On Fri, 2 Aug 2019, Mike Crowe via curl-library wrote:
I've managed to reproduce the problem against our Squid proxy with the the
curl command line tool in the current state of master:
curl --proxy http://proxy:3128/ --anyauth http://unittest:password@host/
And you're using curl 7.65.3 ?
--
Hi,
As of today, we count no less than 2000 contributors who have helped out
making curl into what it is today.
Thank you everyone!
https://daniel.haxx.se/blog/2019/08/01/2000-contributors/
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
|
Hi friends,
curl up is our annual low key curl developers conference. We do it once a year
and the public vote says the spring is still the best time. We've been between
20 and 30 persons each year.
We're now thinking of hosting curl up in Berlin in May 2020. (*thinking* being
the operative
Hey team,
I have PR #3803 [1] queued up that I'm looking for some thumbs up or down on.
The problem it addresses:
A user sets CUSTOMREQUEST to a string and enables FOLLOWLOCATION. When
libcurl follows a redirect, it will use the CUSTOMREQUEST even in the
susequent followed-to URL which in
On Wed, 31 Jul 2019, Dipak B via curl-library wrote:
- What are the steps to initialise libcurl without CURL_GLOBAL_SSL? Could
not find answer to this after spending time on this.
Since 7.57.0, CURL_GLOBAL_SSL has no meaning for libcurl. And before that, it
wasn't clearly documented what it
On Tue, 30 Jul 2019, Dipak B via curl-library wrote:
Can you please help me with the following question?
How do I use libcurl in FIPS mode?
libcurl has no special provisions for FIPS. If any source code changes or
function invokes are necessary, you need to make them.
OpenSSL FIPS support
On Tue, 30 Jul 2019, Alfred Eisenberg (aeisenbe) via curl-library wrote:
Does the latest curl library fully support resume of interrupted uploads to
SMB shares?
I don't think it does. I find no references to resume at all in the lib/smb.c
source code... :-(
--
/ daniel.haxx.se | Get the
On Tue, 30 Jul 2019, Christopher Head via curl-library wrote:
When I saw the sentence, “If no extra file descriptors are provided and
libcurl has no file descriptor to offer to wait for, this function will
return immediately,” in the documentation, I originally thought this meant
if there are
On Mon, 29 Jul 2019, m brandenberg via curl-library wrote:
This function works identically to curl_multi_wait() - EXCEPT - for the
case when there's nothing to wait for internally, as then this function
will by itself wait for a "suitable" short time before it returns.
So 'wait' polls and
Hi team,
Very soon after we introduced curl_multi_wait() I realized it had an awkward
behavior that makes it tricky to use at times. Today I wrote up an initial
proposal for a drop-in function replacement that probably is more what
application authors actually want and need - and some
On Thu, 25 Jul 2019, Taras Kushnir wrote:
(Please stop the top-posting, it is highly confusing)
Resume code originates from
https://curl.haxx.se/libcurl/c/ftpuploadresume.html
Right, but then it wasn't libcurl doing it, it was your application...
--
/ daniel.haxx.se | Get the best
On Wed, 24 Jul 2019, Taras Kushnir wrote:
I disabled UPLOAD_BUFFERSIZE and after upgrade 3 different users reported
that now they upload without issues (libcurl 7.65.3).
That certainly indicates we have a bug in there somewhere...
The thing is that libcurl uploads whole file (confirmed by
On Tue, 23 Jul 2019, Amit wrote:
I have added the changes under compile time switch (HAVE_SOCKET) to fix
compilation on Windows.
I think you meant HAVE_SOCKETPAIR ?
But also, you reintroduced several of the code style fixes. I propose you run
'make checksrc' to have the build point out
On Mon, 22 Jul 2019, Amit wrote:
I have done the changes as per your suggestion - that is, to create socket
pair during async thread initialization, return the read socket fd to client
application and write dummy data to signal client that socket is readable.
