Difference between curl/curl.h, libcurl, libcurl4-openssl-dev, libcurl4-nss-dev libraries?

The different libcurl4-*-dev packages are libcurl built to use different TLS backends. They all still provide (almost) the same API. They are mutually exclusive and you link with libcurl with "-lcurl" no matter which of these packages you install.

curl/curl.h is a header file and is the same no matter which TLS backend you use.

libcurl is the name of the library.


When you communicate using HTTPS, FTPS or other TLS-using servers using certificates that are signed by CAs present in the store, you can be sure that the remote server really is the one it claims to be. this way you validate trust sites.

LibCurl have three flavours of TLS Backends.

  • Certificate Verification with NSS
  • Certificate Verification with OpenSSL
  • Certificate Verification with GnuTLS

The three of them are libraries for establish a secure link and validate trust CA Certificates but each library has is own features, pros and cons.

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, and other required structures.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.

Tags:

C

Curl

Libcurl