SlideShare ist ein Scribd-Unternehmen logo

curl - a hobby project that conquered the world

Daniel Stenberg
Daniel Stenberg

The curl keynote at the Castor Software Days 2019 by Daniel Stenberg.

Software
1 von 70
Downloaden Sie, um offline zu lesen
curl - a hobby project that conquered the worldcurl - a hobby project that conquered the world
Dear Daniel, I had emailed you a couple months ago @bagder@bagder
@bagder@bagder
Since you weren't aware that your name was attached to Instagram related hacking code, I thought you might want to know, in case you weren't already aware, that your name is also included in Spotify terms and conditions. @bagder@bagder
@bagder@bagder
these are big companies that you likely don't want to have a trail of evidence that you are a part of @bagder@bagder
an Instagram and Spotify hacking ring @bagder@bagder
Daniel Stenberg @bagder
Daniel Stenberg @bagder
An open source project that makes a command line tool and a library for transferring data using Internet protocols @bagder@bagder
Once upon the time... @bagder@bagder
nothing @bagder@bagder
@bagder@bagder
@bagder@bagder …… while I waswhile I was writing this IRCwriting this IRC bot...bot...
Let’s put it online! @bagder@bagder
… became curl 1998 HTTPHTTP GopherGopher FTPFTP @bagder@bagder
December 1998 @bagder@bagder
… and time passed... 0 20000 40000 60000 80000 100000 120000 140000 160000 180000 2000 2019 Number of lines of code @bagder@bagder
… and time passed... Number of contributors 0 200 400 600 800 1000 1200 1400 1600 1800 2000 2005 2019 @bagder@bagder
Number of command line options … and time passed... 0 50 100 150 200 250 2004 2019 @bagder@bagder
2019 DICT, FILE, FTP, FTPS, Gopher, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, Telnet and TFTP TLS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, HTTP/HTTPS/SOCKS proxy, cookies, authentication (Basic, Digest, NTLM, Negotiate, Kerberos), HTTP/2, HTTP/3, alt-svc:, happy eyeballs, file transfer resume, proxy tunneling, DNS-over-HTTPS, HTTP compression and much more @bagder@bagder
Number of available web sites 1996: 257,000 2019: 1,940,000,000 (multiplied 7,500 times) @bagder@bagder
@bagder@bagder
Just curl it! @bagder@bagder
curl is a bridge @bagder@bagder
Widely used @bagder@bagder
16 Software, 1C Company, ACCESS, Actuate, Adara Networks, AddLive, Adobe, Aditiva, Adknowledge, alaTEST, Altera, Altova, Amazon, Ananse Productions, AOL, Apple, Archivas, ATX, AT&T, Autodesk, Avaya, BBC, Bietfuchs, Biicode, Bitcartel, Blackberry, Blizzard, Bloglines.com, Blue Digits, Blue Security, BMW, Booking.com, Bosch, Baojun, Broadcom, bwin, Cadillac, Candela Technologies, Canonical, Carestream Health, Cascade Data Systems, CatchFIRE Systems, CERN, CheckPoint, Chevrolet, Chronos, Cisco, Citrix, CLAAS Tractor SAS, Comcast, Contactor, CounterPath, Cybernetica, Datasphere, Datordax, Denon, DesignQuotes, Device Scape, Digium, EdelWeb, EFS Technology, Eiffel Software, Electronic Arts, Emsoft, Enigma Software, Euroling, Ergon Informatik, ESRI, etikett.de, www.expandtalk.se, Eye-Fi, E2E Technologies Ltd, F-Secure, Facebook, FalconView, Feitian Technologies, Ford, FriendFeed, FMWebschool, Garmin, GeekDrop, GRIN, Groopex, Grooveshark, focuseek, Games Workshop, Garmin, GipsyMedia, GMC, Google, Haxx, HPC, Heynow Software, Hitachi, Holden, Honeywell, HP, Huawei, HTC, inSORS, IBM, ideelabor.ee, Idruna Software Inc, Id Software, Infomedia Business Systems Division, Informatica, Information Handling Services, Insignia, Instagram, Intel, Internet Security Systems, Intra2net AG, isee systems, Jajja Communications, Jawbone, JET, JLynx Software, Kajala Group Ltd., Kaleidescape, Karelia, Kaseya, kencast inc, Kerio Technologies, Kongsberg Spacetec, LassoSoft, lastpass, LG, LifeSize Software, Linden Lab, Machina Networks, Macromates, Macromedia, Magic TV, Matrix Science, Mandiant, MandrakeSoft, Marantz, Mazda, McAfee, MediaAnalys, Mellanox, Mercedes-Benz, Metaio, Micromuse Inc., Miniclip, Modio, MokaFive, Inc, Momento, Moodstocks, Motorola, Mozilla, Music FX Live, Nagarsoft, Neptune Labs, Nest, Netflix, Netgear, Netiq, Network Mail, Neuros, Nintendo, Nissan, NoDesign, Nortel, Office2office Plc, OKTET Labs Ltd, One Laptop Per Child, Onkyo, On