I did the testing on version
On Fri, 19 Jul 2019, Taras Kushnir wrote:
I didn't investigate curl commandline tool upload time on my machine since
for me priority #1 is to fix upload errors of users of my app (since they
will just stop using it for upload). I will do so right after finding some
solution to this problem.
On Fri, 19 Jul 2019, Taras Kushnir wrote:
On the same machine at the same time, app with libcurl 7.57 uploads without
timeout and app with libcurl 7.65 and UPLOAD_BUFFERSIZE change uploads with
timeout.
And how long did the uploads take in both these cases? Was the timeout always
the
On Fri, 19 Jul 2019, Daniel Jeliński wrote:
Here's what we found in the logs:
18:54:41.002 T#12216 Connectivity::my_trace - "== Info: We are
completely uploaded and fine"
18:54:41.002 T#12216 Connectivity::my_trace - "== Info: Remembering we
are in dir \"\""
18:54:51.012 T#12216
/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
Chih-Hsuan Yen, Daniel Stenberg,
(2 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues
On Thu, 18 Jul 2019, Daniel Jeliński via curl-library wrote:
As for the connection timeout, it appears to be a well known problem with
FTP on slow connections with oversized buffers. I just found a 10 year old
message describing what looks like the same problem:
On Thu, 18 Jul 2019, Christian Schmitz wrote:
I seem to have broken the progress meter output! :-/
But only for the tool, right?
So libcurl users can ignore it?
The default progress meter is displayed by libcurl itself so it affects all
applications that use it but yeah, it is probably
Hey,
I'm proposing a 7.65.3 release within shortly due to this:
https://github.com/curl/curl/issues/4122
I seem to have broken the progress meter output! :-/
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
| Private help, bug fixes, support,
On Thu, 18 Jul 2019, Mac-Fly wrote:
I understand the point of you question. Hence I am running 2 Open-Source
projects myself (one is quite large) and hardly find the time for requests
in their feature and bug trackers. If by any chance possible, I would prefer
that a member of the CURL team
On Wed, 17 Jul 2019, Mac-Fly via curl-library wrote:
thanks for asking. Yes - its for better representation in an UI where the
long string that curl_version() returns is not well suited. (Imagine a
list/table together with other libs.) I could RexEx this string though. But
as the other libs
ris, Bjarni Ingi Gislason,
Brian Carpenter, Caleb Raitto, Christopher Head, Cliff Crosland,
Daniel Gustafsson, Daniel Stenberg, Gaël Portay, Gergely Nagy,
Giorgos Oikonomou, Gisle Vanem, Jakub Zakrzewski, James Brown, Jan Chren,
jonrumsey on github, Juergen Hoetzel, Koen Dergent, Kunal Eka
On Tue, 16 Jul 2019, Taras Kushnir via curl-library wrote:
The reason why I’m asking this is the following: I got reports from users
that my app “uploads very slowly” so I started this investigation. Default
upload code heavily (like x3-x4 on my machine) underperforms FileZilla
upload and
On Tue, 16 Jul 2019, Amit wrote:
I don't actually advocate using 100ms all the time. It needs to be shorter
at first and then increase over time. curl_multi_timeout() return such
timeouts.
Thanks, will use curl_multi_timeout() instead of fixed 100 msec
timer.
Just note that
On Tue, 16 Jul 2019, Amit wrote:
1> During testing, I have seen that DNS is getting resolved in 40 msec but
request is going out of the box only in the next poll iteration. Since there
are other high priority tasks running in the system, sometime this 100 msec
timer event is getting processed
On Mon, 15 Jul 2019, Amit via curl-library wrote:
I would like to seek your opinion/thoughts if it is good idea to re-use the
existing callback to notify the client about DNS resolution ?.
I don't think that sounds like a good idea, no.
To me it sounds like you're looking to patch libcurl
Hi team,
Recently I've talked to some users who, independently of each other, have
brought up or touched the idea of (easier) async transfers with libcurl.
