-bundle.crt at runtime another option is to build libcurl with WinSSL support which uses the cert store from OS. Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: prebuilt libcurl static library for android NDK
Am 27.02.2013 12:31, schrieb Alexey Petruchik: Maybe you have newbie friendly how to build it with ndk-build? I really need libcurl on Android asap. see the docs/INSTALL file in the source tree or here online: http://curl.haxx.se/docs/install.html seach for Android ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: prebuilt libcurl static library for android NDK
Am 26.02.2013 17:20, schrieb Alexey Petruchik: Hi, everyone. Sorry for stupid question. I've downloaded curl binaries for Android from this URL: http://curl.haxx.se/gknw.net/7.29.0/dist-android/curl-7.29.0-rtmp-ssh2-ssl-zlib-static-bin-android.tar.gz. By there is no libcurl.a. Where I can get prebuilt static version of libcurl for Android? a devel package is on my TODO list for longer already ... :-P no promise, but I try to pack one around next WE ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: [PATCH] Addition of trailer headers in HTTP requests generated by libcurl
Hi,
Am 21.02.2013 09:23, schrieb Chrysovaladis Datsios:
Following are a small documentation an example code using it.
did you test your sample?
Even if it will compile and run (which I doubt) its wrong ...
int main(void)
{
...
/* Read callback function */
size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream) {
...
like with your trailer callback the read callback has to be defined
outside of main() ...
Gün.
---
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Static linking with mingw without msys (7.29)
Hi Andrew, Am 18.02.2013 19:59, schrieb Andrew Clarkin: Oops. I tried editing it but not to run it straight. The ./samples/Makefile sets the vars and then calls ./samples/Makefile.m32 ... I ran the mingw32-make and got the following output: C:\MinGW\curl\samplesmingw32-make compiling 32-bit samples ... mingw32-make -f Makefile.m32 SSL=1 SSH2=1 ZLIB=1 RTMP=1 SSPI=1 IDN=1 mingw32-make[1]: Entering directory `C:/MinGW/curl/samples' gcc -s -static -o chkspeed.exe chkspeed.o -L../lib -lcurl -lrtmp -lwinmm -lssh 2 -lssl -lcrypto -lgdi32 -lcrypt32 -lz -lidn -lwldap32 -lws2_32 ../lib\libcurl.a(mprintf.o):(.text+0xff): undefined reference to `__chkstk_ms' ../lib\libcurl.a(formdata.o):(.text+0x22b): undefined reference to `__chkstk_ms' ../lib\libcurl.a(formdata.o):(.text+0x15da): undefined reference to `__chkstk_ms ' ../lib\libcrypto.a(bss_file.o):bss_file.c:(.text+0x93d): undefined reference to `__chkstk_ms' ../lib\libcrypto.a(cryptlib.o):cryptlib.c:(.text+0x56d): undefined reference to `__chkstk_ms' ../lib\libcrypto.a(err_prn.o):err_prn.c:(.text+0x8b): more undefined references to `__chkstk_ms' follow collect2: ld returned 1 exit status mingw32-make[1]: *** [chkspeed.exe] Error 1 mingw32-make[1]: Leaving directory `C:/MinGW/curl/samples' mingw32-make: *** [all] Error 2 It feels like I'm getting closer though... I'm very grateful for any suggestions. yeah, I remember I had this same issue too with an older MinGW version (I think it was 4.5.2 or 4.6.2); you have three options: 1. try with latest MinGW again (though I didnt compile with latest but with 4.7.0) 2. try the version I've used: http://people.apache.org/~fuankg/mingw/?P=MinGW-4.7* 3. try another curl mingw-devel package which doesnt use OpenSSL but WinSSL, f.e. this one I've packed few days ago: http://svwe10.itex.at/downloads/curl-java/curl-7.29.0-winssl-sspi-spnego-zlib-devel-w32.7z HTH, Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Static linking with mingw without msys (7.29)
Hi, Am 17.02.2013 17:49, schrieb Andrew Clarkin: I have downloaded curl-7.29.0-devel-mingw32 zipfile, unpacked it and moved the contents to my mingw folder. I have done nothing else during installation as I cannot see anything else that is mentioned in the documentation that would work and some of the files mentioned do not seem to be included in the current release. (Cannot see how to use mingw32-make for installation and configure not an option.) As a test I have then tried to compile curl\samples\simple.c gcc -o simple.exe simple.c -I..\include -L..\lib -lcurldll This works fine and produces an executable. When executed I am prompted for libcurl.dll and once I add curl\bin to my system path the exectuable runs fine. So far so good. However, I want to link simple.c statically so that I don't require libcurl.dll gcc -o simple.exe simple.c -DCURL_STATICLIB -I..\include -L..\lib -lcurl This generates mutiple undefined reference errors. I have also tried linking other libraries as suggested in various posts and web pages (such as ws2_32, winmm, z) but to no avail and I'm now struggling. Can anybody please help? I feel I should be able to link statically since I can link dynamically. In particular: Is static linking possible without using msys? Is static linking possible using the setup I have (without building libcurl myself)? Am I missing something? yes, the makefiles in ./samples folder ... ;-) the issue you see is most likely that you didnt add the other bunch of dependency libs since this version is build with almost everything - hence it depends on openssl, libssh2, libidn, zlib ... just set a path to your MinGW\bin folder and then just try inside the samples dir 'mingw32-make' - that should build the samples and link them statically; if not please post exact error output here ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