Technology, Opel, OpenLogic, opsmate, Optimsys, Oppo, Oracle, Outrider, Palm, Panasonic, Pandigital, Parrot, Passiv Systems, Pelco, Philips, Pioneer, Plogue, Pocket Gems, Polaroid Corporation, Polycom, Pure Storage, Quest, QVD, QNX, RBS, Renault, Research in Motion, Retarus Network Services GmbH, Riverbed, ROBLOX, Rockstar Games, Rolltech Inc, RSA Security Inc, RSSS, Samsung, SanDisk, SAP, SAS Institute, Seat, SEB, Sharp, Siemens, Silicon Landmark, Sjphone, Skoda, Slingbox, SmithMicro, Sony, Sophos, Source Remoting, Splunk, Spotify, Steambird, Subaru, Suzuki, Sun, SurfEasy Inc, Swisscom, Symantec, System Garden, Tango, tasvideos, TeamViewer, Tellabs, Telstra, Telvue, Tesla, Thermomix, Thumbtack, Tilgin, Tomtom, ToolAware, Toshiba, Toyota, Trend Micro, Tribalmedia, Trion Worlds, Tiempo de Espera, Unisys, UniPlot, Unity3d, ustream, Valve, Vauxhall, Verisure, VETport, Vivisimo, Vmware, Voddler, Volition Inc, Vuo, VW, Wump Research, Xiaomi, Xilinx, XonaSoftware, Yahoo, Yamaha, Yubico, Zimbra, Zixcorp, Zonar Systems, Zyxel, Z2, @bagder@bagder
10,000,000,00010,000,000,000 installationsinstallations @bagder@bagder
curl uses libcurl libcurl TCP UDP IP file- system @bagder@bagder
24 supported protocols libcurl TCP filesystem UDP TLSSSH QUIC HTTP HTTPS TFTP FILE FTP IMAP SMTP POP3 GOPHER TELNET DICT RTSP RTMP SMB LDAP SFTP SCP FTPS IMAPS SMTPS POP3S RTMPS SMBS LDAPS @bagder@bagder
60 libcurl bindings libcurl application FalconD C++ Requests ScriptBasic FeriteDelphiChcurl curlpp GambasEiffel BBHTTP (Cocoa) curlcpp glib/GTK+Euphoria Curlhandle (Cocoa) go-curl Object- Pascal Lua-cURLJava Guile O’CamlMonoJulia Harbour Pascal.NET Common Lisp Haskell WWW::Curl (perl) node.jsluacurl perl6-net- curl PHP/CURL Rexx PostgreSQL Ring pycURL RPG Tclcurl Q Visual Foxpro Visual Basic vXWidgets S-LangXojoXBLite Smalltalk SP- Forth ScilabScheme curl- rust SPL Ada95 Curb (Ruby) Clojure R Kapito (Erlang) PureBasic Net::Curl (perl) Nim @bagder@bagder
c 30 third party dependencies I/O layer libcurl URL parser libidn2winidn HTTPHTTPS OpenSSL Mesalink gskit mbedTLS wolfSSL Schannel SecureTransport GnuTLS NSS boringssl libressl AmiSSL SFTP SCP LDAP WinLDAP OpenLDAP RTMP librtmp Name resolver c-ares compression libz brotli cookies libpsl IMAP SMTP POP3 HTTP/2 nghttp2 authentication winsspi Heimdal MIT-kerberos HTTP/3 quiche ngtcp2 family HTTP/1 SSH wolfSSH libssh2 libssh @bagder@bagder
Features can be disabled at build-time pthreads crypto authsspiverbose output ntlm-wb cookiesunix-socketsTLS SRP HTTP auth date parserMIMEDNS-over-HTTPS netrc alt-svcDNS shuffleprogress meter libcurl @bagder@bagder
71 operating systems libcurl Linux FreeBSDmacOSWindows NetBSD Tru64VMSOpenBSD Android IntegrityiOS Cell OS IRIXucLinuxHP-UX OS/400 AmigaOSSymbianSolaris Ultrix eCOSBeOSTPF MS DOS Haiku MINIX OS/2 Netware QNX SCO Unix RISC OS FreeRTOS ChromeOS Hurd Plan 9 UnixWare Mac OS 9AIXIllumos Windows CESailfish OS z/OS UNICOS OS21 MPE/iX SINIX-Z NonStop OS vxWorks WebOS Tizen Cygwin NCR MP-RAS Syllable OS tvOS DragonFly BSD SerenityFuchsia Nintendo Switch RedoxGenode Hardened BSD ipadOS PlayStation Portable Mbed ReactOS SunOS Lineage OS Blackberry 10 FreeDOS Blackberry Tablet OS @bagder@bagder Garmin OS
20 CPU architectures libcurl x86 MIPSARMPowerPC SPARC POWERm68k s390 HP-PASH4Nios RISC-V OpenRISC ARC Itanium Cell VAX Alpha MicroBlaze Xtensa @bagder@bagder
Hi Daniel, I’m the marketing director for Dice.com and I wanted to reach out to you to thank you for spotting our billboard error on the 101. We are deeply embarrassed by this mistake to say the least. In a classic coding scenario, our QA failed us. Unfortunately for us, we bought this spot long-term and we are trying to figure out how quickly we can replace the content. @bagder@bagder
Subject: Multimedya isc-v:85 I have toyota corola with multimedya system that you have its copyright. I need a advice to know how to use the gps. Master of many things @bagder@bagder
Cisco Small Business Routers, March 2019 @bagder@bagder
Malwares use it too (1/2) @bagder@bagder October 2015: a single curl package was downloaded more than 300,000 times from the web site, accounting for over 70% of the used bandwidth.
Malwares use it too (2/2) @bagder@bagder
Why? @bagder@bagder