The easy interface is fine and yeah, easy, but synchronous, and the multi
interface is powerful and non-blocking and all but not always
On Thu, 4 Jul 2019, Linos Giannopoulos via curl-library wrote:
Therefore, I would propose to remove CURLPROTO_GOPHER from the default value
of CURLOPT_REDIR_PROTOCOLS
P.S: The same holds for other protocols such as CURLPROTO_DICT
I approve.
But how about instead discussing what protocols
On Fri, 28 Jun 2019, Chris Murphy via curl-library wrote:
Upstream bug tracking this problem, the developers say the segfault is
happening in libcurl and to ask about it here.
https://github.com/flatpak/flatpak/issues/2977
Downstream bug contains gdb backtrace that I can't parse, but it's the
On Thu, 27 Jun 2019, Robert NEMKIN wrote:
Hope I'm right, but bind() is for server/receiving sockets. I want to bind
to a specific interface as client socket.
It's the same bind() call. No setsockopt for this.
I know, that setsockopt is thread safe according to the POSIX standard. But
is
On Thu, 27 Jun 2019, Robert NEMKIN via curl-library wrote:
I don't know if setsockopt bind address is thread-safe?
Assuming you speak of Linux, I certainly presume bind() is thread-safe. But
your way of saying this makes me curious. Why do you call it setsockopt bind
address? Where exactly
On Fri, 11 Jan 2019, Daniel Stenberg via curl-library wrote:
Back in January we got this response from the Software Freedom Conservancy:
Conservancy's Evaluation Committee really likes curl and would like us to
move forward.
Time passed and in spite of several new prope emails from me, we
On Tue, 25 Jun 2019, Praveen Pvs wrote:
Wanted to open a socket using COM library and pass that FD to CURL for
communication pass so that COM library that we have takes care of the
loading keys/cert and does the handshakes.
...
Now i am seeing that, CURL also trying to do handshake and it
On Fri, 21 Jun 2019, Praveen Pvs wrote:
using which TLS backend?
It would be auto negotiated. TLS1_2 support is there
I meant backend as in TLS library. Based on your error texts I assume OpenSSL.
But based on your error message:
Curl Error Buffer: unable to set private key file:
Windows OpenSSL engine code injection
=
Project curl Security Advisory, June 24th 2019 -
[Permalink](https://curl.haxx.se/docs/CVE-2019-5443.html)
VULNERABILITY
-
A non-privileged user or program can put code and a config file in a known
On Fri, 21 Jun 2019, Stephan Szabo via curl-library wrote:
We're starting to maintain an internal cross-compiled port for libcurl and
we've started getting tests running using the split client/host support in
runtests, but we had a question about the feature checking done by the
script.
On Thu, 20 Jun 2019, Praveen Pvs via curl-library wrote:
I am experiencing error code 58 when i try to set the SSL certificate in my
code.
Which libcurl version?
using which TLS backend?
on what platform?
Did you try converting and using the key in PEM format?à
--
/ daniel.haxx.se | Get
On Tue, 18 Jun 2019, * * via curl-library wrote:
Sending an HTTPS GET request with that code produces error
CURLE_PEER_FAILED_VERIFICATION (60) with the error message "Cert verify
failed: BADCERT_NOT_TRUSTED". So, obviously the certificates are not
properly taken into account during the TLS
On Tue, 18 Jun 2019, Siarhei Siniak wrote:
Yeah, vcpkg is using 1.0.2 openssl:
...
Daniel, coud you please send me the link about these openssl requriements?
https://curl.haxx.se/libcurl/c/threadsafe.html is our main docs for what to
think about to use libcurl multi-threaded.
The
On Tue, 18 Jun 2019, Siarhei Siniak via curl-library wrote:
I'm experiencing a rare segmentation fault within libcurl method.
A stack trace is as follows:
#0 0x7f6f80308b98 in getrn () at lib.so
#1 0x7f6f80308ffd in lh_delete () at lib.so
#2 0x7f6f8030a0b1 in int_thread_del_item
On Sat, 15 Jun 2019, Thomas Gamper via curl-library wrote:
As I was working on a script to automate the nmake based build of libcurl, I
noticed that the installation directory for the built files is hardwired.
