-Updated: December 7, 2011 (http://curl.haxx.se/docs/faq.html)
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
3.19 How do I get HTTP from a host using a specific IP address?
3.20 How to SFTP from my user's home directory?
3.21 Protocol xxx not supported or disabled in libcurl
+ 3.22 curl -X gives me HTTP problems
4. Running Problems
4.1 Problems connecting to SSL servers.
4.17 Non-functional connect timeouts on Windows
4.18 file:// URLs containing drive letters (Windows, NetWare)
4.19 Why doesn't cURL return an error when the network cable is unplugged?
+ 4.20 curl doesn't return error for HTTP non-200 responses!
5. libcurl Issues
5.1 Is libcurl thread-safe?
5.14 Using C++ non-static functions for callbacks?
5.15 How do I get an FTP directory listing?
5.16 I want a different time-out!
+ 5.17 Can I write a server with libcurl?
+ 5.18 Does libcurl use threads?
6. License Issues
6.1 I have a GPL program, can I use the libcurl library?
A free and easy-to-use client-side URL transfer library, supporting DICT,
FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3,
- POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
+ POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP.
libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading,
- kerberos, HTTP form based upload, proxies, cookies, user+password
+ Kerberos, SPNEGO, HTTP form based upload, proxies, cookies, user+password
authentication, file transfer resume, http proxy tunneling and more!
libcurl is highly portable, it builds and works identically on numerous
- platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HPUX,
+ platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HP-UX,
IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Amiga, OS/2, BeOS, Mac
OS X, Ultrix, QNX, OpenVMS, RISC OS, Novell NetWare, DOS, Symbian, OSF,
Android, Minix, IBM TPF and more...
Since curl uses libcurl, curl supports the same wide range of common
Internet protocols that libcurl does.
- We pronounce curl and cURL with an initial k sound: [kurl].
+ We pronounce curl with an initial k sound. It rhymes with words like girl
+ and earl. This is a short WAV file to help you:
+
+ http://media.merriam-webster.com/soundc11/c/curl0001.wav
There are numerous sub-projects and related projects that also use the word
curl in the project names in various combinations, but you should take
better. We do however believe in a few rules when it comes to the future of
curl:
- * Curl -- the command line tool -- is to remain a non-graphical command line
- tool. If you want GUIs or fancy scripting capabilities, you should look
- for another tool that uses libcurl.
+ Curl -- the command line tool -- is to remain a non-graphical command line
+ tool. If you want GUIs or fancy scripting capabilities, you should look for
+ another tool that uses libcurl.
- * We do not add things to curl that other small and available tools already
- do very fine at the side. Curl's output is fine to pipe into another
- program or redirect to another file for the next program to interpret.
+ We do not add things to curl that other small and available tools already do
+ very fine at the side. Curl's output is fine to pipe into another program or
+ redirect to another file for the next program to interpret.
- * We focus on protocol related issues and improvements. If you wanna do more
- magic with the supported protocols than curl currently does, chances are
- big we will agree. If you wanna add more protocols, we may very well
- agree.
+ We focus on protocol related issues and improvements. If you wanna do more
+ magic with the supported protocols than curl currently does, chances are big
+ we will agree. If you wanna add more protocols, we may very well agree.
- * If you want someone else to make all the work while you wait for us to
- implement it for you, that is not a very friendly attitude. We spend a
- considerable time already on maintaining and developing curl. In order to
- get more out of us, you should consider trading in some of your time and
- efforts in return.
+ If you want someone else to make all the work while you wait for us to
+ implement it for you, that is not a very friendly attitude. We spend a
+ considerable time already on maintaining and developing curl. In order to
+ get more out of us, you should consider trading in some of your time and
+ efforts in return.
- * If you write the code, chances are bigger that it will get into curl
- faster.
+ If you write the code, chances are bigger that it will get into curl faster.
1.5 Who makes curl?
1.6 What do you get for making curl?
Project cURL is entirely free and open. No person gets paid for developing
- (lib)curl on full or even part time. We do this voluntarily on our spare
- time. Occasionally companies pay individual developers to work on curl, but
- that's up to each company and developer. It is not controlled by nor
- supervised in any way by the project.
+ curl on full time. We do this voluntarily, mostly on spare time.
+ Occasionally companies pay individual developers to work on curl, but that's
+ up to each company and developer. It is not controlled by nor supervised in
+ any way by the project.
