The NetBSD Project

CVS log for pkgsrc/www/curl/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / curl

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.209 / (download) - annotate - [select for diffs], Wed May 22 08:57:58 2019 UTC (2 days, 14 hours ago) by leot
Branch: MAIN
CVS Tags: HEAD
Changes since 1.208: +2 -2 lines
Diff to previous 1.208 (colored)

curl: Update to 7.65.0

pkgsrc changes:
 - Remove patch-configure test(1) `==' -> `=' hunk applied upstream

Changes:
7.65.0
------
This release includes the following changes:

 o CURLOPT_DNS_USE_GLOBAL_CACHE: removed
 o CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse
 o pipelining: removed

This release includes the following bugfixes:

 o CVE-2019-5435: Integer overflows in curl_url_set
 o CVE-2019-5436: tftp: use the current blksize for recvfrom()
 o --config: clarify that initial : and = might need quoting
 o AppVeyor: enable testing for WinSSL build
 o CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk
 o CURLOPT_ADDRESS_SCOPE: fix range check and more
 o CURLOPT_CAINFO.3: with Schannel, you want Windows 8 or later
 o CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value
 o CURLOPT_READFUNCTION.3: see also CURLOPT_UPLOAD_BUFFERSIZE
 o CURL_MAX_INPUT_LENGTH: largest acceptable string input size
 o Curl_disconnect: treat all CONNECT_ONLY connections as "dead"
 o INTERNALS: Add code highlighting
 o OS400/ccsidcurl: replace use of Curl_vsetopt
 o OpenSSL: Report -fips in version if OpenSSL is built with FIPS
 o README.md: fix no-consecutive-blank-lines Codacy warning
 o VC15 project: remove MinimalRebuild
 o VS projects: use Unicode for VC10+
 o WRITEFUNCTION: add missing set_in_callback around callback
 o altsvc: Fix building with cookies disabled
 o auth: Rename the various authentication clean up functions
 o base64: build conditionally if there are users
 o build-openssl.bat: Fixed support for OpenSSL v1.1.0+
 o build: fix "clarify calculation precedence" warnings
 o checksrc.bat: ignore snprintf warnings in docs/examples
 o cirrus: Customize the disabled tests per FreeBSD version
 o cleanup: remove FIXME and TODO comments
 o cmake: avoid linking executable for some tests with cmake 3.6+
 o cmake: clear CMAKE_REQUIRED_LIBRARIES after each use
 o cmake: rename CMAKE_USE_DARWINSSL to CMAKE_USE_SECTRANSP
 o cmake: set SSL_BACKENDS
 o configure: avoid unportable `==' test(1) operator
 o configure: error out if OpenSSL wasn't detected when asked for
 o configure: fix default location for fish completions
 o cookie: Guard against possible NULL ptr deref
 o curl: make code work with protocol-disabled libcurl
 o curl: report error for "--no-" on non-boolean options
 o curl_easy_getinfo.3: fix minor formatting mistake
 o curlver.h: use parenthesis in CURL_VERSION_BITS macro
 o docs/BUG-BOUNTY: bug bounty time
 o docs/INSTALL: fix broken link
 o docs/RELEASE-PROCEDURE: link to live iCalendar
 o documentation: Fix several typos
 o doh: acknowledge CURL_DISABLE_DOH
 o doh: disable DOH for the cases it doesn't work
 o examples: remove unused variables
 o ftplistparser: fix LGTM alert "Empty block without comment"
 o hostip: acknowledge CURL_DISABLE_SHUFFLE_DNS
 o http: Ignore HTTP/2 prior knowledge setting for HTTP proxies
 o http: acknowledge CURL_DISABLE_HTTP_AUTH
 o http: mark bundle as not for multiuse on < HTTP/2 response
 o http_digest: Don't expose functions when HTTP and Crypto Auth are disabled
 o http_negotiate: do not treat failure of gss_init_sec_context() as fatal
 o http_ntlm: Corrected the name of the include guard
 o http_ntlm_wb: Handle auth for only a single request
 o http_ntlm_wb: Return the correct error on receiving an empty auth message
 o lib509: add missing include for strdup
 o lib557: initialize variables
 o makedebug: Fix ERRORLEVEL detection after running where.exe
 o mbedtls: enable use of EC keys
 o mime: acknowledge CURL_DISABLE_MIME
 o multi: improved HTTP_1_1_REQUIRED handling
 o netrc: acknowledge CURL_DISABLE_NETRC
 o nss: allow fifos and character devices for certificates
 o nss: provide more specific error messages on failed init
 o ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup
 o ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4
 o openssl: mark connection for close on TLS close_notify
 o openvms: Remove pre-processor for SecureTransport
 o openvms: Remove pre-processors for Windows
 o parse_proxy: use the URL parser API
 o parsedate: disabled on CURL_DISABLE_PARSEDATE
 o pingpong: disable more when no pingpong protocols are enabled
 o polarssl_threadlock: remove conditionally unused code
 o progress: acknowledge CURL_DISABLE_PROGRESS_METER
 o proxy: acknowledge DISABLE_PROXY more
 o resolve: apply Happy Eyeballs philosophy to parallel c-ares queries
 o revert "multi: support verbose conncache closure handle"
 o sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616
 o sasl: only enable if there's a protocol enabled using it
 o scripts: fix typos
 o singleipconnect: show port in the verbose "Trying ..." message
 o smtp: fix compiler warning
 o socks5: user name and passwords must be shorter than 256
 o socks: fix error message
 o socksd: new SOCKS 4+5 server for tests
 o spnego_gssapi: fix return code on gss_init_sec_context() failure
 o ssh-libssh: remove unused variable
 o ssh: define USE_SSH if SSH is enabled (any backend)
 o ssh: move variable declaration to where it's used
 o test1002: correct the name
 o test2100: Fix typos in test description
 o tests/server/util: fix Windows Unicode build
 o tests: Run global cleanup at end of tests
 o tests: make Impacket (SMB server) Python 3 compatible
 o tool_cb_wrt: fix bad-function-cast warning
 o tool_formparse: remove redundant assignment
 o tool_help: Warn if curl and libcurl versions do not match
 o tool_help: include <strings.h> for strcasecmp
 o transfer: fix LGTM alert "Comparison is always true"
 o travis: add an osx http-only build
 o travis: allow builds on branches named "ci"
 o travis: install dependencies only when needed
 o travis: update some builds do Xenial
 o travis: updated mesalink builds
 o url: always clone the CUROPT_CURLU handle
 o url: convert the zone id from a IPv6 URL to correct scope id
 o urlapi: add CURLUPART_ZONEID to set and get
 o urlapi: increase supported scheme length to 40 bytes
 o urlapi: require a non-zero host name length when parsing URL
 o urlapi: stricter CURLUPART_PORT parsing
 o urlapi: strip off zone id from numerical IPv6 addresses
 o urlapi: urlencode characters above 0x7f correctly
 o vauth/cleartext: update the PLAIN login to match RFC 4616
 o vauth/oauth2: Fix OAUTHBEARER token generation
 o vauth: Fix incorrect function description for Curl_auth_user_contains_domain
 o vtls: fix potential ssl_buffer stack overflow
 o wildcard: disable from build when FTP isn't present
 o winbuild: Support MultiSSL builds
 o xattr: skip unittest on unsupported platforms

Revision 1.208 / (download) - annotate - [select for diffs], Sun Mar 31 20:41:29 2019 UTC (7 weeks, 5 days ago) by leot
Branch: MAIN
Changes since 1.207: +4 -4 lines
Diff to previous 1.207 (colored)

curl: Update to 7.64.1

pkgsrc changes:
 - No longer install MANUAL, it is no longer available
 - Remove patch-lib_hostcheck.c, <netinet/in.h> is already included few
   lines before
 - Take MAINTAINERSHIP

Changes:
7.64.1
======
This release includes the following changes:

 o alt-svc: experiemental support added [74]
 o configure: add --with-amissl [84]

This release includes the following bugfixes:

 o AppVeyor: add MinGW-w64 and classic Mingw builds [55]
 o AppVeyor: switch VS 2015 builds to VS 2017 image [49]
 o CURLU: fix NULL dereference when used over proxy [73]
 o Curl_easy: remove req.maxfd - never used! [58]
 o Curl_now: figure out windows version in win32_init: [11]
 o Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning [20]
 o DoH: inherit some SSL options from user's easy handle [80]
 o Secure Transport: no more "darwinssl" [56]
 o Secure Transport: tvOS 11 is required for ALPN support [94]
 o cirrus: Added FreeBSD builds using Cirrus CI
 o cleanup: make local functions static [5]
 o cli tool: do not use mime.h private structures [27]
 o cmdline-opts/proxytunnel.d: the option tunnnels all protocols [83]
 o configure: add additional libraries to check for LDAP support [45]
 o configure: remove the unused fdopen macro [40]
 o configure: show features as well in the final summary [15]
 o conncache: use conn->data to know if a transfer owns it [95]
 o connection: never reuse CONNECT_ONLY connections [35]
 o connection_check: restore original conn->data after the check [14]
 o connection_check: set ->data to the transfer doing the check [3]
 o cookie: Add support for cookie prefixes [29]
 o cookies: dotless names can set cookies again [81]
 o cookies: fix NULL dereference if flushing cookies with no CookieInfo set [47]
 o curl.1: --user and --proxy-user are hidden from ps output [86]
 o curl.1: mark the argument to --cookie as <data|filename> [87]
 o curl.h: use __has_declspec_attribute for shared builds [52]
 o curl: display --version features sorted alphabetically [51]
 o curl: fix FreeBSD compiler warning in the --xattr code [2]
 o curl: remove MANUAL from -M output [38]
 o curl_easy_duphandle.3: clarify that a duped handle has no shares [64]
 o curl_multi_remove_handle.3: use at any time, just not from within callbacks
 o curl_url.3: this API is not experimental anymore
 o dns: release sharelock as soon as possible [1]
 o docs: update max-redirs.d phrasing [59]
 o easy: fix win32 init to work without CURL_GLOBAL_WIN32 [30]
 o examples/10-at-a-time.c: improve readability and simplify
 o examples/cacertinmem.c: use multiple certificates for loading CA-chain [54]
 o examples/crawler: Fix the Accept-Encoding setting
 o examples/ephiperfifo.c: various fixes [63]
 o examples/externalsocket: add missing close socket calls [78]
 o examples/http2-download: cleaned up
 o examples/http2-serverpush: add some sensible error checks [31]
 o examples/http2-upload: cleaned up
 o examples/httpcustomheader: Value stored to 'res' is never read
 o examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory'
 o examples/sftpuploadresume: Value stored to 'result' is never read
 o examples: only include <curl/curl.h> [70]
 o examples: remove recursive calls to curl_multi_socket_action [42]
 o examples: remove superfluous null-pointer checks
 o file: fix "Checking if unsigned variable 'readcount' is less than zero." [90]
 o fnmatch: disable if FTP is disabled [25]
 o gnutls: remove call to deprecated gnutls_compression_get_name [66]
 o gopher: remove check for path == NULL [69]
 o gssapi: fix deprecated header warnings [16]
 o hostip: make create_hostcache_id avoid alloc + free [4]
 o http2: multi_connchanged() moved from multi.c, only used for h2 [21]
 o http2: verify :athority in push promise requests [37]
 o http: make adding a blank header thread-safe [33]
 o http: send payload when (proxy) authentication is done [89]
 o http: set state.infilesize when sending multipart formposts [57]
 o makefile: make checksrc and hugefile commands "silent" [85]
 o mbedtls: make it build even if MBEDTLS_VERSION_C isn't set [24]
 o mbedtls: release sessionid resources on error [28]
 o memdebug: log pointer before freeing its data [91]
 o memdebug: make debug-specific functions use curl_dbg_ prefix [82]
 o mime: put the boundary buffer into the curl_mime struct [18]
 o multi: call multi_done on connect timeouts, fixes CURLINFO_TOTAL_TIME [43]
 o multi: remove verbose "Expire in" ... messages [23]
 o multi: removed unused code for request retries [79]
 o multi: support verbose conncache closure handle [72]
 o negotiate: fix for HTTP POST with Negotiate [88]
 o openssl: add support for TLS ASYNC state [46]
 o openssl: if cert type is ENG and no key specified, key is ENG too [93]
 o pretransfer: don't strlen() POSTFIELDS set for GET requests [22]
 o rand: Fix a mismatch between comments in source and header [32]
 o runtests: detect "schannel" as an alias for "winssl" [50]
 o schannel: be quiet - remove verbose output [19]
 o schannel: close TLS before removing conn from cache [10]
 o schannel: support CALG_ECDH_EPHEM algorithm [44]
 o scripts/completion.pl: also generate fish completion file [67]
 o singlesocket: fix the 'sincebefore' placement [36]
 o source: fix two 'nread' may be used uninitialized warnings [68]
 o ssh: fix Condition '!status' is always true [60]
 o ssh: loop the state machine if not done and not blocking [71]
 o strerror: make the strerror function use local buffers [48]
 o system_win32: move win32_init here from easy.c [65]
 o test578: make it read data from the correct test
 o tests: Fixed XML validation errors in some test files
 o tests: add stderr comparison to the test suite [26]
 o tests: fix multiple may be used uninitialized warnings
 o threaded-resolver: shutdown the resolver thread without error message [61]
 o tool_cb_wrt: fix writing to Windows null device NUL [96]
 o tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr [84]
 o tool_operate: build on AmigaOS [84]
 o tool_operate: fix typecheck warning [9]
 o transfer.c: do not compute length of undefined hex buffer
 o travis: add build using gnutls [75]
 o travis: add scan-build [13]
 o travis: bump the used wolfSSL version to 4.0.0 [92]
 o travis: enable valgrind for the iconv tests [12]
 o travis: use updated compiler versions: clang 7 and gcc 8 [77]
 o unit1307: require FTP support [17]
 o unit1651: survive curl_easy_init() fails
 o url/idnconvert: remove scan for <= 32 ascii values [6]
 o url: change conn shutdown order to ensure SOCKETFUNCTION callbacks [39]
 o urlapi: reduce variable scope, remove unreachable 'break' [7]
 o urldata: convert bools to bitfields and move to end [53]
 o urldata: simplify bytecounters [62]
 o urlglob: Argument with 'nonnull' attribute passed null
 o version.c: silent scan-build even when librtmp is not enabled
 o vtls: rename some of the SSL functions [84]
 o wolfssl: stop custom-adding curves [41]
 o x509asn1: "Dereference of null pointer"
 o x509asn1: cleanup and unify code layout [34]
 o zsh.pl: escape ':' character [8]
 o zsh.pl: update regex to better match curl -h output [8]

Revision 1.205.2.1 / (download) - annotate - [select for diffs], Sat Feb 16 15:59:04 2019 UTC (3 months ago) by bsiegert
Branch: pkgsrc-2018Q4
Changes since 1.205: +5 -9 lines
Diff to previous 1.205 (colored) next main 1.206 (colored)

Pullup ticket #5910 - requested by mlelstv
www/curl: security fix

Revisions pulled up:
- www/curl/Makefile                                             1.207
- www/curl/PLIST                                                1.73
- www/curl/distinfo                                             1.150

---
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Wed Feb  6 08:02:48 UTC 2019

   Modified Files:
           pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   curl: updated to 7.64.0

   curl and libcurl 7.64.0

   This release includes the following changes:
   * cookies: leave secure cookies alone
   * hostip: support wildcard hosts
   * http: Implement trailing headers for chunked transfers
   * http: added options for allowing HTTP/0.9 responses
   * timeval: Use high resolution timestamps on Windows

   This release includes the following bugfixes:
   * CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
   * CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
   * CVE-2019-3823: SMTP end-of-response out-of-bounds read
   * FAQ: remove mention of sourceforge for github
   * OS400: handle memory error in list conversion
   * OS400: upgrade ILE/RPG binding.
   * README: add codacy code quality badge
   * Revert http_negotiate: do not close connection
   * THANKS: added several missing names from year <= 2000
   * build: make 'tidy' target work for metalink builds
   * cmake: added checks for variadic macros
   * cmake: updated check for HAVE_POLL_FINE to match autotools
   * cmake: use lowercase for function name like the rest of the code
   * configure: detect xlclang separately from clang
   * configure: fix recv/send/select detection on Android
   * configure: rewrite --enable-code-coverage
   * conncache_unlock: avoid indirection by changing input argument type
   * cookie: fix comment typo
   * cookies: allow secure override when done over HTTPS
   * cookies: extend domain checks to non psl builds
   * cookies: skip custom cookies when redirecting cross-site
   * curl --xattr: strip credentials from any URL that is stored
   * curl -J: refuse to append to the destination file
   * curl/urlapi.h: include "curl.h" first
   * curl_multi_remove_handle() don't block terminating c-ares requests
   * darwinssl: accept setting max-tls with default min-tls
   * disconnect: separate connections and easy handles better
   * disconnect: set conn->data for protocol disconnect
   * docs/version.d: mention MultiSSL
   * docs: fix the --tls-max description
   * docs: use $(INSTALL_DATA) to install man page
   * docs: use meaningless port number in CURLOPT_LOCALPORT example
   * gopher: always include the entire gopher-path in request
   * http2: clear pause stream id if it gets closed
   * if2ip: remove unused function Curl_if_is_interface_name
   * libssh: do not let libssh create socket
   * libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
   * libssh: free sftp_canonicalize_path() data correctly
   * libtest/stub_gssapi: use "real" snprintf
   * mbedtls: use VERIFYHOST
   * multi: multiplexing improvements
   * multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
   * ntlm: fix NTMLv2 compliance
   * ntlm_sspi: add support for channel binding
   * openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
   * openssl: fix the SSL_get_tlsext_status_ocsp_resp call
   * openvms: fix OpenSSL discovery on VAX
   * openvms: fix typos in documentation
   * os400: add a missing closing bracket
   * os400: fix extra parameter syntax error
   * pingpong: change default response timeout to 120 seconds
   * pingpong: ignore regular timeout in disconnect phase
   * printf: fix format specifiers
   * runtests.pl: Fix perl call to include srcdir
   * schannel: fix compiler warning
   * schannel: preserve original certificate path parameter
   * schannel: stop calling it "winssl"
   * sigpipe: if mbedTLS is used, ignore SIGPIPE
   * smb: fix incorrect path in request if connection reused
   * ssh: log the libssh2 error message when ssh session startup fails
   * test1558: verify CURLINFO_PROTOCOL on file:// transfer
   * test1561: improve test name
   * test1653: make it survive torture tests
   * tests: allow tests to pass by 2037-02-12
   * tests: move objnames-* from lib into tests
   * timediff: fix math for unsigned time_t
   * timeval: Disable MSVC Analyzer GetTickCount warning
   * tool_cb_prg: avoid integer overflow
   * travis: added cmake build for osx
   * urlapi: Fix port parsing of eol colon
   * urlapi: distinguish possibly empty query
   * urlapi: fix parsing ipv6 with zone index
   * urldata: rename easy_conn to just conn
   * winbuild: conditionally use /DZLIB_WINAPI
   * wolfssl: fix memory-leak in threaded use
   * spnego_sspi: add support for channel binding

Revision 1.207 / (download) - annotate - [select for diffs], Wed Feb 6 08:02:48 2019 UTC (3 months, 2 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1
Changes since 1.206: +5 -9 lines
Diff to previous 1.206 (colored)

curl: updated to 7.64.0

curl and libcurl 7.64.0

This release includes the following changes:
* cookies: leave secure cookies alone
* hostip: support wildcard hosts
* http: Implement trailing headers for chunked transfers
* http: added options for allowing HTTP/0.9 responses
* timeval: Use high resolution timestamps on Windows

This release includes the following bugfixes:
* CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
* CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
* CVE-2019-3823: SMTP end-of-response out-of-bounds read
* FAQ: remove mention of sourceforge for github
* OS400: handle memory error in list conversion
* OS400: upgrade ILE/RPG binding.
* README: add codacy code quality badge
* Revert http_negotiate: do not close connection
* THANKS: added several missing names from year <= 2000
* build: make 'tidy' target work for metalink builds
* cmake: added checks for variadic macros
* cmake: updated check for HAVE_POLL_FINE to match autotools
* cmake: use lowercase for function name like the rest of the code
* configure: detect xlclang separately from clang
* configure: fix recv/send/select detection on Android
* configure: rewrite --enable-code-coverage
* conncache_unlock: avoid indirection by changing input argument type
* cookie: fix comment typo
* cookies: allow secure override when done over HTTPS
* cookies: extend domain checks to non psl builds
* cookies: skip custom cookies when redirecting cross-site
* curl --xattr: strip credentials from any URL that is stored
* curl -J: refuse to append to the destination file
* curl/urlapi.h: include "curl.h" first
* curl_multi_remove_handle() don't block terminating c-ares requests
* darwinssl: accept setting max-tls with default min-tls
* disconnect: separate connections and easy handles better
* disconnect: set conn->data for protocol disconnect
* docs/version.d: mention MultiSSL
* docs: fix the --tls-max description
* docs: use $(INSTALL_DATA) to install man page
* docs: use meaningless port number in CURLOPT_LOCALPORT example
* gopher: always include the entire gopher-path in request
* http2: clear pause stream id if it gets closed
* if2ip: remove unused function Curl_if_is_interface_name
* libssh: do not let libssh create socket
* libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
* libssh: free sftp_canonicalize_path() data correctly
* libtest/stub_gssapi: use "real" snprintf
* mbedtls: use VERIFYHOST
* multi: multiplexing improvements
* multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
* ntlm: fix NTMLv2 compliance
* ntlm_sspi: add support for channel binding
* openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
* openssl: fix the SSL_get_tlsext_status_ocsp_resp call
* openvms: fix OpenSSL discovery on VAX
* openvms: fix typos in documentation
* os400: add a missing closing bracket
* os400: fix extra parameter syntax error
* pingpong: change default response timeout to 120 seconds
* pingpong: ignore regular timeout in disconnect phase
* printf: fix format specifiers
* runtests.pl: Fix perl call to include srcdir
* schannel: fix compiler warning
* schannel: preserve original certificate path parameter
* schannel: stop calling it "winssl"
* sigpipe: if mbedTLS is used, ignore SIGPIPE
* smb: fix incorrect path in request if connection reused
* ssh: log the libssh2 error message when ssh session startup fails
* test1558: verify CURLINFO_PROTOCOL on file:// transfer
* test1561: improve test name
* test1653: make it survive torture tests
* tests: allow tests to pass by 2037-02-12
* tests: move objnames-* from lib into tests
* timediff: fix math for unsigned time_t
* timeval: Disable MSVC Analyzer GetTickCount warning
* tool_cb_prg: avoid integer overflow
* travis: added cmake build for osx
* urlapi: Fix port parsing of eol colon
* urlapi: distinguish possibly empty query
* urlapi: fix parsing ipv6 with zone index
* urldata: rename easy_conn to just conn
* winbuild: conditionally use /DZLIB_WINAPI
* wolfssl: fix memory-leak in threaded use
* spnego_sspi: add support for channel binding

Revision 1.206 / (download) - annotate - [select for diffs], Fri Feb 1 18:10:21 2019 UTC (3 months, 2 weeks ago) by gdt
Branch: MAIN
Changes since 1.205: +1 -2 lines
Diff to previous 1.205 (colored)

curl: Drop redundant comment

Revision 1.205 / (download) - annotate - [select for diffs], Thu Dec 13 19:51:38 2018 UTC (5 months, 1 week ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base
Branch point for: pkgsrc-2018Q4
Changes since 1.204: +2 -1 lines
Diff to previous 1.204 (colored)

revbump for boost 1.69.0

Revision 1.204 / (download) - annotate - [select for diffs], Wed Dec 12 11:09:55 2018 UTC (5 months, 1 week ago) by leot
Branch: MAIN
Changes since 1.203: +2 -2 lines
Diff to previous 1.203 (colored)

curl: Update www/curl to 7.63.0

pkgsrc changes:
 - Remove no longer needed patch-lib_connect.c: imported upstream

Changes:
7.63.0
------
This release includes the following changes:

 o curl: add %{stderr} and %{stdout} for --write-out
 o curl: add undocumented option --dump-module-paths for win32
 o setopt: add CURLOPT_CURLU

This release includes the following bugfixes:

 o (lib)curl.rc: fixup for minor bugs
 o CURLINFO_REDIRECT_URL: extract the Location: header field unvalidated
 o CURLOPT_HEADERFUNCTION.3: match 'nitems' name in synopsis and description
 o CURLOPT_WRITEFUNCTION.3: spell out that it gets called many times
 o Curl_follow: accept non-supported schemes for "fake" redirects
 o KNOWN_BUGS: add --proxy-any connection issue
 o NTLM: Remove redundant ifdef USE_OPENSSL
 o NTLM: force the connection to HTTP/1.1
 o OS400: add URL API ccsid wrappers and sync ILE/RPG bindings
 o SECURITY-PROCESS: bountygraph shuts down again
 o TODO: Have the URL API offer IDN decoding
 o ares: remove fd from multi fd set when ares is about to close the fd
 o axtls: removed
 o checksrc: add COPYRIGHTYEAR check
 o cmake: fix MIT/Heimdal Kerberos detection
 o configure: include all libraries in ssl-libs fetch
 o configure: show CFLAGS, LDFLAGS etc in summary
 o connect: fix building for recent versions of Minix
 o cookies: create the cookiejar even if no cookies to save
 o cookies: expire "Max-Age=0" immediately
 o curl: --local-port range was not "including"
 o curl: fix --local-port integer overflow
 o curl: fix memory leak reading --writeout from file
 o curl: fixed UTF-8 in current console code page (Windows)
 o curl_easy_perform: fix timeout handling
 o curl_global_sslset(): id == -1 is not necessarily an error
 o curl_multibyte: fix a malloc overcalculation
 o curle: move deprecated error code to ifndef block
 o docs: curl_formadd field and file names are now escaped
 o docs: escape "\n" codes
 o doh: fix memory leak in OOM situation
 o doh: make it work for h2-disabled builds too
 o examples/ephiperfifo: report error when epoll_ctl fails
 o ftp: avoid two unsigned int overflows in FTP listing parser
 o host names: allow trailing dot in name resolve, then strip it
 o http2: Upon HTTP_1_1_REQUIRED, retry the request with HTTP/1.1
 o http: don't set CURLINFO_CONDITION_UNMET for http status code 204
 o http: fix HTTP Digest auth to include query in URI
 o http_negotiate: do not close connection until negotiation is completed
 o impacket: add LICENSE
 o infof: clearly indicate truncation
 o ldap: fix LDAP URL parsing regressions
 o libcurl: stop reading from paused transfers
 o mprintf: avoid unsigned integer overflow warning
 o netrc: don't ignore the login name specified with "--user"
 o nss: Fall back to latest supported SSL version
 o nss: Fix compatibility with nss versions 3.14 to 3.15
 o nss: fix fallthrough comment to fix picky compiler warning
 o nss: remove version selecting dead code
 o nss: set default max-tls to 1.3/1.2
 o openssl: Remove SSLEAY leftovers
 o openssl: do not log excess "TLS app data" lines for TLS 1.3
 o openssl: do not use file BIOs if not requested
 o openssl: fix unused variable compiler warning with old openssl
 o openssl: support session resume with TLS 1.3
 o openvms: fix example name
 o os400: Add curl_easy_conn_upkeep() to ILE/RPG binding
 o os400: add CURLOPT_CURLU to ILE/RPG binding
 o os400: fix return type of curl_easy_pause() in ILE/RPG binding
 o packages: remove old leftover files and dirs
 o pop3: only do APOP with a valid timestamp
 o runtests: use the local curl for verifying
 o schannel: be consistent in Schannel capitalization
 o schannel: better CURLOPT_CERTINFO support
 o schannel: use Curl_ prefix for global private symbols
 o snprintf: renamed and we now only use msnprintf()
 o ssl: fix compilation with OpenSSL 0.9.7
 o ssl: replace all internal uses of CURLE_SSL_CACERT
 o symbols-in-versions: add missing CURLU_ symbols
 o test328: verify Content-Encoding: none
 o tests: disable SO_EXCLUSIVEADDRUSE for stunnel on Windows
 o tests: drop http_pipe.py script no longer used
 o tool_cb_wrt: Silence function cast compiler warning
 o tool_doswin: Fix uninitialized field warning
 o travis: build with clang sanitizers
 o travis: remove curl before a normal build
 o url: a short host name + port is not a scheme
 o url: fix IPv6 numeral address parser
 o urlapi: only skip encoding the first '=' with APPENDQUERY set

This release includes the following known bugs:

 o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)

This release would not have looked like this without help, code, reports and
advice from friends like these:

  Alessandro Ghedini, Alexey Melnichuk, Antoni Villalonga, Ben Greear,
  bobmitchell1956 on github, Brad King, Brian Carpenter, daboul on github,
  Daniel Gustafsson, Daniel Stenberg, Dave Reisner, David Benjamin,
  Dheeraj Sangamkar, dtmsecurity on github, Elia Tufarolo, Frank Gevaerts,
  Gergely Nagy, Gisle Vanem, Hagai Auro, Han Han, infinnovation-dev on github,
  James Knight, Jérémy Rocher, Jeroen Ooms, Jim Fuller, Johannes Schindelin,
  Kamil Dudka, Konstantin Kushnir, Marcel Raad, Marc Hörsken, Marcos Diazr,
  Michael Kaufmann, NTMan on Github, Patrick Monnerat, Paul Howarth,
  Pavel Pavlov, Peter Wu, Ray Satiro, Rod Widdowson, Romain Fliedel,
  Samuel Surtees, Sevan Janiyan, Stefan Kanthak, Sven Blumenstein, Tim Rühsen,
  Tobias Hintze, Tomas Hoger, tonystz on Github, tpaukrt on github,
  Viktor Szakats, Yasuhiro Matsumoto,
  (51 contributors)

        Thanks! (and sorry if I forgot to mention someone)

Revision 1.203 / (download) - annotate - [select for diffs], Wed Nov 28 01:32:25 2018 UTC (5 months, 3 weeks ago) by sevan
Branch: MAIN
Changes since 1.202: +2 -1 lines
Diff to previous 1.202 (colored)

Need pthread support, make sure a substitue is present if OS lacks support
natively, e.g Minix at present.

Revision 1.201.2.1 / (download) - annotate - [select for diffs], Fri Nov 2 06:32:59 2018 UTC (6 months, 3 weeks ago) by spz
Branch: pkgsrc-2018Q3
Changes since 1.201: +2 -2 lines
Diff to previous 1.201 (colored) next main 1.202 (colored)

Pullup ticket #5872 - requested by leot
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.202
- www/curl/PLIST                                                1.71
- www/curl/distinfo                                             1.147

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	leot
   Date:		Wed Oct 31 08:06:24 UTC 2018

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   curl: Update www/curl to 7.62.0

   Changes:
   7.62.0
   ------
   This release includes the following changes:

    o multiplex: enable by default
    o url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
    o setopt: add CURLOPT_DOH_URL
    o curl: --doh-url added
    o setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
    o imap: change from "FETCH" to "UID FETCH"
    o configure: add option to disable automatic OpenSSL config loading
    o upkeep: add a connection upkeep API: curl_easy_upkeep()
    o URL-API: added five new functions
    o vtls: MesaLink is a new TLS backend

   This release includes the following bugfixes:

    o CVE-2018-16839: SASL password overflow via integer overflow
    o CVE-2018-16840: use-after-free in handle close
    o CVE-2018-16842: warning message out-of-buffer read
    o CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated
    o Curl_dedotdotify(): always nul terminate returned string
    o Curl_follow: Always free the passed new URL
    o Curl_http2_done: fix memleak in error path
    o Curl_retry_request: fix memory leak
    o Curl_saferealloc: Fixed typo in docblock
    o FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output
    o GnutTLS: TLS 1.3 support
    o SECURITY-PROCESS: mention the bountygraph program
    o VS projects: add USE_IPV6:
    o Windows: fixes for MinGW targeting Windows Vista
    o anyauthput: fix compiler warning on 64-bit Windows
    o appveyor: add WinSSL builds
    o appveyor: run test suite (on Windows!)
    o certs: generate tests certs with sha256 digest algorithm
    o checksrc: enable strict mode and warnings
    o checksrc: handle zero scoped ignore commands
    o cmake: Backport to work with CMake 3.0 again
    o cmake: Improve config installation
    o cmake: add support for transitive ZLIB target
    o cmake: disable -Wpedantic-ms-format
    o cmake: don't require OpenSSL if USE_OPENSSL=OFF
    o cmake: fixed path used in generation of docs/tests
    o cmake: remove unused *SOCKLEN_T variables
    o cmake: suppress MSVC warning C4127 for libtest
    o cmake: test and set missed defines during configuration
    o comment: Fix multiple typos in function parameters
    o config: Remove unused SIZEOF_VOIDP
    o config_win32: enable LDAPS
    o configure: force-use -lpthreads on HPUX
    o configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T
    o configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE
    o cookies: Remove redundant expired check
    o cookies: fix leak when writing cookies to file
    o curl-config.in: remove dependency on bc
    o curl.1: --ipv6 mutexes ipv4 (fixed typo)
    o curl: enabled Windows VT Support and UTF-8 output
    o curl: update the documentation of --tlsv1.0
    o curl_multi_wait: call getsock before figuring out timeout
    o curl_ntlm_wb: check aprintf() return codes
    o curl_threads: fix classic MinGW compile break
    o darwinssl: Fix realloc memleak
    o darwinssl: more specific and unified error codes
    o data-binary.d: clarify default content-type is x-www-form-urlencoded
    o docs/BUG-BOUNTY: explain the bounty program
    o docs/CIPHERS: Mention the options used to set TLS 1.3 ciphers
    o docs/CIPHERS: fix the TLS 1.3 cipher names
    o docs/CIPHERS: mention the colon separation for OpenSSL
    o docs/examples: URL updates
    o docs: add "see also" links for SSL options
    o example/asiohiper: insert warning comment about its status
    o example/htmltidy: fix include paths of tidy libraries
    o examples/Makefile.m32: sync with core
    o examples/http2-pushinmemory: receive HTTP/2 pushed files in memory
    o examples/parseurl.c: show off the URL API
    o examples: Fix memory leaks from realloc errors
    o examples: do not wait when no transfers are running
    o ftp: include command in Curl_ftpsend sendbuffer
    o gskit: make sure to terminate version string
    o gtls: Values stored to but never read
    o hostip: fix check on Curl_shuffle_addr return value
    o http2: fix memory leaks on error-path
    o http: fix memleak in rewind error path
    o krb5: fix memory leak in krb_auth
    o ldap: show precise LDAP call in error message on Windows
    o lib: fix gcc8 warning on Windows
    o memory: add missing curl_printf header
    o memory: ensure to check allocation results
    o multi: Fix error handling in the SENDPROTOCONNECT state
    o multi: fix memory leak in content encoding related error path
    o multi: make the closure handle "inherit" CURLOPT_NOSIGNAL
    o netrc: free temporary strings if memory allocation fails
    o nss: fix nssckbi module loading on Windows
    o nss: try to connect even if libnssckbi.so fails to load
    o ntlm_wb: Fix memory leaks in ntlm_wb_response
    o ntlm_wb: bail out if the response gets overly large
    o openssl: assume engine support in 0.9.8 or later
    o openssl: enable TLS 1.3 post-handshake auth
    o openssl: fix gcc8 warning
    o openssl: load built-in engines too
    o openssl: make 'done' a proper boolean
    o openssl: output the correct cipher list on TLS 1.3 error
    o openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer
    o openssl: show "proper" version number for libressl builds
    o pipelining: deprecated
    o rand: add comment to skip a clang-tidy false positive
    o rtmp: fix for compiling with lwIP
    o runtests: ignore disabled even when ranges are given
    o runtests: skip ld_preload tests on macOS
    o runtests: use Windows paths for Windows curl
    o schannel: unified error code handling
    o sendf: Fix whitespace in infof/failf concatenation
    o ssh: free the session on init failures
    o ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code
    o system.h: use proper setting with Sun C++ as well
    o test1299: use single quotes around asterisk
    o test1452: mark as flaky
    o test1651: unit test Curl_extract_certinfo()
    o test320: strip out more HTML when comparing
    o tests/negtelnetserver.py: fix Python2-ism in neg TELNET server
    o tests: add unit tests for url.c
    o timeval: fix use of weak symbol clock_gettime() on Apple platforms
    o tool_cb_hdr: handle failure of rename()
    o travis: add a "make tidy" build that runs clang-tidy
    o travis: add build for "configure --disable-verbose"
    o travis: bump the Secure Transport build to use xcode
    o travis: make distcheck scan for BOM markers
    o unit1300: fix stack-use-after-scope AddressSanitizer warning
    o urldata: Fix "connecting" comment
    o urlglob: improve error message on bad globs
    o vtls: fix ssl version "or later" behavior change for many backends
    o x509asn1: Fix SAN IP address verification
    o x509asn1: always check return code from getASN1Element()
    o x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse cert
    o x509asn1: suppress left shift on signed value


   To generate a diff of this commit:
   cvs rdiff -u -r1.201 -r1.202 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.70 -r1.71 pkgsrc/www/curl/PLIST
   cvs rdiff -u -r1.146 -r1.147 pkgsrc/www/curl/distinfo