Would the attached patch, that allows one to supply a install prefix, be
considered
On Fri, 14 Jun 2019, Magdy, Marco wrote:
I've created a PR [2] that fixes the problem and passes the unit tests.
I noticed you also closed it again, but the reasoning surprised me.
- you withdrew it after you noticed the speedcheck call in the TOOFAST state,
but in your use case surely
On Thu, 13 Jun 2019, Magdy, Marco wrote:
I'm a little confused. The commit SHA(s) you referenced above show disabling
poll on MacOS. And the problem does _not_ happen on MacOS.
Sorry, I was confused and mixed up your issue with another one when I
responded!
So, it seems that poll is the
On Thu, 13 Jun 2019, Magdy, Marco via curl-library wrote:
timeout to 0 and relying on the low-speed-time and low-speed-limit options
to determine if a connection has stalled.
...
However, we're encountering a problem (that happens 50-ish% of the time)
when the connection is lost; we see
On Wed, 12 Jun 2019, Marcel Raad via curl-library wrote:
I've never seen a test run with test 307 enabled. The precheck checks for
"openssl" in "curl -s --engine list".
I don't think I've seen it run for a long time either!
The precheck is there because the test cases uses that openssl
On Wed, 12 Jun 2019, Christian Schmitz via curl-library wrote:
One of the issues I see with 7.65.x is the server response timeouts we see
with SMTP:
...
Has anyone seen that?
I have not. How can we reproduce? If there's a way, please submit it as an
issue on github so that we don't lose
On Fri, 7 Jun 2019, Daniel Stenberg via curl-library wrote:
I'm inclined to just not allow any features at all in this cycle.
The segfaults should/might be fixed now.
Still, let's keep the feature window closed for this cycle to really make sure
we stop the boat from rocking and get back
On Wed, 5 Jun 2019, Alan Jones via curl-library wrote:
How can I use the cURL SMTP interface in conjunction with the RFC1830
extension? I.e. be able to send large binary MIME messages introduced with
the BDAT keyword in place of DATA?
libcurl's SMPT code uses 'DATA' only. But if this BDAT
On Wed, 5 Jun 2019, Richard Alcock via curl-library wrote:
CURLOPT_CAINFO option is ignored. Refer to
https://curl.haxx.se/docs/ssl-compared.html
I think this reference is unfortunate and should be removed. This man page
should be stand-alone and contain all the necessary information by
On Wed, 5 Jun 2019, Kamil Dudka via curl-library wrote:
That is not how I understood the question. I thought that YES was reserved
for people who maintain some publicly available CI infrastructure for
upstream curl, something on https://curl.haxx.se/dev/builds.html or
Github-based CI.
On Wed, 5 Jun 2019, Jeffrey Walton wrote:
For next year's survey I would be interested to know what percentage of the
folks who build cURL from sources run the self tests before installation
(re: Building curl). It is merely a a curiosity of mine.
I can already guess: a very tiny portion of
ut help, code, reports and
advice from friends like these:
Benbuck Nason, Carlos ORyan, Daniel Stenberg, Dave Reisner,
dbrowndan on github, dkwolfe4 on github, Edmond Yu, elsamuko on github,
Eric Wu, Frank Gevaerts, Gisle Vanem, Hubert Kario, Jonas Vautherin,
Josie Huddleston, Kunal Ekawde
On Tue, 4 Jun 2019, Carlos ORyan via curl-library wrote:
I guess the bottom line is: should I use different locks for different kinds
of data in the same CURLSH* handle?
Yes. Each kind should have its own lock since they will be locked/unlocked
totally independently of each other.
And if
Hej!
