Tag Archives: cURL and libcurl

HTTP implementations

I previously mentioned on the libcurl mailing list, that Mark Nottingham in the IETF HTTP Working Group has initiated the work on putting together an overview of all (interesting) existing HTTP implementations

Of course curl is included in the bunch, or rather libcurl, but I would also urge you all to step forward and provide further details on other implementations you worked on or know of!

Vacation days are slow days

I just wanted to drop a note saying that the biggest explanation for the silence and slowness of my blog the last couple of weeks have been my ongoing vacation, which is still going on for another two weeks.

Of course things are happening still, but due to my lack of computer time right now I tend to prioritize actually working with those things rather than posting here writing about the stuff I do/read/fix.

The Rockbox Steering Board vote is over, results will be published soon (spoiler: I’m voted in as one of the members). There’s a curl release coming up for August and we still have a few outstanding issues to fix. More on these topics later!

“Nordic” Projects?

It did struck me why the idea of handing the Nordic Free Software Award to a project feels like a bad idea: Free Software projects really aren’t geographical in general.

People tend to live at a fixed location for a specific time and thus you can say that N is living in a Nordic country or not.

Free Software projects however, are not even allowed to exclude people from other places and even projects that may origin at once place or even have its largest user-base in a particular geographical spot.

Last year’s Nordic Free Software Award was handed to Skolelinux since I believe the project origins in Norway (a nordic country) and some of the leading persons in the project are Norwegian. But is that then a nordic project? I don’t want to claim that it isn’t because I honestly don’t know, but their web site certainly says nothing about it being restricted or limited to nordic countries in any significant way. If it does, I couldn’t find it.

I am the primary person and maintainer behind curl but I wouldn’t dream of calling it a “nordic” project. The trio who started Rockbox are all Swedish but calling it a nordic project would just make me laugh.

Isn’t it so, that if you can come up with a “Nordic” Free Software project that currently only lives and strives within one or more Nordic countries without spreading itself over the world, isn’t that then more likely to be a proof of a failure of said project than anything else?

Bad Reviews Never Die

I like user feedback and comments from people in projects I participate in – even those that I run or maintain myself. I value bug reports and I think no project can evolve without a fair amount of external input.

But they can also be annoying since when done in public places they tend to stick around. If they’re negative I can respond to them if posted in forums where that is possible and where I care about it, but sometimes they’re just “blurted” out in a way that I cannot respond to and that I cannot do anything about. And the review/comment/complaint will sit there to be watched by the world. Uncommented by me or anyone else thinking otherwise.

Let me point out the recent example that made me write this particular rant: user review on curl at ohloh.

I realize there’s nobody to blame and that this is the way of life and how things work and that everybody is entitled to publish their opinions and all that. It still doesn’t feel really good when you just don’t agree with them and they’re “against” one of your own babies.

public suffixes list

I noticed the new site publicsuffix.org that has been setup by the mozilla organization in an attempt to list public suffixes for all TLDs in the world, to basically know how to prevent sites from setting cookies that would span over just about all sites under that “public suffix”.

While I can see what drives this effort and since we have the same underlying problem in curl as well, I have sympathy for the effort. Still, I dread “having to” import and support this entire list in curl only to be able to better work like the browsers in the cookie department. Also, it feels like a cat and mouse race where the list may never be complete anyway. It is doomed to lack entries, or in the worst case list “public suffixes” that aren’t any such public suffixes anymore and thus it’ll prevent sites using that suffix to properly use cookies…

There’s no word on the site if IE or Opera etc are going to join this effort.

Update: there are several people expressing doubts about the virtues of this idea. Like Patrik Fältström on DNSOP.

curl 7.18.2 and lunch

Just minutes ago I uploaded the curl and libcurl 7.18.2 package to the curl site. There are a few new changes that people might just like, but most importantly there are many bug fixes.

And by a happy coincidence, a bunch of #curl visitors (the irc channel on freenode) are going to meet up for lunch on tuesday next week (June 10th) in Stockholm, Sweden. If you’re a curl hacker or curl fan and in the proximity that day, feel free to get in touch and join us!

curl needs a fresh take on command line options

I just posted about this on the curl-users mailing list and I’ll just echo it here to reach a slightly larger audience:

One of the not so good behaviors of curl is how many of the command line options work when being repeated: toggling on/off.

We’ve got bug reports about this in the past and I know for a fact that this behavior has burnt more than one guy who’s tried to set default options for curl in their .curlrc etc. When they then re-use the same option on the command line or in a script, it effectively disables the option again…

I’d like this corrected. I want people to be able to explicitly enable and disable features with the command line options. I think the toggling is very rarely useful and something we can just abandon – unless we can figure out a way to keep it for backwards compatibility when we introduce the new behavior.

I’m willing to sacrifice some backwards compatibility to get this done, but I would of course like to hurt as few users as possible.

I’m very interested to get ideas and feedback from you guys on how we can accomplish this!

My first thoughts on how to do this, is simply to convert all the current options to enable options and then introduce a new concept that negates the option. Like -v or –verbose to enable verbose, and –no-verbose to disable verbose.

Any bright ideas?

Update: my suggestion above is what has now been committed targeted for the upcoming 7.19.0 release…

curl by sony

I got the latest Linux Journal issue (#170, June 2008) the other day and while reading through it I fell over the article about a guy who found a GPL license agreement among the papers for his brand new Sony TV.

… and there he also mentioned that they use curl! Fun! Apparently in their “Bravia Internet Video Link” product. Whatever that is… “Stream, browse and watch internet video and much more on your compatible BRAVIA® HDTV with the BRAVIA® Internet Video Link. It’s like extra channels for your new HDTV.

Coverity’s open source bug report

The great guys at scan.coverity.com published their Open Source Report 2008 in which they detail findings about source code they’ve monitored and how quality and bug density etc have changed over time since they started scanning over 250 popular open source projects. curl is one of the projects included.

Some highlights from the report:

  • curl is mentioned as one of the (few) projects that fixed all defects identified by coverity
  • from their start, the average defect frequency has gone down from one defect per 3333 lines of code to one defect per 4000 lines
  • they find no support to backup the old belief that there’s a correlation between function length and bug count
  • the average function length is 66 lines

And the top-5 most frequently detected defects are:

  1. NULL Pointer Dereference 28%
  2. Resource Leak 26%
  3. Unintentional Ignored Expressions 10%
  4. Use Before Test (NULL) 8%
  5. Buffer Overrun (statically allocated) 6%

For all details and more fun reading, see the full Open Source Report 2008 (1MB pdf)