Revision 1.202 / (download) - annotate - [select for diffs], Wed Oct 31 08:06:24 2018 UTC (6 months, 3 weeks ago) by leot
Branch: MAIN
Changes since 1.201: +2 -2 lines
Diff to previous 1.201 (colored)

curl: Update www/curl to 7.62.0

Changes:
7.62.0
------
This release includes the following changes:

 o multiplex: enable by default
 o url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
 o setopt: add CURLOPT_DOH_URL
 o curl: --doh-url added
 o setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
 o imap: change from "FETCH" to "UID FETCH"
 o configure: add option to disable automatic OpenSSL config loading
 o upkeep: add a connection upkeep API: curl_easy_upkeep()
 o URL-API: added five new functions
 o vtls: MesaLink is a new TLS backend

This release includes the following bugfixes:

 o CVE-2018-16839: SASL password overflow via integer overflow
 o CVE-2018-16840: use-after-free in handle close
 o CVE-2018-16842: warning message out-of-buffer read
 o CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated
 o Curl_dedotdotify(): always nul terminate returned string
 o Curl_follow: Always free the passed new URL
 o Curl_http2_done: fix memleak in error path
 o Curl_retry_request: fix memory leak
 o Curl_saferealloc: Fixed typo in docblock
 o FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output
 o GnutTLS: TLS 1.3 support
 o SECURITY-PROCESS: mention the bountygraph program
 o VS projects: add USE_IPV6:
 o Windows: fixes for MinGW targeting Windows Vista
 o anyauthput: fix compiler warning on 64-bit Windows
 o appveyor: add WinSSL builds
 o appveyor: run test suite (on Windows!)
 o certs: generate tests certs with sha256 digest algorithm
 o checksrc: enable strict mode and warnings
 o checksrc: handle zero scoped ignore commands
 o cmake: Backport to work with CMake 3.0 again
 o cmake: Improve config installation
 o cmake: add support for transitive ZLIB target
 o cmake: disable -Wpedantic-ms-format
 o cmake: don't require OpenSSL if USE_OPENSSL=OFF
 o cmake: fixed path used in generation of docs/tests
 o cmake: remove unused *SOCKLEN_T variables
 o cmake: suppress MSVC warning C4127 for libtest
 o cmake: test and set missed defines during configuration
 o comment: Fix multiple typos in function parameters
 o config: Remove unused SIZEOF_VOIDP
 o config_win32: enable LDAPS
 o configure: force-use -lpthreads on HPUX
 o configure: remove CURL_CONFIGURE_CURL_SOCKLEN_T
 o configure: s/AC_RUN_IFELSE/CURL_RUN_IFELSE
 o cookies: Remove redundant expired check
 o cookies: fix leak when writing cookies to file
 o curl-config.in: remove dependency on bc
 o curl.1: --ipv6 mutexes ipv4 (fixed typo)
 o curl: enabled Windows VT Support and UTF-8 output
 o curl: update the documentation of --tlsv1.0
 o curl_multi_wait: call getsock before figuring out timeout
 o curl_ntlm_wb: check aprintf() return codes
 o curl_threads: fix classic MinGW compile break
 o darwinssl: Fix realloc memleak
 o darwinssl: more specific and unified error codes
 o data-binary.d: clarify default content-type is x-www-form-urlencoded
 o docs/BUG-BOUNTY: explain the bounty program
 o docs/CIPHERS: Mention the options used to set TLS 1.3 ciphers
 o docs/CIPHERS: fix the TLS 1.3 cipher names
 o docs/CIPHERS: mention the colon separation for OpenSSL
 o docs/examples: URL updates
 o docs: add "see also" links for SSL options
 o example/asiohiper: insert warning comment about its status
 o example/htmltidy: fix include paths of tidy libraries
 o examples/Makefile.m32: sync with core
 o examples/http2-pushinmemory: receive HTTP/2 pushed files in memory
 o examples/parseurl.c: show off the URL API
 o examples: Fix memory leaks from realloc errors
 o examples: do not wait when no transfers are running
 o ftp: include command in Curl_ftpsend sendbuffer
 o gskit: make sure to terminate version string
 o gtls: Values stored to but never read
 o hostip: fix check on Curl_shuffle_addr return value
 o http2: fix memory leaks on error-path
 o http: fix memleak in rewind error path
 o krb5: fix memory leak in krb_auth
 o ldap: show precise LDAP call in error message on Windows
 o lib: fix gcc8 warning on Windows
 o memory: add missing curl_printf header
 o memory: ensure to check allocation results
 o multi: Fix error handling in the SENDPROTOCONNECT state
 o multi: fix memory leak in content encoding related error path
 o multi: make the closure handle "inherit" CURLOPT_NOSIGNAL
 o netrc: free temporary strings if memory allocation fails
 o nss: fix nssckbi module loading on Windows
 o nss: try to connect even if libnssckbi.so fails to load
 o ntlm_wb: Fix memory leaks in ntlm_wb_response
 o ntlm_wb: bail out if the response gets overly large
 o openssl: assume engine support in 0.9.8 or later
 o openssl: enable TLS 1.3 post-handshake auth
 o openssl: fix gcc8 warning
 o openssl: load built-in engines too
 o openssl: make 'done' a proper boolean
 o openssl: output the correct cipher list on TLS 1.3 error
 o openssl: return CURLE_PEER_FAILED_VERIFICATION on failure to parse issuer
 o openssl: show "proper" version number for libressl builds
 o pipelining: deprecated
 o rand: add comment to skip a clang-tidy false positive
 o rtmp: fix for compiling with lwIP
 o runtests: ignore disabled even when ranges are given
 o runtests: skip ld_preload tests on macOS
 o runtests: use Windows paths for Windows curl
 o schannel: unified error code handling
 o sendf: Fix whitespace in infof/failf concatenation
 o ssh: free the session on init failures
 o ssl: deprecate CURLE_SSL_CACERT in favour of a unified error code
 o system.h: use proper setting with Sun C++ as well
 o test1299: use single quotes around asterisk
 o test1452: mark as flaky
 o test1651: unit test Curl_extract_certinfo()
 o test320: strip out more HTML when comparing
 o tests/negtelnetserver.py: fix Python2-ism in neg TELNET server
 o tests: add unit tests for url.c
 o timeval: fix use of weak symbol clock_gettime() on Apple platforms
 o tool_cb_hdr: handle failure of rename()
 o travis: add a "make tidy" build that runs clang-tidy
 o travis: add build for "configure --disable-verbose"
 o travis: bump the Secure Transport build to use xcode
 o travis: make distcheck scan for BOM markers
 o unit1300: fix stack-use-after-scope AddressSanitizer warning
 o urldata: Fix "connecting" comment
 o urlglob: improve error message on bad globs
 o vtls: fix ssl version "or later" behavior change for many backends
 o x509asn1: Fix SAN IP address verification
 o x509asn1: always check return code from getASN1Element()
 o x509asn1: return CURLE_PEER_FAILED_VERIFICATION on failure to parse cert
 o x509asn1: suppress left shift on signed value

Revision 1.196.2.2 / (download) - annotate - [select for diffs], Mon Sep 10 19:44:31 2018 UTC (8 months, 1 week ago) by spz
Branch: pkgsrc-2018Q2
Changes since 1.196.2.1: +2 -2 lines
Diff to previous 1.196.2.1 (colored) to branchpoint 1.196 (colored) next main 1.197 (colored)

Pullup ticket #5825 - requested by wiz
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.201
- www/curl/distinfo                                             1.146
- www/curl/patches/patch-src_tool__cb__hdr.c                    deleted

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Sep  5 06:49:26 UTC 2018

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo
   Removed Files:
   	pkgsrc/www/curl/patches: patch-src_tool__cb__hdr.c

   Log Message:
   curl: update to 7.61.1.

   This release includes the following bugfixes:

    o security advisory (CVE-2018-14618): NTLM password overflow via integer overflow [73]
    o CURLINFO_SIZE_UPLOAD: fix missing counter update [46]
    o CURLOPT_ACCEPT_ENCODING.3: list them comma-separated
    o CURLOPT_SSL_CTX_FUNCTION.3: might cause accidental connection reuse [72]
    o Curl_getoff_all_pipelines: improved for multiplexed [3]
    o DEPRECATE: remove release date from 7.62.0
    o HTTP: Don't attempt to needlessly decompress redirect body [30]
    o INTERNALS: require GnuTLS >= 2.11.3 [62]
    o README.md: add LGTM.com code quality grade for C/C++ [42]
    o SSLCERTS: improve the openssl command line
    o Silence GCC 8 cast-function-type warnings [47]
    o ares: check for NULL in completed-callback [3]
    o asyn-thread: Remove unused macro [40]
    o auth: only pick CURLAUTH_BEARER if we *have* a Bearer token [15]
    o auth: pick Bearer authentication whenever a token is available [15]
    o cmake: CMake config files are defining CURL_STATICLIB for static builds [54]
    o cmake: Respect BUILD_SHARED_LIBS [35]
    o cmake: Update scripts to use consistent style [9]
    o cmake: bumped minimum version to 3.4 [34]
    o cmake: link curl to the OpenSSL targets instead of lib absolute paths [34]
    o configure: conditionally enable pedantic-errors [64]
    o configure: fix for -lpthread detection with OpenSSL and pkg-config [38]
    o conn: remove the boolean 'inuse' field [3]
    o content_encoding: accept up to 4 unknown trailer bytes after raw deflate data [5]
    o cookie tests: treat files as text
    o cookies: support creation-time attribute for cookies [75]
    o curl: Fix segfault when -H @headerfile is empty [23]
    o curl: add http code 408 to transient list for --retry [78]
    o curl: fix time-of-check, time-of-use race in dir creation [71]
    o curl: use Content-Disposition before the "URL end" for -OJ [29]
    o curl: warn the user if a given file name looks like an option [56]
    o curl_threads: silence bad-function-cast warning [69]
    o darwinssl: add support for ALPN negotiation [7]
    o docs/CURLOPT_URL: fix indentation [20]
    o docs/CURLOPT_WRITEFUNCTION: size is always 1 [19]
    o docs/SECURITY-PROCESS: mention bounty, drop pre-notify
    o docs/examples: add hiperfifo example using linux epoll/timerfd [21]
    o docs: add disallow-username-in-url.d and haproxy-protocol.d to dist [50]
    o docs: clarify NO_PROXY env variable functionality [70]
    o docs: improved the manual pages of some callbacks [48]
    o docs: mention NULL is fine input to several functions [43]
    o formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT [40]
    o gopher: Do not translate `?' to `%09' [67]
    o header output: switch off all styles, not just unbold [8]
    o hostip: fix unused variable warning
    o http2: Use correct format identifier for stream_id [77]
    o http2: abort the send_callback if not setup yet [63]
    o http2: avoid set_stream_user_data() before stream is assigned [61]
    o http2: check nghttp2_session_set_stream_user_data return code [55]
    o http2: clear the drain counter in Curl_http2_done [27]
    o http2: make sure to send after RST_STREAM [58]
    o http2: separate easy handle from connections better [12]
    o http: fix for tiny "HTTP/0.9" response [51]
    o http_proxy: Remove unused macro SELECT_TIMEOUT [40]
    o lib/Makefile: only do symbol hiding if told to [32]
    o lib1502: fix memory leak in torture test [44]
    o lib1522: fix curl_easy_setopt argument type
    o libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation [66]
    o mime: check Curl_rand_hex's return code [22]
    o multi: always do the COMPLETED procedure/state [3]
    o openssl: assume engine support in 1.0.0 or later [2]
    o openssl: fix debug messages [39]
    o projects: Improve Windows perl detection in batch scripts [49]
    o retry: return error if rewind was necessary but didn't happen [28]
    o reuse_conn(): memory leak - free old_conn->options [17]
    o schannel: client certificate store opening fix [68]
    o schannel: enable CALG_TLS1PRF for w32api >= 5.1
    o schannel: fix MinGW compile break [1]
    o sftp: don't send post-qoute sequence when retrying a connection [79]
    o smb: fix memory leak on early failure [26]
    o smb: fix memory-leak in URL parse error path [4]
    o smb_getsock: always wait for write socket too [11]
    o ssh-libssh: fix infinite connect loop on invalid private key [53]
    o ssh-libssh: reduce excessive verbose output about pubkey auth [53]
    o ssh-libssh: use FALLTHROUGH to silence gcc8 [76]
    o ssl: set engine implicitly when a PKCS#11 URI is provided [36]
    o sws: handle EINTR when calling select() [24]
    o system_win32: fix version checking [16]
    o telnet: Remove unused macros TELOPTS and TELCMDS [40]
    o test1143: disable MSYS2's POSIX path conversion [10]
    o test1148: disable if decimal separator is not point [65]
    o test1307: (fnmatch testing) disabled [31]
    o test1422: add required file feature [6]
    o test1531: Add timeout [41]
    o test1540: Remove unused macro TEST_HANG_TIMEOUT [40]
    o test214: disable MSYS2's POSIX path conversion for URL
    o test320: treat curl320.out file as binary [14]
    o tests/http_pipe.py: Use /usr/bin/env to find python
    o tests: Don't use Windows path %PWD for SSH tests [74]
    o tests: fixes for Windows line endlings [13]
    o tool_operate: Fix setting proxy TLS 1.3 ciphers
    o travis: build darwinssl on macos 10.12 to fix linker errors [33]
    o travis: execute "set -eo pipefail" for coverage build [45]
    o travis: run a 'make checksrc' too [25]
    o travis: update to GCC-8 [52]
    o travis: verify that man pages can be regenerated [50]
    o upload: allocate upload buffer on-demand [60]
    o upload: change default UPLOAD_BUFSIZE to 64KB [60]
    o urldata: remove unused pipe_broke struct field [57]
    o vtls: reinstantiate engine on duplicated handles [59]
    o windows: implement send buffer tuning [37]
    o wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random [18]


   To generate a diff of this commit:
   cvs rdiff -u -r1.200 -r1.201 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.145 -r1.146 pkgsrc/www/curl/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/www/curl/patches/patch-src_tool__cb__hdr.c

Revision 1.201 / (download) - annotate - [select for diffs], Wed Sep 5 06:49:26 2018 UTC (8 months, 2 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base
Branch point for: pkgsrc-2018Q3
Changes since 1.200: +2 -3 lines
Diff to previous 1.200 (colored)

curl: update to 7.61.1.

This release includes the following bugfixes:

 o security advisory (CVE-2018-14618): NTLM password overflow via integer overflow [73]
 o CURLINFO_SIZE_UPLOAD: fix missing counter update [46]
 o CURLOPT_ACCEPT_ENCODING.3: list them comma-separated
 o CURLOPT_SSL_CTX_FUNCTION.3: might cause accidental connection reuse [72]
 o Curl_getoff_all_pipelines: improved for multiplexed [3]
 o DEPRECATE: remove release date from 7.62.0
 o HTTP: Don't attempt to needlessly decompress redirect body [30]
 o INTERNALS: require GnuTLS >= 2.11.3 [62]
 o README.md: add LGTM.com code quality grade for C/C++ [42]
 o SSLCERTS: improve the openssl command line
 o Silence GCC 8 cast-function-type warnings [47]
 o ares: check for NULL in completed-callback [3]
 o asyn-thread: Remove unused macro [40]
 o auth: only pick CURLAUTH_BEARER if we *have* a Bearer token [15]
 o auth: pick Bearer authentication whenever a token is available [15]
 o cmake: CMake config files are defining CURL_STATICLIB for static builds [54]
 o cmake: Respect BUILD_SHARED_LIBS [35]
 o cmake: Update scripts to use consistent style [9]
 o cmake: bumped minimum version to 3.4 [34]
 o cmake: link curl to the OpenSSL targets instead of lib absolute paths [34]
 o configure: conditionally enable pedantic-errors [64]
 o configure: fix for -lpthread detection with OpenSSL and pkg-config [38]
 o conn: remove the boolean 'inuse' field [3]
 o content_encoding: accept up to 4 unknown trailer bytes after raw deflate data [5]
 o cookie tests: treat files as text
 o cookies: support creation-time attribute for cookies [75]
 o curl: Fix segfault when -H @headerfile is empty [23]
 o curl: add http code 408 to transient list for --retry [78]
 o curl: fix time-of-check, time-of-use race in dir creation [71]
 o curl: use Content-Disposition before the "URL end" for -OJ [29]
 o curl: warn the user if a given file name looks like an option [56]
 o curl_threads: silence bad-function-cast warning [69]
 o darwinssl: add support for ALPN negotiation [7]
 o docs/CURLOPT_URL: fix indentation [20]
 o docs/CURLOPT_WRITEFUNCTION: size is always 1 [19]
 o docs/SECURITY-PROCESS: mention bounty, drop pre-notify
 o docs/examples: add hiperfifo example using linux epoll/timerfd [21]
 o docs: add disallow-username-in-url.d and haproxy-protocol.d to dist [50]
 o docs: clarify NO_PROXY env variable functionality [70]
 o docs: improved the manual pages of some callbacks [48]
 o docs: mention NULL is fine input to several functions [43]
 o formdata: Remove unused macro HTTPPOST_CONTENTTYPE_DEFAULT [40]
 o gopher: Do not translate `?' to `%09' [67]
 o header output: switch off all styles, not just unbold [8]
 o hostip: fix unused variable warning
 o http2: Use correct format identifier for stream_id [77]
 o http2: abort the send_callback if not setup yet [63]
 o http2: avoid set_stream_user_data() before stream is assigned [61]
 o http2: check nghttp2_session_set_stream_user_data return code [55]
 o http2: clear the drain counter in Curl_http2_done [27]
 o http2: make sure to send after RST_STREAM [58]
 o http2: separate easy handle from connections better [12]
 o http: fix for tiny "HTTP/0.9" response [51]
 o http_proxy: Remove unused macro SELECT_TIMEOUT [40]
 o lib/Makefile: only do symbol hiding if told to [32]
 o lib1502: fix memory leak in torture test [44]
 o lib1522: fix curl_easy_setopt argument type
 o libcurl-thread.3: expand somewhat on the NO_SIGNAL motivation [66]
 o mime: check Curl_rand_hex's return code [22]
 o multi: always do the COMPLETED procedure/state [3]
 o openssl: assume engine support in 1.0.0 or later [2]
 o openssl: fix debug messages [39]
 o projects: Improve Windows perl detection in batch scripts [49]
 o retry: return error if rewind was necessary but didn't happen [28]
 o reuse_conn(): memory leak - free old_conn->options [17]
 o schannel: client certificate store opening fix [68]
 o schannel: enable CALG_TLS1PRF for w32api >= 5.1
 o schannel: fix MinGW compile break [1]
 o sftp: don't send post-qoute sequence when retrying a connection [79]
 o smb: fix memory leak on early failure [26]
 o smb: fix memory-leak in URL parse error path [4]
 o smb_getsock: always wait for write socket too [11]
 o ssh-libssh: fix infinite connect loop on invalid private key [53]
 o ssh-libssh: reduce excessive verbose output about pubkey auth [53]
 o ssh-libssh: use FALLTHROUGH to silence gcc8 [76]
 o ssl: set engine implicitly when a PKCS#11 URI is provided [36]
 o sws: handle EINTR when calling select() [24]
 o system_win32: fix version checking [16]
 o telnet: Remove unused macros TELOPTS and TELCMDS [40]
 o test1143: disable MSYS2's POSIX path conversion [10]
 o test1148: disable if decimal separator is not point [65]
 o test1307: (fnmatch testing) disabled [31]
 o test1422: add required file feature [6]
 o test1531: Add timeout [41]
 o test1540: Remove unused macro TEST_HANG_TIMEOUT [40]
 o test214: disable MSYS2's POSIX path conversion for URL
 o test320: treat curl320.out file as binary [14]
 o tests/http_pipe.py: Use /usr/bin/env to find python
 o tests: Don't use Windows path %PWD for SSH tests [74]
 o tests: fixes for Windows line endlings [13]
 o tool_operate: Fix setting proxy TLS 1.3 ciphers
 o travis: build darwinssl on macos 10.12 to fix linker errors [33]
 o travis: execute "set -eo pipefail" for coverage build [45]
 o travis: run a 'make checksrc' too [25]
 o travis: update to GCC-8 [52]
 o travis: verify that man pages can be regenerated [50]
 o upload: allocate upload buffer on-demand [60]
 o upload: change default UPLOAD_BUFSIZE to 64KB [60]
 o urldata: remove unused pipe_broke struct field [57]
 o vtls: reinstantiate engine on duplicated handles [59]
 o windows: implement send buffer tuning [37]
 o wolfSSL/CyaSSL: Fix memory leak in Curl_cyassl_random [18]

Revision 1.200 / (download) - annotate - [select for diffs], Wed Aug 22 09:47:24 2018 UTC (9 months ago) by wiz
Branch: MAIN
Changes since 1.199: +2 -2 lines
Diff to previous 1.199 (colored)

Recursive bump for perl5-5.28.0

Revision 1.199 / (download) - annotate - [select for diffs], Thu Aug 16 18:54:32 2018 UTC (9 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.198: +2 -2 lines
Diff to previous 1.198 (colored)

revbump after boost-libs update

Revision 1.198 / (download) - annotate - [select for diffs], Tue Jul 31 09:34:49 2018 UTC (9 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.197: +2 -1 lines
Diff to previous 1.197 (colored)

curl: fix a regression with -O -J in 7.61.0 using upstream patch.

Bump PKGREVISION.

Revision 1.196.2.1 / (download) - annotate - [select for diffs], Sat Jul 14 16:53:15 2018 UTC (10 months, 1 week ago) by spz
Branch: pkgsrc-2018Q2
Changes since 1.196: +2 -2 lines
Diff to previous 1.196 (colored)

Pullup ticket #5784 - requested by bsiegert
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.197
- www/curl/PLIST                                                1.70
- www/curl/distinfo                                             1.144

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Wed Jul 11 18:13:26 UTC 2018

   Modified Files:
           pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   curl: updated to 7.61.0

   Curl and libcurl 7.61.0

   This release includes the following changes:
   * getinfo: add microsecond precise timers for seven intervals
   * curl: show headers in bold, switch off with --no-styled-output
   * httpauth: add support for Bearer tokens
   * Add CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS
   * curl: --tls13-ciphers and --proxy-tls13-ciphers
   * Add CURLOPT_DISALLOW_USERNAME_IN_URL
   * curl: --disallow-username-in-url

   This release includes the following bugfixes:
   * CVE-2018-0500: smtp: fix SMTP send buffer overflow
   * schannel: disable client cert option if APIs not available
   * schannel: disable manual verify if APIs not available
   * tests/libtest/Makefile: Do not unconditionally add gcc-specific flags
   * openssl: acknowledge --tls-max for default version too
   * stub_gssapi: fix 'unused parameter' warnings
   * examples/progressfunc: make it build on both new and old libcurls
   * docs: mention it is HA Proxy protocol "version 1"
   * curl_fnmatch: only allow two asterisks for matching
   * docs: clarify CURLOPT_HTTPGET
   * configure: replace a AC_TRY_RUN with CURL_RUN_IFELSE
   * configure: do compile-time SIZEOF checks instead of run-time
   * checksrc: make sure sizeof() is used *with* parentheses
   * CURLOPT_ACCEPT_ENCODING.3: add brotli and clarify a bit
   * schannel: make CAinfo parsing resilient to CR/LF
   * tftp: make sure error is zero terminated before printfing it
   * http resume: skip body if http code 416 (range error) is ignored
   * configure: add basic test of --with-ssl prefix
   * cmake: set -d postfix for debug builds
   * multi: provide a socket to wait for in Curl_protocol_getsock
   * content_encoding: handle zlib versions too old for Z_BLOCK
   * winbuild: only delete OUTFILE if it exists
   * winbuild: In MakefileBuild.vc fix typo DISTDIR->DIRDIST
   * schannel: add failf calls for client certificate failures
   * cmake: Fix the test for fsetxattr and strerror_r
   * curl.1: Fix cmdline-opts reference errors
   * cmdline-opts/gen.pl: warn if mutexes: or see-also: list non-existing options
   * cmake: check for getpwuid_r
   * configure: fix ssh2 linking when built with a static mbedtls
   * psl: use latest psl and refresh it periodically
   * fnmatch: insist on escaped bracket to match
   * KNOWN_BUGS: restore text regarding 2101
   * INSTALL: LDFLAGS=-Wl,-R/usr/local/ssl/lib
   * configure: override AR_FLAGS to silence warning
   * os400: implement mime api EBCDIC wrappers
   * curl.rc: embed manifest for correct Windows version detection
   * strictness: correct {infof, failf} format specifiers
   * tests: update .gitignore for libtests
   * configure: check for declaration of getpwuid_r
   * fnmatch: use the system one if available
   * CURLOPT_RESOLVE: always purge old entry first
   * multi: remove a potentially bad DEBUGF()
   * curl_addrinfo: use same #ifdef conditions in source as header
   * build: remove the Borland specific makefiles
   * axTLS: not considered fit for use
   * cmdline-opts/cert-type.d: mention "p12" as a recognized type
   * system.h: add support for IBM xlc C compiler
   * tests/libtest: Add lib1521 to nodist_SOURCES
   * mk-ca-bundle.pl: leave certificate name untouched
   * boringssl + schannel: undef X509_NAME in lib/schannel.h
   * openssl: assume engine support in 1.0.1 or later
   * cppcheck: fix warnings
   * test 46: make test pass after year 2025
   * schannel: support selecting ciphers
   * Curl_debug: remove dead printhost code
   * test 1455: unflakified
   * Curl_init_do: handle NULL connection pointer passed in
   * progress: remove a set of unused defines
   * mk-ca-bundle.pl: make -u delete certdata.txt if found not changed
   * GOVERNANCE.md: explains how this project is run
   * configure: use pkg-config for c-ares detection
   * configure: enhance ability to build with static openssl
   * maketgz: fix sed issues on OSX
   * multi: fix memory leak when stopped during name resolve
   * CURLOPT_INTERFACE.3: interface names not supported on Windows
   * url: fix dangling conn->data pointer
   * cmake: allow multiple SSL backends
   * system.h: fix for gcc on 32 bit OpenServer
   * ConnectionExists: make sure conn->data is set when "taking" a connection
   * multi: fix crash due to dangling entry in connect-pending list
   * CURLOPT_SSL_VERIFYPEER.3: Add performance note
   * netrc: use a larger buffer to support longer passwords
   * url: check Curl_conncache_add_conn return code
   * configure: Add dependent libraries after crypto
   * easy_perform: faster local name resolves by using *multi_timeout()
   * getnameinfo: not used, removed all configure checks
   * travis: add a build using the synchronous name resolver
   * CURLINFO_TLS_SSL_PTR.3: improve the example
   * openssl: allow TLS 1.3 by default
   * openssl: make the requested TLS version the *minimum* wanted
   * openssl: Remove some dead code
   * telnet: fix clang warnings
   * DEPRECATE: new doc describing planned item removals
   * example/crawler.c: simple crawler based on libxml2
   * libssh: goto DISCONNECT state on error, not SESSION_FREE
   * CMake: Remove unused functions
   * darwinssl: allow High Sierra users to build the code using GCC
   * scripts: include _curl as part of CLEANFILES
   * examples: fix -Wformat warnings
   * curl_setup: include <winerror.h> before <windows.h>
   * schannel: make more cipher options conditional
   * CMake: remove redundant and old end-of-block syntax
   * post303.d: clarify that this is an RFC violation


   To generate a diff of this commit:
   cvs rdiff -u -r1.196 -r1.197 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.69 -r1.70 pkgsrc/www/curl/PLIST
   cvs rdiff -u -r1.143 -r1.144 pkgsrc/www/curl/distinfo

Revision 1.197 / (download) - annotate - [select for diffs], Wed Jul 11 18:13:26 2018 UTC (10 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.196: +2 -2 lines
Diff to previous 1.196 (colored)

curl: updated to 7.61.0

Curl and libcurl 7.61.0

This release includes the following changes:
* getinfo: add microsecond precise timers for seven intervals
* curl: show headers in bold, switch off with --no-styled-output
* httpauth: add support for Bearer tokens
* Add CURLOPT_TLS13_CIPHERS and CURLOPT_PROXY_TLS13_CIPHERS
* curl: --tls13-ciphers and --proxy-tls13-ciphers
* Add CURLOPT_DISALLOW_USERNAME_IN_URL
* curl: --disallow-username-in-url

This release includes the following bugfixes:
* CVE-2018-0500: smtp: fix SMTP send buffer overflow
* schannel: disable client cert option if APIs not available
* schannel: disable manual verify if APIs not available
* tests/libtest/Makefile: Do not unconditionally add gcc-specific flags
* openssl: acknowledge --tls-max for default version too
* stub_gssapi: fix 'unused parameter' warnings
* examples/progressfunc: make it build on both new and old libcurls
* docs: mention it is HA Proxy protocol "version 1"
* curl_fnmatch: only allow two asterisks for matching
* docs: clarify CURLOPT_HTTPGET
* configure: replace a AC_TRY_RUN with CURL_RUN_IFELSE
* configure: do compile-time SIZEOF checks instead of run-time
* checksrc: make sure sizeof() is used *with* parentheses
* CURLOPT_ACCEPT_ENCODING.3: add brotli and clarify a bit
* schannel: make CAinfo parsing resilient to CR/LF
* tftp: make sure error is zero terminated before printfing it
* http resume: skip body if http code 416 (range error) is ignored
* configure: add basic test of --with-ssl prefix
* cmake: set -d postfix for debug builds
* multi: provide a socket to wait for in Curl_protocol_getsock
* content_encoding: handle zlib versions too old for Z_BLOCK
* winbuild: only delete OUTFILE if it exists
* winbuild: In MakefileBuild.vc fix typo DISTDIR->DIRDIST
* schannel: add failf calls for client certificate failures
* cmake: Fix the test for fsetxattr and strerror_r
* curl.1: Fix cmdline-opts reference errors
* cmdline-opts/gen.pl: warn if mutexes: or see-also: list non-existing options
* cmake: check for getpwuid_r
* configure: fix ssh2 linking when built with a static mbedtls
* psl: use latest psl and refresh it periodically
* fnmatch: insist on escaped bracket to match
* KNOWN_BUGS: restore text regarding 2101
* INSTALL: LDFLAGS=-Wl,-R/usr/local/ssl/lib
* configure: override AR_FLAGS to silence warning
* os400: implement mime api EBCDIC wrappers
* curl.rc: embed manifest for correct Windows version detection
* strictness: correct {infof, failf} format specifiers
* tests: update .gitignore for libtests
* configure: check for declaration of getpwuid_r
* fnmatch: use the system one if available
* CURLOPT_RESOLVE: always purge old entry first
* multi: remove a potentially bad DEBUGF()
* curl_addrinfo: use same #ifdef conditions in source as header
* build: remove the Borland specific makefiles
* axTLS: not considered fit for use
* cmdline-opts/cert-type.d: mention "p12" as a recognized type
* system.h: add support for IBM xlc C compiler
* tests/libtest: Add lib1521 to nodist_SOURCES
* mk-ca-bundle.pl: leave certificate name untouched
* boringssl + schannel: undef X509_NAME in lib/schannel.h
* openssl: assume engine support in 1.0.1 or later
* cppcheck: fix warnings
* test 46: make test pass after year 2025
* schannel: support selecting ciphers
* Curl_debug: remove dead printhost code
* test 1455: unflakified
* Curl_init_do: handle NULL connection pointer passed in
* progress: remove a set of unused defines
* mk-ca-bundle.pl: make -u delete certdata.txt if found not changed
* GOVERNANCE.md: explains how this project is run
* configure: use pkg-config for c-ares detection
* configure: enhance ability to build with static openssl
* maketgz: fix sed issues on OSX
* multi: fix memory leak when stopped during name resolve
* CURLOPT_INTERFACE.3: interface names not supported on Windows
* url: fix dangling conn->data pointer
* cmake: allow multiple SSL backends
* system.h: fix for gcc on 32 bit OpenServer
* ConnectionExists: make sure conn->data is set when "taking" a connection
* multi: fix crash due to dangling entry in connect-pending list
* CURLOPT_SSL_VERIFYPEER.3: Add performance note
* netrc: use a larger buffer to support longer passwords
* url: check Curl_conncache_add_conn return code
* configure: Add dependent libraries after crypto
* easy_perform: faster local name resolves by using *multi_timeout()
* getnameinfo: not used, removed all configure checks
* travis: add a build using the synchronous name resolver
* CURLINFO_TLS_SSL_PTR.3: improve the example
* openssl: allow TLS 1.3 by default
* openssl: make the requested TLS version the *minimum* wanted
* openssl: Remove some dead code
* telnet: fix clang warnings
* DEPRECATE: new doc describing planned item removals
* example/crawler.c: simple crawler based on libxml2
* libssh: goto DISCONNECT state on error, not SESSION_FREE
* CMake: Remove unused functions
* darwinssl: allow High Sierra users to build the code using GCC
* scripts: include _curl as part of CLEANFILES
* examples: fix -Wformat warnings
* curl_setup: include <winerror.h> before <windows.h>
* schannel: make more cipher options conditional
* CMake: remove redundant and old end-of-block syntax
* post303.d: clarify that this is an RFC violation

Revision 1.194.2.1 / (download) - annotate - [select for diffs], Sat May 19 09:11:30 2018 UTC (12 months ago) by spz
Branch: pkgsrc-2018Q1
Changes since 1.194: +2 -2 lines
Diff to previous 1.194 (colored) next main 1.195 (colored)

Pullup ticket #5757 - requested by bsiegert
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.196
- www/curl/PLIST                                                1.69
- www/curl/distinfo                                             1.143

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   leot
   Date:           Thu May 17 09:59:40 UTC 2018

   Modified Files:
            pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   curl: Update www/curl to 7.60.0

   Changes:
   7.60.0
   ------
   This release includes the following changes:

     o Add CURLOPT_HAPROXYPROTOCOL, support for the HAProxy PROXY protocol
     o Add --haproxy-protocol for the command line tool
     o Add CURLOPT_DNS_SHUFFLE_ADDRESSES, shuffle returned IP addresses

   This release includes the following bugfixes:

     o FTP: shutdown response buffer overflow CVE-2018-1000300
     o RTSP: bad headers buffer over-read CVE-2018-1000301
     o FTP: fix typo in recursive callback detection for seeking
     o test1208: marked flaky
     o HTTP: make header-less responses still count correct body size
     o user-agent.d:: mention --proxy-header as well
     o http2: fixes typo
     o cleanup: misc typos in strings and comments
     o rate-limit: use three second window to better handle high speeds
     o examples/hiperfifo.c: improved
     o pause: when changing pause state, update socket state
     o multi: improved pending transfers handling => improved performance
     o curl_version_info.3: fix ssl_version description
     o add_handle/easy_perform: clear errorbuffer on start if set
     o darwinssl: fix iOS build
     o cmake: add support for brotli
     o parsedate: support UT timezone
     o vauth/ntlm.h: fix the #ifdef header guard
     o lib/curl_path.h: added #ifdef header guard
     o vauth/cleartext: fix integer overflow check
     o CURLINFO_COOKIELIST.3: made the example not leak memory
     o cookie.d: mention that "-" as filename means stdin
     o CURLINFO_SSL_VERIFYRESULT.3: fixed the example
     o http2: read pending frames (including GOAWAY) in connection-check
     o timeval: remove compilation warning by casting
     o cmake: avoid warn-as-error during config checks
     o travis-ci: enable -Werror for CMake builds
     o openldap: fix for NULL return from ldap_get_attribute_ber()
     o threaded resolver: track resolver time and set suitable timeout values
     o cmake: Add advapi32 as explicit link library for win32
     o docs: fix CURLINFO_*_T examples use of CURL_FORMAT_CURL_OFF_T
     o test1148: set a fixed locale for the test
     o cookies: when reading from a file, only remove_expired once
     o cookie: store cookies per top-level-domain-specific hash table
     o openssl: fix build with LibreSSL 2.7
     o tls: fix mbedTLS 2.7.0 build + handle sha256 failures
     o openssl: RESTORED verify locations when verifypeer==0
     o file: restore old behavior for file:////foo/bar URLs
     o FTP: allow PASV on IPv6 connections when a proxy is being used
     o build-openssl.bat: allow custom paths for VS and perl
     o winbuild: make the clean target work without build-type
     o build-openssl.bat: Refer to VS2017 as VC14.1 instead of VC15
     o curl: retry on FTP 4xx, ignore other protocols
     o configure: detect (and use) sa_family_t
     o examples/sftpuploadresume: Fix Windows large file seek
     o build: cleanup to fix clang warnings/errors
     o winbuild: updated the documentation
     o lib: silence null-dereference warnings
     o travis: bump to clang 6 and gcc 7
     o travis: build libpsl and make builds use it
     o proxy: show getenv proxy use in verbose output
     o duphandle: make sure CURLOPT_RESOLVE is duplicated
     o all: Refactor malloc+memset to use calloc
     o checksrc: Fix typo
     o system.h: Add sparcv8plus to oracle/sunpro 32-bit detection
     o vauth: Fix typo
     o ssh: show libSSH2 error code when closing fails
     o test1148: tolerate progress updates better
     o urldata: make service names unconditional
     o configure: keep LD_LIBRARY_PATH changes local
     o ntlm_sspi: fix authentication using Credential Manager
     o schannel: add client certificate authentication
     o winbuild: Support custom devel paths for each dependency
     o schannel: add support for CURLOPT_CAINFO
     o http2: handle on_begin_headers() called more than once
     o openssl: support OpenSSL 1.1.1 verbose-mode trace messages
     o openssl: fix subjectAltName check on non-ASCII platforms
     o http2: avoid strstr() on data not zero terminated
     o http2: clear the "drain counter" when a stream is closed
     o http2: handle GOAWAY properly
     o tool_help: clarify --max-time unit of time is seconds
     o curl.1: clarify that options and URLs can be mixed
     o http2: convert an assert to run-time check
     o curl_global_sslset: always provide available backends
     o ftplistparser: keep state between invokes
     o Curl_memchr: zero length input can't match
     o examples/sftpuploadresume: typecast fseek argument to long
     o examples/http2-upload: expand buffer to avoid silly warning
     o ctype: restore character classification for non-ASCII platforms
     o mime: avoid NULL pointer dereference risk
     o cookies: ensure that we have cookies before writing jar
     o os400.c: fix checksrc warnings
     o configure: provide --with-wolfssl as an alias for --with-cyassl
     o cyassl: adapt to libraries without TLS 1.0 support built-in
     o http2: get rid of another strstr
     o checksrc: force indentation of lines after an else
     o cookies: remove unused macro
     o CURLINFO_PROTOCOL.3: mention the existing defined names
     o tests: provide 'manual' as a feature to optionally require
     o travis: enable libssh2 on both macos and Linux
     o CURLOPT_URL.3: added ENCODING section
     o wolfssl: Fix non-blocking connect
     o vtls: don't define MD5_DIGEST_LENGTH for wolfssl
     o docs: remove extraneous commas in man pages
     o URL: fix ASCII dependency in strcpy_url and strlen_url
     o ssh-libssh.c: fix left shift compiler warning
     o configure: only check for CA bundle for file-using SSL backends
     o travis: add an mbedtls build
     o http: don't set the "rewind" flag when not uploading anything
     o configure: put CURLDEBUG and DEBUGBUILD in lib/curl_config.h
     o transfer: don't unset writesockfd on setup of multiplexed conns
     o vtls: use unified "supports" bitfield member in backends
     o URLs: fix one more http url
     o travis: add a build using WolfSSL
     o openssl: change FILE ops to BIO ops
     o travis: add build using NSS
     o smb: reject negative file sizes
     o cookies: accept parameter names as cookie name
     o http2: getsock fix for uploads
     o all over: fixed format specifiers
     o http2: use the correct function pointer typedef