I've finally managed to sum up what 732 users told us in this year's survey:
https://daniel.haxx.se/blog/2019/06/04/curl-user-survey-2019-analysis/
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
| Private help, bug fixes, support,
On Tue, 4 Jun 2019, Kunal Ekawde via curl-library wrote:
I used curl-master as of 3rd June (wanted to verify a bug #3904), although
now original core dump is not seen, after few transfers application is not
processing new messages and seem to be taking 100% CPU. I need to check if
its libcurl
On Mon, 3 Jun 2019, Badari Prasad via curl-library wrote:
Does libcurl DNS resolver (native DNS resolver, not using c-ares) support
fetching port numbers for a domain using srv query ?
libcurl doesn't support SRV records (or URI records) at all, no matter which
resolver is used.
The
On Fri, 31 May 2019, ashish yadav via curl-library wrote:
I am looking for version of libcurl which support TLS v1.2. Could anyone
please help me in that ?
I'm pretty sure all libcurl versions released the last 10 years or so do as
long as you build it with a TLS library that supports it.
On Wed, 29 May 2019, Stefan Eissing via curl-library wrote:
Libcurl version: 7.52.1-5+deb9u9 + some patches.
I think there have been improvements since then. A curl dev might know.
I just want to underscore that Stefan is entirely correct here. We've done
numerous fixes to HTTP/2 and
On Sat, 1 Jun 2019, Kunal Ekawde via curl-library wrote:
If we have both HTTP/1.1 and HTTP/2.0 transfers happening over same multi
handle (can it not ?) ,
Yes it can.
can we safely set CURLPIPE_MULTIPLEX for CURLMOPT_PIPELINING.
Yes you can.
We don't want to have HTTP1.1 pipelining but
On Wed, 29 May 2019, Daniel Stenberg via curl-library wrote:
I'll assess the situation and get back with a new release date.
New release date for 7.65.1 is Wednesday June 5. That's a full week later than
first planned but gives us time to not rock the boat immediately before the
release
On Wed, 29 May 2019, Niall O'Reilly via curl-library wrote:
I'm not sure whether posting to this list is the right thing to do;
apologies if not.
Seems like the exact right thing to do!
The DEfO project (https://defo.ie) has work in progress to integrate
prototype OpenSSL support for ESNI
Hey,
I was about to release 7.65.1 this morning, but I won't.
We had too many changes land just in the last hours and we've discovered a new
segfault[3961] in the CI builds that we need to have under control first
before I can do a release I can firmly stand behind.
3961 =
Hello cURL community!
(consider this a one-time mail only, I will not repeat this on these mailing
lists again)
As I am now part of the wolfSSL family (which we all are thrilled about!), we
at wolfSSL would like to open our arms to the entire cURL community and let
you know that commercial
Hi,
I just want to prematurely say that we DO NOT open the feature window tomorrow
when I will upload 7.65.1.
The amount of bug-fixes we have managed to merge just these last 6 days since
7.65.0 is huge (22 and counting). We need to hold off and see that we don't
get any new alarming bugs
On Mon, 27 May 2019, Marcel Raad via curl-library wrote:
the HAProxy tests 1455 and 1456 have been failing with proxy support disbled
since commit
https://github.com/curl/curl/commit/e91e48161235272ff485ff32bd048c53af731f43#diff-72ee0eef31d053c9e6d4fb22e81d2407R1700.
Unfortunately, they are
On Sat, 25 May 2019, Daniel Gustafsson wrote:
I favor option D (with the commit message clearly stating that the revert
isn’t due to the commit in itself, but due to proess).
Thanks Ray and Daniel. I've now reverted the SASL authzid commits by merging
Ray's commit for it. We'll get them back
Hi team,
The curl user survey will be taken offline at the Euro midnight tomorrow.
Please give us your input before then!
https://daniel.haxx.se/blog/2019/05/13/the-curl-user-survey-2019/
This is the primary way for us to get user input and feedback about what you
features you are
On Sat, 25 May 2019, Jeffrey Walton wrote:
7.65.1 seems more natural to me. But I appreciate the need to adhere to
policies and procedures.
Are you allowed to label it "experimental" to sidestep the min version bump?
Yes, good point, I figure that could also be an option. But it also feels
On Sat, 25 May 2019, Jeffrey Walton wrote:
We already merged support for CURLOPT_SASL_AUTHZID (and the accompanying
--sasl-authzid), more or less accidentally.
