romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-30 04:07:27 +03:00
Code Issues Projects Releases Packages Wiki Activity
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features
36516 commits 20 branches 229 tags 262 MiB
Find a file
Viktor Szakats 87b72b8182
krb5: fix output_token allocators in the GSS debug stub (Windows) 
Before this patch system `malloc()`/`free()` were used to allocate
the buffer returned in the `output_token` object from the debug stub
of `gss_init_sec_context()` when enabled via `CURL_STUB_GSS_CREDS` in
debug-enabled libcurl builds. This object is later released via stock
`gss_release_buffer()`, which, in the Windows builds of MIT Kerberos,
doesn't use the system `free()`, but the Win32 `HeapFree()`.

Fix it by using the GSS alloc/free macros: `gssalloc_malloc()` and
`gssalloc_free()` from `gssapi_alloc.h`.

To make this work without MIT Kerberos feature detection, use a canary
macro to detect a version which installs `gssapi_alloc.h` for Windows.
For <1.15 (2016-11-30) releases, that do not install it, disable the GSS
debug stub in libcurl.

Strictly speaking, non-Windows builds would also need to use GSS
allocators, but, detecting support for `gssapi_alloc.h` is impossible
without build-level logic. Built-level logic is complex and overkill,
and MIT Kerberos, as of 1.22.1, uses standard malloc/free on
non-Windows platforms anyway. (except in GSS debug builds.)

Follow-up to 73840836a5 #17752

Closes #19064
2025-10-17 17:47:22 +02:00
.circleci CI: move no-verbose build from Circle CI to existing GHA jobs, with tests 2025-10-02 14:58:06 +02:00
.github GHA/curl-for-win: add minimal Linux build 2025-10-17 17:27:12 +02:00
CMake version: add GSS backend name and version 2025-10-16 16:19:05 +02:00
docs KNOWN_BUGS: SOCKS-SSPI discards the security context 2025-10-17 17:45:06 +02:00
include notify: use 'notify' in public header and docs 2025-10-07 19:11:31 +02:00
lib krb5: fix output_token allocators in the GSS debug stub (Windows) 2025-10-17 17:47:22 +02:00
LICENSES krb5: drop support for Kerberos FTP 2025-09-20 23:58:28 +02:00
m4 mbedtls: add support for 4.0.0 2025-10-17 11:50:48 +02:00
packages os400: document threads handling in code. 2025-10-10 23:58:48 +02:00
plan9 tidy-up: LibreSSL Git repository URLs and local CI builds 2025-10-01 12:55:20 +02:00
projects build: drop the winbuild build system 2025-09-20 01:20:25 +02:00
scripts firefox-db2pem.sh: add macOS support, tidy-ups 2025-10-16 20:53:28 +02:00
src tool_ipfs: simplify the ipfs gateway logic 2025-10-17 15:47:36 +02:00
tests test_16: adjust timing expectations 2025-10-17 13:35:35 +02:00
.dir-locals.el copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
.editorconfig .editorconfig: add 2025-09-02 08:36:40 +02:00
.git-blame-ignore-revs copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
.gitattributes winbuild: MS-DOS batch tidy-ups 2024-07-02 19:26:15 +02:00
.gitignore build: drop the winbuild build system 2025-09-20 01:20:25 +02:00
.mailmap mailmap: unify on James 2025-09-08 09:26:22 +02:00
acinclude.m4 ssl: support Apple SecTrust configurations 2025-10-03 12:02:23 +02:00
appveyor.sh build: drop the winbuild build system 2025-09-20 01:20:25 +02:00
appveyor.yml build: drop the winbuild build system 2025-09-20 01:20:25 +02:00
buildconf copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
CHANGES.md CHANGES: rename to CHANGES.md, no longer generated 2024-08-01 13:37:12 +02:00
CMakeLists.txt mbedtls: add support for 4.0.0 2025-10-17 11:50:48 +02:00
configure.ac mbedtls: add support for 4.0.0 2025-10-17 11:50:48 +02:00
COPYING COPYING: bump copyright year range to 1996 - 2025 2025-01-01 21:12:12 +01:00
curl-config.in curl-config: remove X prefix use 2025-08-04 10:01:07 +02:00
Dockerfile Dockerfile: update debian:bookworm-slim digest to 7e49091 2025-09-30 11:32:12 +02:00
GIT-INFO.md build: drop tool_hugehelp.c.cvs, tidy up macros, drop buildconf.bat 2025-01-26 14:22:49 +01:00
libcurl.pc.in configure: do not echo most inherited LDFLAGS to config files 2024-11-14 09:55:45 +01:00
Makefile.am vssh: drop support for wolfSSH 2025-09-24 22:59:33 +02:00
README krb5: drop support for Kerberos FTP 2025-09-20 23:58:28 +02:00
README.md krb5: drop support for Kerberos FTP 2025-09-20 23:58:28 +02:00
RELEASE-NOTES RELEASE-NOTES: synced 2025-10-16 09:01:17 +02:00
renovate.json GHA: drop quictls 3.3.0 builds in favor of openssl 3.5+ 2025-10-04 17:49:21 +02:00
REUSE.toml REUSE: move copyright headers to .checksrc 2025-10-13 11:54:22 +02:00
SECURITY.md docs: Clarify OpenSSF Best Practices vs Scorecard 2024-08-22 11:50:20 +02:00

README.md

curl logo

curl is a command-line tool for transferring data specified with URL syntax. Learn how to use curl by reading the manpage or everything curl.

Find out how to install curl by reading the INSTALL document.

libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl manpage to learn how.

Open Source

curl is Open Source and is distributed under an MIT-like license.

Contact

Contact us on a suitable mailing list or use GitHub issues/ pull requests/ discussions.

All contributors to the project are listed in the THANKS document.

Commercial support

For commercial support, maybe private and dedicated help with your problems or applications using (lib)curl visit the support page.

Website

Visit the curl website for the latest news and downloads.

Source code

Download the latest source from the Git server:

git clone https://github.com/curl/curl.git

Security problems

Report suspected security problems via our HackerOne page and not in public.

Backers

Thank you to all our backers 🙏 Become a backer.

Sponsors

Support this project by becoming a sponsor.