RE: remove ifdefs
Hi Daniel, seems that commit a6dca9d28c5f12b3f1933b43bb30f1235dee03d4 broke the AIX builds: http://curl.haxx.se/dev/log.cgi?id=20130215022339-16943 http://curl.haxx.se/dev/log.cgi?id=20130215032231-7573 Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Anyone able to build javacurl.dll in win 7 using mingw32
Hi Allwin, Am 05.02.2013 18:57, schrieb ALLWIN JEFRED: Has anyone been able to build curl for java binding using the below code http://svwe10.itex.at/curl/curl-java/ I tried it in mingw32 using Win7 32 bit got errors that some of the library files are not found I am trying to build curl with ssl support Do i need to build any other libraries too?? This is the error message I get C:/Program Files/Java/jdk1.7.0_01/bin/javah net.haxx.curl.CurlGlue touch CurlGlue.h gcc -o javacurl.dll javacurl.o -lwsock32 -lwinmm -lcurldll -lzdll -L C:/MinGW/s rc/openssl-1.0.1c/out -L C:/Users/x/Desktop/Blog POsts/curl-7.28.1/lib - L C:/MinGW/src/zlib-1.2.7 -lssl32 -leay32 c:/mingw/bin/../lib/gcc/mingw32/4.7.2/../../../../mingw32/bin/ld.exe: cannot find *-lcurldll* c:/mingw/bin/../lib/gcc/mingw32/4.7.2/../../../../mingw32/bin/ld.exe: cannot find*-lzdll* c:/mingw/bin/../lib/gcc/mingw32/4.7.2/../../../../mingw32/bin/ld.exe: cannot find *-lssl32* collect2.exe: error: ld returned 1 exit status Makefile:110: recipe for target 'javacurl.dll' failed mingw32-make: *** [javacurl.dll] Error 1 Do I need add some more dll in mingw32 lib directory?? no. You should not add any libs into the mingw32 lib directory but instead point the compiler/linker with -L to the right path (as you can see that the Makefile.32 does already). The reason that the linker doesnt find libcurldll.a is that there is simply the path to a proper libcurl SDK missing; if you have build libcurl self then you can find this lib in the curl-7.x.y/lib folder. Then I found a couple of issues with the makefile when used with such a libcurl SDK; the original Makefile.m32 was designed to work with source trees instead. I had no time to make it really nice now, but I've hacked a bit around and made the Java binding compile and work with recent libcurl SDK from the download page: http://curl.haxx.se/gknw.net/7.29.0/dist-w32/curl-7.29.0-devel-mingw32.7z in addition I created another libcurl SDK which uses the recently introduced WinSSL instead of OpenSSL: http://svwe10.itex.at/curl/curl-java/curl-7.29.0-winssl-sspi-spnego-zlib-devel-w32.7z and here's a patched curl-java-0.2.3 package with hacked Makefile.m32 and a myset.[bat|sh] which shows you how to set the vars needed: http://svwe10.itex.at/curl/curl-java/curl-java-0.2.3-p.7z to compile simply extract the SDK and the java-curl package into a common directory (.f.e. c:/projects) and then open either a CMD shell: cd \projects\curl-java-0.2.3 myset.bat mingw32-make -f Makefile.m32 [test] or a MinGW bash shell: . myset.sh make -f Makefile.m32 [test] If you choose to use your own libcurl and OpenSSL builds then you should self copy together such a SDK which makes things way easier; also for using OpenSSL you need to uncomment some lines in the makefile (the OpenSSL Win32 lib names have changed from 0.9.8 to 1.0.x) depending on if you want to link statically or if you want to use the static lib. I have not yet fixed the trunk version since this one uses a Java namespace, and I had problems to get this properly compiled - might be this is related to the fact that I tried with an older JDK-1.5 ... if you have still problems dont hesitate to ask! HTH, Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: SSL handshake problems
Am 10.02.2013 19:37, schrieb plot.lost: What happens for curl running on other systems where OpenSSL also causes the same problem, is there anything that can be done within curl to change the OpenSSL behavior to fix this? hard to tell what are 'other systems' since I didnt read what is your ;-) (means: tell us on what OS you are seeing this issue) also have you tried to connect with the openssl cmdline tool without specifying a ssl version and if so do you see the issue there too? Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
Re: Re : Anyone able to build javacurl.dll in win 7 using mingw32
Hi Allwin, Am 10.02.2013 03:05, schrieb ALLWIN JEFRED: Did you have time to possibly look into the build issue javacurl.dll? not yet, but hopefully this evening ... Gün. --- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