   This release would not have looked like this without help, code, reports and
   advice from friends like these:

      Adam Brown, Alex Baines, Anders Bakken, Anders Roxell, anshnd on github,
      Bas van Schaik, Bernard Spil, Chris Araman, Christian Schmitz, Cyril B,
      Dagobert Michelsen, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg,
      Dan McNulty, Dario Weisser, dasimx on github, David Garske, David L.,
      Denis Ollier, Dmitry Mikhirev, Dongliang Mu, Don J Olmstead, Eric
   Gallager,
      Ernst Sjöstrand, Frank Gevaerts, Gaurav Malhotra, Geeknik Labs, Howard
   Chu,
      iz8mbw on github, Jakub Wilk, Jon DeVree, Kees Dekker, Kobi Gurkan,
      Laurie Clark-Michalek, Lauri Kasanen, Lawrence Matthews, Luz Paz,
      Marcel Raad, Max Dymond, Michael Kaufmann, Michael Kilburn,
      Micha Janiszewski, Michal Trybus, Muz Dima, Nikos Tsipinakis, Ori
   Avtalion,
      Oumph on github, patelvivekv1993 on github, Patrick Monnerat,
      Philip Prindeville, Ray Satiro, Rick Deist, Rikard Falkeborn, Sergei
   Nikulov,
      Stefan Agner, steini2000 on github, Stephan Mühlstrasser, Sunny Purushe,
      Terry Wu, Vincas Razma, wncboy on github, Wyatt O'Day, 潩
      (64 contributors)

            Thanks! (and sorry if I forgot to mention someone)


   To generate a diff of this commit:
   cvs rdiff -u -r1.195 -r1.196 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.68 -r1.69 pkgsrc/www/curl/PLIST
   cvs rdiff -u -r1.142 -r1.143 pkgsrc/www/curl/distinfo

Revision 1.196 / (download) - annotate - [select for diffs], Thu May 17 09:59:39 2018 UTC (12 months, 1 week ago) by leot
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base
Branch point for: pkgsrc-2018Q2
Changes since 1.195: +2 -3 lines
Diff to previous 1.195 (colored)

curl: Update www/curl to 7.60.0

Changes:
7.60.0
------
This release includes the following changes:

 o Add CURLOPT_HAPROXYPROTOCOL, support for the HAProxy PROXY protocol
 o Add --haproxy-protocol for the command line tool
 o Add CURLOPT_DNS_SHUFFLE_ADDRESSES, shuffle returned IP addresses

This release includes the following bugfixes:

 o FTP: shutdown response buffer overflow CVE-2018-1000300
 o RTSP: bad headers buffer over-read CVE-2018-1000301
 o FTP: fix typo in recursive callback detection for seeking
 o test1208: marked flaky
 o HTTP: make header-less responses still count correct body size
 o user-agent.d:: mention --proxy-header as well
 o http2: fixes typo
 o cleanup: misc typos in strings and comments
 o rate-limit: use three second window to better handle high speeds
 o examples/hiperfifo.c: improved
 o pause: when changing pause state, update socket state
 o multi: improved pending transfers handling => improved performance
 o curl_version_info.3: fix ssl_version description
 o add_handle/easy_perform: clear errorbuffer on start if set
 o darwinssl: fix iOS build
 o cmake: add support for brotli
 o parsedate: support UT timezone
 o vauth/ntlm.h: fix the #ifdef header guard
 o lib/curl_path.h: added #ifdef header guard
 o vauth/cleartext: fix integer overflow check
 o CURLINFO_COOKIELIST.3: made the example not leak memory
 o cookie.d: mention that "-" as filename means stdin
 o CURLINFO_SSL_VERIFYRESULT.3: fixed the example
 o http2: read pending frames (including GOAWAY) in connection-check
 o timeval: remove compilation warning by casting
 o cmake: avoid warn-as-error during config checks
 o travis-ci: enable -Werror for CMake builds
 o openldap: fix for NULL return from ldap_get_attribute_ber()
 o threaded resolver: track resolver time and set suitable timeout values
 o cmake: Add advapi32 as explicit link library for win32
 o docs: fix CURLINFO_*_T examples use of CURL_FORMAT_CURL_OFF_T
 o test1148: set a fixed locale for the test
 o cookies: when reading from a file, only remove_expired once
 o cookie: store cookies per top-level-domain-specific hash table
 o openssl: fix build with LibreSSL 2.7
 o tls: fix mbedTLS 2.7.0 build + handle sha256 failures
 o openssl: RESTORED verify locations when verifypeer==0
 o file: restore old behavior for file:////foo/bar URLs
 o FTP: allow PASV on IPv6 connections when a proxy is being used
 o build-openssl.bat: allow custom paths for VS and perl
 o winbuild: make the clean target work without build-type
 o build-openssl.bat: Refer to VS2017 as VC14.1 instead of VC15
 o curl: retry on FTP 4xx, ignore other protocols
 o configure: detect (and use) sa_family_t
 o examples/sftpuploadresume: Fix Windows large file seek
 o build: cleanup to fix clang warnings/errors
 o winbuild: updated the documentation
 o lib: silence null-dereference warnings
 o travis: bump to clang 6 and gcc 7
 o travis: build libpsl and make builds use it
 o proxy: show getenv proxy use in verbose output
 o duphandle: make sure CURLOPT_RESOLVE is duplicated
 o all: Refactor malloc+memset to use calloc
 o checksrc: Fix typo
 o system.h: Add sparcv8plus to oracle/sunpro 32-bit detection
 o vauth: Fix typo
 o ssh: show libSSH2 error code when closing fails
 o test1148: tolerate progress updates better
 o urldata: make service names unconditional
 o configure: keep LD_LIBRARY_PATH changes local
 o ntlm_sspi: fix authentication using Credential Manager
 o schannel: add client certificate authentication
 o winbuild: Support custom devel paths for each dependency
 o schannel: add support for CURLOPT_CAINFO
 o http2: handle on_begin_headers() called more than once
 o openssl: support OpenSSL 1.1.1 verbose-mode trace messages
 o openssl: fix subjectAltName check on non-ASCII platforms
 o http2: avoid strstr() on data not zero terminated
 o http2: clear the "drain counter" when a stream is closed
 o http2: handle GOAWAY properly
 o tool_help: clarify --max-time unit of time is seconds
 o curl.1: clarify that options and URLs can be mixed
 o http2: convert an assert to run-time check
 o curl_global_sslset: always provide available backends
 o ftplistparser: keep state between invokes
 o Curl_memchr: zero length input can't match
 o examples/sftpuploadresume: typecast fseek argument to long
 o examples/http2-upload: expand buffer to avoid silly warning
 o ctype: restore character classification for non-ASCII platforms
 o mime: avoid NULL pointer dereference risk
 o cookies: ensure that we have cookies before writing jar
 o os400.c: fix checksrc warnings
 o configure: provide --with-wolfssl as an alias for --with-cyassl
 o cyassl: adapt to libraries without TLS 1.0 support built-in
 o http2: get rid of another strstr
 o checksrc: force indentation of lines after an else
 o cookies: remove unused macro
 o CURLINFO_PROTOCOL.3: mention the existing defined names
 o tests: provide 'manual' as a feature to optionally require
 o travis: enable libssh2 on both macos and Linux
 o CURLOPT_URL.3: added ENCODING section
 o wolfssl: Fix non-blocking connect
 o vtls: don't define MD5_DIGEST_LENGTH for wolfssl
 o docs: remove extraneous commas in man pages
 o URL: fix ASCII dependency in strcpy_url and strlen_url
 o ssh-libssh.c: fix left shift compiler warning
 o configure: only check for CA bundle for file-using SSL backends
 o travis: add an mbedtls build
 o http: don't set the "rewind" flag when not uploading anything
 o configure: put CURLDEBUG and DEBUGBUILD in lib/curl_config.h
 o transfer: don't unset writesockfd on setup of multiplexed conns
 o vtls: use unified "supports" bitfield member in backends
 o URLs: fix one more http url
 o travis: add a build using WolfSSL
 o openssl: change FILE ops to BIO ops
 o travis: add build using NSS
 o smb: reject negative file sizes
 o cookies: accept parameter names as cookie name
 o http2: getsock fix for uploads
 o all over: fixed format specifiers
 o http2: use the correct function pointer typedef

This release would not have looked like this without help, code, reports and
advice from friends like these:

  Adam Brown, Alex Baines, Anders Bakken, Anders Roxell, anshnd on github,
  Bas van Schaik, Bernard Spil, Chris Araman, Christian Schmitz, Cyril B,
  Dagobert Michelsen, Dan Fandrich, Daniel Gustafsson, Daniel Stenberg,
  Dan McNulty, Dario Weisser, dasimx on github, David Garske, David L.,
  Denis Ollier, Dmitry Mikhirev, Dongliang Mu, Don J Olmstead, Eric Gallager,
  Ernst Sjöstrand, Frank Gevaerts, Gaurav Malhotra, Geeknik Labs, Howard Chu,
  iz8mbw on github, Jakub Wilk, Jon DeVree, Kees Dekker, Kobi Gurkan,
  Laurie Clark-Michalek, Lauri Kasanen, Lawrence Matthews, Luz Paz,
  Marcel Raad, Max Dymond, Michael Kaufmann, Michael Kilburn,
  Micha Janiszewski, Michal Trybus, Muz Dima, Nikos Tsipinakis, Ori Avtalion,
  Oumph on github, patelvivekv1993 on github, Patrick Monnerat,
  Philip Prindeville, Ray Satiro, Rick Deist, Rikard Falkeborn, Sergei Nikulov,
  Stefan Agner, steini2000 on github, Stephan Mühlstrasser, Sunny Purushe,
  Terry Wu, Vincas Razma, wncboy on github, Wyatt O'Day, 潩
  (64 contributors)

        Thanks! (and sorry if I forgot to mention someone)

Revision 1.195 / (download) - annotate - [select for diffs], Sun Apr 29 21:31:24 2018 UTC (12 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.194: +2 -1 lines
Diff to previous 1.194 (colored)

revbump for boost-libs update

Revision 1.190.2.2 / (download) - annotate - [select for diffs], Fri Mar 16 21:16:19 2018 UTC (14 months, 1 week ago) by spz
Branch: pkgsrc-2017Q4
Changes since 1.190.2.1: +1 -1 lines
Diff to previous 1.190.2.1 (colored) to branchpoint 1.190 (colored) next main 1.191 (colored)

Pullup ticket #5721 - requested by maya
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.194
- www/curl/PLIST                                                1.68
- www/curl/distinfo                                             1.142

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Mar 14 07:44:24 UTC 2018

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   curl: update to 7.59.0.

   Curl and libcurl 7.59.0

   This release includes the following changes:

    o curl: add --proxy-pinnedpubkey [10]
    o added: CURLOPT_TIMEVALUE_LARGE and CURLINFO_FILETIME_T [13]
    o CURLOPT_RESOLVE: Add support for multiple IP addresses per entry [37]
    o Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS [37]
    o Add new tool option --happy-eyeballs-timeout-ms [37]
    o Add CURLOPT_RESOLVER_START_FUNCTION and CURLOPT_RESOLVER_START_DATA [39]

   This release includes the following bugfixes:

    o openldap: check ldap_get_attribute_ber() results for NULL before using [50]
    o FTP: reject path components with control codes [51]
    o readwrite: make sure excess reads don't go beyond buffer end [52]
    o lib555: drop text conversion and encode data as ascii codes [1]
    o lib517: make variable static to avoid compiler warning
    o lib544: sync ascii code data with textual data [1]
    o GSKit: restore pinnedpubkey functionality [2]
    o darwinssl: Don't import client certificates into Keychain on macOS [3]
    o parsedate: fix date parsing for systems with 32 bit long [4]
    o openssl: fix pinned public key build error in FIPS mode [5]
    o SChannel/WinSSL: Implement public key pinning [6]
    o cookies: remove verbose "cookie size:" output
    o progress-bar: don't use stderr explicitly, use bar->out [7]
    o Fixes for MSDOS
    o build: open VC15 projects with VS 2017
    o curl_ctype: private is*() type macros and functions [8]
    o configure: set PATH_SEPARATOR to colon for PATH w/o separator [9]
    o winbuild: make linker generate proper PDB [11]
    o curl_easy_reset: clear digest auth state [12]
    o curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6 [14]
    o range: commonize FTP and FILE range handling [15]
    o progress-bar docs: update to match implementation [16]
    o fnmatch: do not match the empty string with a character set
    o fnmatch: accept an alphanum to be followed by a non-alphanum in char set [17]
    o build: fix termios issue on android cross-compile [18]
    o getdate: return -1 for out of range [19]
    o formdata: use the mime-content type function [20]
    o time-cond: fix reading the file modification time on Windows [21]
    o build-openssl.bat: Extend VC15 support to include Enterprise and Professional
    o build-wolfssl.bat: Extend VC15 support to include Enterprise and Professional
    o openssl: Don't add verify locations when verifypeer=0
    o fnmatch: optimize processing of consecutive *s and ?s pattern characters [22]
    o schannel: fix compiler warnings [23]
    o content_encoding: Add "none" alias to "identity" [24]
    o get_posix_time: only check for overflows if they can happen
    o http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING [25]
    o README: language fix [26]
    o sha256: build with OpenSSL < 0.9.8 [27]
    o smtp: fix processing of initial dot in data [28]
    o --tlsauthtype: works only if libcurl is built with TLS-SRP support [29]
    o tests: new tests for http raw mode [30]
    o libcurl-security.3: man page discussion security concerns when using libcurl
    o curl_gssapi: make sure this file too uses our *printf()
    o BINDINGS: fix curb link (and remove ruby-curl-multi)
    o nss: use PK11_CreateManagedGenericObject() if available [31]
    o travis: add build with iconv enabled [32]
    o ssh: add two missing state names [33]
    o CURLOPT_HEADERFUNCTION.3: mention folded headers
    o http: fix the max header length detection logic [34]
    o header callback: don't chop headers into smaller pieces [35]
    o CURLOPT_HEADER.3: clarify problems with different data sizes
    o curl --version: show PSL if the run-time lib has it enabled
    o examples/sftpuploadresume: resume upload via CURLOPT_APPEND [36]
    o Return error if called recursively from within callbacks [38]
    o sasl: prefer PLAIN mechanism over LOGIN
    o winbuild: Use CALL to run batch scripts [40]
    o curl_share_setopt.3: connection cache is shared within multi handles
    o winbuild: Use macros for the names of some build utilities [41]
    o projects/README: remove reference to dead IDN link/package [42]
    o lib655: silence compiler warning [43]
    o configure: Fix version check for OpenSSL 1.1.1
    o docs/MANUAL: formfind.pl is not accessible on the site anymore [44]
    o unit1309: fix warning on Windows x64 [45]
    o unit1307: proper cleanup on OOM to fix torture tests
    o curl_ctype: fix macro redefinition warnings
    o build: get CFLAGS (including -werror) used for examples and tests [46]
    o NO_PROXY: fix for IPv6 numericals in the URL [47]
    o krb5: use nondeprecated functions [48]
    o winbuild: prefer documented zlib library names [49]
    o http2: mark the connection for close on GOAWAY [53]
    o limit-rate: kick in even before "limit" data has been received [54]
    o HTTP: allow "header;" to replace an internal header with a blank one [55]
    o http2: verbose output new MAX_CONCURRENT_STREAMS values
    o SECURITY: distros' max embargo time is 14 days
    o curl tool: accept --compressed also if Brotli is enabled and zlib is not
    o WolfSSL: adding TLSv1.3 [56]
    o checksrc.pl: add -i and -m options
    o CURLOPT_COOKIEFILE.3: "-" as file name means stdin


   To generate a diff of this commit:
   cvs rdiff -u -r1.193 -r1.194 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.67 -r1.68 pkgsrc/www/curl/PLIST
   cvs rdiff -u -r1.141 -r1.142 pkgsrc/www/curl/distinfo

Revision 1.194 / (download) - annotate - [select for diffs], Wed Mar 14 07:44:24 2018 UTC (14 months, 1 week ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base
Branch point for: pkgsrc-2018Q1
Changes since 1.193: +2 -2 lines
Diff to previous 1.193 (colored)

curl: update to 7.59.0.

Curl and libcurl 7.59.0

This release includes the following changes:

 o curl: add --proxy-pinnedpubkey [10]
 o added: CURLOPT_TIMEVALUE_LARGE and CURLINFO_FILETIME_T [13]
 o CURLOPT_RESOLVE: Add support for multiple IP addresses per entry [37]
 o Add option CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS [37]
 o Add new tool option --happy-eyeballs-timeout-ms [37]
 o Add CURLOPT_RESOLVER_START_FUNCTION and CURLOPT_RESOLVER_START_DATA [39]

This release includes the following bugfixes:

 o openldap: check ldap_get_attribute_ber() results for NULL before using [50]
 o FTP: reject path components with control codes [51]
 o readwrite: make sure excess reads don't go beyond buffer end [52]
 o lib555: drop text conversion and encode data as ascii codes [1]
 o lib517: make variable static to avoid compiler warning
 o lib544: sync ascii code data with textual data [1]
 o GSKit: restore pinnedpubkey functionality [2]
 o darwinssl: Don't import client certificates into Keychain on macOS [3]
 o parsedate: fix date parsing for systems with 32 bit long [4]
 o openssl: fix pinned public key build error in FIPS mode [5]
 o SChannel/WinSSL: Implement public key pinning [6]
 o cookies: remove verbose "cookie size:" output
 o progress-bar: don't use stderr explicitly, use bar->out [7]
 o Fixes for MSDOS
 o build: open VC15 projects with VS 2017
 o curl_ctype: private is*() type macros and functions [8]
 o configure: set PATH_SEPARATOR to colon for PATH w/o separator [9]
 o winbuild: make linker generate proper PDB [11]
 o curl_easy_reset: clear digest auth state [12]
 o curl/curl.h: fix comment typo for CURLOPT_DNS_LOCAL_IP6 [14]
 o range: commonize FTP and FILE range handling [15]
 o progress-bar docs: update to match implementation [16]
 o fnmatch: do not match the empty string with a character set
 o fnmatch: accept an alphanum to be followed by a non-alphanum in char set [17]
 o build: fix termios issue on android cross-compile [18]
 o getdate: return -1 for out of range [19]
 o formdata: use the mime-content type function [20]
 o time-cond: fix reading the file modification time on Windows [21]
 o build-openssl.bat: Extend VC15 support to include Enterprise and Professional
 o build-wolfssl.bat: Extend VC15 support to include Enterprise and Professional
 o openssl: Don't add verify locations when verifypeer==0
 o fnmatch: optimize processing of consecutive *s and ?s pattern characters [22]
 o schannel: fix compiler warnings [23]
 o content_encoding: Add "none" alias to "identity" [24]
 o get_posix_time: only check for overflows if they can happen
 o http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING [25]
 o README: language fix [26]
 o sha256: build with OpenSSL < 0.9.8 [27]
 o smtp: fix processing of initial dot in data [28]
 o --tlsauthtype: works only if libcurl is built with TLS-SRP support [29]
 o tests: new tests for http raw mode [30]
 o libcurl-security.3: man page discussion security concerns when using libcurl
 o curl_gssapi: make sure this file too uses our *printf()
 o BINDINGS: fix curb link (and remove ruby-curl-multi)
 o nss: use PK11_CreateManagedGenericObject() if available [31]
 o travis: add build with iconv enabled [32]
 o ssh: add two missing state names [33]
 o CURLOPT_HEADERFUNCTION.3: mention folded headers
 o http: fix the max header length detection logic [34]
 o header callback: don't chop headers into smaller pieces [35]
 o CURLOPT_HEADER.3: clarify problems with different data sizes
 o curl --version: show PSL if the run-time lib has it enabled
 o examples/sftpuploadresume: resume upload via CURLOPT_APPEND [36]
 o Return error if called recursively from within callbacks [38]
 o sasl: prefer PLAIN mechanism over LOGIN
 o winbuild: Use CALL to run batch scripts [40]
 o curl_share_setopt.3: connection cache is shared within multi handles
 o winbuild: Use macros for the names of some build utilities [41]
 o projects/README: remove reference to dead IDN link/package [42]
 o lib655: silence compiler warning [43]
 o configure: Fix version check for OpenSSL 1.1.1
 o docs/MANUAL: formfind.pl is not accessible on the site anymore [44]
 o unit1309: fix warning on Windows x64 [45]
 o unit1307: proper cleanup on OOM to fix torture tests
 o curl_ctype: fix macro redefinition warnings
 o build: get CFLAGS (including -werror) used for examples and tests [46]
 o NO_PROXY: fix for IPv6 numericals in the URL [47]
 o krb5: use nondeprecated functions [48]
 o winbuild: prefer documented zlib library names [49]
 o http2: mark the connection for close on GOAWAY [53]
 o limit-rate: kick in even before "limit" data has been received [54]
 o HTTP: allow "header;" to replace an internal header with a blank one [55]
 o http2: verbose output new MAX_CONCURRENT_STREAMS values
 o SECURITY: distros' max embargo time is 14 days
 o curl tool: accept --compressed also if Brotli is enabled and zlib is not
 o WolfSSL: adding TLSv1.3 [56]
 o checksrc.pl: add -i and -m options
 o CURLOPT_COOKIEFILE.3: "-" as file name means stdin

Revision 1.190.2.1 / (download) - annotate - [select for diffs], Wed Jan 24 19:43:13 2018 UTC (15 months, 4 weeks ago) by bsiegert
Branch: pkgsrc-2017Q4
Changes since 1.190: +2 -2 lines
Diff to previous 1.190 (colored)

Pullup ticket #5689 - requested by wiz
www/curl: security fix

Revisions pulled up:
- www/curl/Makefile                                             1.192
- www/curl/PLIST                                                1.67
- www/curl/distinfo                                             1.141
- www/curl/patches/patch-curl-config.in                         1.8

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Jan 24 07:57:19 UTC 2018

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo
   	pkgsrc/www/curl/patches: patch-curl-config.in

   Log Message:
   curl: update to 7.58.0.

   This release includes the following changes:

    o new libssh-powered SSH SCP/SFTP back-end
    o curl-config: add --ssl-backends [10]

   This release includes the following bugfixes:

    o http2: fix incorrect trailer buffer size [40]
    o http: prevent custom Authorization headers in redirects [55]
    o travis: add boringssl build [1]
    o examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL [2]
    o SSL: Avoid magic allocation of SSL backend specific data [3]
    o lib: don't export all symbols, just everything curl_* [4]
    o libssh2: send the correct CURLE error code on scp file not found
    o libssh2: return CURLE_UPLOAD_FAILED on failure to upload
    o openssl: enable pkcs12 in boringssl builds [5]
    o libssh2: remove dead code from SSH_SFTP_QUOTE [6]
    o sasl_getmesssage: make sure we have a long enough string to pass [7]
    o conncache: fix several lock issues [8]
    o threaded-shared-conn.c: new example
    o conncache: only allow multiplexing within same multi handle [9]
    o configure: check for netinet/in6.h [11]
    o URL: tolerate backslash after drive letter for FILE: [12]
    o openldap: add commented out debug possibilities [13]
    o include: get netinet/in.h before linux/tcp.h [14]
    o CONNECT: keep close connection flag in http_connect_state struct [15]
    o BINDINGS: another PostgreSQL client
    o curl: limit -# update frequency for unknown total size [16]
    o configure: add AX_CODE_COVERAGE only if using gcc [17]
    o curl.h: remove incorrect comment about ERRORBUFFER
    o openssl: improve data-pending check for https proxy [18]
    o curl: remove __EMX__ #ifdefs [19]
    o CURLOPT_PRIVATE.3: fix grammar [20]
    o sftp: allow quoted commands to use relative paths [21]
    o CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
    o RESOLVE: output verbose text when trying to set a duplicate name
    o openssl: Disable file buffering for Win32 SSLKEYLOGFILE [22]
    o multi_done: prune DNS cache [23]
    o tests: update .gitignore for libtests
    o tests: mark data files as non-executable in git
    o CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
    o curl.1: documented two missing valid exit codes
    o curl.1: mention http:// and https:// as valid proxy prefixes
    o vtls: replaced getenv() with curl_getenv() [24]
    o setopt: less *or equal* than INT_MAX/1000 should be fine [25]
    o examples/smtp-mail.c: use separate defines for options and mail
    o curl: support >256 bytes warning messsages [26]
    o conncache: fix a return code
    o krb5: fix a potential access of uninitialized memory
    o rand: add a clang-analyzer work-around
    o CURLOPT_READFUNCTION.3: refer to argument with correct name [27]
    o brotli: allow compiling with version 0.6.0
    o content_encoding: rework zlib_inflate [28]
    o curl_easy_reset: release mime-related data [29]
    o examples/rtsp: fix error handling macros [30]
    o build-openssl.bat: Added support for VC15
    o build-wolfssl.bat: Added support for VC15
    o build: Added Visual Studio 2017 project files
    o winbuild: Added support for VC15
    o curl: Support size modifiers for --max-filesize [32]
    o examples/cacertinmem: ignore cert-already-exists error [33]
    o brotli: data at the end of content can be lost [34]
    o curl_version_info.3: call the argument 'age' [35]
    o openssl: fix memory leak of SSLKEYLOGFILE filename
    o build: remove HAVE_LIMITS_H check [36]
    o --mail-rcpt: fix short-text description
    o scripts: allow all perl scripts to be run directly [37]
    o progress: calculate transfer speed on milliseconds if possible [38]
    o system.h: check __LONG_MAX__ for defining curl_off_t [31]
    o easy: fix connection ownership in curl_easy_pause [39]
    o setopt: reintroduce non-static Curl_vsetopt() for OS400 support [41]
    o setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values [42]
    o configure.ac: append extra linker flags instead of prepending them [43]
    o HTTP: bail out on negative Content-Length: values [44]
    o docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
    o mime: clone mime tree upon easy handle duplication [45]
    o openssl: enable SSLKEYLOGFILE support by default [46]
    o smtp/pop3/imap_get_message: decrease the data length too... [47]
    o CURLOPT_TCP_NODELAY.3: fix typo [48]
    o SMB: fix numeric constant suffix and variable types [49]
    o ftp-wildcard: fix matching an empty string with "*[^a]" [50]
    o curl_fnmatch: only allow 5 '*' sections in a single pattern
    o openssl: fix potential memory leak in SSLKEYLOGFILE logic
    o SSH: Fix state machine for ssh-agent authentication [51]
    o examples/url2file.c: add missing curl_global_cleanup() call [52]
    o http2: don't close connection when single transfer is stopped [53]
    o libcurl-env.3: first version
    o curl: progress bar refresh, get width using ioctl() [54]
    o CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support [56]

Revision 1.193 / (download) - annotate - [select for diffs], Wed Jan 24 12:17:43 2018 UTC (15 months, 4 weeks ago) by leot
Branch: MAIN
Changes since 1.192: +1 -4 lines
Diff to previous 1.192 (colored)

curl: Delete if-def block regarding TEST_TARGET and test dependencies

Define TEST_TARGET unconditionally and do not add `perl' to USE_TOOLS, `perl'
is already needed as tool.

Revision 1.192 / (download) - annotate - [select for diffs], Wed Jan 24 07:57:19 2018 UTC (15 months, 4 weeks ago) by wiz
Branch: MAIN
Changes since 1.191: +2 -3 lines
Diff to previous 1.191 (colored)

curl: update to 7.58.0.

This release includes the following changes:

 o new libssh-powered SSH SCP/SFTP back-end
 o curl-config: add --ssl-backends [10]

This release includes the following bugfixes:

 o http2: fix incorrect trailer buffer size [40]
 o http: prevent custom Authorization headers in redirects [55]
 o travis: add boringssl build [1]
 o examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL [2]
 o SSL: Avoid magic allocation of SSL backend specific data [3]
 o lib: don't export all symbols, just everything curl_* [4]
 o libssh2: send the correct CURLE error code on scp file not found
 o libssh2: return CURLE_UPLOAD_FAILED on failure to upload
 o openssl: enable pkcs12 in boringssl builds [5]
 o libssh2: remove dead code from SSH_SFTP_QUOTE [6]
 o sasl_getmesssage: make sure we have a long enough string to pass [7]
 o conncache: fix several lock issues [8]
 o threaded-shared-conn.c: new example
 o conncache: only allow multiplexing within same multi handle [9]
 o configure: check for netinet/in6.h [11]
 o URL: tolerate backslash after drive letter for FILE: [12]
 o openldap: add commented out debug possibilities [13]
 o include: get netinet/in.h before linux/tcp.h [14]
 o CONNECT: keep close connection flag in http_connect_state struct [15]
 o BINDINGS: another PostgreSQL client
 o curl: limit -# update frequency for unknown total size [16]
 o configure: add AX_CODE_COVERAGE only if using gcc [17]
 o curl.h: remove incorrect comment about ERRORBUFFER
 o openssl: improve data-pending check for https proxy [18]
 o curl: remove __EMX__ #ifdefs [19]
 o CURLOPT_PRIVATE.3: fix grammar [20]
 o sftp: allow quoted commands to use relative paths [21]
 o CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
 o RESOLVE: output verbose text when trying to set a duplicate name
 o openssl: Disable file buffering for Win32 SSLKEYLOGFILE [22]
 o multi_done: prune DNS cache [23]
 o tests: update .gitignore for libtests
 o tests: mark data files as non-executable in git
 o CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
 o curl.1: documented two missing valid exit codes
 o curl.1: mention http:// and https:// as valid proxy prefixes
 o vtls: replaced getenv() with curl_getenv() [24]
 o setopt: less *or equal* than INT_MAX/1000 should be fine [25]
 o examples/smtp-mail.c: use separate defines for options and mail
 o curl: support >256 bytes warning messsages [26]
 o conncache: fix a return code
 o krb5: fix a potential access of uninitialized memory
 o rand: add a clang-analyzer work-around
 o CURLOPT_READFUNCTION.3: refer to argument with correct name [27]
 o brotli: allow compiling with version 0.6.0
 o content_encoding: rework zlib_inflate [28]
 o curl_easy_reset: release mime-related data [29]
 o examples/rtsp: fix error handling macros [30]
 o build-openssl.bat: Added support for VC15
 o build-wolfssl.bat: Added support for VC15
 o build: Added Visual Studio 2017 project files
 o winbuild: Added support for VC15
 o curl: Support size modifiers for --max-filesize [32]
 o examples/cacertinmem: ignore cert-already-exists error [33]
 o brotli: data at the end of content can be lost [34]
 o curl_version_info.3: call the argument 'age' [35]
 o openssl: fix memory leak of SSLKEYLOGFILE filename
 o build: remove HAVE_LIMITS_H check [36]
 o --mail-rcpt: fix short-text description
 o scripts: allow all perl scripts to be run directly [37]
 o progress: calculate transfer speed on milliseconds if possible [38]
 o system.h: check __LONG_MAX__ for defining curl_off_t [31]
 o easy: fix connection ownership in curl_easy_pause [39]
 o setopt: reintroduce non-static Curl_vsetopt() for OS400 support [41]
 o setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values [42]
 o configure.ac: append extra linker flags instead of prepending them [43]
 o HTTP: bail out on negative Content-Length: values [44]
 o docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
 o mime: clone mime tree upon easy handle duplication [45]
 o openssl: enable SSLKEYLOGFILE support by default [46]
 o smtp/pop3/imap_get_message: decrease the data length too... [47]
 o CURLOPT_TCP_NODELAY.3: fix typo [48]
 o SMB: fix numeric constant suffix and variable types [49]
 o ftp-wildcard: fix matching an empty string with "*[^a]" [50]
 o curl_fnmatch: only allow 5 '*' sections in a single pattern
 o openssl: fix potential memory leak in SSLKEYLOGFILE logic
 o SSH: Fix state machine for ssh-agent authentication [51]
 o examples/url2file.c: add missing curl_global_cleanup() call [52]
 o http2: don't close connection when single transfer is stopped [53]
 o libcurl-env.3: first version
 o curl: progress bar refresh, get width using ioctl() [54]
 o CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support [56]

Revision 1.191 / (download) - annotate - [select for diffs], Mon Jan 1 21:18:12 2018 UTC (16 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.190: +2 -1 lines
Diff to previous 1.190 (colored)

Revbump after boost update

Revision 1.187.4.2 / (download) - annotate - [select for diffs], Wed Dec 27 18:34:01 2017 UTC (16 months, 3 weeks ago) by spz
Branch: pkgsrc-2017Q3
Changes since 1.187.4.1: +2 -2 lines
Diff to previous 1.187.4.1 (colored) to branchpoint 1.187 (colored) next main 1.188 (colored)

Pullup ticket #5657 - requested by he
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.190
- www/curl/distinfo                                             1.140,1.139
- www/curl/patches/patch-configure                              1.3

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Nov 29 13:56:28 UTC 2017

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo

   Log Message:
   curl: update to 7.57.0.