We still get help from companies. Haxx provides web site, bandwidth, mailing
- lists etc and sourceforge.net hosts project services we take advantage from,
- like the bug tracker. Also again, some companies have sponsored certain
- parts of the development in the past and I hope some will continue to do so
- in the future.
+ lists etc, sourceforge.net hosts project services we take advantage from,
+ like the bug tracker and github hosts the primary git repository. Also
+ again, some companies have sponsored certain parts of the development in the
+ past and I hope some will continue to do so in the future.
If you want to support our project, consider a donation or a banner-program
or even better: by helping us coding, documenting, testing etc.
Our project name curl has been in effective use since 1998. We were not the
first computer related project to use the name "curl" and do not claim any
- first-hand rights to the name.
+ rights to the name.
We recognize that we will be living in parallel with curl.com and wish them
every success.
never use it.
In May 2012 Daniel did a counting game and came up with a number that may
- be completely wrong or somewhat accurate. 300 million!
+ be completely wrong or somewhat accurate. Over 500 million!
See http://daniel.haxx.se/blog/2012/05/16/300m-users/
1.11 Why don't you update ca-bundle.crt
- The ca-bundle.crt file that used to be bundled with curl was very outdated
- (it being last modified year 2000 should tell) and must be replaced with a
- much more modern and up-to-date version by anyone who wants to verify peers
- anyway. It is no longer provided, the last curl release that shipped it was
- curl 7.18.0.
+ The ca cert bundle that used to shipped with curl was very outdated and must
+ be replaced with an up-to-date version by anyone who wants to verify
+ peers. It is no longer provided by curl. The last curl release ever that
+ shipped a ca cert bundle was curl 7.18.0.
In the cURL project we've decided not to attempt to keep this file updated
(or even present anymore) since deciding what to add to a ca cert bundle is
2.2 Does curl work/build with other SSL libraries?
- Curl has been written to use OpenSSL, GnuTLS, yassl, NSS, PolarSSL, axTLS or
- qssl, although there should not be many problems using a different
- library. If anyone does "port" curl to use a different SSL library, we are
- of course very interested in getting the patch!
+ Curl has been written to use a generic SSL function layer internally, and
+ that SSL functionality can then be provided by one out of many different SSL
+ backends.
+
+ curl can be built to use one of the following SSL alternatives: OpenSSL,
+ GnuTLS, yassl, NSS, PolarSSL, axTLS, Secure Transport (native iOS/OS X),
+ WinSSL (native Windows) or GSKit (native IBM i). They all have their pros
+ and cons, and we try to maintain a comparison of them here:
+ http://curl.haxx.se/docs/ssl-compared.html
2.3 Where can I find a copy of LIBEAY32.DLL?
That is an OpenSSL binary built for Windows.
- Curl uses OpenSSL to do the SSL stuff. The LIBEAY32.DLL is what curl needs
- on a windows machine to do https://. Check out the curl web site to find
- accurate and up-to-date pointers to recent OpenSSL DLLs and other binary
- packages.
+ Curl can be built with OpenSSL to do the SSL stuff. The LIBEAY32.DLL is then
+ what curl needs on a windows machine to do https:// etc. Check out the curl
+ web site to find accurate and up-to-date pointers to recent OpenSSL DLLs and
+ other binary packages.
2.4 Does curl support SOCKS (RFC 1928) ?
3.3 Why doesn't my posting using -F work?
You can't simply use -F or -d at your choice. The web server that will
- receive your post assumes one of the formats. If the form you're trying to
- "fake" sets the type to 'multipart/form-data', then and only then you must
- use the -F type. In all the most common cases, you should use -d which then
+ receive your post expects one of the formats. If the form you're trying to
+ submit uses the type 'multipart/form-data', then and only then you must use
+ the -F type. In all the most common cases, you should use -d which then
causes a posting with the type 'application/x-www-form-urlencoded'.
This is described in some detail in the MANUAL and TheArtOfHttpScripting
You can tell curl to perform optional commands both before and/or after a
file transfer. Study the -Q/--quote option.
- Since curl is used for file transfers, you don't use curl to just perform
- FTP commands without transferring anything. Therefore you must always specify
- a URL to transfer to/from even when doing custom FTP commands.
+ Since curl is used for file transfers, you don't normally use curl to
+ perform FTP commands without transferring anything. Therefore you must
+ always specify a URL to transfer to/from even when doing custom FTP
+ commands, or use -I which implies the "no body" option sent to libcurl.
3.5 How can I disable the Accept: */* header?
3.6 Does curl support ASP, XML, XHTML or HTML version Y?
To curl, all contents are alike. It doesn't matter how the page was
- generated. It may be ASP, PHP, Perl, shell-script, SSI or plain
- HTML-files. There's no difference to curl and it doesn't even know what kind
- of language that generated the page.
