romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-16 19:06:24 +03:00
Code Issues Projects Releases Packages Wiki Activity
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features
38636 commits 20 branches 229 tags 262 MiB
Find a file
Daniel Stenberg 11df1251e5
snpego_sspi: preserve distinction btw policy-only and uncond delegation 
CURLOPT_GSSAPI_DELEGATION exposes distinct modes:
CURLGSSAPI_DELEGATION_POLICY_FLAG is documented as delegating only when
OK-AS-DELEGATE policy permits it, while CURLGSSAPI_DELEGATION_FLAG is
unconditional. The new SSPI implementation checks for either bit and
sets ISC_REQ_DELEGATE, so a caller requesting policy-limited delegation
is put on the same SSPI path as unconditional delegation.

In addition, curl's existing protection that avoids reusing a connection
when the GSS delegation setting differs was guarded only by HAVE_GSSAPI;
SSPI-only builds now have an effective delegation option, but the
connection's delegation setting was neither copied nor compared. This
would cause Windows SSPI Negotiate/Kerberos authentication to delegate
credentials contrary to the caller's selected policy or reuse an
already-delegated authenticated connection for a transfer that requested
no delegation.

Follow-up to cc6777d939

Reported by Codex Security
Closes #21583
2026-05-13 14:34:08 +02:00
.circleci runtests: detect bad libssh differently for test 1459 (fixing CircleCI libssh job) 2025-11-16 23:28:44 +01:00
.github GHA: (re-)enable SMB in a few builds 2026-05-12 14:53:48 +02:00
CMake cmake: export/forward NGTCP2_CRYPTO_BACKEND 2026-05-11 21:53:39 +02:00
docs curl: named globs in output file name for upload glob references 2026-05-13 10:07:50 +02:00
include RELEASE-NOTES: synced 2026-05-06 09:19:12 +02:00
lib snpego_sspi: preserve distinction btw policy-only and uncond delegation 2026-05-13 14:34:08 +02:00
LICENSES spacecheck: check long lines and repeat spaces, fix fallouts 2026-03-25 11:02:08 +01:00
m4 gnutls: allow building with nettle 4.0 2026-05-12 03:54:24 +02:00
projects build: link bcrypt.lib via vcxproj files 2026-04-20 16:29:25 +02:00
scripts delta: harden external command invocations 2026-05-11 22:05:29 +02:00
src tool_urlglob: check glob use before access 2026-05-13 13:12:10 +02:00
tests creds: add sasl service name 2026-05-13 14:04:17 +02:00
.clang-tidy.yml clang-tidy: enable more checks, fix fallouts 2026-04-14 02:20:16 +02:00
.dir-locals.el copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
.editorconfig .editorconfig: add 2025-09-02 08:36:40 +02:00
.git-blame-ignore-revs copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
.gitattributes buildconf: remove 2026-04-04 11:35:24 +02:00
.gitignore build: drop the winbuild build system 2025-09-20 01:20:25 +02:00
.mailmap tool: fix two more allocator mismatches 2026-03-30 16:17:42 +02:00
acinclude.m4 configure: tidy up comments 2026-04-10 23:19:41 +02:00
appveyor.sh appveyor: bump to OpenSSL 3.6 2026-04-22 09:29:05 +02:00
appveyor.yml CI: set DO_NOT_TRACK=1 2026-04-23 11:22:35 +02:00
CHANGES.md CHANGES: fix typo in filename 2026-01-01 12:20:10 +01:00
CMakeLists.txt cmake: export/forward NGTCP2_CRYPTO_BACKEND 2026-05-11 21:53:39 +02:00
configure.ac configure: tidy up comments 2026-04-10 23:19:41 +02:00
COPYING COPYING: bump copyright year range to 1996 - 2026 2026-01-08 23:19:44 +01:00
curl-config.in autotools: tidy-up if expressions 2025-12-10 22:29:19 +01:00
Dockerfile Dockerfile: update debian:bookworm-slim Docker digest to 67b30a6 2026-05-09 15:33:09 +02:00
GIT-INFO.md REUSE: add copyright header to two files 2025-11-03 16:08:52 +01:00
libcurl.pc.in configure: do not echo most inherited LDFLAGS to config files 2024-11-14 09:55:45 +01:00
Makefile.am rtmp: drop support 2026-03-21 14:56:06 +01:00
README BUG-BOUNTY.md: we stop the bug-bounty end of Jan 2026 2026-01-26 08:26:28 +01:00
README.md rtmp: drop support 2026-03-21 14:56:06 +01:00
RELEASE-NOTES THANKS-filter: update 2026-05-13 00:43:27 +02:00
renovate.json renovate: use standard bump formula for OpenSSL 2026-04-15 10:17:33 +02:00
REUSE.toml badwords: avoid 'simply' 2026-03-10 19:34:06 +01:00
SECURITY.md stop using the word 'just' 2026-03-03 15:30:22 +01:00

README.md

curl logo

curl is a command-line tool for transferring data from or to a server using URLs. It supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.

Learn how to use curl by reading the man page or everything curl.

Find out how to install curl by reading the INSTALL document.

libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl man page to learn how.

Open Source

curl is Open Source and is distributed under an MIT-like license.

Contact

Contact us on a suitable mailing list or use GitHub issues/ pull requests/ discussions.

All contributors to the project are listed in the THANKS document.

Commercial support

For commercial support, maybe private and dedicated help with your problems or applications using (lib)curl visit the support page.

Website

Visit the curl website for the latest news and downloads.

Source code

Download the latest source from the Git server:

git clone https://github.com/curl/curl

Security problems

Report suspected security problems privately and not in public.

Backers

Thank you to all our backers 🙏 Become a backer.

Sponsors

Support this project by becoming a sponsor.