   Curl and libcurl 7.57.0

    o auth: add support for RFC7616 - HTTP Digest access authentication [12]
    o share: add support for sharing the connection cache [31]
    o HTTP: implement Brotli content encoding [28]

   This release includes the following bugfixes:

    o CVE-2017-8816: NTLM buffer overflow via integer overflow [47]
    o CVE-2017-8817: FTP wildcard out of bounds read [48]
    o CVE-2017-8818: SSL out of buffer access [49]
    o curl_mime_filedata.3: fix typos [1]
    o libtest: Add required test libraries for lib1552 and lib1553 [2]
    o fix time diffs for systems using unsigned time_t [3]
    o ftplistparser: memory leak fix: free temporary memory always [4]
    o multi: allow table handle sizes to be overridden [5]
    o wildcards: don't use with non-supported protocols [6]
    o curl_fnmatch: return error on illegal wildcard pattern [7]
    o transfer: Fix chunked-encoding upload too early exit [8]
    o curl_setup: Improve detection of CURL_WINDOWS_APP [9]
    o resolvers: only include anything if needed [10]
    o setopt: fix CURLOPT_SSH_AUTH_TYPES option read
    o appveyor: add a win32 build
    o Curl_timeleft: change return type to timediff_t [11]
    o cmake: Export libcurl and curl targets to use by other cmake projects [13]
    o curl: in -F option arg, comma is a delimiter for files only [14]
    o curl: improved ";type=" handling in -F option arguments
    o timeval: use mach_absolute_time() on MacOS [15]
    o curlx: the timeval functions are no longer provided as curlx_* [16]
    o mkhelp.pl: do not generate comment with current date [17]
    o memdebug: use send/recv signature for curl_dosend/curl_dorecv [18]
    o cookie: avoid NULL dereference [19]
    o url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1 [20]
    o include: remove conncache.h inclusion from where its not needed
    o CURLOPT_MAXREDIRS: allow -1 as a value [21]
    o tests: Fixed torture tests on tests 556 and 650
    o http2: Fixed OOM handling in upgrade request
    o url: fix CURLOPT_DNS_CACHE_TIMEOUT arg value check to allow -1
    o CURLOPT_INFILESIZE: accept -1 [22]
    o curl: pass through [] in URLs instead of calling globbing error [23]
    o curl: speed up handling of many URLs [24]
    o ntlm: avoid malloc(0) for zero length passwords [25]
    o url: remove faulty arg value check from CURLOPT_SSH_AUTH_TYPES [26]
    o HTTP: support multiple Content-Encodings [27]
    o travis: add a job with brotli enabled
    o url: remove unncessary NULL-check
    o fnmatch: remove dead code
    o connect: store IPv6 connection status after valid connection [29]
    o imap: deal with commands case insensitively [30]
    o --interface: add support for Linux VRF [32]
    o content_encoding: fix inflate_stream for no bytes available [33]
    o cmake: Correctly include curl.rc in Windows builds [34]
    o cmake: Add missing setmode check [35]
    o connect.c: remove executable bit on file [36]
    o SMB: fix uninitialized local variable
    o zlib/brotli: only include header files in modules needing them [37]
    o URL: return error on malformed URLs with junk after IPv6 bracket [38]
    o openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY [39]
    o macOS: Fix missing connectx function with Xcode version older than 9.0 [40]
    o --resolve: allow IP address within [] brackets [41]
    o examples/curlx: Fix code style [42]
    o ntlm: remove unnecessary NULL-check to please scan-build [43]
    o Curl_llist_remove: fix potential NULL pointer deref [43]
    o mime: fix "Value stored to 'sz' is never read" scan-build error [43]
    o openssl: fix "Value stored to 'rc' is never read" scan-build error [43]
    o http2: fix "Value stored to 'hdbuf' is never read" scan-build error [43]
    o http2: fix "Value stored to 'end' is never read" scan-build error [43]
    o Curl_open: fix OOM return error correctly [43]
    o url: reject ASCII control characters and space in host names [44]
    o examples/rtsp: clear RANGE again after use [45]
    o connect: improve the bind error message [46]
    o make: fix "make distclean" [50]
    o connect: add support for new TCP Fast Open API on Linux [51]
    o metalink: fix memory-leak and NULL pointer dereference [52]
    o URL: update "file:" URL handling [53]
    o ssh: remove check for a NULL pointer [54]
    o global_init: ignore CURL_GLOBAL_SSL's absense [55]


   To generate a diff of this commit:
   cvs rdiff -u -r1.189 -r1.190 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.139 -r1.140 pkgsrc/www/curl/distinfo

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   jperkin
   Date:           Fri Nov  3 09:40:37 UTC 2017

   Modified Files:
           pkgsrc/www/curl: distinfo
           pkgsrc/www/curl/patches: patch-configure

   Log Message:
   curl: Don't strip out user-supplied debug flags.


   To generate a diff of this commit:
   cvs rdiff -u -r1.138 -r1.139 pkgsrc/www/curl/distinfo
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/curl/patches/patch-configure

Revision 1.190 / (download) - annotate - [select for diffs], Wed Nov 29 13:56:27 2017 UTC (17 months, 3 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base
Branch point for: pkgsrc-2017Q4
Changes since 1.189: +2 -2 lines
Diff to previous 1.189 (colored)

curl: update to 7.57.0.

Curl and libcurl 7.57.0

 o auth: add support for RFC7616 - HTTP Digest access authentication [12]
 o share: add support for sharing the connection cache [31]
 o HTTP: implement Brotli content encoding [28]

This release includes the following bugfixes:

 o CVE-2017-8816: NTLM buffer overflow via integer overflow [47]
 o CVE-2017-8817: FTP wildcard out of bounds read [48]
 o CVE-2017-8818: SSL out of buffer access [49]
 o curl_mime_filedata.3: fix typos [1]
 o libtest: Add required test libraries for lib1552 and lib1553 [2]
 o fix time diffs for systems using unsigned time_t [3]
 o ftplistparser: memory leak fix: free temporary memory always [4]
 o multi: allow table handle sizes to be overridden [5]
 o wildcards: don't use with non-supported protocols [6]
 o curl_fnmatch: return error on illegal wildcard pattern [7]
 o transfer: Fix chunked-encoding upload too early exit [8]
 o curl_setup: Improve detection of CURL_WINDOWS_APP [9]
 o resolvers: only include anything if needed [10]
 o setopt: fix CURLOPT_SSH_AUTH_TYPES option read
 o appveyor: add a win32 build
 o Curl_timeleft: change return type to timediff_t [11]
 o cmake: Export libcurl and curl targets to use by other cmake projects [13]
 o curl: in -F option arg, comma is a delimiter for files only [14]
 o curl: improved ";type=" handling in -F option arguments
 o timeval: use mach_absolute_time() on MacOS [15]
 o curlx: the timeval functions are no longer provided as curlx_* [16]
 o mkhelp.pl: do not generate comment with current date [17]
 o memdebug: use send/recv signature for curl_dosend/curl_dorecv [18]
 o cookie: avoid NULL dereference [19]
 o url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1 [20]
 o include: remove conncache.h inclusion from where its not needed
 o CURLOPT_MAXREDIRS: allow -1 as a value [21]
 o tests: Fixed torture tests on tests 556 and 650
 o http2: Fixed OOM handling in upgrade request
 o url: fix CURLOPT_DNS_CACHE_TIMEOUT arg value check to allow -1
 o CURLOPT_INFILESIZE: accept -1 [22]
 o curl: pass through [] in URLs instead of calling globbing error [23]
 o curl: speed up handling of many URLs [24]
 o ntlm: avoid malloc(0) for zero length passwords [25]
 o url: remove faulty arg value check from CURLOPT_SSH_AUTH_TYPES [26]
 o HTTP: support multiple Content-Encodings [27]
 o travis: add a job with brotli enabled
 o url: remove unncessary NULL-check
 o fnmatch: remove dead code
 o connect: store IPv6 connection status after valid connection [29]
 o imap: deal with commands case insensitively [30]
 o --interface: add support for Linux VRF [32]
 o content_encoding: fix inflate_stream for no bytes available [33]
 o cmake: Correctly include curl.rc in Windows builds [34]
 o cmake: Add missing setmode check [35]
 o connect.c: remove executable bit on file [36]
 o SMB: fix uninitialized local variable
 o zlib/brotli: only include header files in modules needing them [37]
 o URL: return error on malformed URLs with junk after IPv6 bracket [38]
 o openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY [39]
 o macOS: Fix missing connectx function with Xcode version older than 9.0 [40]
 o --resolve: allow IP address within [] brackets [41]
 o examples/curlx: Fix code style [42]
 o ntlm: remove unnecessary NULL-check to please scan-build [43]
 o Curl_llist_remove: fix potential NULL pointer deref [43]
 o mime: fix "Value stored to 'sz' is never read" scan-build error [43]
 o openssl: fix "Value stored to 'rc' is never read" scan-build error [43]
 o http2: fix "Value stored to 'hdbuf' is never read" scan-build error [43]
 o http2: fix "Value stored to 'end' is never read" scan-build error [43]
 o Curl_open: fix OOM return error correctly [43]
 o url: reject ASCII control characters and space in host names [44]
 o examples/rtsp: clear RANGE again after use [45]
 o connect: improve the bind error message [46]
 o make: fix "make distclean" [50]
 o connect: add support for new TCP Fast Open API on Linux [51]
 o metalink: fix memory-leak and NULL pointer dereference [52]
 o URL: update "file:" URL handling [53]
 o ssh: remove check for a NULL pointer [54]
 o global_init: ignore CURL_GLOBAL_SSL's absense [55]

Revision 1.187.4.1 / (download) - annotate - [select for diffs], Sun Nov 12 12:13:32 2017 UTC (18 months, 1 week ago) by spz
Branch: pkgsrc-2017Q3
Changes since 1.187: +2 -3 lines
Diff to previous 1.187 (colored)

Pullup ticket #5641 - requested by he
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.188-1.189
- www/curl/PLIST                                                1.66
- www/curl/distinfo                                             1.137-1.138

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Oct  4 06:32:58 UTC 2017

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   curl: update to 7.56.0.

   Curl and libcurl 7.56.0

   This release includes the following changes:

    o curl: enable compression for SCP/SFTP with --compressed-ssh  [11]
    o libcurl: enable compression for SCP/SFTP with CURLOPT_SSH_COMPRESSION [11]
    o vtls: added dynamic changing SSL backend with curl_global_sslset() [28]
    o new MIME API, curl_mime_init() and friends [32]
    o openssl: initial SSLKEYLOGFILE implementation [36]

   This release includes the following bugfixes:

    o FTP: zero terminate the entry path even on bad input [67]
    o examples/ftpuploadresume.c: use portable code
    o runtests: match keywords case insensitively
    o travis: build the examples too [1]
    o strtoofft: reduce integer overflow risks globally [2]
    o zsh.pl: produce a working completion script again [3]
    o cmake: remove dead code for CURL_DISABLE_RTMP [4]
    o progress: Track total times following redirects [5]
    o configure: fix --disable-threaded-resolver [6]
    o cmake: remove dead code for DISABLED_THREADSAFE [7]
    o configure: fix clang version detection
    o darwinssi: fix error: variable length array used
    o travis: add metalink to some osx builds [8]
    o configure: check for __builtin_available() availability [9]
    o http_proxy: fix build error for CURL_DOES_CONVERSIONS [10]
    o examples/ftpuploadresume: checksrc compliance
    o ftp: fix CWD when doing multicwd then nocwd on same connection [12]
    o system.h: remove all CURL_SIZEOF_* defines [13]
    o http: Don't wait on CONNECT when there is no proxy [14]
    o system.h: check for __ppc__ as well [15]
    o http2_recv: return error better on fatal h2 errors [16]
    o scripts/contri*sh: use "git log --use-mailmap"
    o tftp: fix memory leak on too long filename [17]
    o system.h: fix build for hppa [18]
    o cmake: enable picky compiler options with clang and gcc [19]
    o makefile.m32: add support for libidn2 [20]
    o curl: turn off MinGW CRT's globbing [21]
    o request-target.d: mention added in 7.55.0
    o curl: shorten and clean up CA cert verification error message [22]
    o imap: support PREAUTH [23]
    o CURLOPT_USERPWD.3: see also CURLOPT_PROXYUSERPWD
    o examples/threaded-ssl: mention that this is for openssl before 1.1
    o winbuild: fix embedded manifest option [24]
    o tests: Make sure libtests & unittests call curl_global_cleanup()
    o system.h: include sys/poll.h for AIX [25]
    o darwinssl: handle long strings in TLS certs [26]
    o strtooff: fix build for systems with long long but no strtoll [27]
    o asyn-thread: Improved cleanup after OOM situations
    o HELP-US.md: "How to get started helping out in the curl project" [29]
    o curl.h: CURLSSLBACKEND_WOLFSSL used wrong value [30]
    o unit1301: fix error message on first test
    o ossfuzz: moving towards the ideal integration [31]
    o http: fix a memory leakage in checkrtspprefix()
    o examples/post-callback: stop returning one byte at a time
    o schannel: return CURLE_SSL_CACERT on failed verification [33]
    o MAIL-ETIQUETTE: added "1.9 Your emails are public"
    o http-proxy: treat all 2xx as CONNECT success [34]
    o openssl: use OpenSSL's default ciphers by default [35]
    o runtests.pl: support attribute "nonewline" in part verify/upload
    o configure: remove --enable-soname-bump and SONAME_BUMP [37]
    o travis: add c-ares enabled builds linux + osx [38]
    o vtls: fix WolfSSL 3.12 build problems [39]
    o http-proxy: when not doing CONNECT, that phase is done immediately [40]
    o configure: fix curl_off_t check's include order [41]
    o configure: use -Wno-varargs on clang 3.9[.X] debug builds
    o rtsp: do not call fwrite() with NULL pointer FILE * [42]
    o mbedtls: enable CA path processing [43]
    o travis: add build without HTTP/SMTP/IMAP
    o checksrc: verify more code style rules [44]
    o HTTP proxy: on connection re-use, still use the new remote port [45]
    o tests: add initial gssapi test using stub implementation [46]
    o rtsp: Segfault when using WRITEDATA [47]
    o docs: clarify the CURLOPT_INTERLEAVE* options behavior
    o non-ascii: use iconv() with 'char **' argument [48]
    o server/getpart: provide dummy function to build conversion enabled
    o conversions: fix several compiler warnings
    o openssl: add missing includes [49]
    o schannel: Support partial send for when data is too large [50]
    o socks: fix incorrect port number in SOCKS4 error message [51]
    o curl: fix integer overflow in timeout options [52]
    o travis: on mac, don't install openssl or libidn [53]
    o cookies: reject oversized cookies instead of truncating [54]
    o cookies: use lock when using CURLINFO_COOKIELIST [55]
    o curl: check fseek() return code and bail on error
    o examples/post-callback: use long for CURLOPT_POSTFIELDSIZE
    o openssl: only verify RSA private key if supported [56]
    o tests: make the imap server not verify user+password [57]
    o imap: quote atoms properly when escaping characters [58]
    o tests: fix a compiler warning in test 643
    o file_range: avoid integer overflow when figuring out byte range [59]
    o curl.h: include <sys/select.h> on cygwin too [60]
    o reuse_conn: don't copy flags that are known to be equal [61]
    o http: fix adding custom empty headers to repeated requests [62]
    o docs: clarify the use of environment variables for proxy [63]
    o docs: link CURLOPT_CONNECTTIMEOUT and CURLOPT_CONNECTTIMEOUT_MS [64]
    o connect: fix race condition with happy eyeballs timeout [65]
    o cookie: fix memory leak if path was set twice in header [66]
    o vtls: compare and clone ssl configs properly [68]
    o proxy: read the "no_proxy" variable only if necessary [69]


   To generate a diff of this commit:
   cvs rdiff -u -r1.187 -r1.188 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.65 -r1.66 pkgsrc/www/curl/PLIST
   cvs rdiff -u -r1.136 -r1.137 pkgsrc/www/curl/distinfo

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Mon Oct 23 06:59:36 UTC 2017

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo

   Log Message:
   curl: update to 7.56.1

   Curl and libcurl 7.56.1

   This release includes the following bugfixes:

    o imap: if a FETCH response has no size, don't call write callback
    o ftp: UBsan fixup 'pointer index expression overflowed
    o failf: skip the sprintf() if there are no consumers
    o fuzzer: move to using external curl-fuzzer
    o lib/Makefile.m32: allow customizing dll suffixes
    o docs: fix typo in curl_mime_data_cb man page
    o darwinssl: add support for TLSv1.3
    o build: fix --disable-crypto-auth
    o lib/config-win32.h: let SMB/SMBS be enabled with OpenSSL/NSS
    o openssl: fix build without HAVE_OPAQUE_EVP_PKEY
    o strtoofft: Remove extraneous null check
    o multi_cleanup: call DONE on handles that never got that
    o tests: added flaky keyword to tests 587 and 644
    o pingpong: return error when trying to send without connection
    o remove_handle: call multi_done() first, then clear dns cache pointer
    o mime: be tolerant about setting twice the same header list in a part.
    o mime: improve unbinding top multipart from easy handle.
    o mime: avoid resetting a part's encoder when part's contents change.
    o mime: refuse to add subparts to one of their own descendants
    o RTSP: avoid integer overflow on funny RTSP responses
    o curl: don't pass semicolons when parsing Content-Disposition
    o openssl: enable PKCS12 support for !BoringSSL
    o FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
    o CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
    o CURLOPT_XFERINFODATA.3: fix duplicate see also
    o test298: verify --ftp-method nowcwd with URL encoded path
    o FTP: URL decode path for dir listing in nocwd mode
    o smtp_done: fix memory leak on send failure
    o ftpserver: support case insensitive commands
    o test950; verify SMTP with custom request
    o openssl: don't use old BORINGSSL_YYYYMM macros
    o setopt: update current connection SSL verify params
    o winbuild/BUILD.WINDOWS.txt: mention WITH_NGHTTP2
    o curl: reimplement stdin buffering in -F option
    o mime: keep "text/plain" content type if user-specified
    o mime: fix the content reader to handle >16K data properly
    o configure: remove the C++ compiler check
    o memdebug: trace send, recv and socket
    o runtests: use valgrind for torture as well
    o ldap: silence clang warning
    o makefile.m32: allow to override gcc, ar and ranlib
    o setopt: avoid integer overflows when setting millsecond values
    o setopt: range check most long options
    o ftp: reject illegal IP/port in PASV 227 response
    o mime: do not reuse previously computed multipart size
    o vtls: change struct Curl_ssl `close' field name to `close_one'
    o os400: add missing symbols in config file
    o mime: limit bas64-encoded lines length to 76 characters
    o mk-ca-bundle: Remove URL for aurora
    o mk-ca-bundle: Fix URL for NSS


   To generate a diff of this commit:
   cvs rdiff -u -r1.188 -r1.189 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.137 -r1.138 pkgsrc/www/curl/distinfo

Revision 1.189 / (download) - annotate - [select for diffs], Mon Oct 23 06:59:36 2017 UTC (19 months ago) by adam
Branch: MAIN
Changes since 1.188: +2 -2 lines
Diff to previous 1.188 (colored)

curl: update to 7.56.1

Curl and libcurl 7.56.1

This release includes the following bugfixes:

 o imap: if a FETCH response has no size, don't call write callback
 o ftp: UBsan fixup 'pointer index expression overflowed
 o failf: skip the sprintf() if there are no consumers
 o fuzzer: move to using external curl-fuzzer
 o lib/Makefile.m32: allow customizing dll suffixes
 o docs: fix typo in curl_mime_data_cb man page
 o darwinssl: add support for TLSv1.3
 o build: fix --disable-crypto-auth
 o lib/config-win32.h: let SMB/SMBS be enabled with OpenSSL/NSS
 o openssl: fix build without HAVE_OPAQUE_EVP_PKEY
 o strtoofft: Remove extraneous null check
 o multi_cleanup: call DONE on handles that never got that
 o tests: added flaky keyword to tests 587 and 644
 o pingpong: return error when trying to send without connection
 o remove_handle: call multi_done() first, then clear dns cache pointer
 o mime: be tolerant about setting twice the same header list in a part.
 o mime: improve unbinding top multipart from easy handle.
 o mime: avoid resetting a part's encoder when part's contents change.
 o mime: refuse to add subparts to one of their own descendants
 o RTSP: avoid integer overflow on funny RTSP responses
 o curl: don't pass semicolons when parsing Content-Disposition
 o openssl: enable PKCS12 support for !BoringSSL
 o FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
 o CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
 o CURLOPT_XFERINFODATA.3: fix duplicate see also
 o test298: verify --ftp-method nowcwd with URL encoded path
 o FTP: URL decode path for dir listing in nocwd mode
 o smtp_done: fix memory leak on send failure
 o ftpserver: support case insensitive commands
 o test950; verify SMTP with custom request
 o openssl: don't use old BORINGSSL_YYYYMM macros
 o setopt: update current connection SSL verify params
 o winbuild/BUILD.WINDOWS.txt: mention WITH_NGHTTP2
 o curl: reimplement stdin buffering in -F option
 o mime: keep "text/plain" content type if user-specified
 o mime: fix the content reader to handle >16K data properly
 o configure: remove the C++ compiler check
 o memdebug: trace send, recv and socket
 o runtests: use valgrind for torture as well
 o ldap: silence clang warning
 o makefile.m32: allow to override gcc, ar and ranlib
 o setopt: avoid integer overflows when setting millsecond values
 o setopt: range check most long options
 o ftp: reject illegal IP/port in PASV 227 response
 o mime: do not reuse previously computed multipart size
 o vtls: change struct Curl_ssl `close' field name to `close_one'
 o os400: add missing symbols in config file
 o mime: limit bas64-encoded lines length to 76 characters
 o mk-ca-bundle: Remove URL for aurora
 o mk-ca-bundle: Fix URL for NSS

Revision 1.188 / (download) - annotate - [select for diffs], Wed Oct 4 06:32:58 2017 UTC (19 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.187: +2 -3 lines
Diff to previous 1.187 (colored)

curl: update to 7.56.0.

Curl and libcurl 7.56.0

This release includes the following changes:

 o curl: enable compression for SCP/SFTP with --compressed-ssh  [11]
 o libcurl: enable compression for SCP/SFTP with CURLOPT_SSH_COMPRESSION [11]
 o vtls: added dynamic changing SSL backend with curl_global_sslset() [28]
 o new MIME API, curl_mime_init() and friends [32]
 o openssl: initial SSLKEYLOGFILE implementation [36]

This release includes the following bugfixes:

 o FTP: zero terminate the entry path even on bad input [67]
 o examples/ftpuploadresume.c: use portable code
 o runtests: match keywords case insensitively
 o travis: build the examples too [1]
 o strtoofft: reduce integer overflow risks globally [2]
 o zsh.pl: produce a working completion script again [3]
 o cmake: remove dead code for CURL_DISABLE_RTMP [4]
 o progress: Track total times following redirects [5]
 o configure: fix --disable-threaded-resolver [6]
 o cmake: remove dead code for DISABLED_THREADSAFE [7]
 o configure: fix clang version detection
 o darwinssi: fix error: variable length array used
 o travis: add metalink to some osx builds [8]
 o configure: check for __builtin_available() availability [9]
 o http_proxy: fix build error for CURL_DOES_CONVERSIONS [10]
 o examples/ftpuploadresume: checksrc compliance
 o ftp: fix CWD when doing multicwd then nocwd on same connection [12]
 o system.h: remove all CURL_SIZEOF_* defines [13]
 o http: Don't wait on CONNECT when there is no proxy [14]
 o system.h: check for __ppc__ as well [15]
 o http2_recv: return error better on fatal h2 errors [16]
 o scripts/contri*sh: use "git log --use-mailmap"
 o tftp: fix memory leak on too long filename [17]
 o system.h: fix build for hppa [18]
 o cmake: enable picky compiler options with clang and gcc [19]
 o makefile.m32: add support for libidn2 [20]
 o curl: turn off MinGW CRT's globbing [21]
 o request-target.d: mention added in 7.55.0
 o curl: shorten and clean up CA cert verification error message [22]
 o imap: support PREAUTH [23]
 o CURLOPT_USERPWD.3: see also CURLOPT_PROXYUSERPWD
 o examples/threaded-ssl: mention that this is for openssl before 1.1
 o winbuild: fix embedded manifest option [24]
 o tests: Make sure libtests & unittests call curl_global_cleanup()
 o system.h: include sys/poll.h for AIX [25]
 o darwinssl: handle long strings in TLS certs [26]
 o strtooff: fix build for systems with long long but no strtoll [27]
 o asyn-thread: Improved cleanup after OOM situations
 o HELP-US.md: "How to get started helping out in the curl project" [29]
 o curl.h: CURLSSLBACKEND_WOLFSSL used wrong value [30]
 o unit1301: fix error message on first test
 o ossfuzz: moving towards the ideal integration [31]
 o http: fix a memory leakage in checkrtspprefix()
 o examples/post-callback: stop returning one byte at a time
 o schannel: return CURLE_SSL_CACERT on failed verification [33]
 o MAIL-ETIQUETTE: added "1.9 Your emails are public"
 o http-proxy: treat all 2xx as CONNECT success [34]
 o openssl: use OpenSSL's default ciphers by default [35]
 o runtests.pl: support attribute "nonewline" in part verify/upload
 o configure: remove --enable-soname-bump and SONAME_BUMP [37]
 o travis: add c-ares enabled builds linux + osx [38]
 o vtls: fix WolfSSL 3.12 build problems [39]
 o http-proxy: when not doing CONNECT, that phase is done immediately [40]
 o configure: fix curl_off_t check's include order [41]
 o configure: use -Wno-varargs on clang 3.9[.X] debug builds
 o rtsp: do not call fwrite() with NULL pointer FILE * [42]
 o mbedtls: enable CA path processing [43]
 o travis: add build without HTTP/SMTP/IMAP
 o checksrc: verify more code style rules [44]
 o HTTP proxy: on connection re-use, still use the new remote port [45]
 o tests: add initial gssapi test using stub implementation [46]
 o rtsp: Segfault when using WRITEDATA [47]
 o docs: clarify the CURLOPT_INTERLEAVE* options behavior
 o non-ascii: use iconv() with 'char **' argument [48]
 o server/getpart: provide dummy function to build conversion enabled
 o conversions: fix several compiler warnings
 o openssl: add missing includes [49]
 o schannel: Support partial send for when data is too large [50]
 o socks: fix incorrect port number in SOCKS4 error message [51]
 o curl: fix integer overflow in timeout options [52]
 o travis: on mac, don't install openssl or libidn [53]
 o cookies: reject oversized cookies instead of truncating [54]
 o cookies: use lock when using CURLINFO_COOKIELIST [55]
 o curl: check fseek() return code and bail on error
 o examples/post-callback: use long for CURLOPT_POSTFIELDSIZE
 o openssl: only verify RSA private key if supported [56]
 o tests: make the imap server not verify user+password [57]
 o imap: quote atoms properly when escaping characters [58]
 o tests: fix a compiler warning in test 643
 o file_range: avoid integer overflow when figuring out byte range [59]
 o curl.h: include <sys/select.h> on cygwin too [60]
 o reuse_conn: don't copy flags that are known to be equal [61]
 o http: fix adding custom empty headers to repeated requests [62]
 o docs: clarify the use of environment variables for proxy [63]
 o docs: link CURLOPT_CONNECTTIMEOUT and CURLOPT_CONNECTTIMEOUT_MS [64]
 o connect: fix race condition with happy eyeballs timeout [65]
 o cookie: fix memory leak if path was set twice in header [66]
 o vtls: compare and clone ssl configs properly [68]
 o proxy: read the "no_proxy" variable only if necessary [69]

Revision 1.187 / (download) - annotate - [select for diffs], Tue Aug 29 07:08:32 2017 UTC (20 months, 3 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-
Branch point for: pkgsrc-2017Q3
Changes since 1.186: +1 -6 lines
Diff to previous 1.186 (colored)

Remove superfluous automake dependency (after update).

Fixes PR 52513 by David H. Gutteridge.

Revision 1.186 / (download) - annotate - [select for diffs], Thu Aug 24 20:03:02 2017 UTC (20 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.185: +2 -1 lines
Diff to previous 1.185 (colored)

Revbump for boost update

Revision 1.185 / (download) - annotate - [select for diffs], Fri Aug 18 21:08:03 2017 UTC (21 months ago) by adam
Branch: MAIN
Changes since 1.184: +2 -1 lines
Diff to previous 1.184 (colored)

Requires devel/gettext-lib

Revision 1.184 / (download) - annotate - [select for diffs], Tue Aug 15 05:35:57 2017 UTC (21 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.183: +2 -2 lines
Diff to previous 1.183 (colored)

Curl and libcurl 7.55.1

This release includes the following bugfixes:
 o build: fix 'make install' with configure, install docs/libcurl/* too
 o make install: add 8 missing man pages to the installation
 o curl: do bounds check using a double comparison [1]
 o dist: Add dictserver.py/negtelnetserver.py to release [2]
 o digest_sspi: Don't reuse context if the user/passwd has changed [3]
 o gitignore: ignore top-level .vs folder [4]
 o build: check out *.sln files with Windows line endings [5]
 o travis: verify "make install" [6]
 o dist: fix the cmake build by shipping cmake_uninstall.cmake.in too [7]
 o metalink: fix error: in boolean context, suggest &instead
 o configure: use the threaded resolver backend by default if possible [8]
 o mkhelp.pl: allow executing this script directly [9]
 o maketgz: remove old *.dist files before making the tarball [10]
 o openssl: remove CONST_ASN1_BIT_STRING [11]
 o openssl: fix "error: this statement may fall through"
 o proxy: fix memory leak in case of invalid proxy server name [12]
 o curl/system.h: support more architectures (OpenRISC, ARC) [13]
 o docs: fix typos [14]
 o curl/system.h: add Oracle Solaris Studio [15]
 o CURLINFO_TOTAL_TIME: could wrongly return 4200 seconds [16]
 o docs: --connect-to clarified
 o cmake: allow user to override CMAKE_DEBUG_POSTFIX [17]
 o travis: test cmake build on tarball too
 o redirect: make it handle absolute redirects to IDN names [18]
 o curl/system.h: fix for gcc on PowerPC [19]
 o curl --interface: fixed for IPV6 unique local addresses [20]
 o cmake: threads detection improvements [21]

Revision 1.183 / (download) - annotate - [select for diffs], Wed Aug 9 08:50:17 2017 UTC (21 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.182: +7 -2 lines
Diff to previous 1.182 (colored)

Updated curl to 7.55.0.

Curl and libcurl 7.55.0

 Public curl releases:         167
 Command line options:         210
 curl_easy_setopt() options:   247
 Public functions in libcurl:  61
 Contributors:                 1571

This release includes the following changes:

 o curl: allow --header and --proxy-header read from file [7]
 o getinfo: provide sizes as curl_off_t [6]
 o curl: prevent binary output spewed to terminal [16]
 o curl: added --request-target [22]
 o libcurl: added CURLOPT_REQUEST_TARGET [22]
 o curl: added --socks5-{basic,gssapi}: control socks5 auth [30]
 o libcurl: added CURLOPT_SOCKS5_AUTH [30]

This release includes the following bugfixes:

 o glob: do not parse after a strtoul() overflow range (CVE-2017-1000101) [85]
 o tftp: reject file name lengths that don't fit (CVE-2017-1000100) [84]
 o file: output the correct buffer to the user (CVE-2017-1000099) [83]
 o includes: remove curl/curlbuild.h and curl/curlrules.h [1]
 o dist: make the hugehelp.c not get regenerated unnecessarily [2]
 o timers: store internal time stamps as time_t instead of doubles [3]
 o progress: let "current speed" be UL + DL speeds combined [4]
 o http-proxy: do the HTTP CONNECT process entirely non-blocking [5]
 o lib/curl_setup.h: remove CURL_WANTS_CA_BUNDLE_ENV [8]
 o fuzz: bring oss-fuzz initial code converted to C89 [10]
 o configure: disable nghttp2 too if HTTP has been disabled
 o mk-ca-bundle.pl: Check curl's exit code after certdata download [11]
 o test1148: verify the -# progressbar [12]
 o tests: stabilize test 2032 and 2033 [13]
 o HTTPS-Proxy: don't offer h2 for https proxy connections [14]
 o http-proxy: only attempt FTP over HTTP proxy [9]
 o curl-compilers.m4: enable vla warning for clang [15]
 o curl-compilers.m4: enable double-promotion warning [15]
 o curl-compilers.m4: enable missing-variable-declarations clang warning [15]
 o curl-compilers.m4: enable comma clang warning [15]
 o Makefile.m32: enable -W for MinGW32 build [15]
 o CURLOPT_PREQUOTE: not supported for SFTP [17]
 o http2: fix OOM crash
 o PIPELINING_SERVER_BL: cleanup the internal list use [18]
 o mkhelp.pl: fix script name in usage text
 o lib1521: add curl_easy_getinfo calls to the test set
 o travis: do the distcheck test build out-of-tree as well
 o if2ip: fix compiler warning in ISO C90 mode
 o lib: fix the djgpp build [19]
 o typecheck-gcc: add support for CURLINFO_OFF_T [20]
 o travis: enable typecheck-gcc warnings [21]
 o maketgz: switch to xz instead of lzma [23]
 o CURLINFO_REDIRECT_URL.3: mention the CURLOPT_MAXREDIRS case
 o curl-compilers.m4: fix unknown-warning-option on Apple clang [24]
 o winbuild: fix boringssl build [25]
 o curl/system.h: add check for XTENSA for 32bit gcc [26]
 o test1537: fixed memory leak on OOM
 o test1521: fix compiler warnings [27]
 o curl: fix memory leak on test 1147 OOM [28]
 o libtest/make: generate lib1521.c dynamically at build-time [29]
 o curl_strequal.3: fix typo in SYNOPSIS [31]
 o progress: prevent resetting t_starttransfer [32]
 o openssl: improve fallback seed of PRNG with a time based hash [33]
 o http2: improved PING frame handling [34]
 o test1450: add simple testing for DICT [35]
 o make: build the docs subdir only from within src [36]
 o cmake: Added compatibility options for older Windows versions [37]
 o gtls: fix build when sizeof(long) < sizeof(void *) [38]
 o url: make the original string get used on subsequent transfers [39]
 o timeval.c: Use long long constant type for timeval assignment [40]
 o tool_sleep: typecast to avoid macos compiler warning
 o travis.yml: use --enable-werror on debug builds [41]
 o test1451: add SMB support to the testbed [42]
 o configure: remove checks for 5 functions never used [43]
 o configure: try ldap/lber in reversed order first [44]
 o smb: fix build for djgpp/MSDOS [45]
 o travis: install nghttp2 on linux builds [46]
 o smb: add support for CURLOPT_FILETIME [47]
 o cmake: fix send/recv argument scanner for windows [48]
 o inet_pton: fix include on windows to get prototype [49]
 o select.h: avoid macro redefinition harder
 o cmake: if inet_pton is used, bump _WIN32_WINNT
 o asyn-thread.c: fix unused variable warnings on macOS
 o runtests: support "threaded-resolver" as a feature
 o test506: skip if threaded-resolver
 o cmake: remove spurious "-l" from linker flags [50]
 o cmake: add CURL_WERROR for enabling "warning as errors"
 o memdebug: don't setbuf() if the file open failed [51]
 o curl_easy_escape.3: mention the (lack of) encoding [52]
 o test1452: add telnet negotiation [53]
 o CURLOPT_POSTFIELDS.3: explain the 100-continue magic better
 o cmake: offer CMAKE_DEBUG_POSTFIX when building with MSVC [54]
 o tests/valgrind.supp: supress OpenSSL false positive seen on travis [55]
 o curl_setup_once: Remove ERRNO/SET_ERRNO macros [56]
 o curl-compilers.m4: disable warning spam with Cygwin's clang [57]
 o ldap: fix MinGW compiler warning [58]
 o make: fix docs build on OpenBSD [59]
 o curl_setup: always define WIN32_LEAN_AND_MEAN on Windows [60]
 o system.h: include winsock2.h before windows.h
 o winbuild: build with warning level 4 [61]
 o rtspd: fix MSVC level 4 warning
 o sockfilt: suppress conversion warning with explicit cast
 o libtest: fix MSVC warning C4706
 o darwinssl: fix pinnedpubkey build error [62]
 o tests/server/resolve.c: fix deprecation warning [63]
 o nss: fix a possible use-after-free in SelectClientCert() [64]
 o checksrc: escape open brace in regex
 o multi: mention integer overflow risk if using > 500 million sockets [65]
 o darwinssl: fix --tlsv1.2 regression [66]
 o timeval: struct curltime is a struct timeval replacement [67]
 o curl_rtmp: fix a compiler warning [68]
 o include.d: clarify that it concerns the response headers [69]
 o cmake: support make uninstall [70]
 o include.d: clarify --include is only for response headers [71]
 o libcurl: Stop using error codes defined under CURL_NO_OLDIES [72]
 o http: fix response code parser to avoid integer overflow [73]
 o configure: fix the check for IdnToUnicode [74]
 o multi: fix request timer management [75]
 o curl_threads: fix MSVC compiler warning [76]
 o travis: build on osx with openssl
 o travis: build on osx with libressl
 o CURLOPT_NETRC.3: mention the file name on windows
 o cmake: set MSVC warning level to 4 [77]
 o netrc: skip lines starting with '#' [78]
 o darwinssl: fix curlssl_sha256sum() compiler warnings on first argument
 o BUILD.WINDOWS: mention buildconf.bat for builds off git
 o darwinssl: silence compiler warnings [79]
 o travis: build on osx with darwinssl
 o FTP: skip unnecessary CWD when in nocwd mode [80]
 o gssapi: fix memory leak of output token in multi round context [81]
 o getparameter: avoid returning uninitialized 'usedarg' [82]
 o curl (debug build) easy_events: make event data static
 o curl: detect and bail out early on parameter integer overflows [86]
 o configure: fix recv/send/select detection on Android [87]

Revision 1.182 / (download) - annotate - [select for diffs], Wed Jun 14 07:11:41 2017 UTC (23 months, 1 week ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.181: +2 -3 lines
Diff to previous 1.181 (colored)

