luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
76172511e7
curl/docs
History
Viktor Szakats 76172511e7
windows: improve random source 
- Use the Windows API to seed the fallback random generator.

  This ensures to always have a random seed, even when libcurl is built
  with a vtls backend lacking a random generator API, such as rustls
  (experimental), GSKit and certain mbedTLS builds, or, when libcurl is
  built without a TLS backend. We reuse the Windows-specific random
  function from the Schannel backend.

- Implement support for `BCryptGenRandom()` [1] on Windows, as a
  replacement for the deprecated `CryptGenRandom()` [2] function.

  It is used as the secure random generator for Schannel, and also to
  provide entropy for libcurl's fallback random generator. The new
  function is supported on Vista and newer via its `bcrypt.dll`. It is
  used automatically when building for supported versions. It also works
  in UWP apps (the old function did not).

- Clear entropy buffer before calling the Windows random generator.

  This avoids using arbitrary application memory as entropy (with
  `CryptGenRandom()`) and makes sure to return in a predictable state
  when an API call fails.

[1] https://docs.microsoft.com/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom
[2] https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom

Closes #9027
2022-07-04 09:38:24 +00:00
..
cmdline-opts curl.h: CURLE_CONV_FAILED is obsoleted 2022-06-29 16:03:02 +02:00
examples windows: improve random source 2022-07-04 09:38:24 +00:00
libcurl setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR 2022-07-04 08:35:09 +02:00
.gitignore copyright: make repository REUSE compliant 2022-06-13 09:13:00 +02:00
ALTSVC.md docs: update IETF links to use datatracker 2022-01-21 23:06:36 +01:00
BINDINGS.md BINDINGS.md: add Hollywood binding 2022-03-18 23:03:42 +01:00
BUFREF.md docs: grammar proofread, typo fixes 2022-01-30 12:06:05 +01:00
BUG-BOUNTY.md BUG-BOUNTY.md: mention the audit exception 2022-05-19 11:14:54 +02:00
BUGS.md docs: updates spellings with full words 2022-04-21 17:07:10 +02:00
CHECKSRC.md docs: grammar proofread, typo fixes 2022-01-30 12:06:05 +01:00
CIPHERS.md BearSSL: add CURLOPT_SSL_CIPHER_LIST support 2022-03-12 22:59:45 +01:00
CMakeLists.txt copyright: make repository REUSE compliant 2022-06-13 09:13:00 +02:00
CODE_OF_CONDUCT.md
CODE_REVIEW.md docs: reduce/avoid English contractions 2021-11-07 23:16:27 +01:00
CODE_STYLE.md scripts: move three scripts from lib/ to scripts/ 2022-03-23 15:26:11 +01:00
CONTRIBUTE.md CONTRIBUTE: mention how we maintain REUSE compliance 2022-06-21 23:48:57 +02:00
curl-config.1 copyright: make repository REUSE compliant 2022-06-13 09:13:00 +02:00
CURL-DISABLE.md headers api: remove EXPERIMENTAL tag 2022-05-30 14:13:48 +02:00
DEPRECATE.md docs: lots of minor language polish 2022-03-29 13:58:14 +02:00
DYNBUF.md docs/DYNBUF: clarify documentation for Curl_dyn_ptr and Curl_dyn_uptr 2022-03-28 09:39:09 +02:00
EXPERIMENTAL.md configure: warn about rustls being experimental 2022-06-15 23:33:00 +02:00
FAQ FAQ: remove opinionated sentence on NTLM 2022-05-20 13:40:12 +02:00
FEATURES.md FEATURES: remove yassl as TLS library for NTLM 2022-05-20 13:43:12 +02:00
GOVERNANCE.md docs: grammar proofread, typo fixes 2022-01-30 12:06:05 +01:00
HELP-US.md docs: grammar proofread, typo fixes 2022-01-30 12:06:05 +01:00
HISTORY.md docs: lots of minor language polish 2022-03-29 13:58:14 +02:00
HSTS.md docs: update IETF links to use datatracker 2022-01-21 23:06:36 +01:00
HTTP2.md docs: lots of minor language polish 2022-03-29 13:58:14 +02:00
HTTP3.md links: update dead links 2022-05-23 08:40:13 +02:00
HTTP-COOKIES.md HTTP-COOKIES: add missing CURLOPT_COOKIESESSION 2022-05-05 11:51:07 +02:00
HYPER.md misc: use "autoreconf -fi" instead buildconf 2022-05-02 17:53:06 +02:00
INSTALL
INSTALL.cmake docs: reduce/avoid English contractions 2021-11-07 23:16:27 +01:00
INSTALL.md docs: updates spellings with full words 2022-04-21 17:07:10 +02:00
INTERNALS.md INTERNALS: bring back the "Library symbols" section 2022-06-22 10:38:03 +02:00
KNOWN_BUGS KNOWN_BUGS: fix typo in problem description 2022-05-20 13:43:35 +02:00
MAIL-ETIQUETTE docs: lots of minor language polish 2022-03-29 13:58:14 +02:00
Makefile.am copyright: make repository REUSE compliant 2022-06-13 09:13:00 +02:00
MANUAL.md docs: updates spellings with full words 2022-04-21 17:07:10 +02:00
mk-ca-bundle.1 copyright: make repository REUSE compliant 2022-06-13 09:13:00 +02:00
MQTT.md docs: reduce/avoid English contractions 2021-11-07 23:16:27 +01:00
NEW-PROTOCOL.md docs: grammar proofread, typo fixes 2022-01-30 12:06:05 +01:00
options-in-versions curl: add --rate to set max request rate per time unit 2022-05-23 17:59:56 +02:00
PARALLEL-TRANSFERS.md docs: address proselint nits 2021-11-26 14:27:07 +01:00
README.md docs: reduce/avoid English contractions 2021-11-07 23:16:27 +01:00
RELEASE-PROCEDURE.md RELEASE-NOTES: synced 2022-06-18 12:21:48 +02:00
ROADMAP.md docs: update IETF links to use datatracker 2022-01-21 23:06:36 +01:00
RUSTLS.md misc: use "autoreconf -fi" instead buildconf 2022-05-02 17:53:06 +02:00
SECURITY-PROCESS.md docs/SECURITY-PROCESS.md: "Visible command line arguments" 2022-05-03 13:37:04 +02:00
SSL-PROBLEMS.md docs: grammar proofread, typo fixes 2022-01-30 12:06:05 +01:00
SSLCERTS.md docs: grammar proofread, typo fixes 2022-01-30 12:06:05 +01:00
THANKS THANKS: merged two entries for Evgeny Grin 2022-07-01 09:49:14 +02:00
THANKS-filter THANKS: merged two entries for Evgeny Grin 2022-07-01 09:49:14 +02:00
TheArtOfHttpScripting.md docs: updates spellings with full words 2022-04-21 17:07:10 +02:00
TODO curl: add --rate to set max request rate per time unit 2022-05-23 17:59:56 +02:00
URL-SYNTAX.md English: use American spelling consistently 2022-04-05 14:55:47 +02:00
VERSIONS.md docs: reduce/avoid English contractions 2021-11-07 23:16:27 +01:00

README.md

curl logo

Documentation

you will find a mix of various documentation in this directory and subdirectories, using several different formats. Some of them are not ideal for reading directly in your browser.

If you would rather see the rendered version of the documentation, check out the curl website's documentation section for general curl stuff or the libcurl section for libcurl related documentation.