+ generated. It may be ASP, PHP, Perl, shell-script, SSI or plain HTML
+ files. There's no difference to curl and it doesn't even know what kind of
+ language that generated the page.
See also item 3.14 regarding javascript.
Some workarounds usually suggested to overcome this Javascript dependency:
- - Depending on the Javascript complexity, write up a script that
- translates it to another language and execute that.
+ Depending on the Javascript complexity, write up a script that translates it
+ to another language and execute that.
- - Read the Javascript code and rewrite the same logic in another language.
+ Read the Javascript code and rewrite the same logic in another language.
- - Implement a Javascript interpreter, people have successfully used the
- Mozilla Javascript engine in the past.
+ Implement a Javascript interpreter, people have successfully used the
+ Mozilla Javascript engine in the past.
- - Ask your admins to stop this, for a static proxy setup or similar.
+ Ask your admins to stop this, for a static proxy setup or similar.
3.15 Can I do recursive fetches with curl?
There are three different kinds of "certificates" to keep track of when we
talk about using SSL-based protocols (HTTPS or FTPS) using curl or libcurl.
- - Client certificate. The server you communicate may require that you can
- provide this in order to prove that you actually are who you claim to be.
- If the server doesn't require this, you don't need a client certificate.
-
- A client certificate is always used together with a private key, and the
- private key has a pass phrase that protects it.
-
- - Server certificate. The server you communicate with has a server
- certificate. You can and should verify this certificate to make sure that
- you are truly talking to the real server and not a server impersonating
- it.
-
- - Certificate Authority certificate ("CA cert"). You often have several CA
- certs in a CA cert bundle that can be used to verify a server certificate
- that was signed by one of the authorities in the bundle. curl does not
- come with a CA cert bundle but most curl installs provide one. You can
- also override the default.
-
- The server certificate verification process is made by using a Certificate
- Authority certificate ("CA cert") that was used to sign the server
- certificate. Server certificate verification is enabled by default in curl
- and libcurl and is often the reason for problems as explained in FAQ entry
- 4.12 and the SSLCERTS document
- (http://curl.haxx.se/docs/sslcerts.html). Server certificates that are
- "self-signed" or otherwise signed by a CA that you do not have a CA cert
- for, cannot be verified. If the verification during a connect fails, you
- are refused access. You then need to explicitly disable the verification
- to connect to the server.
+ CLIENT CERTIFICATE
+
+ The server you communicate may require that you can provide this in order to
+ prove that you actually are who you claim to be. If the server doesn't
+ require this, you don't need a client certificate.
+
+ A client certificate is always used together with a private key, and the
+ private key has a pass phrase that protects it.
+
+ SERVER CERTIFICATE
+
+ The server you communicate with has a server certificate. You can and should
+ verify this certificate to make sure that you are truly talking to the real
+ server and not a server impersonating it.
+
+ CERTIFICATE AUTHORITY CERTIFICATE ("CA cert")
+
+ You often have several CA certs in a CA cert bundle that can be used to
+ verify a server certificate that was signed by one of the authorities in the
+ bundle. curl does not come with a CA cert bundle but most curl installs
+ provide one. You can also override the default.
+
+ The server certificate verification process is made by using a Certificate
+ Authority certificate ("CA cert") that was used to sign the server
+ certificate. Server certificate verification is enabled by default in curl
+ and libcurl and is often the reason for problems as explained in FAQ entry
+ 4.12 and the SSLCERTS document
+ (http://curl.haxx.se/docs/sslcerts.html). Server certificates that are
+ "self-signed" or otherwise signed by a CA that you do not have a CA cert
+ for, cannot be verified. If the verification during a connect fails, you are
+ refused access. You then need to explicitly disable the verification to
+ connect to the server.
3.17 How do I list the root dir of an FTP server?
When passing on a URL to curl to use, it may respond that the particular
protocol is not supported or disabled. The particular way this error message
is phrased is because curl doesn't make a distinction internally of whether
- a particular protocol is not supported (ie never got any code added that
+ a particular protocol is not supported (i.e. never got any code added that
knows how to speak that protocol) or if it was explicitly disabled. curl can
be built to only support a given set of protocols, and the rest would then
be disabled or not supported.
part as in "htpt://example.com" or as in the less evident case if you prefix
the protocol part with a space as in " http://example.com/".