Changes 7.54.1:
curl: show the libcurl release date in --version output

Bugfixes:
CVE-2017-9502: default protocol drive letter buffer overflow
openssl: fix memory leak in servercert
tests: remove the html and PDF versions from the tarball
mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable
typecheck-gcc: handle function pointers properly
llist: no longer uses malloc
gnutls: removed some code when --disable-verbose is configured
lib: fix maybe-uninitialized warnings
multi: clarify condition in curl_multi_wait
schannel: Don't treat encrypted partial record as pending data
configure: fix the -ldl check for openssl, add -lpthread check
configure: accept -Og and -Ofast GCC flags
Makefile: avoid use of GNU-specific form of $<
if2ip: fix -Wcast-align warning
configure: stop prepending to LDFLAGS, CPPFLAGS
curl: set a 100K buffer size by default
typecheck-gcc: fix _curl_is_slist_info
nss: do not leak PKCS 11 slot while loading a key
nss: load libnssckbi.so if no other trust is specified
examples: ftpuploadfrommem.c
url: declare get_protocol_family() static
examples/cookie_interface.c: changed to example.com
test1443: test --remote-time
curl: use utimes instead of obsolescent utime when available
url: fixed a memory leak on OOM while setting CURLOPT_BUFFERSIZE
curl_rtmp: fix missing-variable-declarations warnings
tests: fixed OOM handling of unit tests to abort test
curl_setup: Ensure no more than one IDN lib is enabled
tool: Fix missing prototype warnings for CURL_DOES_CONVERSIONS
CURLOPT_BUFFERSIZE: 1024 bytes is now the minimum size
curl: non-boolean command line args reject --no- prefixes
telnet: Write full buffer instead of byte-by-byte
typecheck-gcc: add missing string options
typecheck-gcc: add support for CURLINFO_SOCKET
opt man pages: they all have examples now
curl_setup_once: use SEND_QUAL_ARG2 for swrite
test557: set a known good numeric locale
schannel: return a more specific error code for SEC_E_UNTRUSTED_ROOT
tests/server: make string literals const
runtests: use -R for random order
unit1305: fix compiler warning
curl_slist_append.3: clarify a NULL input creates a new list
tests/server: run checksrc by default in debug-builds
tests: fix -Wcast-qual warnings
runtests.pl: simplify the datacheck read section
curl: remove --environment and tool_writeenv.c
buildconf: fix hang on IRIX
tftp: silence bad-function-cast warning
asyn-thread: fix unused macro warnings
tool_parsecfg: fix -Wcast-qual warning
sendrecv: fix MinGW-w64 warning
test537: use correct variable type
rand: treat fake entropy the same regardless of endianness
curl: generate the --help output
tests: removed redundant --trace-ascii arguments
multi: assign IDs to all timers and make each timer singleton
multi: use a fixed array of timers instead of malloc
mbedtls: Support server renegotiation request
pipeline: fix mistakenly trying to pipeline POSTs
lib510: don't write past the end of the buffer if it's too small
CURLOPT_HTTPPROXYTUNNEL.3: clarify, add example
SecureTransport/DarwinSSL: Implement public key pinning
curl.1: clarify --config
curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH + USE_NTLM
darwinssl: Fix exception when processing a client-side certificate
curl.1: mention --oauth2-bearer's argument
mkhelp.pl: do not add current time into curl binary
asiohiper.cpp / evhiperfifo.c: deal with negative timerfunction input
ssh: fix memory leak in disconnect due to timeout
tests: stabilize test 1034
cmake: auto detection of CURL_CA_BUNDLE/CURL_CA_PATH
assert: avoid, use DEBUGASSERT instead
LDAP: using ldap_bind_s on Windows with methods
redirect: store the "would redirect to" URL when max redirs is reached
winbuild: fix the nghttp2 build
examples: fix -Wimplicit-fallthrough warnings
time: fix type conversions and compiler warnings
mbedtls: fix variable shadow warning
test557: fix ubsan runtime error due to int left shift
transfer: init the infilesize from the postfields
docs: clarify NO_PROXY further
build-wolfssl: Sync config with wolfSSL 3.11
curl-compilers.m4: enable -Wshift-sign-overflow for clang
example/externalsocket.c: make it use CLOSESOCKETFUNCTION too
lib574.c: use correct callback proto
lib583: fix compiler warning
curl-compilers.m4: fix compiler_num for clang
typecheck-gcc.h: separate getinfo slist checks from other pointers
typecheck-gcc.h: check CURLINFO_TLS_SSL_PTR and CURLINFO_TLS_SESSION
typecheck-gcc.h: check CURLINFO_CERTINFO
build: provide easy code coverage measuring
test1537: dedicated tests of the URL (un)escape API calls
curl_endian: remove unused functions
test1538: verify the libcurl strerror API calls
MD(4|5): silence cast-align clang warning
dedotdot: fixed output for ".." and "." only input
cyassl: define build macros before including ssl.h
updatemanpages.pl: error out on too old git version
curl_sasl: fix unused-variable warning
x509asn1: fix implicit-fallthrough warning with GCC 7
libtest: fix implicit-fallthrough warnings with GCC 7
BINDINGS: add Ring binding
curl_ntlm_core: pass unsigned char to toupper
test1262: verify ftp download with -z for "if older than this"
test1521: test all curl_easy_setopt options
typecheck-gcc: allow CURLOPT_STDERR to be NULL too
metalink: remove unused printf() argument
file: make speedcheck use current time for checks
configure: fix link with librtmp when specifying path
examples/multi-uv.c: fix deprecated symbol
cmake: Fix inconsistency regarding mbed TLS include directory
setopt: check CURLOPT_ADDRESS_SCOPE option range
gitignore: ignore all vim swap files
urlglob: fix division by zero
libressl: OCSP and intermediate certs workaround no longer needed

Revision 1.181 / (download) - annotate - [select for diffs], Sun Apr 30 01:21:25 2017 UTC (2 years ago) by ryoon
Branch: MAIN
Changes since 1.180: +2 -1 lines
Diff to previous 1.180 (colored)

Recursive revbump from boost update

Revision 1.178.2.2 / (download) - annotate - [select for diffs], Sun Apr 23 09:15:48 2017 UTC (2 years, 1 month ago) by bsiegert
Branch: pkgsrc-2017Q1
Changes since 1.178.2.1: +1 -6 lines
Diff to previous 1.178.2.1 (colored) to branchpoint 1.178 (colored) next main 1.179 (colored)

Pullup ticket #5327 - requested by wiz
www/curl: security fix

Revisions pulled up:
- www/curl/Makefile                                             1.180
- www/curl/PLIST                                                1.63
- www/curl/distinfo                                             1.130-1.131
- www/curl/patches/patch-src_Makefile.in                        1.1

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Apr 19 10:28:07 UTC 2017

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   Updated curl to 7.54.0.

   Curl and libcurl 7.54.0

    Public curl releases:         165
    Command line options:         207
    curl_easy_setopt() options:   245
    Public functions in libcurl:  61
    Contributors:                 1538

   This release includes the following changes:
    o Add CURL_SSLVERSION_MAX_* constants to CURLOPT_SSLVERSION [19]
    o Add --max-tls [19]
    o Add CURLOPT_SUPPRESS_CONNECT_HEADERS [24]
    o Add --suppress-connect-headers [24]

   This release includes the following bugfixes:

    o CVE-2017-7468: switch off SSL session id when client cert is used [68]
    o cmake: Replace invalid UTF-8 byte sequence [1]
    o tests: use consistent environment variables for setting charset
    o proxy: fixed a memory leak on OOM
    o ftp: removed an erroneous free in an OOM path
    o docs: de-duplicate file lists in the Makefiles [2]
    o ftp: fixed a NULL pointer dereference on OOM
    o gopher: fixed detection of an error condition from Curl_urldecode
    o url: fix unix-socket support for proxy-disabled builds [3]
    o test1139: allow for the possibility that the man page is not rebuilt
    o cyassl: get library version string at runtime
    o digest_sspi: fix compilation warning
    o tests: enable HTTP/2 tests to run with non-default port numbers
    o warnless: suppress compiler warning
    o darwinssl: Warn that disabling host verify also disables SNI [4]
    o configure: fix for --enable-pthreads [5]
    o checksrc.bat: Ignore curl_config.h.in, curl_config.h
    o no-keepalive.d: fix typo [6]
    o configure: fix --with-zlib when a path is specified [7]
    o build: fix gcc7 implicit fallthrough warnings [8]
    o fix potential use of uninitialized variables [9]
    o CURLOPT_SSL_CTX_FUNCTION.3: Fix EXAMPLE formatting errors [10]
    o CMake: Reorganize SSL support, separate WinSSL and SSPI [11]
    o CMake: Add DarwinSSL support [12]
    o CMake: Add mbedTLS support [13]
    o ares: return error at once if timed out before name resolve starts [14]
    o BINDINGS: added C++, perl, go and Scilab bindings
    o URL: return error on malformed URLs with junk after port number
    o KNOWN_BUGS: Add DarwinSSL won't import PKCS#12 without a password [15]
    o http2: Fix assertion error on redirect with CL=0 [16]
    o updatemanpages.pl: Update man pages to use current date and versions [17]
    o --insecure: clarify that this option is for server connections [18]
    o mkhelp: simplified the gzip code
    o build: fixed making man page in out-of-tree tarball builds
    o tests: disabled 1903 due to flakiness
    o openssl: add two /* FALLTHROUGH */ to satisfy coverity
    o cmdline-opts: fixed a few typos
    o authneg: clear auth.multi flag at http_done [20]
    o curl_easy_reset: Also reset the authentication state [21]
    o proxy: skip SSL initialization for closed connections [22]
    o http_proxy: ignore TE and CL in CONNECT 2xx responses [23]
    o tool_writeout: fixed a buffer read overrun on --write-out
    o make: regenerate docs/curl.1 by running make in docs [25]
    o winbuild: add basic support for OpenSSL 1.1.x [26]
    o build: removed redundant DEPENDENCIES from makefiles
    o CURLINFO_LOCAL_PORT.3: added example
    o curl: show HTTPS-Proxy options on CURLE_SSL_CACERT [27]
    o tests: strip more options from non-HTTP --libcurl tests
    o tests: fixed the documented test server port numbers
    o runtests.pl: fixed display of the Gopher IPv6 port number
    o multi: fix streamclose() crash in debug mode [28]
    o cmake: build manual pages [29]
    o cmake: add support for building HTML and PDF docs [30]
    o mbedtls: add support for CURLOPT_SSL_CTX_FUNCTION [31]
    o make: introduce 'test-nonflaky' target
    o CURLINFO_PRIMARY_IP.3: add example
    o tests/README: mention nroff for --manual tests [32]
    o mkhelp: disable compression if the perl gzip module is unavailable
    o openssl: fall back on SSL_ERROR_* string when no error detail [33]
    o asiohiper: make sure socket is open in event_cb [34]
    o tests/README: make "Run" section foolproof [35]
    o curl: check for end of input in writeout backslash handling
    o .gitattributes: turn off CRLF for *.am [36]
    o multi: fix MinGW-w64 compiler warnings
    o schannel: fix variable shadowing warning
    o openssl: exclude DSA code when OPENSSL_NO_DSA is defined [37]
    o http: Fix proxy connection reuse with basic-auth [38]
    o pause: handle mixed types of data when paused [39]
    o http: do not treat FTPS over CONNECT as HTTPS
    o conncache: make hashkey avoid malloc [40]
    o make: use the variable MAKE for recursive calls [41]
    o curl: fix callback argument inconsistency [42]
    o NTLM: check for features with #ifdef instead of #if [43]
    o cmake: add several missing files to the dist
    o select: use correct SIZEOF_ constant [44]
    o connect: fix unreferenced parameter warning
    o schannel: fix unused variable warning
    o gcc7: fix * in boolean context [45]
    o http2: silence unused parameter warnings
    o ssh: fix narrowing conversion warning
    o telnet: (win32) fix read callback return variable [46]
    o docs: Explain --fail-early does not imply --fail [47]
    o docs: added examples for CURLINFO_FILETIME.3 and CURLOPT_FILETIME.3
    o tests/server/util: remove in6addr_any for recent MinGW [48]
    o multi: make curl_multi_wait avoid malloc in the typical case [49]
    o include: curl/system.h is a run-time version of curlbuild.h [50]
    o easy: silence compiler warning
    o llist: replace Curl_llist_alloc with Curl_llist_init [51]
    o hash: move key into hash struct to reduce mallocs [52]
    o url: don't free postponed data on connection reuse [53]
    o curl_sasl: declare mechtable static
    o curl: fix Windows Unicode build
    o multi: fix queueing of pending easy handles [54]
    o tool_operate: fix MinGW compiler warning [55]
    o low_speed_limit: improved function for longer time periods [56]
    o gtls: fix compiler warning
    o sspi: print out InitializeSecurityContext() error message [57]
    o schannel: fix compiler warnings [58]
    o vtls: fix unreferenced variable warnings
    o INSTALL.md: fix secure transport configure arguments
    o CURLINFO_SCHEME.3: fix variable type
    o libcurl-thread.3: also mention threaded-resolver [59]
    o nss: load CA certificates even with --insecure [60]
    o openssl: fix this statement may fall through [61]
    o poll: prefer <poll.h> over <sys/poll.h> [62]
    o polarssl: unbreak build with versions < 1.3.8 [63]
    o Curl_expire_latest: ignore already expired timers [64]
    o configure: turn implicit function declarations into errors [65]
    o mbedtls: fix memory leak in error path [66]
    o http2: fix handle leak in error path [67]
    o .gitattributes: force shell scripts to LF [69]
    o configure.ac: ignore CR after version numbers [70]
    o extern-scan.pl: strip trailing CR [71]
    o openssl: make SSL_ERROR_to_str more future-proof [72]
    o openssl: fix thread-safety bugs in error-handling [73]
    o openssl: don't try to print nonexistant peer private keys [74]
    o nss: fix MinGW compiler warnings [75]

---
   Module Name:    pkgsrc
   Committed By:   ryoon
   Date:           Wed Apr 19 16:37:33 UTC 2017

   Modified Files:
           pkgsrc/www/curl: distinfo
   Added Files:
           pkgsrc/www/curl/patches: patch-src_Makefile.in

   Log Message:
   Do not use GNU make syntax. Fix build with bmake

Revision 1.180 / (download) - annotate - [select for diffs], Wed Apr 19 10:28:07 2017 UTC (2 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.179: +2 -7 lines
Diff to previous 1.179 (colored)

Updated curl to 7.54.0.

Curl and libcurl 7.54.0

 Public curl releases:         165
 Command line options:         207
 curl_easy_setopt() options:   245
 Public functions in libcurl:  61
 Contributors:                 1538

This release includes the following changes:
 o Add CURL_SSLVERSION_MAX_* constants to CURLOPT_SSLVERSION [19]
 o Add --max-tls [19]
 o Add CURLOPT_SUPPRESS_CONNECT_HEADERS [24]
 o Add --suppress-connect-headers [24]

This release includes the following bugfixes:

 o CVE-2017-7468: switch off SSL session id when client cert is used [68]
 o cmake: Replace invalid UTF-8 byte sequence [1]
 o tests: use consistent environment variables for setting charset
 o proxy: fixed a memory leak on OOM
 o ftp: removed an erroneous free in an OOM path
 o docs: de-duplicate file lists in the Makefiles [2]
 o ftp: fixed a NULL pointer dereference on OOM
 o gopher: fixed detection of an error condition from Curl_urldecode
 o url: fix unix-socket support for proxy-disabled builds [3]
 o test1139: allow for the possibility that the man page is not rebuilt
 o cyassl: get library version string at runtime
 o digest_sspi: fix compilation warning
 o tests: enable HTTP/2 tests to run with non-default port numbers
 o warnless: suppress compiler warning
 o darwinssl: Warn that disabling host verify also disables SNI [4]
 o configure: fix for --enable-pthreads [5]
 o checksrc.bat: Ignore curl_config.h.in, curl_config.h
 o no-keepalive.d: fix typo [6]
 o configure: fix --with-zlib when a path is specified [7]
 o build: fix gcc7 implicit fallthrough warnings [8]
 o fix potential use of uninitialized variables [9]
 o CURLOPT_SSL_CTX_FUNCTION.3: Fix EXAMPLE formatting errors [10]
 o CMake: Reorganize SSL support, separate WinSSL and SSPI [11]
 o CMake: Add DarwinSSL support [12]
 o CMake: Add mbedTLS support [13]
 o ares: return error at once if timed out before name resolve starts [14]
 o BINDINGS: added C++, perl, go and Scilab bindings
 o URL: return error on malformed URLs with junk after port number
 o KNOWN_BUGS: Add DarwinSSL won't import PKCS#12 without a password [15]
 o http2: Fix assertion error on redirect with CL=0 [16]
 o updatemanpages.pl: Update man pages to use current date and versions [17]
 o --insecure: clarify that this option is for server connections [18]
 o mkhelp: simplified the gzip code
 o build: fixed making man page in out-of-tree tarball builds
 o tests: disabled 1903 due to flakiness
 o openssl: add two /* FALLTHROUGH */ to satisfy coverity
 o cmdline-opts: fixed a few typos
 o authneg: clear auth.multi flag at http_done [20]
 o curl_easy_reset: Also reset the authentication state [21]
 o proxy: skip SSL initialization for closed connections [22]
 o http_proxy: ignore TE and CL in CONNECT 2xx responses [23]
 o tool_writeout: fixed a buffer read overrun on --write-out
 o make: regenerate docs/curl.1 by running make in docs [25]
 o winbuild: add basic support for OpenSSL 1.1.x [26]
 o build: removed redundant DEPENDENCIES from makefiles
 o CURLINFO_LOCAL_PORT.3: added example
 o curl: show HTTPS-Proxy options on CURLE_SSL_CACERT [27]
 o tests: strip more options from non-HTTP --libcurl tests
 o tests: fixed the documented test server port numbers
 o runtests.pl: fixed display of the Gopher IPv6 port number
 o multi: fix streamclose() crash in debug mode [28]
 o cmake: build manual pages [29]
 o cmake: add support for building HTML and PDF docs [30]
 o mbedtls: add support for CURLOPT_SSL_CTX_FUNCTION [31]
 o make: introduce 'test-nonflaky' target
 o CURLINFO_PRIMARY_IP.3: add example
 o tests/README: mention nroff for --manual tests [32]
 o mkhelp: disable compression if the perl gzip module is unavailable
 o openssl: fall back on SSL_ERROR_* string when no error detail [33]
 o asiohiper: make sure socket is open in event_cb [34]
 o tests/README: make "Run" section foolproof [35]
 o curl: check for end of input in writeout backslash handling
 o .gitattributes: turn off CRLF for *.am [36]
 o multi: fix MinGW-w64 compiler warnings
 o schannel: fix variable shadowing warning
 o openssl: exclude DSA code when OPENSSL_NO_DSA is defined [37]
 o http: Fix proxy connection reuse with basic-auth [38]
 o pause: handle mixed types of data when paused [39]
 o http: do not treat FTPS over CONNECT as HTTPS
 o conncache: make hashkey avoid malloc [40]
 o make: use the variable MAKE for recursive calls [41]
 o curl: fix callback argument inconsistency [42]
 o NTLM: check for features with #ifdef instead of #if [43]
 o cmake: add several missing files to the dist
 o select: use correct SIZEOF_ constant [44]
 o connect: fix unreferenced parameter warning
 o schannel: fix unused variable warning
 o gcc7: fix in boolean context [45]
 o http2: silence unused parameter warnings
 o ssh: fix narrowing conversion warning
 o telnet: (win32) fix read callback return variable [46]
 o docs: Explain --fail-early does not imply --fail [47]
 o docs: added examples for CURLINFO_FILETIME.3 and CURLOPT_FILETIME.3
 o tests/server/util: remove in6addr_any for recent MinGW [48]
 o multi: make curl_multi_wait avoid malloc in the typical case [49]
 o include: curl/system.h is a run-time version of curlbuild.h [50]
 o easy: silence compiler warning
 o llist: replace Curl_llist_alloc with Curl_llist_init [51]
 o hash: move key into hash struct to reduce mallocs [52]
 o url: don't free postponed data on connection reuse [53]
 o curl_sasl: declare mechtable static
 o curl: fix Windows Unicode build
 o multi: fix queueing of pending easy handles [54]
 o tool_operate: fix MinGW compiler warning [55]
 o low_speed_limit: improved function for longer time periods [56]
 o gtls: fix compiler warning
 o sspi: print out InitializeSecurityContext() error message [57]
 o schannel: fix compiler warnings [58]
 o vtls: fix unreferenced variable warnings
 o INSTALL.md: fix secure transport configure arguments
 o CURLINFO_SCHEME.3: fix variable type
 o libcurl-thread.3: also mention threaded-resolver [59]
 o nss: load CA certificates even with --insecure [60]
 o openssl: fix this statement may fall through [61]
 o poll: prefer <poll.h> over <sys/poll.h> [62]
 o polarssl: unbreak build with versions < 1.3.8 [63]
 o Curl_expire_latest: ignore already expired timers [64]
 o configure: turn implicit function declarations into errors [65]
 o mbedtls: fix memory leak in error path [66]
 o http2: fix handle leak in error path [67]
 o .gitattributes: force shell scripts to LF [69]
 o configure.ac: ignore CR after version numbers [70]
 o extern-scan.pl: strip trailing CR [71]
 o openssl: make SSL_ERROR_to_str more future-proof [72]
 o openssl: fix thread-safety bugs in error-handling [73]
 o openssl: don't try to print nonexistant peer private keys [74]
 o nss: fix MinGW compiler warnings [75]

Revision 1.178.2.1 / (download) - annotate - [select for diffs], Wed Apr 5 21:16:45 2017 UTC (2 years, 1 month ago) by spz
Branch: pkgsrc-2017Q1
Changes since 1.178: +6 -1 lines
Diff to previous 1.178 (colored)

Pullup ticket #5242 - requested by wiz
www/curl: security patch

Revisions pulled up:
- www/curl/Makefile                                             1.179
- www/curl/distinfo                                             1.129

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Apr  5 12:12:58 UTC 2017

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo

   Log Message:
   Updated curl to 7.53.1nb1.

   Add upstream patch fixing CVE-2017-7407.


   To generate a diff of this commit:
   cvs rdiff -u -r1.178 -r1.179 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.128 -r1.129 pkgsrc/www/curl/distinfo

Revision 1.179 / (download) - annotate - [select for diffs], Wed Apr 5 12:12:58 2017 UTC (2 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.178: +6 -1 lines
Diff to previous 1.178 (colored)

Updated curl to 7.53.1nb1.

Add upstream patch fixing CVE-2017-7407.

Revision 1.178 / (download) - annotate - [select for diffs], Sun Feb 26 08:37:46 2017 UTC (2 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base
Branch point for: pkgsrc-2017Q1
Changes since 1.177: +2 -2 lines
Diff to previous 1.177 (colored)

Changes 7.53.1:
Bugfixes:
* cyassl: fix typo
* url: Improve CURLOPT_PROXY_CAPATH error handling
* urldata: include curl_sspi.h when Windows SSPI is enabled
* formdata: check for EOF when reading from stdin
* tests: Set CHARSET & LANG to UTF-8 in 1035, 2046 and 2047
* url: Default the proxy CA bundle location to CURL_CA_BUNDLE
* rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header

Revision 1.177 / (download) - annotate - [select for diffs], Wed Feb 22 10:29:43 2017 UTC (2 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.176: +2 -3 lines
Diff to previous 1.176 (colored)

Updated curl to 7.53.0.

Curl and libcurl 7.53.0

This release includes the following changes:

 o unix_socket: added --abstract-unix-socket and CURLOPT_ABSTRACT_UNIX_SOCKET [25]
 o CURLOPT_BUFFERSIZE: support enlarging receive buffer [29]

This release includes the following bugfixes:

 o CVE-2017-2629: make SSL_VERIFYSTATUS work again [64]
 o gnutls-random: check return code for failed random
 o openssl-random: check return code when asking for random
 o http: remove "Curl_http_done: called premature" message
 o cyassl: use time_t instead of long for timeout
 o build-wolfssl: Sync config with wolfSSL 3.10
 o ftp-gss: check for init before use
 o configure: accept --with-libidn2 instead [1]
 o ftp: failure to resolve proxy should return that error code
 o curl.1: add three more exit codes
 o docs/ciphers: link to our own new page about ciphers
 o vtls: s/SSLEAY/OPENSSL - fixes multi_socket timeouts with openssl [2]
 o darwinssl: fix iOS build [3]
 o darwinssl: fix CFArrayRef leak [4]
 o cmake: use crypt32.lib when building with OpenSSL on windows [5]
 o curl_formadd.3: CURLFORM_CONTENTSLENGTH not needed when chunked [6]
 o digest_sspi: copy terminating NUL as well [7]
 o curl: fix --remote-time incorrect times on Windows [8]
 o curl.1: several updates and corrections [11]
 o content_encoding: change return code on a failure
 o curl.h: CURLE_FUNCTION_NOT_FOUND is no longer in use
 o docs: TCP_KEEPALIVE start and interval default to 60 [9]
 o darwinssl: --insecure overrides --cacert if both settings are in use [10]
 o TheArtOfHttpScripting: grammar
 o CIPHERS.md: document GSKit ciphers
 o wolfssl: support setting cipher list
 o wolfssl: display negotiated SSL version and cipher
 o lib506: fix build for Open Watcom [12]
 o asiohiper: improved socket handling [13]
 o examples: make the C++ examples follow our code style too
 o tests/sws: retry send() on EWOULDBLOCK [14]
 o cmake: Fix passing _WINSOCKAPI_ macro to compiler [15]
 o smtp: Fix STARTTLS denied error message
 o imap/pop3: don't print response character in STARTTLS denied messages [16]
 o rand: make it work without TLS backing [17]
 o url: fix parsing for when 'file' is the default protocol [18]
 o url: allow file://X:/path URLs on windows again [19]
 o gnutls: check for alpn and ocsp in configure [20]
 o IDN: Use TR46 'non-transitional' for toASCII translations [21]
 o url: Fix NO_PROXY env var to work properly with --proxy option [22]
 o CURLOPT_PREQUOTE.3: takes a struct curl_slist*, not a char* [23]
 o docs: Add note about libcurl copying strings to CURLOPT_* manpages [24]
 o curl: reset the easy handle at --next
 o --next docs: --trace and --trace-ascii are also global
 o --write-out docs: 'time_total' is not always shown with ms precision
 o http: print correct HTTP string in verbose output when using HTTP/2
 o docs: improved language in README.md HISTORY.md CONTRIBUTE.md [26]
 o http2: disable server push if not requested [27]
 o nss: use the correct lock in nss_find_slot_by_name()
 o usercertinmem.c: improve the short description
 o CURLOPT_CONNECT_TO: Fix compile warnings
 o docs: non-blocking SSL handshake is now supported with NSS
 o *.rc: escape non-ASCII/non-UTF-8 character for clarity [28]
 o mbedTLS: fix multi interface non-blocking handshake [30]
 o PolarSSL: fix multi interface non-blocking handshake [31]
 o VC: remove the makefile.vc6 build infra [32]
 o telnet: fix windows compiler warnings [33]
 o cookies: do not assume a valid domain has a dot
 o polarssl: fix hangs
 o gnutls: disable TLS session tickets [34]
 o mbedtls: disable TLS session tickets [35]
 o mbedtls: implement CTR-DRBG and HAVEGE random generators [36]
 o openssl: Don't use certificate after transferring ownership [37]
 o cmake: Support curl --xattr when built with cmake [38]
 o OS400: Fix symbols [39]
 o docs: Add more HTTPS proxy documentation [40]
 o docs: use more HTTPS links [41]
 o cmdline-opts: Fixed build and test in out of source tree builds
 o CHANGES.0: removed
 o schannel: Remove incorrect SNI disabled message [42]
 o darwinssl: Avoid parsing certificates when not in verbose mode [43]
 o test552: Fix typos [44]
 o telnet: Fix typos [45]
 o transfer: only retry nobody-requests for HTTP [46]
 o http2: reset push header counter fixes crash [47]
 o nss: make FTPS work with --proxytunnel [48]
 o test1139: Added the --manual keyword since the manual is required
 o polarssl, mbedtls: Fix detection of pending data [49]
 o http_proxy: Fix tiny memory leak upon edge case connecting to proxy [50]
 o URL: only accept ";options" in SMTP/POP3/IMAP URL schemes [51]
 o curl.1: ftp.sunet.se is no longer an FTP mirror
 o tool_operate: Show HTTPS-Proxy options on CURLE_SSL_CACERT [52]
 o http2: fix memory-leak when denying push streams [53]
 o configure: Allow disabling pthreads, fall back on Win32 threads [54]
 o curl: fix typo in time condition warning message [55]
 o axtls: adapt to API changes [56]
 o tool_urlglob: Allow a glob range with the same start and stop [57]
 o winbuild: add note on auto-detection of MACHINE in Makefile.vc [58]
 o http: fix missing 'Content-Length: 0' while negotiating auth [59]
 o proxy: fix hostname resolution and IDN conversion [60]
 o docs: fix timeout handling in multi-uv example
 o digest_sspi: Fix nonce-count generation in HTTP digest [61]
 o sftp: improved checks for create dir failures [62]
 o smb: use getpid replacement for windows UWP builds [63]
 o digest_sspi: Handle 'stale=TRUE' directive in HTTP digest [65]

Revision 1.176 / (download) - annotate - [select for diffs], Sun Jan 1 16:06:01 2017 UTC (2 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.175: +2 -1 lines
Diff to previous 1.175 (colored)

Revbump after boost update

Revision 1.175 / (download) - annotate - [select for diffs], Fri Dec 23 09:46:27 2016 UTC (2 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.174: +2 -2 lines
Diff to previous 1.174 (colored)

Updated curl to 7.52.1. Security update.

 Fixed in 7.52.1

Bugfixes:

    CVE-2016-9594: unititialized random
    lib557: fix checksrc warnings
    lib: fix MSVC compiler warnings
    lib557.c: use a shorter MAXIMIZE representation
    tests: run checksrc on debug builds

Revision 1.174 / (download) - annotate - [select for diffs], Wed Dec 21 10:07:37 2016 UTC (2 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.173: +2 -2 lines
Diff to previous 1.173 (colored)

Updated curl to 7.52.0. Security fixes.

Version 7.52.0 (20 Dec 2016)

Changes:

    nss: map CURL_SSLVERSION_DEFAULT to NSS default
    vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
    curl: introduce the --tlsv1.3 option to force TLS 1.3
    curl: Add --retry-connrefused
    proxy: Support HTTPS proxy and SOCKS+HTTP(s)
    add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}
    curl: add --fail-early

Bugfixes:

    CVE-2016-9586: printf floating point buffer overflow
    CVE-2016-9952: Win CE schannel cert wildcard matches too much
    CVE-2016-9953: Win CE schannel cert name out of buffer read
    msvc: removed a straggling reference to strequal.c
    winbuild: remove strcase.obj from curl build
    examples: bugfixed multi-uv.c
    configure: verify that compiler groks -Werror=partial-availability
    mbedtls: fix build with mbedtls versions < 2.4.0
    dist: add unit test CMakeLists.txt to the tarball
    curl -w: added more decimal digits to timing counters
    easy: Initialize info variables on easy init and duphandle
    cmake: disable poll for macOS
    http2: Don't send header fields prohibited by HTTP/2 spec
    ssh: check md5 fingerprints case insensitively (regression)
    openssl: initial TLS 1.3 adaptions
    curl_formadd.3: *_FILECONTENT and *_FILE need the file to be kept
    printf: fix ".*f" handling
    examples/fileupload.c: fclose the file as well
    SPNEGO: Fix memory leak when authentication fails
    realloc: use Curl_saferealloc to avoid common mistakes
    openssl: make sure to fail in the unlikely event that PRNG seeding fails
    URL-parser: for file://[host]/ URLs, the [host] must be localhost
    timeval: prefer time_t to hold seconds instead of long
    Curl_rand: fixed and moved to rand.c
    glob: fix [a-c] globbing regression
    darwinssl: fix SSL client certificate not found on MacOS Sierra
    curl.1: Clarify --dump-header only writes received headers
    http2: Fix address sanitizer memcpy warning
    http2: Use huge HTTP/2 windows
    connects: Don't mix unix domain sockets with regular ones
    url: Fix conn reuse for local ports and interfaces
    x509: Limit ASN.1 structure sizes to 256K
    checksrc: add more checks
    winbuild: add config option ENABLE_NGHTTP2
    http2: check nghttp2_session_set_local_window_size exists
    http2: Fix crashes when parent stream gets aborted
    CURLOPT_CONNECT_TO: Skip non-matching "connect-to" entries
    URL parser: reject non-numerical port numbers
    CONNECT: reject TE or CL in 2xx responses
    CONNECT: read responses one byte at a time
    curl: support zero-length argument strings in config files
    openssl: don't use OpenSSL's ERR_PACK
    curl.1: generated with the new man page system
    curl_easy_recv: Improve documentation and example program
    Curl_getconnectinfo: avoid checking if the connection is closed
    CIPHERS.md: attempt to document TLS cipher names

Revision 1.173 / (download) - annotate - [select for diffs], Wed Nov 2 07:09:38 2016 UTC (2 years, 6 months ago) by maya
Branch: MAIN
Changes since 1.172: +2 -3 lines
Diff to previous 1.172 (colored)

curl: update to 7.51.0. security fix

Curl and libcurl 7.51.0

 Public curl releases:         160
 Command line options:         185
 curl_easy_setopt() options:   225
 Public functions in libcurl:  61
 Contributors:                 1467

This release includes the following changes:

 o nss: additional cipher suites are now accepted by CURLOPT_SSL_CIPHER_LIST
 o New option: CURLOPT_KEEP_SENDING_ON_ERROR [10]

This release includes the following bugfixes:

 o CVE-2016-8615: cookie injection for other servers [28]
 o CVE-2016-8616: case insensitive password comparison [29]
 o CVE-2016-8617: OOB write via unchecked multiplication [30]
 o CVE-2016-8618: double-free in curl_maprintf [31]
 o CVE-2016-8619: double-free in krb5 code [32]
 o CVE-2016-8620: glob parser write/read out of bounds [33]
 o CVE-2016-8621: curl_getdate read out of bounds [34]
 o CVE-2016-8622: URL unescape heap overflow via integer truncation [35]
 o CVE-2016-8623: Use-after-free via shared cookies [36]
 o CVE-2016-8624: invalid URL parsing with '#' [37]
 o CVE-2016-8625: IDNA 2003 makes curl use wrong host [38]
 o openssl: fix per-thread memory leak using 1.0.1 or 1.0.2 [1]
 o http: accept "Transfer-Encoding: chunked" for HTTP/2 as well [2]
 o LICENSE-MIXING.md: update with mbedTLS dual licensing [3]
 o examples/imap-append: Set size of data to be uploaded [4]
 o test2048: fix url
 o darwinssl: disable RC4 cipher-suite support
 o CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting
 o openssl: don call CRYTPO_cleanup_all_ex_data [5]
 o libressl: fix version output [6]
 o easy: Reset all statistical session info in curl_easy_reset [7]
 o curl_global_cleanup.3: don't unload the lib with sub threads running [8]
 o dist: add CurlSymbolHiding.cmake to the tarball
 o docs: Remove that --proto is just used for initial retrieval [9]
 o configure: Fixed builds with libssh2 in a custom location
 o curl.1: --trace supports % for sending to stderr!
 o cookies: same domain handling changed to match browser behavior [11]
 o formpost: trying to attach a directory no longer crashes [12]
 o CURLOPT_DEBUGFUNCTION.3: fixed unused argument warning [13]
 o formpost: avoid silent snprintf() truncation
 o ftp: fix Curl_ftpsendf
 o mprintf: return error on too many arguments
 o smb: properly check incoming packet boundaries [14]
 o GIT-INFO: remove the Mac 10.1-specific details [15]
 o resolve: add error message when resolving using SIGALRM [16]
 o cmake: add nghttp2 support [17]
 o dist: remove PDF and HTML converted docs from the releases [18]
 o configure: disable poll() in macOS builds [19]
 o vtls: only re-use session-ids using the same scheme
 o pipelining: skip to-be-closed connections when pipelining [20]
 o win: fix Universal Windows Platform build [21]
 o curl: do not set CURLOPT_SSLENGINE to DEFAULT automatically [22]
 o maketgz: make it support "only" generating version info
 o Curl_socket_check: add extra check to avoid integer overflow
 o gopher: properly return error for poll failures
 o curl: set INTERLEAVEDATA too
 o polarssl: clear thread array at init
 o polarssl: fix unaligned SSL session-id lock
 o polarssl: reduce #ifdef madness with a macro
 o curl_multi_add_handle: set timeouts in closure handles [23]
 o configure: set min version flags for builds on mac [24]
 o INSTALL: converted to markdown => INSTALL.md
 o curl_multi_remove_handle: fix a double-free [25]
 o multi: fix inifinte loop in curl_multi_cleanup() [26]
 o nss: fix tight loop in non-blocking TLS handhsake over proxy [27]
 o mk-ca-bundle: Change URL retrieval to HTTPS-only by default [39]
 o mbedtls: stop using deprecated include file [40]
 o docs: fix req->data in multi-uv example [41]
 o configure: Fix test syntax for monotonic clock_gettime
 o CURLMOPT_MAX_PIPELINE_LENGTH.3: Clarify it's not for HTTP/2 [42]

This release includes the following known bugs:

 o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)

This release would not have looked like this without help, code, reports and
advice from friends like these:

  Akshay Vernekar, Alexander Sinditskiy, Anders Bakken, Andreas Streichardt,
  Andrei Sedoi, Bernard Spil, Christian Heimes, Dan Fandrich,
  Daniel Gustafsson, Daniel Stenberg, Darío Hereñú, David Woodhouse,
  Fernando Muñoz, Gregory Szorc, Jeroen Ooms, Kamil Dudka, Luậ Nguyứ,
  lukaszgn on github, Marcel Raad, Martin Frodl, Martin Storsjö,
  Michael Kaufmann, Michael Osipov, Miloš Ljumovi, Nick Zitzmann,
  nopjmp on github, Paul Joyce, Rainer Müller, Ray Satiro, Remo E,
  Rider Linden, Sebastian Mundry, Sergei Kuzmin, Stephen Brokenshire,
  Tobias Stoeckmann, Toby Peterson, Todd Short, Tony Kelman, Torben Dannhauer,
  Valentin David,
  (40 contributors)

        Thanks! (and sorry if I forgot to mention someone)

References to bug reports and discussions on issues:

 [1] = https://curl.haxx.se/bug/?i=964
 [2] = https://curl.haxx.se/bug/?i=1013
 [3] = https://curl.haxx.se/bug/?i=1019
 [4] = https://curl.haxx.se/bug/?i=1011
 [5] = https://curl.haxx.se/mail/lib-2016-09/0045.html
 [6] = https://curl.haxx.se/bug/?i=1029
 [7] = https://curl.haxx.se/bug/?i=1017
 [8] = https://curl.haxx.se/bug/?i=997
 [9] = https://curl.haxx.se/bug/?i=1031
 [10] = https://curl.haxx.se/libcurl/c/CURLOPT_KEEP_SENDING_ON_ERROR.html
 [11] = https://curl.haxx.se/bug/?i=1050
 [12] = https://curl.haxx.se/bug/?i=1053
 [13] = https://curl.haxx.se/bug/?i=1056
 [14] = https://curl.haxx.se/bug/?i=1052
 [15] = https://curl.haxx.se/bug/?i=1049
 [16] = https://curl.haxx.se/bug/?i=1066
 [17] = https://curl.haxx.se/bug/?i=922
 [18] = https://curl.haxx.se/mail/lib-2016-10/0040.html
 [19] = https://curl.haxx.se/bug/?i=1057
 [20] = https://curl.haxx.se/bug/?i=1075
 [21] = https://curl.haxx.se/bug/?i=1048
 [22] = https://curl.haxx.se/bug/?i=1042
 [23] = https://curl.haxx.se/bug/?i=739
 [24] = https://curl.haxx.se/bug/?i=1069
 [25] = https://curl.haxx.se/bug/?i=1083
 [26] = https://curl.haxx.se/mail/lib-2016-10/0011.html
 [27] = https://bugzilla.redhat.com/1388162
 [28] = https://curl.haxx.se/docs/adv_20161102A.html
 [29] = https://curl.haxx.se/docs/adv_20161102B.html
 [30] = https://curl.haxx.se/docs/adv_20161102C.html
 [31] = https://curl.haxx.se/docs/adv_20161102D.html
 [32] = https://curl.haxx.se/docs/adv_20161102E.html
 [33] = https://curl.haxx.se/docs/adv_20161102F.html
 [34] = https://curl.haxx.se/docs/adv_20161102G.html
 [35] = https://curl.haxx.se/docs/adv_20161102H.html
 [36] = https://curl.haxx.se/docs/adv_20161102I.html
 [37] = https://curl.haxx.se/docs/adv_20161102J.html
 [38] = https://curl.haxx.se/docs/adv_20161102K.html
 [39] = https://curl.haxx.se/bug/?i=1012
 [40] = https://curl.haxx.se/bug/?i=1087
 [41] = https://curl.haxx.se/bug/?i=1088
 [42] = https://curl.haxx.se/bug/?i=1059

Revision 1.172 / (download) - annotate - [select for diffs], Fri Oct 7 18:25:35 2016 UTC (2 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.171: +2 -1 lines
Diff to previous 1.171 (colored)

Revbump post boost update

Revision 1.171 / (download) - annotate - [select for diffs], Wed Sep 14 07:12:12 2016 UTC (2 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.170: +2 -2 lines
Diff to previous 1.170 (colored)

Updated curl to 7.50.3.

