In #curl we have improved our TLS early-data support recently. Mostly @icing actually.
Today Robin and Rafel at Akamai timely blogged about how early-data speeds things up.
https://www.akamai.com/blog/edge/lightning-fast-requests-with-early-data
Recent searches
Search options
#curl
15 posts9 participants0 posts today
Welcome Zhaoming Luo as #curl commit author 1348: https://github.com/curl/curl/pull/16523
GitHublib533.c: Comment fixed by ChenW12 · Pull Request #16523 · curl/curl
Adding #curl release candidates
https://daniel.haxx.se/blog/2025/02/28/adding-curl-release-candidates/
daniel.haxx.se · Adding curl release candidatesHeading towards curl release number 266 we have decided to spice up our release cycle with release candidates in an attempt to help us catch regressions better earlier. It has become painfully obvious to us in the curl development team that over the past few years we have done several dot-zero releases in which we … Continue reading Adding curl release candidates →
I know it is often repeated, but #curl is not a one man factory:
everything.curl.devThe development team - everything curleverything there is to know about curl, libcurl and the cURL project
Replied in thread
@jayalane Code often incorporates a lot of experience that are hard to port over to another language. This is why even Rust language creators don't recommend RiiR and created good FFI mechanisms instead.
Rust is an easy choice for new projects or pieces of a modular project. But some people do push it. I've seen the #Curl developer being asked to rewrite it in Rust - without recognizing how impractical that is.
One of the challenges with supporting 28 protocols in #curl is that people expect me to know all these protocols. - I do, but to varying degrees.
Continued thread
I think #curl needs a few minor tweaks to support this really well...
Got wcurl into @fedora and am now maintaining it! 
https://github.com/curl/wcurl/releases/tag/v2025.02.24
Update builds rolling out today!
GitHubRelease v2025.02.24 · curl/wcurlAllow -o and -O to be used without whitespaces (e.g.: -oNAME).
Fix capitalization of the name of copyright owner sergiodj.
Use the standard copyright header in manpage.
Create a github workflow for...
If you use a curl built with GnuTLS (debian sid, for example), specifying --ciphers now does nothing.
But some people have need of that option to work. Here you can chime in on how it should be supported:
GitHubTLS ciphers and GnuTLS priorities · curl curl · Discussion #16364Some people migrating from curl+openssl to a curl+gnutls notice that their --ciphers arguments simply are ignored. First, this is documented and not a bug. Fine. But some of these users have a need...
A year ago the third #curl security audit completed, that time covering our HTTP/3 implementation.
It revealed **no** major discoveries or security problems.
https://daniel.haxx.se/blog/2024/02/23/curl-http-3-security-audit/
daniel.haxx.se · curl HTTP/3 security auditAn external security audit focused especially on curl's HTTP/3 components and associated source code was recently concluded by Trail of Bits. In particular on the HTTP/3 related curl code that uses and interfaces the ngtcp2 and nghttp3 libraries, as that is so far the only HTTP/3 backend in curl that is not labeled as experimental. … Continue reading curl HTTP/3 security audit →
Replied to daniel:// stenberg://
@bagder Or on average a net about +17 SLOC per day.
Because everyone knows More Code Is Better, and We Must Count The Kay-Locks! It's the Kay Pee Eye!
(KLOC, KPI)
#curl predecessor httpget 0.2 from around 1996/1997 is 165 lines. Needless to say, it has multiple critical security vulnerabilities. How many can you spot?
If you build it on a modern system and want to try exploiting it in true 90s fashion, be sure to turn off address space layout randomisation (ASLR).
GitHubhttpget/httpget-0.2.c at master · curl/httpgetHistoric versions of httpget source code. Contribute to curl/httpget development by creating an account on GitHub.
Sunday surprise!
A friend of mine found an old email from me dated January 17 1997
Attached in this mail was the #httpget 0.2 source code. Previously believed to be lost, now the oldest httpget code I have.
165 lines long. 110 lines code, 30 lines comments, 25 blank lines.
This morning, #curl was 174,854 lines of code, not counting blank lines but comments.
1248 times larger over 28 years.
#curl website traffic Feb 2025
Data without logs sure leaves us open for speculations.
https://daniel.haxx.se/blog/2025/02/22/curl-website-traffic-feb-2025/
daniel.haxx.se · curl website traffic Feb 2025Data without logs sure leaves us open for speculations. I took a quick look at what the curl.se website traffic situation looks like right now. Just as a curiosity. Disclaimer: we don't log website visitors at all, we don't run any web analytics on the site so we basically don't know a lot of who … Continue reading curl website traffic Feb 2025 →
The #curl feature window is now open. Go go go.
curl.seCurl: Feature window: OPEN
Sometimes people think #curl is a simple little HTTP tool, while in reality there's a whole internet transfer machine in there supporting 28 protocols.
Wait, what? 
#curl can send email? Damn... @bagder I'm impressed (not that I didn't expected that), curl just keeps on giving. 
curl --url "smtp://$SMTP_SERVER:$SMTP_PORT" \
--ssl-reqd \
--mail-from "$SMTP_USER" \
--mail-rcpt "$EMAIL" \
--upload-file "$LOG_FILE" \
--user "$SMTP_USER:$SMTP_PASSWORD" \
--insecure
How I create and maintain RELEASE-NOTES for #curl: live-streamed tomorrow.
It was mostly implied from my how I do releases video, so I figured I could show a little more from how the sausage is actually made.
Should be a fairly brief one. At 10:00 CET tomorrow Friday over at https://www.twitch.tv/curlhacker as usual.
Twitchcurlhacker - TwitchI'm Daniel Stenberg, maintainer and lead developer in the curl project. I stream curl related stuff. Release presentations, curl development and related topics.
As amusing as it is, the pillow quote is not correct though. #curl is my full-time gig since over six years now.
This is what I do: https://daniel.haxx.se/job.html
daniel.haxx.seMy job: full-time curl developerDocumentation and ramblings of Daniel Stenberg, founder and lead developer of curl.