+ 3.22 curl -X gives me HTTP problems
+
+ In normal circumstances, -X should hardly ever be used.
+
+ By default you use curl without explicitly saying which request method to
+ use when the URL identifies a HTTP transfer. If you just pass in a URL like
+ "curl http://example.com" it will use GET. If you use -d or -F curl will use
+ POST, -I will cause a HEAD and -T will make it a PUT.
+
+ If for whatever reason you're not happy with these default choices that curl
+ does for you, you can override those request methods by specifying -X
+ [WHATEVER]. This way you can for example send a DELETE by doing "curl -X
+ DELETE [URL]".
+
+ It is thus pointless to do "curl -XGET [URL]" as GET would be used
+ anyway. In the same vein it is pointless to do "curl -X POST -d data
+ [URL]"... But you can make a fun and somewhat rare request that sends a
+ request-body in a GET request with something like "curl -X GET -d data
+ [URL]"
+
+ Note that -X doesn't change curl's behavior. It only modifies the actual
+ string sent in the request.
+
+ Accordingly, by using -XPOST on a command line that for example would follow
+ a 303 redirect, you will effectively prevent curl from behaving
+ correctly. Be aware.
+
4. Running Problems
curl 'http://www.altavista.com/cgi-bin/query?text=yes&q=curl'
- In Windows, the standard DOS shell treats the %-symbol specially and you
- need to use TWO %-symbols for each single one you want to use in the URL.
+ In Windows, the standard DOS shell treats the percent sign specially and you
+ need to use TWO percent signs for each single one you want to use in the
+ URL.
- Also note that if you want the literal %-symbol to be part of the data you
- pass in a POST using -d/--data you must encode it as '%25' (which then also
- needs the %-symbol doubled on Windows machines).
+ If you want a literal percent sign to be part of the data you pass in a POST
+ using -d/--data you must encode it as '%25' (which then also needs the
+ percent sign doubled on Windows machines).
4.3 How can I use {, }, [ or ] to specify multiple URLs?
4.9 Curl can't authenticate to the server that requires NTLM?
- NTLM support requires OpenSSL, GnuTLS, NSS or Microsoft Windows libraries at
- build-time to provide this functionality.
+ NTLM support requires OpenSSL, GnuTLS, NSS, Secure Transport, or Microsoft
+ Windows libraries at build-time to provide this functionality.
NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You
should not use such ones.
4.14 Redirects work in browser but not with curl!
curl supports HTTP redirects fine (see item 3.8). Browsers generally support
- at least two other ways to perform directs that curl does not:
+ at least two other ways to perform redirects that curl does not:
- - Meta tags. You can write a HTML tag that will cause the browser to
- redirect to another given URL after a certain time.
+ Meta tags. You can write a HTML tag that will cause the browser to redirect
+ to another given URL after a certain time.
- - Javascript. You can write a Javascript program embedded in a HTML page
- that redirects the browser to another given URL.
+ Javascript. You can write a Javascript program embedded in a HTML page that
+ redirects the browser to another given URL.
There is no way to make curl follow these redirects. You must either
manually figure out what the page is set to do, or you write a script that
4.19 Why doesn't cURL return an error when the network cable is unplugged?
- Unplugging the cable is not an error situation. The TCP/IP protocol stack
+ Unplugging a cable is not an error situation. The TCP/IP protocol stack
was designed to be fault tolerant, so even though there may be a physical
break somewhere the connection shouldn't be affected, just possibly
delayed. Eventually, the physical break will be fixed or the data will be
- re-routed around the physical problem.
+ re-routed around the physical problem through another path.
In such cases, the TCP/IP stack is responsible for detecting when the
network connection is irrevocably lost. Since with some protocols it is
falls too low, and --connect-timeout and --max-time can be used to put an
overall timeout on the connection phase or the entire transfer.
+ A libcurl-using application running in a known physical environment (e.g.
+ an embedded device with only a single network connection) may want to act
+ immediately if its lone network connection goes down. That can be achieved
+ by having the application monitor the network connection on its own using an
+ OS-specific mechanism, then signalling libcurl to abort (see also item 5.13).
+
+ 4.20 curl doesn't return error for HTTP non-200 responses!
+
+ Correct. Unless you use -f (--fail).
+
+ When doing HTTP transfers, curl will perform exactly what you're asking it
+ to do and if successful it will not return an error. You can use curl to
+ test your web server's "file not found" page (that gets 404 back), you can
+ use it to check your authentication protected web pages (that get a 401
+ back) and so on.