Curl and libcurl 7.50.3

This release includes the following bugfixes:

 o CVE-2016-7167: escape and unescape integer overflows [8]
 o mk-ca-bundle.pl: use SHA256 instead of SHA1
 o checksrc: detect strtok() use
 o errors: new alias CURLE_WEIRD_SERVER_REPLY [1]
 o http2: support > 64bit sized uploads [2]
 o openssl: fix bad memory free (regression) [3]
 o CMake: hide private library symbols [4]
 o http: refuse to pass on response body with NO_NODY was set [5]
 o cmake: fix curl-config --static-libs [6]
 o mbedtls: switch off NTLM in build if md4 isn't available [7]
 o curl: --create-dirs on windows groks both forward and backward slashes [9]

Revision 1.170 / (download) - annotate - [select for diffs], Wed Sep 7 07:55:51 2016 UTC (2 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.169: +2 -2 lines
Diff to previous 1.169 (colored)

Fixed in 7.50.2 - September 7 2016

Bugfixes:
---------
mbedtls: Added support for NTLM
SSH: fixed SFTP/SCP transfer problems
multi: make Curl_expire() work with 0 ms timeouts
mk-ca-bundle.pl: -m keeps ca cert meta data in output
TFTP: Fix upload problem with piped input
CURLOPT_TCP_NODELAY: now enabled by default
mbedtls: set verbose TLS debug when MBEDTLS_DEBUG is defined
http2: always wait for readable socket
cmake: Enable win32 large file support by default
cmake: Enable win32 threaded resolver by default
winbuild: Avoid setting redundant CFLAGS to compile commands
curl.h: make CURL_NO_OLDIES define CURL_STRICTER
docs: make more markdown files use .md extension
docs: CONTRIBUTE and LICENSE-MIXING were converted to markdown
winbuild: Allow changing C compiler via environment variable CC
rtsp: accept any RTSP session id
HTTP: retry failed HEAD requests on reused connections too
configure: add zlib search with pkg-config
openssl: accept subjectAltName iPAddress if no dNSName match
MANUAL: Remove invalid link to LDAP documentation
socks: improved connection procedure
proxy: reject attempts to use unsupported proxy schemes
proxy: bring back use of "Proxy-Connection:"
curl: allow "pkcs11:" prefix for client certificates
spnego_sspi: fix memory leak in case *outlen is zero
SOCKS: improve verbose output of SOCKS5 connection sequence
SOCKS: display the hostname returned by the SOCKS5 proxy server
http/sasl: Query authentication mechanism supported by SSPI before using
sasl: Don't use GSSAPI authentication when domain name not specified
win: Basic support for Universal Windows Platform apps
nss: fix incorrect use of a previously loaded certificate from file
nss: work around race condition in PK11_FindSlotByName()
ftp: fix wrong poll on the secondary socket
openssl: build warning-free with 1.1.0 (again)
HTTP: stop parsing headers when switching to unknown protocols
test219: Add http as a required feature
TLS: random file/egd doesn't have to match for conn reuse
schannel: Disable ALPN for Wine since it is causing problems
http2: make sure stream errors don't needlessly close the connection
http2: return CURLE_HTTP2_STREAM for unexpected stream close
darwinssl: --cainfo is intended for backward compatibility only
speed caps: not based on average speeds anymore
configure: make the cpp -P detection not clobber CPPFLAGS
http2: use named define instead of magic constant in read callback
http2: skip the content-length parsing, detect unknown size
http2: return EOF when done uploading without known size
darwinssl: test for errSecSuccess in PKCS12 import rather than noErr
openssl: fix CURLINFO_SSL_VERIFYRESULT

Revision 1.166.2.1 / (download) - annotate - [select for diffs], Wed Aug 10 17:06:46 2016 UTC (2 years, 9 months ago) by bsiegert
Branch: pkgsrc-2016Q2
Changes since 1.166: +2 -2 lines
Diff to previous 1.166 (colored) next main 1.167 (colored)

Pullup ticket #5079 - requested by sevan
www/curl: security fix

Revisions pulled up:
- www/curl/Makefile                                             1.168-1.169
- www/curl/PLIST                                                1.59
- www/curl/distinfo                                             1.120-1.121

---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Sun Jul 24 18:38:34 UTC 2016

   Modified Files:
           pkgsrc/www/curl: Makefile distinfo

   Log Message:
   Updated curl to 7.50.0.

    Fixed in 7.50.0 - July 21 2016

   Changes:

       http: add CURLINFO_HTTP_VERSION and %{http_version}

   Bugfixes:

       memdebug: fix MSVC crash with -DMEMDEBUG_LOG_SYNC
       openssl: fix build with OPENSSL_NO_COMP
       mbedtls: removed unused variables
       cmake: Added missing mbedTLS support
       URL parser: allow URLs to use one, two or three slashes
       curl: fix -q [regression]
       openssl: Use correct buffer sizes for error messages
       curl: fix SIGSEGV while parsing URL with too many globs
       schannel: add CURLOPT_CERTINFO support
       vtls: fix ssl session cache race condition
       http: Fix HTTP/2 connection reuse [regression]
       checksrc: Add LoadLibrary to the banned functions list
       schannel: Disable ALPN on Windows < 8.1
       configure: occasional ignorance of --enable-symbol-hiding with GCC
       http2: test17xx are the first real HTTP/2 tests
       resolve: add support for IPv6 DNS64/NAT64 Networks on OS X + iOS
       curl_multi_socket_action.3: rewording
       CURLOPT_POSTFIELDS.3: Clarify what happens when set empty
       cmake: Fix build with winldap
       openssl: fix cert check with non-DNS name fields present
       curl.1: mention the units for the progress meter
       openssl: use more 'const' to fix build warnings with 1.1.0 branch
       cmake: now using BUILD_TESTING=ON/OFF
       vtls: Only call add/getsession if session id is enabled
       headers: forward declare CURL, CURLM and CURLSH as structs
       configure: improve detection of CA bundle path on FreeBSD
       SFTP: set a generic error when no SFTP one exists
       curl_global_init.3: expand on the SSL and WIN32 bits purpose
       conn: don't free easy handle data in handler->disconnect
       cookie.c: Fix misleading indentation
       library: Fix memory leaks found during static analysis
       CURLMOPT_SOCKETFUNCTION.3: fix typo
       curl_global_init: moved the "IPv6 works" check here
       connect: disable TFO on Linux when using SSL
       vauth: Fixed memory leak due to function returning without free
       winbuild: fix embedded manifest option

---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Wed Aug  3 08:57:51 UTC 2016

   Modified Files:
           pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   Updated curl to 7.50.1.

    Bugfixes:

       TLS: switch off SSL session id when client cert is used
       TLS: only reuse connections with the same client cert
       curl_multi_cleanup: clear connection pointer for easy handles
       include the CURLINFO_HTTP_VERSION man page into the release tarball
       include the http2-server.pl script in the release tarball
       test558: fix test by stripping file paths from FD lines
       spnego: Corrected miss-placed * in Curl_auth_spnego_cleanup() declaration
       tests: Fix for http/2 feature
       cmake: Fix for schannel support
       curl.h: make public types void * again
       win32: fix a potential memory leak in Curl_load_library
       travis: fix OSX build by re-installing libtool
       mbedtls: Fix debug function name

Revision 1.169 / (download) - annotate - [select for diffs], Wed Aug 3 08:57:51 2016 UTC (2 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.168: +2 -2 lines
Diff to previous 1.168 (colored)

Updated curl to 7.50.1.

 Bugfixes:

    TLS: switch off SSL session id when client cert is used
    TLS: only reuse connections with the same client cert
    curl_multi_cleanup: clear connection pointer for easy handles
    include the CURLINFO_HTTP_VERSION man page into the release tarball
    include the http2-server.pl script in the release tarball
    test558: fix test by stripping file paths from FD lines
    spnego: Corrected miss-placed * in Curl_auth_spnego_cleanup() declaration
    tests: Fix for http/2 feature
    cmake: Fix for schannel support
    curl.h: make public types void * again
    win32: fix a potential memory leak in Curl_load_library
    travis: fix OSX build by re-installing libtool
    mbedtls: Fix debug function name

Revision 1.168 / (download) - annotate - [select for diffs], Sun Jul 24 18:38:34 2016 UTC (2 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.167: +2 -3 lines
Diff to previous 1.167 (colored)

Updated curl to 7.50.0.

 Fixed in 7.50.0 - July 21 2016

Changes:

    http: add CURLINFO_HTTP_VERSION and %{http_version}

Bugfixes:

    memdebug: fix MSVC crash with -DMEMDEBUG_LOG_SYNC
    openssl: fix build with OPENSSL_NO_COMP
    mbedtls: removed unused variables
    cmake: Added missing mbedTLS support
    URL parser: allow URLs to use one, two or three slashes
    curl: fix -q [regression]
    openssl: Use correct buffer sizes for error messages
    curl: fix SIGSEGV while parsing URL with too many globs
    schannel: add CURLOPT_CERTINFO support
    vtls: fix ssl session cache race condition
    http: Fix HTTP/2 connection reuse [regression]
    checksrc: Add LoadLibrary to the banned functions list
    schannel: Disable ALPN on Windows < 8.1
    configure: occasional ignorance of --enable-symbol-hiding with GCC
    http2: test17xx are the first real HTTP/2 tests
    resolve: add support for IPv6 DNS64/NAT64 Networks on OS X + iOS
    curl_multi_socket_action.3: rewording
    CURLOPT_POSTFIELDS.3: Clarify what happens when set empty
    cmake: Fix build with winldap
    openssl: fix cert check with non-DNS name fields present
    curl.1: mention the units for the progress meter
    openssl: use more 'const' to fix build warnings with 1.1.0 branch
    cmake: now using BUILD_TESTING=ON/OFF
    vtls: Only call add/getsession if session id is enabled
    headers: forward declare CURL, CURLM and CURLSH as structs
    configure: improve detection of CA bundle path on FreeBSD
    SFTP: set a generic error when no SFTP one exists
    curl_global_init.3: expand on the SSL and WIN32 bits purpose
    conn: don't free easy handle data in handler->disconnect
    cookie.c: Fix misleading indentation
    library: Fix memory leaks found during static analysis
    CURLMOPT_SOCKETFUNCTION.3: fix typo
    curl_global_init: moved the "IPv6 works" check here
    connect: disable TFO on Linux when using SSL
    vauth: Fixed memory leak due to function returning without free
    winbuild: fix embedded manifest option

Revision 1.167 / (download) - annotate - [select for diffs], Sat Jul 9 06:39:11 2016 UTC (2 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.166: +2 -1 lines
Diff to previous 1.166 (colored)

Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.

Revision 1.166 / (download) - annotate - [select for diffs], Mon May 30 11:42:19 2016 UTC (2 years, 11 months ago) by jklos
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base
Branch point for: pkgsrc-2016Q2
Changes since 1.165: +2 -2 lines
Diff to previous 1.165 (colored)

Update curl to 7.49.1.

Bugfixes:

Windows: prevent DLL hijacking, CVE-2016-4802
dist: include manpage-scan.pl, nroff-scan.pl and CHECKSRC.md
schannel: fix compile break with MSVC XP toolset
curlbuild.h.dist: check __LP64__ as well to fix MIPS build
dist: include curl_multi_socket_all.3
http2: use HTTP/2 in the HTTP/1.1-alike response
openssl: ERR_remove_thread_state() is deprecated in latest 1.1.0
CURLOPT_CONNECT_TO.3: user must not free the list prematurely
libcurl.m4: Avoid obsolete warning
winbuild/Makefile.vc: Fix check on SSL, MBEDTLS, WINSSL exclusivity
curl_multibyte: fix compiler error
openssl: cleanup must free compression methods (memory leak)
mbedtls: fix includes so snprintf() works
checksrc.pl: Added variants of strcat() & strncat() to banned function list
contributors.sh: better grep pattern and show GitHub username
ssh: fix build for libssh2 before 1.2.6
curl_share_setopt.3: Add min ver needed for ssl session lock

Revision 1.165 / (download) - annotate - [select for diffs], Sun May 29 20:37:34 2016 UTC (2 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.164: +2 -2 lines
Diff to previous 1.164 (colored)

Updated curl to 7.49.0.

 Fixed in 7.49.0 - May 18 2016

Changes:

    schannel: Add ALPN support
    SSH: support CURLINFO_FILETIME
    SSH: new CURLOPT_QUOTE command "statvfs"
    wolfssl: Add ALPN support
    http2: added --http2-prior-knowledge
    http2: added CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE
    libcurl: added CURLOPT_CONNECT_TO
    curl: added --connect-to
    libcurl: added CURLOPT_TCP_FASTOPEN
    curl: added --tcp-fastopen
    curl: remove support for --ftpport, -http-request and --socks

Bugfixes:

    CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL
    checksrc.bat: Updated the help to be consistent with generate.bat
    checksrc.bat: Added support for scanning the tests and examples
    openssl: fix ERR_remove_thread_state() for boringssl/libressl
    openssl: boringssl provides the same numbering as openssl
    multi: fix "Operation timed out after" timer
    url: don't use bad offset in tld_check_name to show error
    sshserver.pl: use quotes for given options
    Makefile.am: skip the scripts dir
    curl: warn for --capath use if not supported by libcurl
    http2: fix connection reuse
    GSS: make Curl_gss_log_error more verbose
    build-wolfssl: Allow a broader range of ciphers (Visual Studio)
    wolfssl: Use ECC supported curves extension
    openssl: Fix compilation warnings
    Curl_add_buffer_send: avoid possible NULL dereference
    SOCKS5_gssapi_negotiate: don't assume little-endian ints
    strerror: don't bit shift a signed integer
    url: Corrected get protocol family for FTP and LDAP
    curl/mprintf.h: remove support for _MPRINTF_REPLACE
    upload: missing rewind call could make libcurl hang
    IMAP: check pointer before dereferencing it
    build: Changed the Visual Studio projects warning level from 3 to 4
    checksrc: now stricter, wider checks, code cleaned up
    checksrc: added docs/CHECKSRC.md
    curl_sasl: Fixed potential null pointer utilisation
    krb5: Fixed missing client response when mutual authentication enabled
    krb5: Only process challenge when present
    krb5: Only generate a SPN when its not known
    formdata: use appropriate fopen() macros
    curl.1: -w filename_effective was introduced in 7.26.0
    http2: make use of the nghttp2 error callback
    http2: fix connection reuse when PING comes after last DATA
    curl.1: change example for -F
    HTTP2: Add a space character after the status code
    curl.1: use example.com more
    mbedtls.c: changed private prefix to mbed_
    mbedtls: implement and provide *_data_pending() to avoid hang
    mbedtls: fix MBEDTLS_DEBUG builds
    ftp/imap/pop3/smtp: Allow the service name to be overridden
    CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME
    build: include scripts/ in the dist
    http2: Add handling stream level error
    http2: Improve header parsing
    makefile.vc6: use d suffix on debug object
    configure: remove check for libresolve
    scripts/make: use $(EXEEXT) for executables
    checksrc: got rid of the whitelist files
    sendf: added ability to call recv() before send() as workaround
    NTLM: check for NULL pointer before dereferencing
    openssl: builds with OpenSSL 1.1.0-pre5
    configure: ac_cv_ -> curl_cv_ for all cached vars
    winbuild: add mbedtls support
    curl: make --ftp-create-dirs retry on failure
    PolarSSL: implement public key pinning
    multi: accidentally used resolved host name instead of proxy
    CURLINFO_TLS_SESSION.3: clarify TLS library support before 7.48.0
    CONNECT_ONLY: don't close connection on GSS 401/407 reponses
    opts: Fix some syntax errors in example code fragments
    mbedtls: Fix session resume
    test1139: verifies libcurl option man page presence
    CURLINFO_TLS_SSL_PTR.3: Clarify SSL pointer availability
    curl: make --disable work as long form of -q
    curl: use --telnet-option as documented
    curl.1: document --ftp-ssl-reqd, --krb4 and --ntlm-wb
    curl: -h output lacked --proxy-header and --ntlm-wb
    curl -J: make it work even without http:// scheme on URL
    lib: include curl_printf.h as one of the last headers
    tests: handle path properly on Msys/Cygwin
    curl.1: --mail-rcpt can be used multiple times
    CURLOPT_ACCEPT_ENCODING.3: clarified
    docs: fixed lots of broken man page references
    tls: make setting pinnedkey option fail if not supported
    test1140: run nroff-scan to verify man pages
    http: make sure a blank header overrides accept_decoding
    connections: do not reuse non-HTTP proxies on different ports
    connect: fix invalid "Network is unreachable" errors
    TLS: move the ALPN/NPN enable bits to the connection
    TLS: SSL_peek is not a const operation
    http2: Add space between colon and header value
    darwinssl: fix certificate verification disable on OS X 10.8
    mprintf: Fix processing of width and prec args
    ftp wildcard: segfault due to init only in multi_perform

Revision 1.164 / (download) - annotate - [select for diffs], Sun Apr 24 10:34:44 2016 UTC (3 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.163: +2 -3 lines
Diff to previous 1.163 (colored)

sunet.se stopped mirroring lots of stuff, remove/comment out references to it

Revision 1.163 / (download) - annotate - [select for diffs], Sun Apr 10 16:39:28 2016 UTC (3 years, 1 month ago) by joerg
Branch: MAIN
Changes since 1.162: +1 -5 lines
Diff to previous 1.162 (colored)

Adjust checks for _USE_DESTDIR != no or incorrect references to
USE_DESTDIR.

Revision 1.162 / (download) - annotate - [select for diffs], Thu Apr 7 11:03:15 2016 UTC (3 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.161: +2 -3 lines
Diff to previous 1.161 (colored)

Changes 7.48.0

- CURLINFO_TLS_SSL_PTR.3: Warn about limitations

- Revert "sshserver: remove use of AuthorizedKeysFile2"

  It seems we may have some autobuild problems after this commit went
  in. Trying to see if a revert helps to get them back.

- maketgz: add -j to make dist

  ... makes it a lot faster

- libcurl-thread.3: minor nroff format fix

- CURLINFO_TLS_SSL_PTR.3: minor nroff format fix

- CODE_STYLE: indend example code

  ... to make it look nicer in markdown outputa

Revision 1.161 / (download) - annotate - [select for diffs], Sat Mar 5 11:27:57 2016 UTC (3 years, 2 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base, pkgsrc-2016Q1
Changes since 1.160: +2 -1 lines
Diff to previous 1.160 (colored)

Bump PKGREVISION for security/openssl ABI bump.

Revision 1.156.2.1 / (download) - annotate - [select for diffs], Sun Feb 14 17:55:41 2016 UTC (3 years, 3 months ago) by spz
Branch: pkgsrc-2015Q4
Changes since 1.156: +5 -7 lines
Diff to previous 1.156 (colored) next main 1.157 (colored)

Pullup ticket #4922 - requested by he
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.157-1.160
- www/curl/distinfo                                             1.112,1.115

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   mef
   Date:           Thu Jan 28 11:46:02 UTC 2016

   Modified Files:
           pkgsrc/www/curl: Makefile distinfo

   Log Message:
   Update 7.46.0 to 7.47.0
   -----------------------
   Curl and libcurl 7.47.0

    Public curl releases:         151
    Command line options:         179
    curl_easy_setopt() options:   221
    Public functions in libcurl:  61
    Contributors:                 1340

   This release includes the following changes:

    o version: Add flag CURL_VERSION_PSL for libpsl
    o http: added CURL_HTTP_VERSION_2TLS to do HTTP/2 for HTTPS only [8]
    o curl: use 2TLS by default
    o curl --expect100-timeout: added [10]
    o Add .dir-locals and set c-basic-offset to 2 (for emacs) [16]

   This release includes the following bugfixes:

    o curl: avoid local drive traversal when saving file on Windows [33]
    o NTLM: do not resuse proxy connections without diff proxy credentials [34]
    o tests: Disable the OAUTHBEARER tests when using a non-default port number [1]
    o curl: remove keepalive #ifdef checks done on libcurl's behalf
    o formdata: Check if length is too large for memory [2]
    o lwip: Fix compatibility issues with later versions [3]
    o openssl: BoringSSL doesn't have CONF_modules_free
    o config-win32: Fix warning HAVE_WINSOCK2_H undefined
    o build: fix compilation error with CURL_DISABLE_VERBOSE_STRINGS [4]
    o http2: Fix hanging paused stream [5]
    o scripts/Makefile: fix GNUism and survive no perl [6]
    o openssl: adapt to 1.1.0+ name changes
    o openssl: adapt to openssl >= 1.1.0 X509 opaque structs [7]
    o HTTP2.md: spell fix and remove TODO now implemented
    o setstropt: const-correctness [9]
    o cyassl: fix compiler warning on type conversion
    o gskit: Fix host subject altname verification [11]
    o http2: Support trailer fields [12]
    o wolfssl: handle builds without SSLv3 support
    o cyassl: deal with lack of *get_peer_certificate [13]
    o sockfilt: do not wait on unreliable file or pipe handle
    o make: build zsh script even in an out-of-tree build
    o test 1326: fix getting stuck on Windows
    o test 87: fix file check on Windows
    o configure: allow static builds on mingw [14]
    o configure: detect IPv6 support on Windows [15]
    o ConnectionExists: with *PIPEWAIT, wait for connections [17]
    o Makefile.inc: s/curl_SOURCES/CURL_FILES [18]
    o test 16: fixed for Windows
    o test 252-255: use datacheck mode text for ASCII-mode LISTings
    o tftpd server: add Windows support by writing files in binary mode
    o ftplistparser: fix handling of file LISTings using Windows EOL
    o tests first.c: fix calculation of sleep timeout on Windows
    o tests (several): use datacheck mode text for ASCII-mode LISTings
    o CURLOPT_RANGE.3: for HTTP servers, range support is optional
    o test 1515: add MSYS support by passing a relative path
    o curl_global_init.3: Add Windows-specific info for init via DLL [19]
    o http2: Fix client write for trailers on stream close [20]
    o mbedtls: Fix ALPN support
    o connection reuse: IDN host names fixed [21]
    o http2: Fix PUSH_PROMISE headers being treated as trailers [22]
    o http2: handle the received SETTINGS frame [23]
    o http2: Ensure that http2_handle_stream_close is called [24]
    o mbedtls: implement CURLOPT_PINNEDPUBLICKEY
    o runtests: Add mbedTLS to the SSL backends
    o IDN host names: Remove the port number before converting to ACE [25]
    o zsh.pl: fail if no curl is found
    o scripts: fix zsh completion generation
    o scripts: don't generate and install zsh completion when cross-compiling [26]
    o lib: Prefix URLs with lower-case protocol names/schemes [27]
    o ConnectionExists: only do pipelining/multiplexing when asked [28]
    o configure: assume IPv6 works when cross-compiled [29]
    o openssl: for 1.1.0+ they now provide a SSLeay() macro of their own
    o openssl: improved error detection/reporting
    o ssh: CURLOPT_SSH_PUBLIC_KEYFILE now treats "" as NULL again [30]
    o mbedtls: Fix pinned key return value on fail [31]
    o maketgz: generate date stamp with LC_TIME=C [32]

   This release includes the following known bugs:

    o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)

   This release would not have looked like this without help, code, reports and
   advice from friends like these:

     Alessandro Ghedini, Anders Bakken, Christian Stewart, Dan Fandrich,
     Daniel Schauenberg, Daniel Stenberg, Francisco Moraes, Gisle Vanem,
     Isaac Boukris, Johannes Schindelin, John Kohl, Kamil Dudka, Marc Hoersken,
     Michael Kaufmann, Mohammad AlSaleh, Patrick Monnerat, Ray Satiro, Steve Holme,
     Tatsuhiro Tsujikawa, Thomas Glanzmann, Thomas Klausner,
     (21 contributors)

           Thanks! (and sorry if I forgot to mention someone)


   To generate a diff of this commit:
   cvs rdiff -u -r1.156 -r1.157 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.111 -r1.112 pkgsrc/www/curl/distinfo

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Thu Jan 28 12:04:45 UTC 2016

   Modified Files:
           pkgsrc/www/curl: Makefile

   Log Message:
   Remove gmake dependency, bug was fixed upstream before 7.47.0.


   To generate a diff of this commit:
   cvs rdiff -u -r1.157 -r1.158 pkgsrc/www/curl/Makefile

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Mon Feb  8 17:35:32 UTC 2016

   Modified Files:
           pkgsrc/www/curl: Makefile distinfo
   Removed Files:
           pkgsrc/www/curl/patches: patch-doc_examples_getredirect_c

   Log Message:
   Changes 7.47.1:
   Bugfixes:
   * getredirect.c: fix variable name
   * tool_doswin: silence unused function warning
   * cmake: fixed when OpenSSL enabled on Windows and schannel detected
   * curl.1: Explain remote-name behavior if file already exists
   * tool_operate: Don't sanitize --output path (Windows)
   * URLs: change all http:// URLs to https:// in documentation & comments
   * sasl_sspi: Fix memory leak in domain populate
   * COPYING: clarify that Daniel is not the sole author
   * examples/htmltitle: Use _stricmp on Windows
   * examples/asiohiper: Avoid function name collision on Windows
   * idn_win32: Better error checking
   * openssl: Fix signed/unsigned mismatch warning in X509V3_ext
   * curl save files: check for backslashes on cygwin


   To generate a diff of this commit:
   cvs rdiff -u -r1.158 -r1.159 pkgsrc/www/curl/Makefile
   cvs rdiff -u -r1.114 -r1.115 pkgsrc/www/curl/distinfo
   cvs rdiff -u -r1.2 -r0 \
       pkgsrc/www/curl/patches/patch-doc_examples_getredirect_c

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Wed Feb 10 07:38:47 UTC 2016

   Modified Files:
           pkgsrc/www/curl: Makefile

   Log Message:
   The Curl website now enforces the use of HTTPS. Update the home page and
   master site URL accordingly.


   To generate a diff of this commit:
   cvs rdiff -u -r1.159 -r1.160 pkgsrc/www/curl/Makefile

Revision 1.160 / (download) - annotate - [select for diffs], Wed Feb 10 07:38:47 2016 UTC (3 years, 3 months ago) by tron
Branch: MAIN
Changes since 1.159: +3 -3 lines
Diff to previous 1.159 (colored)

The Curl website now enforces the use of HTTPS. Update the home page and
master site URL accordingly.

Revision 1.159 / (download) - annotate - [select for diffs], Mon Feb 8 17:35:31 2016 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.158: +2 -2 lines
Diff to previous 1.158 (colored)

Changes 7.47.1:
Bugfixes:
* getredirect.c: fix variable name
* tool_doswin: silence unused function warning
* cmake: fixed when OpenSSL enabled on Windows and schannel detected
* curl.1: Explain remote-name behavior if file already exists
* tool_operate: Don't sanitize --output path (Windows)
* URLs: change all http:// URLs to https:// in documentation & comments
* sasl_sspi: Fix memory leak in domain populate
* COPYING: clarify that Daniel is not the sole author
* examples/htmltitle: Use _stricmp on Windows
* examples/asiohiper: Avoid function name collision on Windows
* idn_win32: Better error checking
* openssl: Fix signed/unsigned mismatch warning in X509V3_ext
* curl save files: check for backslashes on cygwin

Revision 1.158 / (download) - annotate - [select for diffs], Thu Jan 28 12:04:45 2016 UTC (3 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.157: +2 -4 lines
Diff to previous 1.157 (colored)

Remove gmake dependency, bug was fixed upstream before 7.47.0.

