When TLS is verified via Apple SecTrust, openssl internal state is a verification faiure (that is how it works, we use sectrust when openssl fails to verify and natice ca store is enabled). OpenSSL stores this verification status inside its TLS session objects. On reuse, we see an unverified session and do not reuse it for a verified connect attempt. While this is a performance penalty for most connections, it *fails* on ftps:// transfers where servers expect session reuse on DATA connections. Fix this by remembering that TLS and a session was verified by sectrust and allow reuse of such sessions for new connect attempts that also use sectrust. Closes #22235 |
||
|---|---|---|
| .circleci | ||
| .github | ||
| CMake | ||
| docs | ||
| include | ||
| lib | ||
| LICENSES | ||
| m4 | ||
| projects | ||
| scripts | ||
| src | ||
| tests | ||
| .clang-tidy.yml | ||
| .dir-locals.el | ||
| .editorconfig | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| acinclude.m4 | ||
| appveyor.sh | ||
| appveyor.yml | ||
| CHANGES.md | ||
| CMakeLists.txt | ||
| configure.ac | ||
| COPYING | ||
| curl-config.in | ||
| Dockerfile | ||
| GIT-INFO.md | ||
| libcurl.pc.in | ||
| Makefile.am | ||
| README | ||
| README.md | ||
| RELEASE-NOTES | ||
| renovate.json | ||
| REUSE.toml | ||
| SECURITY.md | ||
curl is a command-line tool for transferring data from or to a server using URLs. It supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS.
Learn how to use curl by reading the man page or everything curl.
Find out how to install curl by reading the INSTALL document.
libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl man page to learn how.
Open Source
curl is Open Source and is distributed under an MIT-like license.
Contact
Contact us on a suitable mailing list or use GitHub issues/ pull requests/ discussions.
All contributors to the project are listed in the THANKS document.
Commercial support
For commercial support, maybe private and dedicated help with your problems or applications using (lib)curl visit the support page.
Website
Visit the curl website for the latest news and downloads.
Source code
Download the latest source from the Git server:
git clone https://github.com/curl/curl
Security problems
Report suspected security problems privately and not in public.
Backers
Thank you to all our backers 🙏 Become a backer.
Sponsors
Support this project by becoming a sponsor.