Why use curl? Internet doesn't follow specs Open source; MIT licensed Simple, stable, powerful API Multi-platform Documentation Stable All the protocols Fast Footprint shaving Many TLS backends https://curl.haxx.se/libcurl/theysay.html @bagder@bagder
Why Open Source? There was never any alternative to me Wanted to contribute back Would never even come close unless No, I would not be rich otherwise @bagder@bagder
How? @bagder@bagder
821 822 850 854 959 974 1035 1081 1123 1225 1350 1425 1427 1436 1460 1510 1635 1639 1651 1653 1725 1730 1734 1738 1777 1808 1867 1869 1870 1884 1928 1939 1945 1950 1951 1952 1959 1964 2045 2046 2047 2048 2049 2060 2061 2068 2095 2104 2109 2133 2145 2183 2184 2192 2195 2222 2228 2229 2231 2246 2255 2326 2373 2384 2388 2389 2396 2428 2449 2459 2478 2487 2518 2553 2554 2577 2595 2616 2617 2640 2718 2732 2817 2818 2821 2831 2854 2936 2964 2965 3207 3280 3493 3501 3513 3617 3659 3961 3986 4120 4121 4178 4217 4248 4346 4366 4422 4511 4516 4559 4616 4954 4959 5034 5092 5321 5322 5849 6749 7230 7231 7232 7233 7234 7235 7238 7540 7541 7628 7838 8314 8446 8484 133 Relevant RFCs (260,000 lines) libcurl @bagder@bagder
2,000 contributors Who makes curl curl 730 authors 150 authors per year 12 regulars Daniel @bagder@bagder (The boxes are not drawn to scale)
Contributors 2,000 in total2,000 in total 40-50 per release40-50 per release IncreasingIncreasing Small core teamSmall core team VolunteersVolunteers @bagder@bagder
Everything is public @bagder@bagder
mailing listsmailing lists @bagder@bagder
on githubon github a few have pusha few have push rightsrights @bagder@bagder
Who pays Spare time hackers Company paid contributors Company paid feature development @bagder@bagder
The mighty sponsors of curl @bagder@bagder
Secure enough for the billions?Secure enough for the billions? ReviewsReviews (at 90+ CVEs and counting)(at 90+ CVEs and counting) Code auditCode audit Code styleCode style FuzzingFuzzingDocsDocs Static codeStatic code analyzersanalyzers Valgrind andValgrind and sanitizerssanitizers ManyMany teststests @bagder@bagder CI like crazyCI like crazy
curl bug bounty @bagder@bagder
Let's make it personalLet's make it personal This is the lead developerThis is the lead developer of this projectof this project @bagder@bagder
I’m just an average developer person I made this for myself I just never stopped working on it I made it possible for others to help out I didn’t stop working on it I took it in directions I thought was right I kept on working @bagder@bagder
This is my primary hobby (and job) Two hours spare time per day Every day, every week, every year, since 1998 Part time paid since 2014 Full time since early 2019 Yes, I totally mix and blur spare time and work! @bagder@bagder
Over twenty years add up 4,000 commit-days 15,000 spare time hours 16,000 commits 25,000 emails sent @bagder@bagder
Security issues Release management Web site admin Mailing list admin Patch reviewing User support Blogging about it What’s maintaining? Debugging Patch merging Feature development Write documentation Event planning Getting stickers Doing talks @bagder@bagder
Why I do it? I enjoy creating something that is appreciated by others. Many others. I want to make curl as good as possible Everyone needs a hobby @bagder@bagder
““TheThe created economic valuecreated economic value cannot be overstated.”cannot be overstated.” @bagder@bagder@bagder@bagder
Not everyone loves me @bagder@bagder
Now? @bagder@bagder
On the map right now, maybe ESNIESNI HSTSHSTS DoTDoT MQTTMQTT HTTP/3HTTP/3 tiny-curltiny-curl @bagder@bagder
FutureFuture No, it trulyNo, it truly never gets donenever gets done ProtocolsProtocols keep evolvingkeep evolving Open source codeOpen source code survivessurvives No slow-downNo slow-down in sightin sight You canYou can help!help! @bagder@bagder
74 RoadmapRoadmap @bagder@bagder
75 You can help!You can help! @bagder@bagder
https://curl.haxx.se/book.html @bagder@bagder
Daniel Stenberg @bagder https://daniel.haxx.se/ Thank you!Thank you! Questions?Questions? @bagder@bagder
License This presentation and its contents are licensed under the Creative Commons Attribution 4.0 license: http://creativecommons.org/licenses/by/4.0/ @bagder@bagder