Revision 1.157 / (download) - annotate - [select for diffs], Thu Jan 28 11:46:02 2016 UTC (3 years, 3 months ago) by mef
Branch: MAIN
Changes since 1.156: +2 -2 lines
Diff to previous 1.156 (colored)

Update 7.46.0 to 7.47.0
-----------------------
Curl and libcurl 7.47.0

 Public curl releases:         151
 Command line options:         179
 curl_easy_setopt() options:   221
 Public functions in libcurl:  61
 Contributors:                 1340

This release includes the following changes:

 o version: Add flag CURL_VERSION_PSL for libpsl
 o http: added CURL_HTTP_VERSION_2TLS to do HTTP/2 for HTTPS only [8]
 o curl: use 2TLS by default
 o curl --expect100-timeout: added [10]
 o Add .dir-locals and set c-basic-offset to 2 (for emacs) [16]

This release includes the following bugfixes:

 o curl: avoid local drive traversal when saving file on Windows [33]
 o NTLM: do not resuse proxy connections without diff proxy credentials [34]
 o tests: Disable the OAUTHBEARER tests when using a non-default port number [1]
 o curl: remove keepalive #ifdef checks done on libcurl's behalf
 o formdata: Check if length is too large for memory [2]
 o lwip: Fix compatibility issues with later versions [3]
 o openssl: BoringSSL doesn't have CONF_modules_free
 o config-win32: Fix warning HAVE_WINSOCK2_H undefined
 o build: fix compilation error with CURL_DISABLE_VERBOSE_STRINGS [4]
 o http2: Fix hanging paused stream [5]
 o scripts/Makefile: fix GNUism and survive no perl [6]
 o openssl: adapt to 1.1.0+ name changes
 o openssl: adapt to openssl >= 1.1.0 X509 opaque structs [7]
 o HTTP2.md: spell fix and remove TODO now implemented
 o setstropt: const-correctness [9]
 o cyassl: fix compiler warning on type conversion
 o gskit: Fix host subject altname verification [11]
 o http2: Support trailer fields [12]
 o wolfssl: handle builds without SSLv3 support
 o cyassl: deal with lack of *get_peer_certificate [13]
 o sockfilt: do not wait on unreliable file or pipe handle
 o make: build zsh script even in an out-of-tree build
 o test 1326: fix getting stuck on Windows
 o test 87: fix file check on Windows
 o configure: allow static builds on mingw [14]
 o configure: detect IPv6 support on Windows [15]
 o ConnectionExists: with *PIPEWAIT, wait for connections [17]
 o Makefile.inc: s/curl_SOURCES/CURL_FILES [18]
 o test 16: fixed for Windows
 o test 252-255: use datacheck mode text for ASCII-mode LISTings
 o tftpd server: add Windows support by writing files in binary mode
 o ftplistparser: fix handling of file LISTings using Windows EOL
 o tests first.c: fix calculation of sleep timeout on Windows
 o tests (several): use datacheck mode text for ASCII-mode LISTings
 o CURLOPT_RANGE.3: for HTTP servers, range support is optional
 o test 1515: add MSYS support by passing a relative path
 o curl_global_init.3: Add Windows-specific info for init via DLL [19]
 o http2: Fix client write for trailers on stream close [20]
 o mbedtls: Fix ALPN support
 o connection reuse: IDN host names fixed [21]
 o http2: Fix PUSH_PROMISE headers being treated as trailers [22]
 o http2: handle the received SETTINGS frame [23]
 o http2: Ensure that http2_handle_stream_close is called [24]
 o mbedtls: implement CURLOPT_PINNEDPUBLICKEY
 o runtests: Add mbedTLS to the SSL backends
 o IDN host names: Remove the port number before converting to ACE [25]
 o zsh.pl: fail if no curl is found
 o scripts: fix zsh completion generation
 o scripts: don't generate and install zsh completion when cross-compiling [26]
 o lib: Prefix URLs with lower-case protocol names/schemes [27]
 o ConnectionExists: only do pipelining/multiplexing when asked [28]
 o configure: assume IPv6 works when cross-compiled [29]
 o openssl: for 1.1.0+ they now provide a SSLeay() macro of their own
 o openssl: improved error detection/reporting
 o ssh: CURLOPT_SSH_PUBLIC_KEYFILE now treats "" as NULL again [30]
 o mbedtls: Fix pinned key return value on fail [31]
 o maketgz: generate date stamp with LC_TIME=C [32]

This release includes the following known bugs:

 o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)

This release would not have looked like this without help, code, reports and
advice from friends like these:

  Alessandro Ghedini, Anders Bakken, Christian Stewart, Dan Fandrich,
  Daniel Schauenberg, Daniel Stenberg, Francisco Moraes, Gisle Vanem,
  Isaac Boukris, Johannes Schindelin, John Kohl, Kamil Dudka, Marc Hoersken,
  Michael Kaufmann, Mohammad AlSaleh, Patrick Monnerat, Ray Satiro, Steve Holme,
  Tatsuhiro Tsujikawa, Thomas Glanzmann, Thomas Klausner,
  (21 contributors)

        Thanks! (and sorry if I forgot to mention someone)

Revision 1.156 / (download) - annotate - [select for diffs], Sun Dec 6 11:31:13 2015 UTC (3 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base
Branch point for: pkgsrc-2015Q4
Changes since 1.155: +4 -2 lines
Diff to previous 1.155 (colored)

Update to 7.46.0:

 Changes:

    configure: build silently by default
    cookies: Add support for Publix Suffix List with libpsl
    vtls: added support for mbedTLS
    Added CURLOPT_STREAM_DEPENDS
    Added CURLOPT_STREAM_DEPENDS_E
    Added CURLOPT_STREAM_WEIGHT
    Added CURLFORM_CONTENTLEN
    oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMP

Bugfixes:

    des: Fix header conditional for Curl_des_set_odd_parity
    ntlm: get rid of unconditional use of long long
    CURLOPT_CERTINFO.3: fix reference to CURLINFO_CERTINFO
    docs: CURLINFO_LASTSOCKET => CURLINFO_ACTIVESOCKET
    http2: Fix http2_recv to return -1 if recv returned -1
    curl_global_init_mem: set function pointers before doing init
    ntlm: error out without 64bit support as the code needs it
    openssl: Fix set up of pkcs12 certificate verification chain
    acinclude: remove PKGCONFIG override
    test1531: case the size to fix the test on non-largefile builds
    fread_func: move callback pointer from set to state struct
    test1601: fix compilation with --enable-debug and --disable-crypto-auth
    http2: Don't pass unitialized name+len pairs to nghttp2_submit_request
    curlbuild.h: Fix non-configure compiling to mips and sh4 targets
    tool: Generate easysrc with last cache linked-list
    cmake: Fix for add_subdirectory(curl) use-case
    vtls: fix compiler warning for TLS backends without sha256
    build: fix for MSDOS/djgpp
    checksrc: add crude // detection
    http2: on_frame_recv: trust the conn/data input
    ftp: allow CURLOPT_IGNORE_CONTENT_LENGTH to ignore size
    polarssl/mbedtls: fix name space pollution
    build: Fix mingw ssl gdi32 order
    build: Fix support for PKG_CONFIG
    MacOSX-Framework: sdk regex fix for sdk 10.10 and later
    socks: Fix incorrect port numbers in failed connect messages
    curl.1: -E: s/private certificate/client certificate
    curl.h: s/HTTPPOST_/CURL_HTTPOST_
    curl_formadd: support >2GB files on windows
    http redirects: %-encode bytes outside of ascii range
    rawstr: Speed up Curl_raw_toupper by 40%
    curl_ntlm_core: fix 2 curl_off_t constant overflows.
    getinfo: CURLINFO_ACTIVESOCKET: fix bad socket value
    tftp tests: verify sent options too
    imap: Don't call imap_atom() when no mailbox specified in LIST command
    imap: Fixed double quote in LIST command when mailbox contains spaces
    imap: Don't check for continuation when executing a CUSTOMREQUEST
    acinclude: Remove check for 16-bit curl_off_t
    BoringSSL: Work with stricter BIO_get_mem_data()
    cmake: Add missing feature macros in config header
    sasl_sspi: fixed unicode build for digest authentication
    sasl_sspi: fix identity memory leak in digest authentication
    unit1602: Fixed failure in torture test
    unit1603: Added unit tests for hash functions
    vtls/openssl: remove unused traces of yassl ifdefs
    openssl: remove #ifdefs for < 0.9.7 support
    typecheck-gcc.h: add some missing options
    curl: mark two more options strings for --libcurl output
    openssl: Free modules on cleanup
    CURLMOPT_PUSHFUNCTION.3: *_byname() returns only the first header
    getconnectinfo: Don't call recv(2) if socket == -1
    http2: http_done: don't free already-freed push headers
    zsh completion: Preserve single quotes in output
    os400: Provide options for libssh2 use in compile scripts.
    build: Fix theoretical infinite loops
    pop3: Differentiate between success and continuation responses
    examples: Fixed compilation warnings
    schannel: Use GetVersionEx() when VerifyVersionInfo() isn't available
    CURLOPT_HEADERFUNCTION.3: fix typo
    curl: expanded the -XHEAD warning text
    done: make sure the final progress update is made
    build: Install zsh completion
    RTSP: do not add if-modified-since without timecondition
    curl: Fixed display of URL index in password prompt for --next
    nonblock: fix setting non-blocking mode for Amiga
    http2 push: add missing inits of new stream
    http2: convert some verbose output into debug-only output
    Curl_read_plain: clean up ifdefs that break statements

Revision 1.155 / (download) - annotate - [select for diffs], Thu Oct 15 10:59:52 2015 UTC (3 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.154: +2 -2 lines
Diff to previous 1.154 (colored)

Update curl to 7.45.0:

Fixed in 7.45.0 - October 7 2015

Changes:

    added CURLOPT_DEFAULT_PROTOCOL
    added new tool option --proto-default
    getinfo: added CURLINFO_ACTIVESOCKET
    turned CURLINFO_* option docs as stand-alone man pages
    curl: point out unnecessary uses of -X in verbose mode

Bugfixes:

    curl_global_init_mem.3: Stronger thread safety warning
    buildconf.bat: Fixed issues when ran in directories with special chars
    cmake: Fix CurlTests check for gethostbyname_r with 5 arguments
    generate.bat: Fixed issues when ran in directories with special chars
    generate.bat: Only call buildconf.bat if it exists
    generate.bat: Added support for generating only the prerequisite files
    curl.1: Document weaknesses in SSLv2 and SSLv3
    CURLOPT_HTTP_VERSION.3: connection re-use goes before version
    docs: Update the redirect protocols disabled by default
    inet_pton.c: Fix MSVC run-time check failure
    CURLMOPT_PUSHFUNCTION.3: fix argument types
    rtsp: support basic/digest authentication
    rtsp: stop reading empty DESCRIBE responses
    travis: Upgrading to container based build
    travis.yml: Add OS X testbot
    FTP: make state machine not get stuck in state
    openssl: handle lack of server cert when strict checking disabled
    configure: change functions to detect openssl (clones)
    configure: detect latest boringssl
    runtests: Allow for spaces in server-verify curl custom path
    http2: on_frame_recv: get a proper 'conn' for the debug logging
    ntlm: mark deliberate switch case fall-through
    http2: remove dead code
    curl_easy_{escape,unescape}.3: "char *" vs. "const char *"
    curl: point out the conflicting HTTP methods if used
    cmake: added Windows SSL support
    curl_easy_{escape,setopt}.3: fix example
    curl_easy_escape.3: escape '\n'
    libcurl.m4: Put braces around empty if body
    buildconf.bat: Fixed double blank line in 'curl manual' warning output
    sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH enabled
    inet_pton.c: Fix MSVC run-time check failure
    CURLOPT_FOLLOWLOCATION.3: mention methods for redirects
    http2: don't pass on Connection: headers
    nss: do not directly access SSL_ImplementedCiphers
    docs: numerous cleanups and spelling fixes
    FTP: do_more: add check for wait_data_conn in upload case
    parse_proxy: reject illegal port numbers
    cmake: IPv6 : disable Unix header check on Windows platform
    winbuild: run buildconf.bat if necessary
    buildconf.bat: fix syntax error
    curl_sspi: fix possibly undefined CRYPT_E_REVOKED
    nss: prevent NSS from incorrectly re-using a session
    libcurl-errors.3: add two missing error codes
    openssl: fix build with < 0.9.8
    openssl: refactor certificate parsing to use OpenSSL memory BIO
    openldap: only part of LDAP query results received
    ssl: add server cert's "sha256//" hash to verbose
    NTLM: Reset auth-done when using a fresh connection
    curl: generate easysrc only on --libcurl
    tests: disable 1801 until fixed
    CURLINFO_TLS_SESSION: always return backend info
    gnutls: Support CURLOPT_KEYPASSWD
    gnutls: Report actual GnuTLS error message for certificate errors
    tests: disable 1510 due to CI-problems on github
    cmake: Put "winsock2.h" before "windows.h" during configure checks
    cmake: Ensure discovered include dirs are considered
    configure: Add missing ')' for CURL_CHECK_OPTION_RT
    build: fix failures with -Wcast-align and -Werror
    FTP: fix uploading ASCII with unknown size
    readwrite_data: set a max number of loops
    http2: avoid superfluous Curl_expire() calls
    http2: set TCP_NODELAY unconditionally
    docs: fix unescaped '\n' in man pages
    openssl: Fix algorithm init to make (gost) engines work
    win32: make recent Borland compilers use long long
    runtests: Fix pid check in checkdied
    gopher: don't send NUL byte
    tool_setopt: fix c_escape truncated octal
    hiperfifo: fix the pointer passed to WRITEDATA
    getinfo: Fix return code for unknown CURLINFO options

Revision 1.150.2.1 / (download) - annotate - [select for diffs], Wed Sep 9 20:28:44 2015 UTC (3 years, 8 months ago) by tron
Branch: pkgsrc-2015Q2
Changes since 1.150: +2 -3 lines
Diff to previous 1.150 (colored) next main 1.151 (colored)

Pullup ticket #4812 - requested by he
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.153-1.154
- www/curl/PLIST                                                1.52-1.53
- www/curl/distinfo                                             1.108-1.109
- www/curl/patches/patch-aa                                     1.33-1.34
- www/curl/patches/patch-curl-config.in                         1.7
- www/curl/patches/patch-lib_hostcheck.c                        1.4
- www/curl/patches/patch-lib_http2.c                            deleted

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Sat Aug  8 02:44:16 UTC 2015

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo
   	pkgsrc/www/curl/patches: patch-aa patch-curl-config.in
   	    patch-lib_hostcheck.c
   Added Files:
   	pkgsrc/www/curl/patches: patch-lib_multi.c patch-lib_transfer.c
   Removed Files:
   	pkgsrc/www/curl/patches: patch-lib_http2.c

   Log Message:
   reanimate curl-7.43.0 and add the upstream fix for
   http://curl.haxx.se/mail/lib-2015-06/0122.html found in
   https://github.com/bagder/curl/commit/903b6e05565bf826b4194447864288642214b094

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Mon Aug 17 15:43:27 UTC 2015

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo
   	pkgsrc/www/curl/patches: patch-aa
   Removed Files:
   	pkgsrc/www/curl/patches: patch-lib_multi.c patch-lib_transfer.c

   Log Message:
   Update to 7.44.0:

   Curl and libcurl 7.44.0

    Public curl releases:         148
    Command line options:         176
    curl_easy_setopt() options:   219
    Public functions in libcurl:  58
    Contributors:                 1291

   This release includes the following changes:

    o http2: added CURLMOPT_PUSHFUNCTION and CURLMOPT_PUSHDATA [6]
    o examples: added http2-serverpush.c [7]
    o http2: added curl_pushheader_byname() and curl_pushheader_bynum()
    o docs: added CODE_OF_CONDUCT.md [8]
    o curl: Add --ssl-no-revoke to disable certificate revocation checks [5]
    o libcurl: New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS [9]
    o makefile: Added support for VC14
    o build: Added Visual Studio 2015 (VC14) project files
    o build: Added wolfSSL configurations to VC10+ project files [18]

   This release includes the following bugfixes:

    o FTP: fix HTTP CONNECT logic regression [1]
    o openssl: Fix build with openssl < ~ 0.9.8f
    o openssl: fix build with BoringSSL
    o curl_easy_setopt.3: option order doesn't matter
    o openssl: fix use of uninitialized buffer [2]
    o RTSP: removed dead code
    o Makefile.m32: add support for CURL_LDFLAG_EXTRAS
    o curl: always provide negotiate/kerberos options
    o cookie: Fix bug in export if any-domain cookie is present
    o curl_easy_setopt.3: mention CURLOPT_PIPEWAIT
    o INSTALL: Advise use of non-native SSL for Windows <= XP
    o tool_help: fix --tlsv1 help text to use >= for TLSv1
    o HTTP: POSTFIELDSIZE set after added to multi handle [3]
    o SSL-PROBLEMS: mention WinSSL problems in WinXP
    o setup-vms.h: Symbol case fixups
    o SSL: Pinned public key hash support
    o libtest: call PR_Cleanup() on exit if NSPR is used
    o ntlm_wb: Fix theoretical memory leak
    o runtests: Allow for spaces in curl custom path
    o http2: add stream != NULL checks for reliability
    o schannel: Replace deprecated GetVersion with VerifyVersionInfo
    o http2: verify success of strchr() in http2_send()
    o configure: add --disable-rt option
    o openssl: work around MSVC warning
    o HTTP: ignore "Content-Encoding: compress"
    o configure: check if OpenSSL linking wants -ldl
    o build-openssl.bat: Show syntax if required args are missing
    o test1902: attempt to make the test more reliable
    o libcurl-thread.3: Consolidate thread safety info
    o maketgz: Fixed some VC makefiles missing from the release tarball
    o libcurl-multi.3: mention curl_multi_wait [10]
    o ABI doc: use secure URL
    o http: move HTTP/2 cleanup code off http_disconnect() [11]
    o libcurl-thread.3: Warn memory functions must be thread safe [12]
    o curl_global_init_mem.3: Warn threaded resolver needs thread safe funcs [13]
    o docs: formpost needs the full size at start of upload [14]
    o curl_gssapi: remove 'const' to fix compiler warnings
    o SSH: three state machine fixups [15]
    o libcurl.3: fix a single typo [16]
    o generate.bat: Only clean prerequisite files when in ALL mode
    o curl_slist_append.3: add error checking to the example
    o buildconf.bat: Added support for file clean-up via -clean
    o generate.bat: Use buildconf.bat for prerequisite file clean-up
    o NTLM: handle auth for only a single request [17]
    o curl_multi_remove_handle.3: fix formatting [19]
    o checksrc.bat: Fixed error when [directory] isn't a curl source directory
    o checksrc.bat: Fixed error when missing *.c and *.h files
    o CURLOPT_RESOLVE.3: Note removal support was added in 7.42 [20]
    o test46: update cookie expire time
    o SFTP: fix range request off-by-one in size check [21]
    o CMake: fix GSSAPI builds [22]
    o build: refer to fixed libidn versions [4]
    o http2: discard frames with no SessionHandle [23]
    o curl_easy_recv.3: fix formatting
    o libcurl-tutorial.3: fix formatting [24]
    o curl_formget.3: correct return code [25]

Revision 1.154 / (download) - annotate - [select for diffs], Mon Aug 17 15:43:27 2015 UTC (3 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3
Changes since 1.153: +2 -3 lines
Diff to previous 1.153 (colored)

Update to 7.44.0:

Curl and libcurl 7.44.0

 Public curl releases:         148
 Command line options:         176
 curl_easy_setopt() options:   219
 Public functions in libcurl:  58
 Contributors:                 1291

This release includes the following changes:

 o http2: added CURLMOPT_PUSHFUNCTION and CURLMOPT_PUSHDATA [6]
 o examples: added http2-serverpush.c [7]
 o http2: added curl_pushheader_byname() and curl_pushheader_bynum()
 o docs: added CODE_OF_CONDUCT.md [8]
 o curl: Add --ssl-no-revoke to disable certificate revocation checks [5]
 o libcurl: New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS [9]
 o makefile: Added support for VC14
 o build: Added Visual Studio 2015 (VC14) project files
 o build: Added wolfSSL configurations to VC10+ project files [18]

This release includes the following bugfixes:

 o FTP: fix HTTP CONNECT logic regression [1]
 o openssl: Fix build with openssl < ~ 0.9.8f
 o openssl: fix build with BoringSSL
 o curl_easy_setopt.3: option order doesn't matter
 o openssl: fix use of uninitialized buffer [2]
 o RTSP: removed dead code
 o Makefile.m32: add support for CURL_LDFLAG_EXTRAS
 o curl: always provide negotiate/kerberos options
 o cookie: Fix bug in export if any-domain cookie is present
 o curl_easy_setopt.3: mention CURLOPT_PIPEWAIT
 o INSTALL: Advise use of non-native SSL for Windows <= XP
 o tool_help: fix --tlsv1 help text to use >= for TLSv1
 o HTTP: POSTFIELDSIZE set after added to multi handle [3]
 o SSL-PROBLEMS: mention WinSSL problems in WinXP
 o setup-vms.h: Symbol case fixups
 o SSL: Pinned public key hash support
 o libtest: call PR_Cleanup() on exit if NSPR is used
 o ntlm_wb: Fix theoretical memory leak
 o runtests: Allow for spaces in curl custom path
 o http2: add stream != NULL checks for reliability
 o schannel: Replace deprecated GetVersion with VerifyVersionInfo
 o http2: verify success of strchr() in http2_send()
 o configure: add --disable-rt option
 o openssl: work around MSVC warning
 o HTTP: ignore "Content-Encoding: compress"
 o configure: check if OpenSSL linking wants -ldl
 o build-openssl.bat: Show syntax if required args are missing
 o test1902: attempt to make the test more reliable
 o libcurl-thread.3: Consolidate thread safety info
 o maketgz: Fixed some VC makefiles missing from the release tarball
 o libcurl-multi.3: mention curl_multi_wait [10]
 o ABI doc: use secure URL
 o http: move HTTP/2 cleanup code off http_disconnect() [11]
 o libcurl-thread.3: Warn memory functions must be thread safe [12]
 o curl_global_init_mem.3: Warn threaded resolver needs thread safe funcs [13]
 o docs: formpost needs the full size at start of upload [14]
 o curl_gssapi: remove 'const' to fix compiler warnings
 o SSH: three state machine fixups [15]
 o libcurl.3: fix a single typo [16]
 o generate.bat: Only clean prerequisite files when in ALL mode
 o curl_slist_append.3: add error checking to the example
 o buildconf.bat: Added support for file clean-up via -clean
 o generate.bat: Use buildconf.bat for prerequisite file clean-up
 o NTLM: handle auth for only a single request [17]
 o curl_multi_remove_handle.3: fix formatting [19]
 o checksrc.bat: Fixed error when [directory] isn't a curl source directory
 o checksrc.bat: Fixed error when missing *.c and *.h files
 o CURLOPT_RESOLVE.3: Note removal support was added in 7.42 [20]
 o test46: update cookie expire time
 o SFTP: fix range request off-by-one in size check [21]
 o CMake: fix GSSAPI builds [22]
 o build: refer to fixed libidn versions [4]
 o http2: discard frames with no SessionHandle [23]
 o curl_easy_recv.3: fix formatting
 o libcurl-tutorial.3: fix formatting [24]
 o curl_formget.3: correct return code [25]

Revision 1.153 / (download) - annotate - [select for diffs], Sat Aug 8 02:44:16 2015 UTC (3 years, 9 months ago) by spz
Branch: MAIN
Changes since 1.152: +3 -3 lines
Diff to previous 1.152 (colored)

reanimate curl-7.43.0 and add the upstream fix for
http://curl.haxx.se/mail/lib-2015-06/0122.html found in
https://github.com/bagder/curl/commit/903b6e05565bf826b4194447864288642214b094

Revision 1.152 / (download) - annotate - [select for diffs], Tue Jun 30 23:00:21 2015 UTC (3 years, 10 months ago) by spz
Branch: MAIN
Changes since 1.151: +2 -2 lines
Diff to previous 1.151 (colored)

rollback to previous version of curl. See
http://mail-index.netbsd.org/tech-pkg/2015/06/29/msg015105.html

Revision 1.151 / (download) - annotate - [select for diffs], Tue Jun 30 05:46:56 2015 UTC (3 years, 10 months ago) by spz
Branch: MAIN
Changes since 1.150: +3 -3 lines
Diff to previous 1.150 (colored)

update of curl to version 7.43.0. Upstream RELEASE_NOTES:

Curl and libcurl 7.43.0

 Public curl releases:         147
 Command line options:         176
 curl_easy_setopt() options:   219
 Public functions in libcurl:  58
 Contributors:                 1291

This release includes the following changes:

 o Added CURLOPT_PROXY_SERVICE_NAME[11]
 o Added CURLOPT_SERVICE_NAME[12]
 o New curl option: --proxy-service-name[13]
 o Mew curl option: --service-name [14]
 o New curl option: --data-raw [5]
 o Added CURLOPT_PIPEWAIT [15]
 o Added support for multiplexing transfers using HTTP/2, enable this
   with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING [16]
 o HTTP/2: requires nghttp2 1.0.0 or later
 o scripts: add zsh.pl for generating zsh completion
 o curl.h: add CURL_HTTP_VERSION_2

This release includes the following bugfixes:

 o CVE-2015-3236: lingering HTTP credentials in connection re-use [30]
 o CVE-2015-3237: SMB send off unrelated memory contents [31]
 o nss: fix compilation failure with old versions of NSS [1]
 o curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
 o schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
 o Curl_ossl_init: load builtin modules [2]
 o configure: follow-up fix for krb5-config [3]
 o sasl_sspi: Populate domain from the realm in the challenge [4]
 o netrc: support 'default' token
 o README: convert to UTF-8
 o cyassl: Implement public key pinning
 o nss: implement public key pinning for NSS backend
 o mingw build: add arch -m32/-m64 to LDFLAGS
 o schannel: Fix out of bounds array [6]
 o configure: remove autogenerated files by autoconf
 o configure: remove --automake from libtoolize call
 o acinclude.m4: fix shell test for default CA cert bundle/path
 o schannel: fix regression in schannel_recv [7]
 o openssl: skip trace outputs for ssl_ver == 0 [8]
 o gnutls: properly retrieve certificate status
 o netrc: Read in text mode when cygwin [9]
 o winbuild: Document the option used to statically link the CRT [10]
 o FTP: Make EPSV use the control IP address rather than the original host
 o FTP: fix dangling conn->ip_addr dereference on verbose EPSV
 o conncache: keep bundles on host+port bases, not only host names
 o runtests.pl: use 'h2c' now, no -14 anymore
 o curlver: introducing new version number (checking) macros
 o openssl: boringssl build brekage, use SSL_CTX_set_msg_callback [17]
 o CURLOPT_POSTFIELDS.3: correct variable names [18]
 o curl_easy_unescape.3: update RFC reference [19]
 o gnutls: don't fail on non-fatal alerts during handshake
 o testcurl.pl: allow source to be in an arbitrary directory
 o CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy
 o SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description [20]
 o parse_proxy: switch off tunneling if non-HTTP proxy [21]
 o share_init: fix OOM crash
 o perl: remove subdir, not touched in 9 years
 o CURLOPT_COOKIELIST.3: Add example
 o CURLOPT_COOKIE.3: Explain that the cookies won't be modified [22]
 o CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain [23]
 o FAQ: How do I port libcurl to my OS?
 o openssl: Use TLS_client_method for OpenSSL 1.1.0+
 o HTTP-NTLM: fail auth on connection close instead of looping [24]
 o curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT [25]
 o curl_getdate.3: update RFC reference
 o curl_multi_info_read.3: added example
 o curl_multi_perform.3: added example
 o curl_multi_timeout.3: added example
 o cookie: Stop exporting any-domain cookies [26]
 o openssl: remove dummy callback use from SSL_CTX_set_verify()
 o openssl: remove SSL_get_session()-using code
 o openssl: removed USERDATA_IN_PWD_CALLBACK kludge
 o openssl: removed error string #ifdef
 o openssl: Fix verification of server-sent legacy intermediates [27]
 o docs: man page indentation and syntax fixes
 o docs: Spelling fixes
 o fopen.c: fix a few compiler warnings
 o CURLOPT_OPENSOCKETFUNCTION: return error at once [28]
 o schannel: Add support for optional client certificates
 o build: Properly detect OpenSSL 1.0.2 when using configure
 o urldata: store POST size in state.infilesize too [29]
 o security:choose_mech remove dead code
 o rtsp_do: remove dead code
 o docs: many HTTP URIs changed to HTTPS
 o schannel: schannel_recv overhaul [32]

This release includes the following known bugs:

 o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)

This release would not have looked like this without help, code, reports and
advice from friends like these:

  Alessandro Ghedini, Alexander Dyagilev, Anders Bakken, Anthony Avina,
  Ashish Shukla, Bert Huijben, Brian Chrisman, Brian Prodoehl, Chris Araman,
  Dagobert Michelsen, Dan Fandrich, Daniel Melani, Daniel Stenberg,
  Dmitry Eremin-Solenikov, Drake Arconis, Egon Eckert, Frank Meier, Fred Stluka,
  Gisle Vanem, Grant Pannell, Isaac Boukris, Jens Rantil, Joel Depooter,
  Kamil Dudka, Linus Nielsen Feltzing, Linus Nielsen Feltzing Feltzing,
  Liviu Chircu, Marc Hoersken, Michael Osipov, Oren Souroujon, Orgad Shaneh,
  Patrick Monnerat, Patrick Rapin, Paul Howarth, Paul Oliver, Rafayel Mkrtchyan,
  Ray Satiro, Sean Boudreau, Tatsuhiro Tsujikawa, Tomas Tomecek, Viktor Szakáts,
  Ville Skyttä, Yehezkel Horowitz,
  (43 contributors)

        Thanks! (and sorry if I forgot to mention someone)

References to bug reports and discussions on issues:

 [1] = http://curl.haxx.se/mail/lib-2015-04/0095.html
 [2] = https://github.com/bagder/curl/pull/206
 [3] = https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445
 [4] = https://github.com/bagder/curl/pull/141
 [5] = https://github.com/bagder/curl/issues/198
 [6] = http://curl.haxx.se/mail/lib-2015-04/0199.html
 [7] = https://github.com/bagder/curl/issues/244
 [8] = https://github.com/bagder/curl/issues/219
 [9] = https://github.com/bagder/curl/pull/258
 [10] = https://github.com/bagder/curl/issues/254
 [11] = http://curl.haxx.se/libcurl/c/CURLOPT_PROXY_SERVICE_NAME.html
 [12] = http://curl.haxx.se/libcurl/c/CURLOPT_SERVICE_NAME.html
 [13] = http://curl.haxx.se/docs/manpage.html#--proxy-service-name
 [14] = http://curl.haxx.se/docs/manpage.html#--service-name
 [15] = http://curl.haxx.se/libcurl/c/CURLOPT_PIPEWAIT.html
 [16] = http://curl.haxx.se/libcurl/c/CURLMOPT_PIPELINING.html
 [17] = https://github.com/bagder/curl/issues/275
 [18] = https://github.com/bagder/curl/issues/281
 [19] = https://github.com/bagder/curl/issues/282
 [20] = https://github.com/bagder/curl/issues/267
 [21] = http://curl.haxx.se/mail/lib-2015-05/0056.html
 [22] = http://curl.haxx.se/mail/lib-2015-05/0115.html
 [23] = http://curl.haxx.se/mail/lib-2015-05/0137.html
 [24] = https://github.com/bagder/curl/issues/256
 [25] = https://github.com/bagder/curl/pull/258#issuecomment-107093055
 [26] = https://github.com/bagder/curl/issues/292
 [27] = https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
 [28] = http://curl.haxx.se/mail/lib-2015-06/0047.html
 [29] = http://curl.haxx.se/mail/lib-2015-06/0019.html
 [30] = http://curl.haxx.se/docs/adv_20150617A.html
 [31] = http://curl.haxx.se/docs/adv_20150617B.html
 [32] = https://github.com/bagder/curl/issues/244

Revision 1.150 / (download) - annotate - [select for diffs], Fri Jun 12 10:51:49 2015 UTC (3 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base
Branch point for: pkgsrc-2015Q2
Changes since 1.149: +2 -2 lines
Diff to previous 1.149 (colored)

Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Revision 1.149 / (download) - annotate - [select for diffs], Wed Jun 3 12:00:06 2015 UTC (3 years, 11 months ago) by fhajny
Branch: MAIN
Changes since 1.148: +2 -1 lines
Diff to previous 1.148 (colored)

Add optional support for HTTP/2 via www/nghttp2. Patch nghttp2 support
until the curl interface is updated in 7.43. Bump PKGREVISION.

Revision 1.148 / (download) - annotate - [select for diffs], Sun May 3 10:11:55 2015 UTC (4 years ago) by wiz
Branch: MAIN
Changes since 1.147: +2 -2 lines
Diff to previous 1.147 (colored)

Update to 7.42.1:

Version 7.42.1 (28 Apr 2015)

Daniel Stenberg (28 Apr 2015)
- RELEASE-NOTES: 7.42.1 ready

- CURLOPT_HEADEROPT: default to separate

  Make the HTTP headers separated by default for improved security and
  reduced risk for information leakage.

  Bug: http://curl.haxx.se/docs/adv_20150429.html
  Reported-by: Yehezkel Horowitz, Oren Souroujon

- RELEASE-NOTES: synced with a6e0270e

- sws: init http2 state properly

  It would otherwise cause problems when running tests after 1801 etc.

- curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION

  ... as it was previouly undocumented what the pointer was.

- openssl: fix serial number output

  The code extracting the cert serial number was broken and didn't display
  it properly.

  Bug: https://github.com/bagder/curl/issues/235
  Reported-by: dkjjr89

- [Alessandro Ghedini brought this change]

  curl.1: fix typo

- RELEASE-NOTES: toward 7.42.1, synced with 097460a

- [Kamil Dudka brought this change]

  curl -z: do not write empty file on unmet condition

  This commit fixes a regression introduced in curl-7_41_0-186-g261a0fe.
  It also introduces a regression test 1424 based on tests 78 and 1423.

  Reported-by: Viktor Szakats
  Bug: https://github.com/bagder/curl/issues/237

- [Kamil Dudka brought this change]

  docs: distribute the CURLOPT_PINNEDPUBLICKEY(3) man page, too

- connectionexists: follow-up to fd9d3a1ef1f

  PROTOPT_CREDSPERREQUEST still needs to be checked even when NTLM is not
  enabled.

  Mistake-caught-by: Kamil Dudka

- connectionexists: fix build without NTLM

  Do not access NTLM-specific struct fields when built without NTLM
  enabled!

  bug: http://curl.haxx.se/?i=231
  Reported-by: Patrick Rapin

- dist: include {src,lib}/checksrc.whitelist

Revision 1.146.2.1 / (download) - annotate - [select for diffs], Wed Apr 29 21:25:22 2015 UTC (4 years ago) by tron
Branch: pkgsrc-2015Q1
Changes since 1.146: +2 -3 lines
Diff to previous 1.146 (colored) next main 1.147 (colored)

Pullup ticket #4705 - requested by spz
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.147
- www/curl/PLIST                                                1.48
- www/curl/distinfo                                             1.103
- www/curl/patches/patch-aa                                     1.30

---
   Module Name:	pkgsrc
   Committed By:	jperkin
   Date:		Wed Apr 22 14:35:21 UTC 2015

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo
   	pkgsrc/www/curl/patches: patch-aa

   Log Message:
   Update to curl-7.42.0.

   This release includes the following changes:

    o openssl: show the cipher selection to use in verbose text
    o gtls: implement CURLOPT_CERTINFO
    o add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)
    o curl: add --false-start option
    o add CURLOPT_PATH_AS_IS
    o curl: add --path-as-is option
    o curl: create output file on successful download of an empty file

   This release includes the following bugfixes:

    o ConnectionExists: for NTLM re-use, require credentials to match
    o cookie: cookie parser out of boundary memory access
    o fix_hostname: zero length host name caused -1 index offset
    o http_done: close Negotiate connections when done
    o sws: timeout idle CONNECT connections
    o nss: improve error handling in Curl_nss_random()
    o nss: do not skip Curl_nss_seed() if data is NULL
    o curl-config.in: eliminate double quotes around CURL_CA_BUNDLE
    o http2: move lots of verbose output to be debug-only
    o dist: add extern-scan.pl to the tarball
    o http2: return recv error on unexpected EOF
    o build: Use default RandomizedBaseAddress directive in VC9+ project files
    o build: Removed DataExecutionPrevention directive from VC9+ project files
    o tool: Updated the warnf() function to use the GlobalConfig structure
    o http2: Return error if stream was closed with other than NO_ERROR
    o mprintf.h: remove #ifdef CURLDEBUG
    o libtest: fixed linker errors on msvc
    o tool: use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE
    o curl.1: fix "The the" typo
    o cmake: handle build definitions CURLDEBUG/DEBUGBUILD
    o openssl: remove all uses of USE_SSLEAY
    o multi: fix memory-leak on timeout (regression)
    o curl_easy_setopt.3: added CURLOPT_SSL_VERIFYSTATUS
    o metalink: add some error checks
    o TLS: make it possible to enable ALPN/NPN without HTTP/2
    o http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*
    o conncontrol: only log changes to the connection bit
    o multi: fix *getsock() with CONNECT
    o symbols.pl: handle '-' in the deprecated field
    o MacOSX-Framework: use @rpath instead of @executable_path
    o GnuTLS: add support for CURLOPT_CAPATH
    o GnuTLS: print negotiated TLS version and full cipher suite name
    o GnuTLS: don't print double newline after certificate dates
    o memanalyze.pl: handle free(NULL)
    o proxy: re-use proxy connections (regression)
    o mk-ca-bundle: Don't report SHA1 numbers with "-q"
    o http: always send Host: header as first header
    o openssl: sort ciphers to use based on strength
    o openssl: use colons properly in the ciphers list
    o http2: detect premature close without data transfered
    o hostip: Fix signal race in Curl_resolv_timeout
    o closesocket: call multi socket cb on close even with custom close
    o mksymbolsmanpage.pl: use std header and generate better nroff header
    o connect: Fix happy eyeballs logic for IPv4-only builds
    o curl_easy_perform.3: remove superfluous close brace from example
    o HTTP: don't use Expect: headers when on HTTP/2
    o Curl_sh_entry: remove unused 'timestamp'
    o docs/libcurl: makefile portability fix
    o mkhelp: Remove trailing carriage return from every line of input
    o nss: explicitly tell NSS to disable NPN/ALPN when libcurl disables it
    o curl_easy_setopt.3: added a few missing options
    o metalink: fix resource leak in OOM
    o axtls: version 1.5.2 now requires that config.h be manually included
    o HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
    o cyassl: detect the library as renamed wolfssl
    o CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
    o CURLOPT_URL.3: Added "SECURITY CONCERNS
    o openssl: try to avoid accessing OCSP structs when possible
    o test938: added missing closing tags
    o testcurl: Allow '=' in values given on command line
    o tests/certs: added make target to rebuild certificates
    o tests/certs: rebuild certificates with modified key usage bits
    o gtls: avoid uninitialized variable
    o gtls: dereferencing NULL pointer
    o gtls: add check of return code
    o test1513: eliminated race condition in test run
    o dict: rename byte to avoid compiler shadowed declaration warning
    o curl_easy_recv/send: make them work with the multi interface
    o vtls: fix compile with --disable-crypto-auth but with SSL
    o openssl: adapt to ASN1/X509 things gone opaque in 1.1
    o openssl: verifystatus: only use the OCSP work-around <= 1.0.2a
    o curl_memory: make curl_memory.h the second-last header file loaded
    o testcurl.pl: add the --notes option to supply more info about a build
    o cyassl: If wolfSSL then identify as such in version string
    o cyassl: Check for invalid length parameter in Curl_cyassl_random
    o cyassl: default to highest possible TLS version
    o Curl_ssl_md5sum: return CURLcode (fixes OOM)
    o polarssl: remove dead code
    o polarssl: called mbedTLS in 1.3.10 and later
    o globbing: fix step parsing for character globbing ranges
    o globbing: fix url number calculation when using range with step
    o multi: on a request completion, check all CONNECT_PEND transfers
    o build: link curl to openssl libraries when openssl support is enabled
    o url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
    o vtls: Don't accept unknown CURLOPT_SSLVERSION values
    o build: Fix libcurl.sln erroneous mixed configurations
    o cyassl: remove undefined reference to CyaSSL_no_filesystem_verify
    o cyassl: add SSL context callback support for CyaSSL
    o tool: only set SSL options if SSL is enabled
    o multi: remove_handle: move pending connections
    o configure: Use KRB5CONFIG for krb5-config
    o axtls: add timeout within Curl_axtls_connect
    o CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
    o cyassl: Fix library initialization return value
    o cookie: handle spaces after the name in Set-Cookie
    o http2: Fix missing nghttp2_session_send call in Curl_http2_switched
    o cyassl: Fix certificate load check
    o build-openssl.bat: Fix mixed line endings
    o checksrc.bat: Check lib\vtls source
    o DNS: fix refreshing of obsolete dns cache entries
    o CURLOPT_RESOLVE: actually implement removals
    o checksrc.bat: quotes to support an SRC_DIR with spaces
    o cyassl: Remove 'Connecting to' message from cyassl_connect_step2
    o cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
    o lib/transfer.c: Remove factor of 8 from sleep time calculation
    o lib/makefile.m32: add missing libs to build libcurl.dll
    o build: Generate source prerequisites for Visual Studio in generate.bat
    o cyassl: Include the CyaSSL build config
    o firefox-db2pem: fix wildcard to find Firefox default profile
    o BUGS: refer to the github issue tracker now as primary
    o vtls_openssl: improve several certificate error messages
    o cyassl: Add support for TLS extension SNI
    o parsecfg: do not continue past a zero termination
    o configure --with-nss=PATH: query pkg-config if available
    o configure --with-nss: drop redundant if statement
    o cyassl: Fix include order
    o HTTP: fix PUT regression with Negotiate
    o curl_version_info.3: fixed the 'protocols' variable type

Revision 1.147 / (download) - annotate - [select for diffs], Wed Apr 22 14:35:21 2015 UTC (4 years, 1 month ago) by jperkin
Branch: MAIN
Changes since 1.146: +2 -3 lines
Diff to previous 1.146 (colored)

Update to curl-7.42.0.

