Late Wednesday evening (middle European time zone) on January 7th 2009 I was up doing a live recording of the podcast show FLOSS Weekly with Leo Laporte and Randal Schwartz. This recording is now available for download as episode #51.
We chatted a bit about curl and libcurl and I think I did a decent job of keeping to the subject and not making a total fool of myself. Enjoy!
(The talk was done using skype and yes my laptop was running Windows at the time…!)
Over at the IETF another group was just created named http-state (with an associated mailing list) with the specific goal:
Ultimately, the purpose of this group is to create an updated HTTP State Management Mechanism RFC (aka cookies) that will supersede the Netscape spec, RFCs 2109, 2964, 2965 then add in real-world usage (e.g. HTTPOnly), and possibly add in additional features and possibly merge in draft-broyer-http-cookie-auth-00.txt and draft-pettersen-cookie-v2-03.txt.
I’ve joined the list and I hope to follow and participate in this, as I believe the current state of HTTP cookies is a rather sorry mess and the Netscape spec is still what closest describes how cookies work in the wild. Of course I’ll do it with my libcurl experience in my luggage.
While it perhaps would be cool to join the group in more formal way, there’s no way for me to participate in that IETF meeting in San Francisco in March.
I had a great and relaxing winter/Christmas holiday and hence my silence here.
I’m now back up to speed, with a podcast interview done yesterday (I’ll post another entry when it gets available), I do some funded development on libcurl and libssh2 in the background while I’m spending my days at my client’s place working on a 10G traffic analyzer product.
It was rather calm during “the break” but I’ve now noticed that at least the curl project has gotten significantly increased activity again. We’re on a feature freeze now for the January release, but there seems to be at least 4 patches pending adding new stuff for the release planned to come after this (around March if things go well).
Some recent news showing libcurl possibly widening its user-base:
Eugene V. Lyubimkin posted a suggestion that libcurl should be used by the upcoming APT release for all ftp and http accesses!
Mr Johansen at Sun told us libcurl is being considered (via the pycurl binding) for the new OpenSolaris package manager.
perl’s widely used module for HTTP/FTP etc, called LWP, has gotten a libcurl-powered sibling called LPW-curl, which if I understand things correctly makes transfers using the traditional LWP-style and API but is powered by libcurl underneath.
Someone (not being me) registered libcurl.org. The site actually contains rather accurate info but if I disable adblock it shows lots of ads on the page though so I guess that’s why the page exists… (googling for “libcurl” now shows this site among the 5-6 first hits, which surprises me…)
More?
We’ve gotten a fair amount of questions on the libcurl mailing list about how to do the SSH-based protocols SCP and SFTP with libcurl on Windows, and here comes Andrei Jakab bursting in and provides us with this fancy PDF:
Using libcurl with SSH support in Visual Studio 2008
I’m convinced a user or two will find this a fine resource! Thanks Andrei!
I fell over this document named “What’s New in the Solaris 10 10/08 Release” and it includes this funny little quote towards the end:
C-URL – The C-URL Wrappers Library
C-URL is a utility library that provides programmatic access to the most common Internet protocols such as, HTTP, FTP, TFTP, SFTP, and TELNET. C-URL is also extensively used in various applications.
The project is cURL, the tool is curl and the library is libcurl. There’s nothing named C-URL and it isn’t any “wrappers library”… And the list of protocols is also funny since it includes 6 protocols while a modern libcurl supports 13 different ones, and also if you build libcurl to support SFTP you also get SCP (which the list doesn’t include) etc.
It just looks so very sloppy to me. But hey, what do I know?
I held a 38 minute talk (in English) at the FSCONS conference 2007 about curl and libcurl, and now I’ve realized that the recording from that event is available online in various forms and ways.
You can get the pure Ogg Theora video files by using these links:
The slides from the presentation are still available.
fsfe.org hosts the complete collection of videos from that conference.
I haven’t yet had time and oppurtunity to watch it myself. I figure I’ll do that soon to see and learn from my own mistakes and odd habits when talking in public… and try to not get disturbed too much by my own accent!
yassl is said to be Yet Another SSL library and I’ve been told that for example it is the preferred library used by the mysql camp. I got interested in this several years ago when I learned about it since I thought it was fun to see an alternative implementation of OpenSSL that still offers the same API.
Since then, I’ve amused myself by trying to build and run curl with it like every six months or so. I’ve made (lib)curl build fine with yassl (and its configure script also detects that it is an OpenSSL API emulated by yassl), but I’ve never seen it run the entire curl test suite through without failing at least one test!
I asked the mysql guy about how yassl has worked for them, but he kind of shrugged and admitted that they hadn’t tried it much (and then I don’t know really who he spoke for, the entire team or just he and his closest friends) but he said it worked for them.
Today I noticed the yassl version 1.9.6 that I downloaded, built and tried against curl. This time curl completely fails to build with it…
Let me also point out that it’s not like I’ve not told the yassl team (person?) about these problems in the past. I have, and there have been adjustments that have been meant to address problems I’ve seen. I just can’t make curl use it successfully… libcurl can still be built and run with OpenSSL, GnuTLS or NSS so it’s not like we lack SSL library alternatives.
The same team/person seems to behind another SSL lib called Cyassl that’s aimed for smaller footprint systems and I’ve heard whispers about people trying to get libcurl to build against that and it surely is going to be interesting to see where that leads!
Especially the guys who use libcurl’s multi interface to get HTTPS pages, and if you use OpenSSL for the SSL layer will suffer from the stupid regression bug we added in 7.19.1 and that was the primary reason we shipped curl and libcurl 7.19.2 today.
There were also two other bugs fixed. Enjoy!
…and when I say “we” added it you course realize that I added it!
The Metalink guys host a list of project ideas and one of those ideas is to add metalink support to curl, and I recently bumped the stakes a bit by raising the bounty with an additional 200 USD so that the offer is now 500 USD for the person or team that brings the feature as described.
My primary motivation for doing this is that I like the metalink idea and I’d like to help making sure it gets used more widely.