Empfohlen

HTTP/3 is next generation HTTP
HTTP/3 is next generation HTTPHTTP/3 is next generation HTTP
HTTP/3 is next generation HTTP
Daniel Stenberg
 
curl roadmap 2020
curl roadmap 2020curl roadmap 2020
curl roadmap 2020
Daniel Stenberg
 
HTTP/3, QUIC and streaming
HTTP/3, QUIC and streamingHTTP/3, QUIC and streaming
HTTP/3, QUIC and streaming
Daniel Stenberg
 
HTTP/3 in curl
HTTP/3 in curlHTTP/3 in curl
HTTP/3 in curl
Daniel Stenberg
 
curl better
curl bettercurl better
curl better
Daniel Stenberg
 
Http3 fullstackfest-2019
Http3 fullstackfest-2019Http3 fullstackfest-2019
Http3 fullstackfest-2019
Daniel Stenberg
 
HTTP/3 for everyone
HTTP/3 for everyoneHTTP/3 for everyone
HTTP/3 for everyone
Daniel Stenberg
 
HTTP/3 in curl 2020
HTTP/3 in curl 2020HTTP/3 in curl 2020
HTTP/3 in curl 2020
Daniel Stenberg
 

Empfohlen

HTTP/3 is next generation HTTP
HTTP/3 is next generation HTTPHTTP/3 is next generation HTTP
HTTP/3 is next generation HTTP
Daniel Stenberg
 
curl roadmap 2020
curl roadmap 2020curl roadmap 2020
curl roadmap 2020
Daniel Stenberg
 
HTTP/3, QUIC and streaming
HTTP/3, QUIC and streamingHTTP/3, QUIC and streaming
HTTP/3, QUIC and streaming
Daniel Stenberg
 
HTTP/3 in curl
HTTP/3 in curlHTTP/3 in curl
HTTP/3 in curl
Daniel Stenberg
 
curl better
curl bettercurl better
curl better
Daniel Stenberg
 
Http3 fullstackfest-2019
Http3 fullstackfest-2019Http3 fullstackfest-2019
Http3 fullstackfest-2019
Daniel Stenberg
 
HTTP/3 for everyone
HTTP/3 for everyoneHTTP/3 for everyone
HTTP/3 for everyone
Daniel Stenberg
 
HTTP/3 in curl 2020
HTTP/3 in curl 2020HTTP/3 in curl 2020
HTTP/3 in curl 2020
Daniel Stenberg
 
common mistakes when using libcurl
common mistakes when using libcurlcommon mistakes when using libcurl
common mistakes when using libcurl
Daniel Stenberg
 
Landing code in curl
Landing code in curlLanding code in curl
Landing code in curl
Daniel Stenberg
 
HTTP/3
HTTP/3HTTP/3
HTTP/3
Daniel Stenberg
 
Curl with rust
Curl with rustCurl with rust
Curl with rust
Daniel Stenberg
 
Getting started with libcurl
Getting started with libcurlGetting started with libcurl
Getting started with libcurl
Daniel Stenberg
 
Just curl it!
Just curl it!Just curl it!
Just curl it!
Daniel Stenberg
 
The state of curl 2020
The state of curl 2020The state of curl 2020
The state of curl 2020
Daniel Stenberg
 
HTTP/3 an early overview
HTTP/3 an early overviewHTTP/3 an early overview
HTTP/3 an early overview
Praveen Kottarathil
 
HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!
Daniel Stenberg
 
DNS over HTTPS
DNS over HTTPSDNS over HTTPS
DNS over HTTPS
Daniel Stenberg
 
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchaginstackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
NETWAYS
 
Hackference 2014 - Node.js, the awesome parts
Hackference 2014 - Node.js, the awesome partsHackference 2014 - Node.js, the awesome parts
Hackference 2014 - Node.js, the awesome parts
Dan Jenkins
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!
Alex Borysov
 
Efficient HTTP Apis
Efficient HTTP ApisEfficient HTTP Apis
Efficient HTTP Apis
Adrian Cole
 
Cracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless NetworksCracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless Networks
guestf2e41
 
So that was HTTP/2, what's next?
So that was HTTP/2, what's next?So that was HTTP/2, what's next?
So that was HTTP/2, what's next?
Daniel Stenberg
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!
Alex Borysov
 
Http2 right now
Http2 right nowHttp2 right now
Http2 right now
Daniel Stenberg
 
Http/2 - What's it all about?
Http/2 - What's it all about?Http/2 - What's it all about?
Http/2 - What's it all about?
Andy Davies
 
2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security
David Blevins
 
Let me tell you about curl
Let me tell you about curlLet me tell you about curl
Let me tell you about curl
Daniel Stenberg
 
Everybody runs this code all the time
Everybody runs this code all the timeEverybody runs this code all the time
Everybody runs this code all the time
Daniel Stenberg
 

Weitere ähnliche Inhalte

Was ist angesagt?

HTTP/3
HTTP/3HTTP/3
HTTP/3
Daniel Stenberg
 
Efficient HTTP Apis
Efficient HTTP ApisEfficient HTTP Apis
Efficient HTTP Apis
Adrian Cole
 
Cracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless NetworksCracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless Networks
guestf2e41
 
Http/2 - What's it all about?
Http/2 - What's it all about?Http/2 - What's it all about?
Http/2 - What's it all about?
Andy Davies
 
2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security
David Blevins
 

Was ist angesagt? (20)

common mistakes when using libcurl
common mistakes when using libcurlcommon mistakes when using libcurl
common mistakes when using libcurl
 
Landing code in curl
Landing code in curlLanding code in curl
Landing code in curl
 
HTTP/3
HTTP/3HTTP/3
HTTP/3
 
Curl with rust
Curl with rustCurl with rust
Curl with rust
 
Getting started with libcurl
Getting started with libcurlGetting started with libcurl
Getting started with libcurl
 
Just curl it!
Just curl it!Just curl it!
Just curl it!
 
