romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-20 10:06:23 +03:00
Code Issues Projects Releases Packages Wiki Activity
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features
38709 commits 20 branches 229 tags 262 MiB
Find a file
Joshua Rogers 7541ae569d
tls: fix incomplete mTLS config in conn reuse and session cache 
cert_type, key, key_type, key_passwd and key_blob lived in
ssl_config_data but not in ssl_primary_config, so they were invisible to
match_ssl_primary_config() and to the TLS session cache peer key.

Two easy handles sharing a connection pool could reuse each other's
authenticated connections when they differed only on SSLKEY, SSLKEYTYPE,
KEYPASSWD, SSLCERTTYPE or SSLKEYBLOB. The second handle would silently
inherit the first handle's authenticated identity.

Promote all five fields into ssl_primary_config so the conn-reuse
predicate and session cache key cover the complete client credential
set. Also replace the fixed ":CCERT" session cache marker with the
actual clientcert path so sessions are not shared across different
client certificates.

Verified by test 3303 and 3304

Reported-By: Joshua Rogers (AISLE Research)
Closes #21667
2026-05-20 00:02:33 +02:00
.circleci runtests: detect bad libssh differently for test 1459 (fixing CircleCI libssh job) 2025-11-16 23:28:44 +01:00
.github GHA/non-native: alpha-sort BSD jobs 2026-05-19 19:03:58 +02:00
CMake cmake: fix three issues generating lib options in config files 2026-05-17 22:48:22 +02:00
docs BUFQ.md: re-sync with source code 2026-05-19 16:55:45 +02:00
include tidy-up: prefer "initialize" with a 'z' 2026-05-15 11:49:06 +02:00
lib tls: fix incomplete mTLS config in conn reuse and session cache 2026-05-20 00:02:33 +02:00
LICENSES spacecheck: check long lines and repeat spaces, fix fallouts 2026-03-25 11:02:08 +01:00
m4 tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
projects tidy-up: rename more CURLcode variables to result 2026-05-19 16:55:45 +02:00
scripts managen: apply minor fixes and improvements 2026-05-19 16:55:45 +02:00
src tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
tests tls: fix incomplete mTLS config in conn reuse and session cache 2026-05-20 00:02:33 +02:00
.clang-tidy.yml clang-tidy: enable more checks, fix fallouts 2026-04-14 02:20:16 +02:00
.dir-locals.el copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
.editorconfig .editorconfig: add 2025-09-02 08:36:40 +02:00
.git-blame-ignore-revs copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
.gitattributes buildconf: remove 2026-04-04 11:35:24 +02:00
.gitignore build: drop the winbuild build system 2025-09-20 01:20:25 +02:00
.mailmap tool: fix two more allocator mismatches 2026-03-30 16:17:42 +02:00
acinclude.m4 build: omit zlib pkg-config reference for Android 2026-05-17 13:27:06 +02:00
appveyor.sh appveyor: bump to OpenSSL 3.6 2026-04-22 09:29:05 +02:00
appveyor.yml CI: set DO_NOT_TRACK=1 2026-04-23 11:22:35 +02:00
CHANGES.md CHANGES: fix typo in filename 2026-01-01 12:20:10 +01:00
CMakeLists.txt cmake: fix three issues generating lib options in config files 2026-05-17 22:48:22 +02:00
configure.ac build: omit zlib pkg-config reference for Android 2026-05-17 13:27:06 +02:00
COPYING COPYING: bump copyright year range to 1996 - 2026 2026-01-08 23:19:44 +01:00
curl-config.in autotools: tidy-up if expressions 2025-12-10 22:29:19 +01:00
Dockerfile Dockerfile: update debian:bookworm-slim Docker digest to 67b30a6 2026-05-09 15:33:09 +02:00
GIT-INFO.md REUSE: add copyright header to two files 2025-11-03 16:08:52 +01:00
libcurl.pc.in configure: do not echo most inherited LDFLAGS to config files 2024-11-14 09:55:45 +01:00
Makefile.am rtmp: drop support 2026-03-21 14:56:06 +01:00
README BUG-BOUNTY.md: we stop the bug-bounty end of Jan 2026 2026-01-26 08:26:28 +01:00
README.md rtmp: drop support 2026-03-21 14:56:06 +01:00
RELEASE-NOTES RELEASE-NOTES: synced 2026-05-16 23:09:52 +02:00
renovate.json renovate: use standard bump formula for OpenSSL 2026-04-15 10:17:33 +02:00
REUSE.toml badwords: avoid 'simply' 2026-03-10 19:34:06 +01:00
SECURITY.md stop using the word 'just' 2026-03-03 15:30:22 +01:00

README.md

curl logo

curl is a command-line tool for transferring data from or to a server using URLs. It supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.

Learn how to use curl by reading the man page or everything curl.

Find out how to install curl by reading the INSTALL document.

libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl man page to learn how.

Open Source

curl is Open Source and is distributed under an MIT-like license.

Contact

Contact us on a suitable mailing list or use GitHub issues/ pull requests/ discussions.

All contributors to the project are listed in the THANKS document.

Commercial support

For commercial support, maybe private and dedicated help with your problems or applications using (lib)curl visit the support page.

Website

Visit the curl website for the latest news and downloads.

Source code

Download the latest source from the Git server:

git clone https://github.com/curl/curl

Security problems

Report suspected security problems privately and not in public.

Backers

Thank you to all our backers 🙏 Become a backer.

Sponsors

Support this project by becoming a sponsor.