Forgive my ignorance... Did this break an ABI? Or did it break something
that already exists? Or did it add additional
On Sat, 25 May 2019, Ray Satiro wrote:
I prefer either of A) branch off and revert; or D) revert in master. My
suggestion is if you are going to revert then roll them up into 1 like I did
rather than have 5 reverts. I think it's clearer that way if you're reading
the history to see what
On Fri, 24 May 2019, Ray Satiro via curl-library wrote:
See upstream/jay/test [1] for a combined reversion. I also tested reapply
with cherry-pick if you want to do it all in master instead (in other words
revert then release then cherry pick).
Right, doing it all in master is also an
On Wed, 22 May 2019, Scott Ellentuch via curl-library wrote:
Would have been nice to manipulate in memory AND write out when closed. :) I
might just have to do all cookie handling in program. Not terrible, but just
wanted to see if there was an alternative.
libcurl offers the
Hi,
Due to the number of tiny annoying glitches in the 7.65.0 release, we'll ship
a follow-up release on Wednesday. Hold off all feature merges until then
please.
We already merged support for CURLOPT_SASL_AUTHZID (and the accompanying
--sasl-authzid), more or less accidentally.
Should
On Thu, 23 May 2019, Nicolas Roeser via curl-library wrote:
| This function may be called with zero bytes data if the transferred
| file is empty.
Ahh, good to know. But _still_, I am not sure whether the function may be
called with 0 bytes _if the transferred file is *not* empty._
I think
On Wed, 22 May 2019, Daniel Stenberg via curl-library wrote:
I suspect one of these options --disable-proxy, --disable-crypto-auth and
--disable-cookies is what makes curl set an option that now returns an error
instead of being silently accepted and ignored.
I could add that since neither
On Wed, 22 May 2019, Marcel Raad wrote:
I agree. My HTTP-only OpenSSL autobuild (
https://curl.haxx.se/dev/log.cgi?id=20190522044629-2216) is also broken
because of " curl: (48) An unknown option was passed in to libcurl", but I
haven't had time to take a closer look yet.
I suspect one of
Hi,
We've already seen a few bugs and pull-requests popping in to fix quirks in
the 7.65.0 release.
Due to this, I think we should consider doing a follow-up patch release within
a week or so where these are addressed. This shouldn't warrant any need to
move any other release dates or
d on May 22 2019, coordinated with the publication of
this advisory.
CREDITS
---
Reported by l00p3r. Patch by Daniel Stenberg
Thanks a lot!
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
| Private help, bug fixes, support, por
nated with the publication of
this advisory.
CREDITS
---
Reported by Wenchao Li. Patch by Daniel Stenberg
Thanks a lot!
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
| Private help, bug fixes, support, ports, new features
ttest on unsupported platforms [20]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
Aron Bergman, Brad Spencer, cclaus
Hi,
We're just finalizing the last few things on the release and it is scheduled
to ship tomorrow.
I will live-stream this event on twitch starting 08:30 (UTC+2) and go over the
news and some of the bug-fixes I think are most noteworthy. Also a good time
for me to address your questions if
On Mon, 13 May 2019, Daniel Stenberg wrote:
https://daniel.haxx.se/blog/2019/05/13/the-curl-user-survey-2019/
We're approaching 400 responses. Please consider giving us YOUR point of view
as well. The survey will be up for another week.
This is the primary way for us to get user input
On Fri, 17 May 2019, Jonas Vautherin via curl-library wrote:
I have been trying to cross-compile curl for iOS, using leetal's toolchain
[1] (and another, similar one that has the same issue).
When building for the "Xcode" cmake generator (cmake -G Xcode <...>), curl
build successfully. But
On Wed, 15 May 2019, ravi prakash Bajpai via curl-library wrote:
In Curl_socket_check we are passing *timeout_ms* value in argument .
In what cases it can wait for more then 2 min.