The state of curl 2020
The state of curl 2020The state of curl 2020
The state of curl 2020
 
HTTP/3 an early overview
HTTP/3 an early overviewHTTP/3 an early overview
HTTP/3 an early overview
 
HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!
 
DNS over HTTPS
DNS over HTTPSDNS over HTTPS
DNS over HTTPS
 
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchaginstackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
 
Hackference 2014 - Node.js, the awesome parts
Hackference 2014 - Node.js, the awesome partsHackference 2014 - Node.js, the awesome parts
Hackference 2014 - Node.js, the awesome parts
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!
 
Efficient HTTP Apis
Efficient HTTP ApisEfficient HTTP Apis
Efficient HTTP Apis
 
Cracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless NetworksCracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless Networks
 
So that was HTTP/2, what's next?
So that was HTTP/2, what's next?So that was HTTP/2, what's next?
So that was HTTP/2, what's next?
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!
 
Http2 right now
Http2 right nowHttp2 right now
Http2 right now
 
Http/2 - What's it all about?
Http/2 - What's it all about?Http/2 - What's it all about?
Http/2 - What's it all about?
 
2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security
 

Ähnlich wie curl - a hobby project that conquered the world

IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hack
Slawomir Jasek
 
A Reference Architecture for IoT
A Reference Architecture for IoT A Reference Architecture for IoT
A Reference Architecture for IoT
WSO2
 
D1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsD1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via sms
qqlan
 

Ähnlich wie curl - a hobby project that conquered the world (20)

Let me tell you about curl
Let me tell you about curlLet me tell you about curl
Let me tell you about curl
 
Everybody runs this code all the time
Everybody runs this code all the timeEverybody runs this code all the time
Everybody runs this code all the time
 
You know what's cool? Running on a billion devices
You know what's cool? Running on a billion devicesYou know what's cool? Running on a billion devices
You know what's cool? Running on a billion devices
 
curl - openfourm europe.pdf
curl - openfourm europe.pdfcurl - openfourm europe.pdf
curl - openfourm europe.pdf
 
IoT with Apache ActiveMQ, Camel & Spark
IoT with Apache ActiveMQ, Camel & SparkIoT with Apache ActiveMQ, Camel & Spark
IoT with Apache ActiveMQ, Camel & Spark
 
IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hack
 
Soracom services for smart cities and homes feb2018
Soracom services for smart cities and homes feb2018Soracom services for smart cities and homes feb2018
Soracom services for smart cities and homes feb2018
 
The state of curl 2022
The state of curl 2022The state of curl 2022
The state of curl 2022
 
A Reference Architecture for IoT
A Reference Architecture for IoT A Reference Architecture for IoT
A Reference Architecture for IoT
 
mastering the curl command line.pdf
mastering the curl command line.pdfmastering the curl command line.pdf
mastering the curl command line.pdf
 
Case Studies in IoT – Introducing commercial and industrial Use Cases
Case Studies in IoT – Introducing commercial and industrial Use CasesCase Studies in IoT – Introducing commercial and industrial Use Cases
Case Studies in IoT – Introducing commercial and industrial Use Cases
 
D1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via smsD1 t1 t. yunusov k. nesterov - bootkit via sms
D1 t1 t. yunusov k. nesterov - bootkit via sms
 
Internet of Things Conference - Bogor city
Internet of Things Conference - Bogor cityInternet of Things Conference - Bogor city
Internet of Things Conference - Bogor city
 
WebRTC Reborn - Full Stack
WebRTC Reborn - Full StackWebRTC Reborn - Full Stack
WebRTC Reborn - Full Stack
 
WebRTC Reborn - Cloud Expo / WebRTC Summit
WebRTC Reborn - Cloud Expo / WebRTC SummitWebRTC Reborn - Cloud Expo / WebRTC Summit
WebRTC Reborn - Cloud Expo / WebRTC Summit
 
WebRTC Reborn Hackference
WebRTC Reborn HackferenceWebRTC Reborn Hackference
WebRTC Reborn Hackference
 
IT Solution through IoT Development
IT Solution through IoT DevelopmentIT Solution through IoT Development
IT Solution through IoT Development
 
WebRTC Reborn SignalConf 2016
WebRTC Reborn SignalConf 2016WebRTC Reborn SignalConf 2016
WebRTC Reborn SignalConf 2016
 
Twilio Signal 2016 WebRTC Reborn
Twilio Signal 2016 WebRTC RebornTwilio Signal 2016 WebRTC Reborn
Twilio Signal 2016 WebRTC Reborn
 
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and FlutterFlutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
 

Mehr von Daniel Stenberg

Mehr von Daniel Stenberg (9)

mastering libcurl part 2
mastering libcurl part 2mastering libcurl part 2
mastering libcurl part 2
 
mastering libcurl part 1
mastering libcurl part 1mastering libcurl part 1
mastering libcurl part 1
 
curl experiments - curl up 2022
curl experiments - curl up 2022curl experiments - curl up 2022
curl experiments - curl up 2022
 
curl security - curl up 2022
curl security - curl up 2022curl security - curl up 2022
curl security - curl up 2022
 
