Security Headlines curl Podcast special
Summary:
In this episode of Security Headlines, we jump into curl with
its founder and maintainer Daniel Stenberg.
We talk security, CI systems, creation of curl, Fuzzing, IRC bots
and a lot more!
Relax, Tune in and enjoy this episode of Security Headlines:
https://anchor.fm/firo-solutions/episodes/Curl-special-with-Daniel-Stenberg-ejqn0g
Few software developers never even get near to having one
of their projects being picked up by a larger community.
A project that started as a currency plugin to an IRC bot.
Spun off and ended up becoming bigger and bigger resulting in being
adopted by over 10 billion devices. Well, this project is called
curl! Curl is known to be the stable swizz army knife that can
be used for making various types of transfer requests.
Need to download a file? Curl is here for you
Need to test a socks5 proxy? Curl is here for you
Need to download an ezine over Gopher? Curl is here for you
Need to test a unix socket? Curl is here for you
In this episode of Security Headlines, we are joined by Daniel
Stenberg who is the founder and maintainer of Curl.
He has even been awarded a gold medal by the Swedish king for
his work with Curl.
The curl codebase is around 100 000 lines of C code, filled with
hidden gems such as a libcurl code generator that creates a template
based on the command line arguments you give it.
One of curl’s many features is the –libcurl option which
takes the commmand you give curl and generate a C program that use
libcurl with the same functionally, you can even port it to other
programming languages with a similar syntax and use it with libcurl’s
bindings.
$ curl https://blog.firosolutions.com --libcurl example.c
$ head example.c
/********* Sample code generated by the curl command line tool **********
* All curl_easy_setopt() options are documented at:
* https://curl.haxx.se/libcurl/c/curl_easy_setopt.html
************************************************************************/
#include <curl/curl.h>
int main(int argc, char *argv[])
{
CURLcode ret;
CURL *hnd;
Even Google love Curl, having curl in over 100 devices.
This leads us to Google’s fuzzing project, where they have
an army of computers that feed automated generated data in order
to find bugs.
This has resulted in curl being more stable, secure, and mature.
The world is always moving and so is the technology evolution.
Getting a bit dystopian here, but maybe we will move to a future
where we are running everything in a browser.
A world where everything runs ipv6 and http3.
In that world, I know one tool we can count on.
External links:
https://curl.haxx.se/
https://curl.haxx.se/docs/security.html
https://en.wikipedia.org/wiki/CURL
https://twitter.com/bagder
https://www.wolfssl.com/
https://daniel.haxx.se/
https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:curl
https://en.wikipedia.org/wiki/Gopher_%28protocol%29
https://curl.haxx.se/mail/