What do you do to make this happen? On what platform? Which libcurl version
and what libssh2 version?
#1
On Wed, 15 May 2019, Daniel Gustafsson via curl-library wrote:
Agreed, +1 on marking as deprecated.
I note there are Daniel x 3 in favor! =)
I filed a PR for step 1: https://github.com/curl/curl/pull/3888
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
On Wed, 15 May 2019, Iftekhar via curl-library wrote:
I have a Linux based machine and want to use https in that machine, I do app
development for that machine on windows using eclips c/c++. I am looking for
header and library file(.SO) to support http and https. It will be a
great help
Hi,
The polarssl TLS library has not had an update in over three years. The last
release was done on January 7 2019 [1]. That library has been superceded by
the mbedtls library, which is the current incarnation of it.
In curl we support both, with two separate implementations.
I propose
On Sun, 12 May 2019, Kunal Ekawde wrote:
Ok, I shall try to update to 7.64.1 but that would take sometime to
integrate, sanitize and load run.
Note: I don't think upgrading will fix this particular issue.
but using this patch resulted in trap #2. Based on trap #2 backtrace,
I didn't
On Mon, 13 May 2019, Ray Satiro via curl-library wrote:
COMMON="-fsanitize=address,undefined -fno-sanitize-recover
-fno-omit-frame-pointer -Wformat -Werror=format-security
-Werror=array-bounds -g"
CPPFLAGS="${CPPFLAGS:-}" \
CFLAGS="${CFLAGS:-} $COMMON" \
CXXFLAGS="${CXXFLAGS:-} $COMMON" \
On Mon, 13 May 2019, Daniel Stenberg via curl-library wrote:
(and yes, I will repeat this request a few times over the next two years
during which the survey will be up)
Hm no, hehe, I meant two *weeks*...
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
Hi all,
Please take a few minutes off your busy schedule and tell us how you use curl,
what you're missing in curl and what we should add to curl in the future!
You find the link to the survey here:
https://daniel.haxx.se/blog/2019/05/13/the-curl-user-survey-2019/
Thanks!
(and yes, I
On Sat, 11 May 2019, Kunal Ekawde via curl-library wrote:
I'm using libcurl - 7.64.0 with nghttp2 for http2 call flow. For http/1.1
this crash is not seen.
I recommend using 7.64.1!
I tried with following fix:
/* the socket can be shared by many transfers, iterate */
for(e =
Hi team,
I just want to point out that I'll soon publish this year's edition of the
curl user survey. I'm curious if anyone has any thoughts on questions or data
that we should add or change this year?
The analysis of the 2018 edition can be found here:
Hi,
I just wanted to highlight the fact that we just merged updated documentation
and updated the information on the hackerone page [1] about our bug bounty.
Thanks to Dropbox, we can now offer up to 32,000 USD in reward money if you
manage to find a security issue in curl that is graded
On Wed, 8 May 2019, Kristoffer Gleditsch (kgledits) via curl-library wrote:
After https://github.com/curl/curl/pull/3618 and
https://github.com/curl/curl/pull/3598, we started getting '* Closing
connection 0' messages on STDERR when curl_multi_cleanup() closes the
connections in the
On Wed, 8 May 2019, surya chandrika via curl-library wrote:
But am not sure why certificate with correct hostname is not recognized
from uploaded certificate.
The problem is that you connect to hostname XYZ but the certificate provided
by this XYZ doesn't list that name as one of names the
On Sat, 4 May 2019, Aron Bergman wrote:
But why? Can you show us what benefit this brings to anyone?
As stated in the first mail, this will make it possible to use protocols
which doesn’t use the authority component. I don’t think that any of the
protocols that cURL currently implements
On Thu, 2 May 2019, Christopher Head via curl-library wrote:
CURLOPT_RANGE specifically as far as I know is only supposed to be
used for download, not upload (can anyone confirm?)
And yet, looking at the source code, there are explicit conditionals to
check for CURLOPT_RANGE and turn it into
801 - 900 of 8081 matches
Mail list logo