HTTP/3 in curl - curl up 2022
HTTP/3 in curl - curl up 2022HTTP/3 in curl - curl up 2022
HTTP/3 in curl - curl up 2022
 
Testing curl for security
Testing curl for securityTesting curl for security
Testing curl for security
 
Writing safe and secure code
Writing safe and secure codeWriting safe and secure code
Writing safe and secure code
 
The state of curl 2019
The state of curl 2019The state of curl 2019
The state of curl 2019
 
Säker kod (secure code)
Säker kod (secure code)Säker kod (secure code)
Säker kod (secure code)
 

Kürzlich hochgeladen

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
VictorSzoltysek
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 

Kürzlich hochgeladen (20)

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 

curl - a hobby project that conquered the world

  • 1. curl - a hobby project that conquered the worldcurl - a hobby project that conquered the world
  • 2. Dear Daniel, I had emailed you a couple months ago @bagder@bagder
  • 4. Since you weren't aware that your name was attached to Instagram related hacking code, I thought you might want to know, in case you weren't already aware, that your name is also included in Spotify terms and conditions. @bagder@bagder
  • 6. these are big companies that you likely don't want to have a trail of evidence that you are a part of @bagder@bagder
  • 7. an Instagram and Spotify hacking ring @bagder@bagder
  • 10. An open source project that makes a command line tool and a library for transferring data using Internet protocols @bagder@bagder
  • 11. Once upon the time... @bagder@bagder
  • 14. @bagder@bagder …… while I waswhile I was writing this IRCwriting this IRC bot...bot...
  • 15. Let’s put it online! @bagder@bagder
  • 16. … became curl 1998 HTTPHTTP GopherGopher FTPFTP @bagder@bagder
  • 18. … and time passed... 0 20000 40000 60000 80000 100000 120000 140000 160000 180000 2000 2019 Number of lines of code @bagder@bagder
  • 19. … and time passed... Number of contributors 0 200 400 600 800 1000 1200 1400 1600 1800 2000 2005 2019 @bagder@bagder
  • 20. Number of command line options … and time passed... 0 50 100 150 200 250 2004 2019 @bagder@bagder
  • 21. 2019 DICT, FILE, FTP, FTPS, Gopher, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, Telnet and TFTP TLS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, HTTP/HTTPS/SOCKS proxy, cookies, authentication (Basic, Digest, NTLM, Negotiate, Kerberos), HTTP/2, HTTP/3, alt-svc:, happy eyeballs, file transfer resume, proxy tunneling, DNS-over-HTTPS, HTTP compression and much more @bagder@bagder
  • 22. Number of available web sites 1996: 257,000 2019: 1,940,000,000 (multiplied 7,500 times) @bagder@bagder
  • 25. curl is a bridge @bagder@bagder
  • 27. 16 Software, 1C Company, ACCESS, Actuate, Adara Networks, AddLive, Adobe, Aditiva, Adknowledge, alaTEST, Altera, Altova, Amazon, Ananse Productions, AOL, Apple, Archivas, ATX, AT&T, Autodesk, Avaya, BBC, Bietfuchs, Biicode, Bitcartel, Blackberry, Blizzard, Bloglines.com, Blue Digits, Blue Security, BMW, Booking.com, Bosch, Baojun, Broadcom, bwin, Cadillac, Candela Technologies, Canonical, Carestream Health, Cascade Data Systems, CatchFIRE Systems, CERN, CheckPoint, Chevrolet, Chronos, Cisco, Citrix, CLAAS Tractor SAS, Comcast, Contactor, CounterPath, Cybernetica, Datasphere, Datordax, Denon, DesignQuotes, Device Scape, Digium, EdelWeb, EFS Technology, Eiffel Software, Electronic Arts, Emsoft, Enigma Software, Euroling, Ergon Informatik, ESRI, etikett.de, www.expandtalk.se, Eye-Fi, E2E Technologies Ltd, F-Secure, Facebook, FalconView, Feitian Technologies, Ford, FriendFeed, FMWebschool, Garmin, GeekDrop, GRIN, Groopex, Grooveshark, focuseek, Games Workshop, Garmin, GipsyMedia, GMC, Google, Haxx, HPC, Heynow Software, Hitachi, Holden, Honeywell, HP, Huawei, HTC, inSORS, IBM, ideelabor.ee, Idruna Software Inc, Id Software, Infomedia Business Systems Division, Informatica, Information Handling Services, Insignia, Instagram, Intel, Internet Security Systems, Intra2net AG, isee systems, Jajja Communications, Jawbone, JET, JLynx Software, Kajala Group Ltd., Kaleidescape, Karelia, Kaseya, kencast inc, Kerio Technologies, Kongsberg Spacetec, LassoSoft, lastpass, LG, LifeSize Software, Linden Lab, Machina Networks, Macromates, Macromedia, Magic