+
+ The specific HTTP response code does not constitute a problem or error for
+ curl. It simply sends and delivers HTTP as you asked and if that worked,
+ everything is fine and dandy. The response code is generally providing more
+ higher level error information that curl doesn't care about. The error was
+ not in the HTTP transfer.
+
+ If you want your command line to treat error codes in the 400 and up range
+ as errors and thus return a non-zero value and possibly show an error
+ message, curl has a dedicated option for that: -f (CURLOPT_FAILONERROR in
+ libcurl speak).
+
+ You can also use the -w option and the variable %{response_code} to extract
+ the exact response code that was return in the response.
+
5. libcurl Issues
We have written the libcurl code specifically adjusted for multi-threaded
programs. libcurl will use thread-safe functions instead of non-safe ones if
- your system has such.
+ your system has such. Note that you must never share the same handle in
+ multiple threads.
+
+ libcurl's implementation of timeouts might use signals (depending on what it
+ was built to use for name resolving), and signal handling is generally not
+ thread-safe. Multi-threaded Applicationss that call libcurl from different
+ threads (on different handles) might want to use CURLOPT_NOSIGNAL, e.g.:
+
+ curl_easy_setopt(handle, CURLOPT_NOSIGNAL, true);
If you use a OpenSSL-powered libcurl in a multi-threaded environment, you
need to provide one or two locking functions:
you want to change name resolver function you must rebuild libcurl and tell
it to use a different function.
- - The non-ipv6 resolver that can use one out of four host name resolve calls
+ - The non-IPv6 resolver that can use one out of four host name resolve calls
(depending on what your system supports):
A - gethostbyname()
C - gethostbyname_r() with 5 arguments
D - gethostbyname_r() with 6 arguments
- - The ipv6-resolver that uses getaddrinfo()
+ - The IPv6-resolver that uses getaddrinfo()
- The c-ares based name resolver that uses the c-ares library for resolves.
Using this offers asynchronous name resolves.
- The threaded resolver (default option on Windows). It uses:
- A - gethostbyname() on plain ipv4 hosts
- B - getaddrinfo() on ipv6-enabled hosts
+ A - gethostbyname() on plain IPv4 hosts
+ B - getaddrinfo() on IPv6 enabled hosts
Also note that libcurl never resolves or reverse-lookups addresses given as
pure numbers, such as 127.0.0.1 or ::1.
5.12 Can I make libcurl fake or hide my real IP address?
- No. libcurl operates on a higher level than so. Besides, faking IP address
- would imply sending IP packages with a made-up source address, and then you
- normally get a problem with intercepting the packages sent back as they
- would then not be routed to you!
+ No. libcurl operates on a higher level. Besides, faking IP address would
+ imply sending IP packet with a made-up source address, and then you normally
+ get a problem with receiving the packet sent back as they would then not be
+ routed to you!
If you use a proxy to access remote sites, the sites will not see your local
IP address but instead the address of the proxy.
Also note that on many networks NATs or other IP-munging techniques are used
that makes you see and use a different IP address locally than what the
- remote server will see you coming from.
+ remote server will see you coming from. You may also consider using
+ http://www.torproject.org .
5.13 How do I stop an ongoing transfer?
If you're using the multi interface, you can also stop a transfer by
removing the particular easy handle from the multi stack at any moment you
- think the transfer is done.
+ think the transfer is done or when you wish to abort the transfer.
5.14 Using C++ non-static functions for callbacks?
use that to figure out exactly when the right condition is met when the
transfer should get stopped.
+ 5.17 Can I write a server with libcurl?
+
+ No. libcurl offers no functions or building blocks to build any kind of
+ internet protocol server. libcurl is only a client-side library. For server
+ libraries, you need to continue your search elsewhere but there exist many
+ good open source ones out there for most protocols you could possibly want a
+ server for. And there are really good stand-alone ones that have been tested
+ and proven for many years. There's no need for you to reinvent them!
+
+ 5.18 Does libcurl use threads?
+
+ Put simply: no, libcurl will execute in the same thread you call it in. All
+ callbacks will be called in the same thread as the one you call libcurl in.
+
+ If you want to avoid your thread to be blocked by the libcurl call, you make
+ sure you use the non-blocking API which will do transfers asynchronously -
+ but still in the same single thread.
+
+ libcurl will potentially internally use threads for name resolving, if it
+ was built to work like that, but in those cases it'll create the child
+ threads by itself and they will only be used and then killed internally by
+ libcurl and never exposed to the outside.
6. License Issues
projects / platform / upstream / curl.git / blobdiff