TV, Matrix Science, Mandiant, MandrakeSoft, Marantz, Mazda, McAfee, MediaAnalys, Mellanox, Mercedes-Benz, Metaio, Micromuse Inc., Miniclip, Modio, MokaFive, Inc, Momento, Moodstocks, Motorola, Mozilla, Music FX Live, Nagarsoft, Neptune Labs, Nest, Netflix, Netgear, Netiq, Network Mail, Neuros, Nintendo, Nissan, NoDesign, Nortel, Office2office Plc, OKTET Labs Ltd, One Laptop Per Child, Onkyo, On Technology, Opel, OpenLogic, opsmate, Optimsys, Oppo, Oracle, Outrider, Palm, Panasonic, Pandigital, Parrot, Passiv Systems, Pelco, Philips, Pioneer, Plogue, Pocket Gems, Polaroid Corporation, Polycom, Pure Storage, Quest, QVD, QNX, RBS, Renault, Research in Motion, Retarus Network Services GmbH, Riverbed, ROBLOX, Rockstar Games, Rolltech Inc, RSA Security Inc, RSSS, Samsung, SanDisk, SAP, SAS Institute, Seat, SEB, Sharp, Siemens, Silicon Landmark, Sjphone, Skoda, Slingbox, SmithMicro, Sony, Sophos, Source Remoting, Splunk, Spotify, Steambird, Subaru, Suzuki, Sun, SurfEasy Inc, Swisscom, Symantec, System Garden, Tango, tasvideos, TeamViewer, Tellabs, Telstra, Telvue, Tesla, Thermomix, Thumbtack, Tilgin, Tomtom, ToolAware, Toshiba, Toyota, Trend Micro, Tribalmedia, Trion Worlds, Tiempo de Espera, Unisys, UniPlot, Unity3d, ustream, Valve, Vauxhall, Verisure, VETport, Vivisimo, Vmware, Voddler, Volition Inc, Vuo, VW, Wump Research, Xiaomi, Xilinx, XonaSoftware, Yahoo, Yamaha, Yubico, Zimbra, Zixcorp, Zonar Systems, Zyxel, Z2, @bagder@bagder
  • 29. curl uses libcurl libcurl TCP UDP IP file- system @bagder@bagder
  • 31. 60 libcurl bindings libcurl application FalconD C++ Requests ScriptBasic FeriteDelphiChcurl curlpp GambasEiffel BBHTTP (Cocoa) curlcpp glib/GTK+Euphoria Curlhandle (Cocoa) go-curl Object- Pascal Lua-cURLJava Guile O’CamlMonoJulia Harbour Pascal.NET Common Lisp Haskell WWW::Curl (perl) node.jsluacurl perl6-net- curl PHP/CURL Rexx PostgreSQL Ring pycURL RPG Tclcurl Q Visual Foxpro Visual Basic vXWidgets S-LangXojoXBLite Smalltalk SP- Forth ScilabScheme curl- rust SPL Ada95 Curb (Ruby) Clojure R Kapito (Erlang) PureBasic Net::Curl (perl) Nim @bagder@bagder
  • 32. c 30 third party dependencies I/O layer libcurl URL parser libidn2winidn HTTPHTTPS OpenSSL Mesalink gskit mbedTLS wolfSSL Schannel SecureTransport GnuTLS NSS boringssl libressl AmiSSL SFTP SCP LDAP WinLDAP OpenLDAP RTMP librtmp Name resolver c-ares compression libz brotli cookies libpsl IMAP SMTP POP3 HTTP/2 nghttp2 authentication winsspi Heimdal MIT-kerberos HTTP/3 quiche ngtcp2 family HTTP/1 SSH wolfSSH libssh2 libssh @bagder@bagder
  • 33. Features can be disabled at build-time pthreads crypto authsspiverbose output ntlm-wb cookiesunix-socketsTLS SRP HTTP auth date parserMIMEDNS-over-HTTPS netrc alt-svcDNS shuffleprogress meter libcurl @bagder@bagder
  • 34. 71 operating systems libcurl Linux FreeBSDmacOSWindows NetBSD Tru64VMSOpenBSD Android IntegrityiOS Cell OS IRIXucLinuxHP-UX OS/400 AmigaOSSymbianSolaris Ultrix eCOSBeOSTPF MS DOS Haiku MINIX OS/2 Netware QNX SCO Unix RISC OS FreeRTOS ChromeOS Hurd Plan 9 UnixWare Mac OS 9AIXIllumos Windows CESailfish OS z/OS UNICOS OS21 MPE/iX SINIX-Z NonStop OS vxWorks WebOS Tizen Cygwin NCR MP-RAS Syllable OS tvOS DragonFly BSD SerenityFuchsia Nintendo Switch RedoxGenode Hardened BSD ipadOS PlayStation Portable Mbed ReactOS SunOS Lineage OS Blackberry 10 FreeDOS Blackberry Tablet OS @bagder@bagder Garmin OS
  • 35. 20 CPU architectures libcurl x86 MIPSARMPowerPC SPARC POWERm68k s390 HP-PASH4Nios RISC-V OpenRISC ARC Itanium Cell VAX Alpha MicroBlaze Xtensa @bagder@bagder
  • 36. Hi Daniel, I’m the marketing director for Dice.com and I wanted to reach out to you to thank you for spotting our billboard error on the 101. We are deeply embarrassed by this mistake to say the least. In a classic coding scenario, our QA failed us. Unfortunately for us, we bought this spot long-term and we are trying to figure out how quickly we can replace the content. @bagder@bagder
  • 37. Subject: Multimedya isc-v:85 I have toyota corola with multimedya system that you have its copyright. I need a advice to know how to use the gps. Master of many things @bagder@bagder
  • 38. Cisco Small Business Routers, March 2019 @bagder@bagder
  • 39. Malwares use it too (1/2) @bagder@bagder October 2015: a single curl package was downloaded more than 300,000 times from the web site, accounting for over 70% of the used bandwidth.
  • 40. Malwares use it too (2/2) @bagder@bagder
  • 42. Why use curl? Internet doesn't follow specs Open source; MIT licensed Simple, stable, powerful API Multi-platform Documentation Stable All the protocols Fast Footprint shaving Many TLS backends https://curl.haxx.se/libcurl/theysay.html @bagder@bagder
  • 43. Why Open Source? There was never any alternative to me Wanted to contribute back Would never even come close unless No, I would not be rich otherwise @bagder@bagder
  • 45. 821 822 850 854 959 974 1035 1081 1123 1225 1350 1425 1427 1436 1460 1510 1635 1639 1651 1653 1725 1730 1734 1738 1777 1808 1867 1869 1870 1884 1928 1939 1945 1950 1951 1952 1959 1964 2045 2046 2047 2048 2049 2060 2061 2068 2095 2104 2109 2133 2145 2183 2184 2192 2195 2222 2228 2229 2231 2246 2255 2326 2373 2384 2388 2389 2396 2428 2449 2459 2478 2487 2518 2553 2554 2577 2595 2616 2617 2640 2718 2732 2817 2818 2821 2831 2854 2936 2964 2965 3207 3280 3493 3501 3513 3617 3659 3961 3986 4120 4121 4178 4217 4248 4346 4366 4422 4511 4516 4559 4616 4954 4959 5034 5092 5321 5322 5849 6749 7230 7231 7232 7233 7234 7235 7238 7540 7541 7628 7838 8314 8446 8484 133 Relevant RFCs (260,000 lines) libcurl @bagder@bagder
  • 46. 2,000 contributors Who makes curl curl 730 authors 150 authors per year 12 regulars Daniel @bagder@bagder (The boxes are not drawn to scale)
  • 47. Contributors 2,000 in total2,000 in total 40-50 per release40-50 per release IncreasingIncreasing Small core teamSmall core team VolunteersVolunteers @bagder@bagder
  • 50. on githubon github a few have pusha few have push rightsrights @bagder@bagder
  • 51. Who pays Spare time hackers Company paid contributors Company paid feature development @bagder@bagder
  • 52. The mighty sponsors of curl @bagder@bagder
  • 53. Secure enough for the billions?Secure enough for the billions? ReviewsReviews (at 90+ CVEs and counting)(at 90+ CVEs and counting) Code auditCode audit Code styleCode style FuzzingFuzzingDocsDocs Static codeStatic code analyzersanalyzers Valgrind andValgrind and sanitizerssanitizers ManyMany teststests @bagder@bagder CI like crazyCI like crazy
  • 55. Let's make it personalLet's make it personal This is the lead developerThis is the lead developer of this projectof this project @bagder@bagder
  • 56. I’m just an average developer person I made this for myself I just never stopped working on it I made it possible for others to help out I didn’t stop working on it I took it in directions I thought was right I kept on working @bagder@bagder
  • 57. This is my primary hobby (and job) Two hours spare time per day Every day, every week, every year, since 1998 Part time paid since 2014 Full time since early 2019 Yes, I totally mix and blur spare time and work! @bagder@bagder
  • 58. Over twenty years add up 4,000 commit-days 15,000 spare time hours 16,000 commits 25,000 emails sent @bagder@bagder
  • 59. Security issues Release management Web site admin Mailing list admin Patch reviewing User support Blogging about it What’s maintaining? Debugging Patch merging Feature development Write documentation Event planning Getting stickers Doing talks @bagder@bagder
  • 60. Why I do it? I enjoy creating something that is appreciated by others. Many others. I want to make curl as good as possible Everyone needs a hobby @bagder@bagder
  • 61. ““TheThe created economic valuecreated economic value cannot be overstated.”cannot be overstated.” @bagder@bagder@bagder@bagder
  • 62. Not everyone loves me @bagder@bagder
  • 64. On the map right now, maybe ESNIESNI HSTSHSTS DoTDoT MQTTMQTT HTTP/3HTTP/3 tiny-curltiny-curl @bagder@bagder
  • 65. FutureFuture No, it trulyNo, it truly never gets donenever gets done ProtocolsProtocols keep evolvingkeep evolving Open source codeOpen source code survivessurvives No slow-downNo slow-down in sightin sight You canYou can help!help! @bagder@bagder
  • 67. 75 You can help!You can help! @bagder@bagder
  • 69. Daniel Stenberg @bagder https://daniel.haxx.se/ Thank you!Thank you! Questions?Questions? @bagder@bagder
  • 70. License This presentation and its contents are licensed under the Creative Commons Attribution 4.0 license: http://creativecommons.org/licenses/by/4.0/ @bagder@bagder