This release includes the following changes:

 o openssl: show the cipher selection to use in verbose text
 o gtls: implement CURLOPT_CERTINFO
 o add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)
 o curl: add --false-start option
 o add CURLOPT_PATH_AS_IS
 o curl: add --path-as-is option
 o curl: create output file on successful download of an empty file

This release includes the following bugfixes:

 o ConnectionExists: for NTLM re-use, require credentials to match
 o cookie: cookie parser out of boundary memory access
 o fix_hostname: zero length host name caused -1 index offset
 o http_done: close Negotiate connections when done
 o sws: timeout idle CONNECT connections
 o nss: improve error handling in Curl_nss_random()
 o nss: do not skip Curl_nss_seed() if data is NULL
 o curl-config.in: eliminate double quotes around CURL_CA_BUNDLE
 o http2: move lots of verbose output to be debug-only
 o dist: add extern-scan.pl to the tarball
 o http2: return recv error on unexpected EOF
 o build: Use default RandomizedBaseAddress directive in VC9+ project files
 o build: Removed DataExecutionPrevention directive from VC9+ project files
 o tool: Updated the warnf() function to use the GlobalConfig structure
 o http2: Return error if stream was closed with other than NO_ERROR
 o mprintf.h: remove #ifdef CURLDEBUG
 o libtest: fixed linker errors on msvc
 o tool: use ENABLE_CURLX_PRINTF instead of _MPRINTF_REPLACE
 o curl.1: fix "The the" typo
 o cmake: handle build definitions CURLDEBUG/DEBUGBUILD
 o openssl: remove all uses of USE_SSLEAY
 o multi: fix memory-leak on timeout (regression)
 o curl_easy_setopt.3: added CURLOPT_SSL_VERIFYSTATUS
 o metalink: add some error checks
 o TLS: make it possible to enable ALPN/NPN without HTTP/2
 o http2: use CURL_HTTP_VERSION_* symbols instead of NPN_*
 o conncontrol: only log changes to the connection bit
 o multi: fix *getsock() with CONNECT
 o symbols.pl: handle '-' in the deprecated field
 o MacOSX-Framework: use @rpath instead of @executable_path
 o GnuTLS: add support for CURLOPT_CAPATH
 o GnuTLS: print negotiated TLS version and full cipher suite name
 o GnuTLS: don't print double newline after certificate dates
 o memanalyze.pl: handle free(NULL)
 o proxy: re-use proxy connections (regression)
 o mk-ca-bundle: Don't report SHA1 numbers with "-q"
 o http: always send Host: header as first header
 o openssl: sort ciphers to use based on strength
 o openssl: use colons properly in the ciphers list
 o http2: detect premature close without data transfered
 o hostip: Fix signal race in Curl_resolv_timeout
 o closesocket: call multi socket cb on close even with custom close
 o mksymbolsmanpage.pl: use std header and generate better nroff header
 o connect: Fix happy eyeballs logic for IPv4-only builds
 o curl_easy_perform.3: remove superfluous close brace from example
 o HTTP: don't use Expect: headers when on HTTP/2
 o Curl_sh_entry: remove unused 'timestamp'
 o docs/libcurl: makefile portability fix
 o mkhelp: Remove trailing carriage return from every line of input
 o nss: explicitly tell NSS to disable NPN/ALPN when libcurl disables it
 o curl_easy_setopt.3: added a few missing options
 o metalink: fix resource leak in OOM
 o axtls: version 1.5.2 now requires that config.h be manually included
 o HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
 o cyassl: detect the library as renamed wolfssl
 o CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
 o CURLOPT_URL.3: Added "SECURITY CONCERNS
 o openssl: try to avoid accessing OCSP structs when possible
 o test938: added missing closing tags
 o testcurl: Allow '=' in values given on command line
 o tests/certs: added make target to rebuild certificates
 o tests/certs: rebuild certificates with modified key usage bits
 o gtls: avoid uninitialized variable
 o gtls: dereferencing NULL pointer
 o gtls: add check of return code
 o test1513: eliminated race condition in test run
 o dict: rename byte to avoid compiler shadowed declaration warning
 o curl_easy_recv/send: make them work with the multi interface
 o vtls: fix compile with --disable-crypto-auth but with SSL
 o openssl: adapt to ASN1/X509 things gone opaque in 1.1
 o openssl: verifystatus: only use the OCSP work-around <= 1.0.2a
 o curl_memory: make curl_memory.h the second-last header file loaded
 o testcurl.pl: add the --notes option to supply more info about a build
 o cyassl: If wolfSSL then identify as such in version string
 o cyassl: Check for invalid length parameter in Curl_cyassl_random
 o cyassl: default to highest possible TLS version
 o Curl_ssl_md5sum: return CURLcode (fixes OOM)
 o polarssl: remove dead code
 o polarssl: called mbedTLS in 1.3.10 and later
 o globbing: fix step parsing for character globbing ranges
 o globbing: fix url number calculation when using range with step
 o multi: on a request completion, check all CONNECT_PEND transfers
 o build: link curl to openssl libraries when openssl support is enabled
 o url: Don't accept CURLOPT_SSLVERSION unless USE_SSL is defined
 o vtls: Don't accept unknown CURLOPT_SSLVERSION values
 o build: Fix libcurl.sln erroneous mixed configurations
 o cyassl: remove undefined reference to CyaSSL_no_filesystem_verify
 o cyassl: add SSL context callback support for CyaSSL
 o tool: only set SSL options if SSL is enabled
 o multi: remove_handle: move pending connections
 o configure: Use KRB5CONFIG for krb5-config
 o axtls: add timeout within Curl_axtls_connect
 o CURLOPT_HTTP200ALIASES.3: Mainly SHOUTcast servers use "ICY 200"
 o cyassl: Fix library initialization return value
 o cookie: handle spaces after the name in Set-Cookie
 o http2: Fix missing nghttp2_session_send call in Curl_http2_switched
 o cyassl: Fix certificate load check
 o build-openssl.bat: Fix mixed line endings
 o checksrc.bat: Check lib\vtls source
 o DNS: fix refreshing of obsolete dns cache entries
 o CURLOPT_RESOLVE: actually implement removals
 o checksrc.bat: quotes to support an SRC_DIR with spaces
 o cyassl: Remove 'Connecting to' message from cyassl_connect_step2
 o cyassl: Use CYASSL_MAX_ERROR_SZ for error buffer size
 o lib/transfer.c: Remove factor of 8 from sleep time calculation
 o lib/makefile.m32: add missing libs to build libcurl.dll
 o build: Generate source prerequisites for Visual Studio in generate.bat
 o cyassl: Include the CyaSSL build config
 o firefox-db2pem: fix wildcard to find Firefox default profile
 o BUGS: refer to the github issue tracker now as primary
 o vtls_openssl: improve several certificate error messages
 o cyassl: Add support for TLS extension SNI
 o parsecfg: do not continue past a zero termination
 o configure --with-nss=PATH: query pkg-config if available
 o configure --with-nss: drop redundant if statement
 o cyassl: Fix include order
 o HTTP: fix PUT regression with Negotiate
 o curl_version_info.3: fixed the 'protocols' variable type

Revision 1.146 / (download) - annotate - [select for diffs], Mon Mar 23 09:38:50 2015 UTC (4 years, 2 months ago) by nros
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base
Branch point for: pkgsrc-2015Q1
Changes since 1.145: +2 -1 lines
Diff to previous 1.145 (colored)

Revbump because of security/libssh2 update.

Revision 1.145 / (download) - annotate - [select for diffs], Sun Mar 1 15:01:00 2015 UTC (4 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.144: +2 -2 lines
Diff to previous 1.144 (colored)

Update to 7.41.0:

Version 7.41.0 (25 Feb 2015)

Daniel Stenberg (25 Feb 2015)
- THANKS: added contributors from the 7.41.0 RELEASE-NOTES

- RELEASE-NOTES: sync with ffc2aeec6e (7.41.0 release time!)

Marc Hoersken (25 Feb 2015)
- Revert "telnet.c: fix handling of 0 being returned from custom read function"

  This reverts commit 03fa576833643c67579ae216c4e7350fa9b5f2fe.

- telnet.c: fix invalid use of custom read function if not being set

  obj_count can be 1 if the custom read function is set or the stdin
  handle is a reference to a pipe. Since the pipe should be handled
  using the PeekNamedPipe-check below, the custom read function should
  only be used if it is actually enabled.

- telnet.c: fix handling of 0 being returned from custom read function

  According to [1]: "Returning 0 will signal end-of-file to the library
  and cause it to stop the current transfer."
  This change makes the Windows telnet code handle this case accordingly.

   [1] http://curl.haxx.se/libcurl/c/CURLOPT_READFUNCTION.html

Daniel Stenberg (24 Feb 2015)
- sws: stop logging about TPC_NODELAY nonsense

- lib530: make it less timing sensible

  ... by making sure the first request is completed before doing the
  remainder.

Kamil Dudka (23 Feb 2015)
- connect: wait for IPv4 connection attempts

  ... even if the last IPv6 connection attempt has failed.

  Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4

- connect: avoid skipping an IPv4 address

  ... in case the protocol versions are mixed in a DNS response
  (IPv6 -> IPv4 -> IPv6).

  Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3

Daniel Stenberg (23 Feb 2015)
- RELEASE-NOTES: synced with 5e4395eab839d

- ROADMAP: curl_easy_setopt.3 has already been split up

  Remove cmake as marked for removal. It is in much better state now.

- ROADMAP: extend the HTTP/2 stuff, remove SPDY

- [Julian Ospald brought this change]

  configure: allow both --with-ca-bundle and --with-ca-path

  SSL_CTX_load_verify_locations by default (and if given non-Null
  parameters) searches the CAfile first and falls back to CApath.  This
  allows for CAfile to be a basis (e.g. installed by the package manager)
  and CApath to be a user configured directory.

  This wasn't reflected by the previous configure constraint which this
  patch fixes.

  Bug: https://github.com/bagder/curl/pull/139

- [Ben Boeckel brought this change]

  cmake: install the dll file to the correct directory

- [Alessandro Ghedini brought this change]

  nss: fix NPN/ALPN protocol negotiation

  Correctly check for memcmp() return value (it returns 0 if the strings match).

  This is not really important, since curl is going to use http/1.1 anyway, but
  it's still a bug I guess.

- [Alessandro Ghedini brought this change]

  polarssl: fix ALPN protocol negotiation

  Correctly check for strncmp() return value (it returns 0 if the strings
  match).

- [Sergei Nikulov brought this change]

  CMake: Fix generation of tool_hugehelp.c on windows

  Use "cmake -E echo" instead of "echo".

  Reviewed-by: Brad King <brad.king@kitware.com>

- [Sergei Nikulov brought this change]

  CMake: fix winsock2 detection on windows

  Set CMAKE_REQUIRED_DEFINITIONS to include definitions needed to get
  the winsock2 API from windows.h.  Simplify the order of checks to
  avoid extra conditions.

  Use check_include_file instead of check_include_file_concat to look
  for OpenSSL headers.  They do not need to participate in a sequence
  of dependent system headers.  Also they may cause winsock.h to be
  included before ws2tcpip.h, causing the latter to not be detected
  in the sequence.

  Reviewed-by: Brad King <brad.king@kitware.com>

- [Alessandro Ghedini brought this change]

  gtls: fix build with HTTP2

Steve Holme (16 Feb 2015)
- Makefile.vc6: Corrected typos in rename of darwinssl.obj

Nick Zitzmann (15 Feb 2015)
- By request, change the name of "curl_darwinssl.[ch]" to "darwinssl.[ch]"

Steve Holme (14 Feb 2015)
- RELEASE-NOTES: Synced with 6f89f86c3d

- tests/README: Updated to reflect email test ranges

- [Alessandro Ghedini brought this change]

  curl.1: --cert-status is also supported by OpenSSL now

- build: Removed Visual Studio SuppressStartupBanner directive for VC8+

  Visual Studio 2005 and above defaults to disabling the startup banner
  for the Compiler, Linker and MIDL tools (with /NOLOGO). As such there
  is no need to explicitly set the SuppressStartupBanner directive, as
  this is a leftover from the VC7 and VC7.1 projects being upgraded to
  VC8 and above.

Kamil Dudka (12 Feb 2015)
- openssl: fix a compile-time warning

  lib/vtls/openssl.c:1450:7: warning: extra tokens at end of #endif directive

Steve Holme (11 Feb 2015)
- openssl: Use OPENSSL_IS_BORINGSSL for BoringSSL detection

  For consistency with other conditionally compiled code in openssl.c,
  use OPENSSL_IS_BORINGSSL rather than HAVE_BORINGSSL and try to use
  HAVE_BORINGSSL outside of openssl.c when the OpenSSL header files are
  not included.

Patrick Monnerat (11 Feb 2015)
- ftp: accept all 2xx responses to the PORT command

Steve Holme (9 Feb 2015)
- openssl: Disable OCSP in old versions of OpenSSL

  Versions of OpenSSL prior to v0.9.8h do not support the necessary
  functions for OCSP stapling.

Daniel Stenberg (9 Feb 2015)
- [Tatsuhiro Tsujikawa brought this change]

  http2: Fix bug that associated stream canceled on PUSH_PROMISE

  Previously we don't ignore PUSH_PROMISE header fields in on_header
  callback.  It makes header values mixed with following HEADERS,
  resulting protocol error.

- [Jay Satiro brought this change]

  polarssl: Fix exclusive SSL protocol version options

  Prior to this change the options for exclusive SSL protocol versions did
  not actually set the protocol exclusive.

  http://curl.haxx.se/mail/lib-2015-01/0002.html
  Reported-by: Dan Fandrich

- [Jay Satiro brought this change]

  gskit: Fix exclusive SSLv3 option

- curl.1: clarify that -X is used for all requests

  Reported-by: Jon Seymour

- curl.1: add warning when using -H and redirects

Steve Holme (7 Feb 2015)
- schannel: Removed curl_ prefix from source files

  Removed the curl_ prefix from the schannel source files as discussed
  with Marc and Daniel at FOSDEM.

Daniel Stenberg (6 Feb 2015)
- md5: use axTLS's own MD5 functions when available

- MD(4|5): make the MD4_* and MD5_* functions static

- axtls: fix conversion from size_t to int warning

Steve Holme (5 Feb 2015)
- ftp: Use 'CURLcode result' for curl result codes

Daniel Stenberg (5 Feb 2015)
- openssl: SSL_SESSION->ssl_version no longer exist

  The struct went private in 1.0.2 so we cannot read the version number
  from there anymore. Use SSL_version() instead!

  Reported-by: Gisle Vanem
  Bug: http://curl.haxx.se/mail/lib-2015-02/0034.html

Dan Fandrich (4 Feb 2015)
- unit1600: Fix compilation when NTLM is disabled

Daniel Stenberg (4 Feb 2015)
- MD5: fix compiler warnings and code style nits

- MD5: replace implementation

  The previous one was "encumbered" by RSA Inc - to avoid the licensing
  restrictions it has being replaced. This is the initial import,
  inserting the md5.c and md5.h files from
  http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5

  Code-by: Alexander Peslyak

- MD4: fix compiler warnings and code style nits

- MD4: replace implementation

  The previous one was "encumbered" by RSA Inc - to avoid the licensing
  restrictions it has being replaced. This is the initial import,
  inserting the md4.c and md4.h files from
  http://openwall.info/wiki/people/solar/software/public-domain-source-code/md4

  Code-by: Alexander Peslyak

Steve Holme (4 Feb 2015)
- telnet: Prefer 'CURLcode result' for curl result codes

- hostasyn: Prefer 'CURLcode result' for curl result codes

- schannel: Prefer 'CURLcode result' for curl result codes

Daniel Stenberg (3 Feb 2015)
- unit1601: MD5 unit tests

- unit1600: unit test for Curl_ntlm_core_mk_nt_hash

- unit1600: NTLM unit test

- tests/README: add a new range, clean up some language

- [Jay Satiro brought this change]

  opts: CURLOPT_CAINFO availability depends on SSL engine

- getpass: protect include with proper #ifdef

  Reported-by: Tamir

- getpass_r: read from stdin, not stdout!

  The file number used was wrong. This bug was introduced over 10 years
  ago, proving this function isn't used much...

  Bug: http://curl.haxx.se/bug/view.cgi?id=1476
  Reported-by: Tamir

- test1135: verify the CURL_EXTERN order in header files

- Makefile.am: fix 'make distcheck'

  ... by removing generated files from the *_DIST variable [*] and instead
  generate them with a .dist suffix, since that is then handled and put
  into the release archive by our generic dist-hook.

  [*] = 'make distcheck' fails with non-existing files listed there

Steve Holme (2 Feb 2015)
- curl_sasl.c: More code policing

  Better use of 80 character line limit, comment corrections and line
  spacing preferences.

Daniel Stenberg (2 Feb 2015)
- libcurl-symbols: first basic shot for autogenerated docs

- FAQ: minor edit of 3.22

Steve Holme (2 Feb 2015)
- build: Added removal of Visual Studio project files

  Added the removal of the locally generated project files so one
  may revert to a clean repository.

- build: Renamed top level Visual Studio solution files

  In preparation for adding the test suite and examples projects renamed
  the top level "all" solution files to better describe what they are.

  This will also enable us to use "curl" rather than "curlsrc" for the
  command line tool solution and project files, which will simplify some
  of the configuration.

- build: Enabled DEBUGBUILD in Visual Studio debug builds

  Defined the DEBUGBUILD pre-processor variable to allow extra logging,
  which is particularly useful in debug builds, as we use this and Visual
  Studio typically uses _DEBUG.

  We could define DEBUBBUILD, in curl_setup.h, when _MSC_VER and _DEBUG is
  defined but that would also affect the makefile based builds which we
  probably don't want to do.

- build: Removed unused Visual Studio bscmake settings

Daniel Stenberg (2 Feb 2015)
- CURLOPT_HTTP_VERSION.3: CURL_HTTP_VERSION_2_0 added in 7.33.0

  And modify the text to refer to HTTP 2 as it isn't called "2.0".

  Reported-By: Michael Wallner

Marc Hoersken (31 Jan 2015)
- TODO: moved WinSSL/SChannel todo items into docs

Daniel Stenberg (29 Jan 2015)
- [Michael Kaufmann brought this change]

  CURLOPT_SEEKFUNCTION.3: also when server closes a connection

Steve Holme (29 Jan 2015)
- curl_sasl.c: Fixed compilation warning when cryptography is disabled

  curl_sasl.c:1506: warning: unused variable 'chlg'

- curl_sasl.c: Fixed compilation warning when verbose debug output disabled

  curl_sasl.c:1317: warning: unused parameter 'conn'

- ntlm_core: Use own odd parity function when crypto engine doesn't have one

- ntlm_core: Prefer sizeof(key) rather than hard coded sizes

- ntlm_core: Added consistent comments to DES functions

- des: Added Curl_des_set_odd_parity()

  Added Curl_des_set_odd_parity() for use when cryptography engines
  don't include this functionality.

- tests: Grouped SMTP SASL EXTERNAL tests with other SMTP tests

- tests: Grouped POP3 SASL EXTERNAL tests with other POP3 tests

- tests: Grouped IMAP SASL EXTERNAL tests with other IMAP tests

- sasl: Minor code policing and grammar corrections

Daniel Stenberg (28 Jan 2015)
- [Gisle Vanem brought this change]

  ldap: build with BoringSSL

- security: avoid compiler warning

  Possible access to uninitialised memory '&nread' at line 140 of
  lib/security.c in function 'ftp_send_command'.

  Reported-by: Rich Burridge

- runtests: identify BoringSSL and libressl

Patrick Monnerat (27 Jan 2015)
- docs: cite SASL external authentication.

- sasl: remove XOAUTH2 from default enabled authentication mechanism.

- test: add test cases for sasl external authentication (imap/pop3/smtp).

- imap: remove automatic password setting: it breaks external sasl authentication

- sasl: implement EXTERNAL authentication mechanism.
    Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and
  by not setting the password.

Steve Holme (27 Jan 2015)
- openssl: Fixed Curl_ossl_cert_status_request() not returning FALSE

  Modified the Curl_ossl_cert_status_request() function to return FALSE
  when built with BoringSSL or when OpenSSL is missing the necessary TLS
  extensions.

- openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext'

  Fixed the build of openssl.c when OpenSSL is built without the necessary
  TLS extensions for OCSP stapling.

  Reported-by: John E. Malmberg

- [Brad Spencer brought this change]

  curl_setup: Disable SMB/CIFS support when HTTP only

- RELEASE-NOTES: Synced with 37824498a3

Daniel Stenberg (22 Jan 2015)
- configure: remove detection of the old yassl emulation API

  ... as that is ancient history and not used.

- OCSP stapling: disabled when build with BoringSSL

- [Alessandro Ghedini brought this change]

  openssl: add support for the Certificate Status Request TLS extension

  Also known as "status_request" or OCSP stapling, defined in RFC6066
  section 8.

  Thanks-to: Joe Mason
  - for the work-around for the OpenSSL bug.

- BoringSSL: fix build for non-configure builds

  HAVE_BORINGSSL gets defined now by configure and should be defined by
  other build systems in case a BoringSSL build is desired.

- configure: fix BoringSSL detection and detect libresssl

Steve Holme (22 Jan 2015)
- curl_sasl: Reinstate the sasl_ prefix for locally scoped functions

  Commit 7a8b2885e2 made some functions static and removed the public
  Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which
  is the naming convention we use in this source file.

- curl_sasl: Minor code policing following recent commits

Daniel Stenberg (22 Jan 2015)
- [John Malmberg brought this change]

  openvms: Handle openssl/0.8.9zb version parsing

  packages/vms/gnv_link_curl.com was assuming only a single letter suffix
  in the openssl version.  That assumption has been fixed for 7.40.

- BoringSSL: detected by configure, switches off NTLM

- BoringSSL: no PKCS12 support nor ERR_remove_state

- [Leith Bade brought this change]

  BoringSSL: fix build

Steve Holme (20 Jan 2015)
- curl_sasl.c: chlglen is not used when cryptography is disabled

- curl_sasl.c: Fixed compilation warning when cyptography is disabled

  curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local
                    variable

- curl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI defined

  curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier

  This error could also happen for non-SSPI builds when cryptography is
  disabled (CURL_DISABLE_CRYPTO_AUTH is defined).

Patrick Monnerat (20 Jan 2015)
- SASL: make some procedures local-scoped

- SASL: common state engine for imap/pop3/smtp

- SASL: common URL option and auth capabilities decoders for all protocols

- IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.

Daniel Stenberg (20 Jan 2015)
- ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6

  Reported-by: Chris Young

- [Chris Young brought this change]

  timeval: typecast for better type (on Amiga)

  There is an issue with conflicting "struct timeval" definitions with
  certain AmigaOS releases and C libraries, depending on what gets
  included when.  It's a minor difference - the OS one is unsigned,
  whereas the common structure has signed elements.  If the OS one ends up
  getting defined, this causes a timing calculation error in curl.

  It's easy enough to resolve this at the curl end, by casting the
  potentially errorneous calculation to a signed long.

- openssl: do public key pinning check independently

  ... of the other cert verification checks so that you can set verifyhost
  and verifypeer to FALSE and still check the public key.

  Bug: http://curl.haxx.se/bug/view.cgi?id=1471
  Reported-by: Kyle J. McKay

Patrick Monnerat (19 Jan 2015)
- OS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too.

Steve Holme (18 Jan 2015)
- ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP

  For consistency with other USE_WIN32_ defines as well as the
  USE_OPENLDAP define.

- http_negotiate: Use dynamic buffer for SPN generation

  Use a dynamicly allocated buffer for the temporary SPN variable similar
  to how the SASL GSS-API code does, rather than using a fixed buffer of
  2048 characters.

- sasl_gssapi: Make Curl_sasl_build_gssapi_spn() public

- sasl_gssapi: Fixed memory leak with local SPN variable

Daniel Stenberg (17 Jan 2015)
- http_negotiate.c: unused variable 'ret'

Steve Holme (17 Jan 2015)
- gskit.h: Code policing of function pointer arguments

- vtls: Removed unimplemented overrides of curlssl_close_all()

  Carrying on from commit 037cd0d991, removed the following unimplemented
  instances of curlssl_close_all():

  Curl_axtls_close_all()
  Curl_darwinssl_close_all()
  Curl_cyassl_close_all()
  Curl_gskit_close_all()
  Curl_gtls_close_all()
  Curl_nss_close_all()
  Curl_polarssl_close_all()

- vtls: Separate the SSL backend definition from the API setup

  Slight code cleanup as the SSL backend #define is mixed up with the API
  function setup.

- vtls: Fixed compilation errors when SSL not used

  Fixed the following warning and error from commit 3af90a6e19 when SSL
  is not being used:

  url.c:2004: warning C4013: 'Curl_ssl_cert_status_request' undefined;
              assuming extern returning int

  error LNK2019: unresolved external symbol Curl_ssl_cert_status_request
                 referenced in function Curl_setopt

- http_negotiate: Added empty decoded challenge message info text

- http_negotiate: Return CURLcode in Curl_input_negotiate() instead of int

- http_negotiate_sspi: Prefer use of 'attrs' for context attributes

  Use the same variable name as other areas of SSPI code.

- http_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo()

  Use the SECURITY_STATUS typedef rather than a unsigned long for the
  QuerySecurityPackageInfo() return and rename the variable as per other
  areas of SSPI code.

- http_negotiate_sspi: Use 'CURLcode result' for CURL result code

- curl_endian: Fixed build when 64-bit integers are not supported (Part 2)

  Missed Curl_read64_be() in commit bb12d44471 :(

Daniel Stenberg (16 Jan 2015)
- CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0

- curlver.h: next release is 7.41.0 due to the changes

- RELEASE-NOTES: mention the new OCSP stapling options, bump version

- opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile

- help: add --cert-status to --help output

- copyright years: after OCSP stapling changes

- [Alessandro Ghedini brought this change]

  curl: add --cert-status option

  This enables the CURLOPT_SSL_VERIFYSTATUS functionality.

- [Alessandro Ghedini brought this change]

  nss: add support for the Certificate Status Request TLS extension

  Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.

  This requires NSS 3.15 or higher.

- [Alessandro Ghedini brought this change]

  gtls: add support for the Certificate Status Request TLS extension

  Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.

  This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use
  at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP
  response verfication to fail even on valid responses.

- [Alessandro Ghedini brought this change]

  url: add CURLOPT_SSL_VERIFYSTATUS option

  This option can be used to enable/disable certificate status verification using
  the "Certificate Status Request" TLS extension defined in RFC6066 section 8.

  This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
  certificate status verification fails, and the Curl_ssl_cert_status_request()
  function, used to check whether the SSL backend supports the status_request
  extension.

- TheArtOfHttpScripting: skip the date at the top, we have git

- TheArtOfHttpScripting: phrase it TLS lib agnostic

Steve Holme (16 Jan 2015)
- TODO: Added some SMB ideas

- RELEASE-NOTES: Synced with 5f09947d28

- build-openssl.bat: Added check for Perl installation

- checksrc.bat: Better detection of Perl installation

- curl_endian: Fixed build when 64-bit integers are not supported

  Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html
  Reported-by: John E. Malmberg

Daniel Stenberg (15 Jan 2015)
- [Yun SangHo brought this change]

  curl.h: remove extra space

- Curl_pretransfer: reset expected transfer sizes

  Reported-by: Mohammad AlSaleh
  Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html

Marc Hoersken (12 Jan 2015)
- curl_schannel.c: mark session as removed from cache if not freed

  If the session is still used by active SSL/TLS connections, it
  cannot be closed yet. Thus we mark the session as not being cached
  any longer so that the reference counting mechanism in
  Curl_schannel_shutdown is used to close and free the session.

  Reported-by: Jean-Francois Durand

Steve Holme (9 Jan 2015)
- RELEASE-NOTES: Synced with d21b66835f

Guenter Knauf (9 Jan 2015)
- Merge pull request #134 from vszakats/mingw-m64

  add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS

- Merge pull request #136 from vszakats/mingw-allow-custom-cflags

  mingw build: allow to pass custom CFLAGS

Daniel Stenberg (9 Jan 2015)
- NSS: fix compiler error when built http2-enabled

Steve Holme (9 Jan 2015)
- gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions

  Better code reuse and consistency in calls to gss_import_name().

Viktor Szakats (9 Jan 2015)
- mingw build: allow to pass custom CFLAGS

Daniel Stenberg (8 Jan 2015)
- FTP: if EPSV fails on IPV6 connections, bail out

  ... instead of trying PASV, since PASV can't work with IPv6.

  Reported-by: Vojtch Král

- FTP: fix IPv6 host using link-local address

  ... and make sure we can connect the data connection to a host name that
  is longer than 48 bytes.

  Also simplifies the code somewhat by re-using the original host name
  more, as it is likely still in the DNS cache.

  Original-Patch-by: Vojtch Král
  Bug: http://curl.haxx.se/bug/view.cgi?id=1468

Steve Holme (8 Jan 2015)
- [Sam Schanken brought this change]

  winbuild: Added option to build with c-ares

  Added support for a WITH_CARES option to be used when invoking nmake
  via Makefile.vc. This option enables linking against both the DLL and
  static versions of the c-ares libraries, as well as the debug and
  release varients, depending on the value of DEBUG. The USE_ARES
  preprocessor symbol is also defined.

Guenter Knauf (8 Jan 2015)
- NetWare build: added TLS-SRP enabled build.

Steve Holme (8 Jan 2015)
- sasl_gssapi: Fixed build on NetBSD with built-in GSS-API

  Bug: http://curl.haxx.se/bug/view.cgi?id=1469
  Reported-by: Thomas Klausner

Viktor Szakats (8 Jan 2015)
- add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS

Daniel Stenberg (8 Jan 2015)
- bump: start working towards 7.40.1

- THANKS: 14 new contributors from the 7.40.0 release notes

Revision 1.143.2.1 / (download) - annotate - [select for diffs], Tue Jan 20 23:58:07 2015 UTC (4 years, 4 months ago) by tron
Branch: pkgsrc-2014Q4
Changes since 1.143: +2 -1 lines
Diff to previous 1.143 (colored) next main 1.144 (colored)

Pullup ticket #4591 - requested by he
www/curl: security patch

Add a fix for the security bypass vulnerability reported in CVE-2014-8150.

Revision 1.144 / (download) - annotate - [select for diffs], Thu Jan 8 17:23:07 2015 UTC (4 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.143: +2 -2 lines
Diff to previous 1.143 (colored)

Update to 7.40.0. Disable gssapi by default on NetBSD, since it doesn't
compile any longer, see
https://sourceforge.net/p/curl/bugs/1469/

Changes:

Curl and libcurl 7.40.0

 Public curl releases:         143
 Command line options:         162
 curl_easy_setopt() options:   208
 Public functions in libcurl:  58
 Contributors:                 1219

This release includes the following changes:

 o http_digest: Added support for Windows SSPI based authentication
 o version info: Added Kerberos V5 to the supported features
 o Makefile: Added VC targets for WinIDN
 o config-win32: Introduce build targets for VS2012+
 o SSL: Add PEM format support for public key pinning
 o smtp: Added support for the conversion of Unix newlines during mail send [8]
 o smb: Added initial support for the SMB/CIFS protocol
 o Added support for HTTP over unix domain sockets, via
   CURLOPT_UNIX_SOCKET_PATH and --unix-socket
 o sasl: Added support for GSS-API based Kerberos V5 authentication

This release includes the following bugfixes:

 o darwinssl: fix session ID keys to only reuse identical sessions [18]
 o url-parsing: reject CRLFs within URLs [19]
 o OS400: Adjust specific support to last release
 o THANKS: Remove duplicate names
 o url.c: Fixed compilation warning
 o ssh: Fixed build on platforms where R_OK is not defined [1]
 o tool_strdup.c: include the tool strdup.h
 o build: Fixed Visual Studio project file generation of strdup.[c|h]
 o curl_easy_setopt.3: add CURLOPT_PINNEDPUBLICKEY [2]
 o curl.1: show zone index use in a URL
 o mk-ca-bundle.vbs: switch to new certdata.txt url
 o Makefile.dist: Added some missing SSPI configurations
 o build: Fixed no NTLM support for email when CURL_DISABLE_HTTP is defined
 o SSH: use the port number as well for known_known checks [3]
 o libssh2: detect features based on version, not configure checks
 o http2: Deal with HTTP/2 data inside Upgrade response header buffer [4]
 o multi: removed Curl_multi_set_easy_connection
 o symbol-scan.pl: do not require autotools
 o cmake: add ENABLE_THREADED_RESOLVER, rename ARES
 o cmake: build libhostname for test suite
 o cmake: fix HAVE_GETHOSTNAME definition
 o tests: fix libhostname visibility
 o tests: fix memleak in server/resolve.c
 o vtls.h: Fixed compiler warning when compiled without SSL
 o CMake: Restore order-dependent header checks
 o CMake: Restore order-dependent library checks
 o tool: Removed krb4 from the supported features
 o http2: Don't send Upgrade headers when we already do HTTP/2
 o examples: Don't call select() to sleep on windows [6]
 o win32: Updated some legacy APIs to use the newer extended versions [5]
 o easy.c: Fixed compilation warning when no verbose string support
 o connect.c: Fixed compilation warning when no verbose string support
 o build: in Makefile.m32 pass -F flag to windres
 o build: in Makefile.m32 add -m32 flag for 32bit
 o multi: when leaving for timeout, close accordingly
 o CMake: Simplify if() conditions on check result variables
 o build: in Makefile.m32 try to detect 64bit target
 o multi: inform about closed sockets before they are closed
 o multi-uv.c: close the file handle after download
 o examples: Wait recommended 100ms when no file descriptors are ready
 o ntlm: Split the SSPI based messaging code from the native messaging code
 o cmake: fix NTLM detection when CURL_DISABLE_HTTP defined
 o cmake: add Kerberos to the supported feature
 o CURLOPT_POSTFIELDS.3: mention the COPYPOSTFIELDS option
 o http: Disable pipelining for HTTP/2 and upgraded connections
 o ntlm: Fixed static'ness of local decode function
 o sasl: Reduced the need for two sets of NTLM messaging functions
 o multi.c: Fixed compilation warnings when no verbose string support
 o select.c: fix compilation for VxWorks [7]
 o multi-single.c: switch to use curl_multi_wait
 o curl_multi_wait.3: clarify numfds being used if not NULL
 o http.c: Fixed compilation warnings from features being disabled
 o NSS: enable the CAPATH option [9]
 o docs: Fix FAILONERROR typos
 o HTTP: don't abort connections with pending Negotiate authentication
 o HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request
 o http_perhapsrewind: don't abort CONNECT requests
 o build: updated dependencies in makefiles
 o multi.c: Fixed compilation warning
 o ftp.c: Fixed compilation warnings when proxy support disabled
 o get_url_file_name: Fixed crash on OOM on debug build
 o cookie.c: Refactored cleanup code to simplify
 o OS400: enable NTLM authentication
 o ntlm: Use Windows Crypt API
 o http2: avoid logging neg "failure" if h2 was not requested
 o schannel_recv: return the correct code [10]
 o VC build: added sspi define for winssl-zlib builds
 o Curl_client_write(): chop long data, convert data only once
 o openldap: do not ignore Curl_client_write() return code
 o ldap: check Curl_client_write() return codes
 o parsedate.c: Fixed compilation warning
 o url.c: Fixed compilation warning when USE_NTLM is not defined
 o ntlm_wb_response: fix "statement not reached" [11]
 o telnet: fix "cast increases required alignment of target type"
 o smtp: Fixed dot stuffing when EOL characters at end of input buffers [12]
 o ntlm: Allow NTLM2Session messages when USE_NTRESPONSES manually defined
 o ntlm: Disable NTLM v2 when 64-bit integers are not supported
 o ntlm: Use short integer when decoding 16-bit values
 o ftp.c: Fixed compilation warning when no verbose string support
 o synctime.c: fixed timeserver URLs
 o mk-ca-bundle.pl: restored forced run again
 o ntlm: Fixed return code for bad type-2 Target Info
 o curl_schannel.c: Data may be available before connection shutdown
 o curl_schannel: Improvements to memory re-allocation strategy [13]
 o darwinssl: aprintf() to allocate the session key
 o tool_util.c: Use GetTickCount64 if it is available
 o lib: Fixed multiple code analysis warnings if SAL are available
 o tool_binmode.c: Explicitly ignore the return code of setmode
 o tool_urlglob.c: Silence warning C6293: Ill-defined for-loop
 o opts: Warn CURLOPT_TIMEOUT overrides when set after CURLOPT_TIMEOUT_MS
 o SFTP: work-around servers that return zero size on STAT [14]
 o connect: singleipconnect(): properly try other address families after failure
 o IPV6: address scope != scope id [15]
 o parseurlandfillconn(): fix improper non-numeric scope_id stripping [16]
 o secureserver.pl: make OpenSSL CApath and cert absolute path values
 o secureserver.pl: update Windows detection and fix path conversion
 o secureserver.pl: clean up formatting of config and fix verbose output
 o tests: Added Windows support using Cygwin-based OpenSSH
 o sockfilt.c: use non-Ex functions that are available before WinXP
 o VMS: Updates for 0740-0D1220
 o openssl: warn for SRP set if SSLv3 is used, not for TLS version
 o openssl: make it compile against openssl 1.1.0-DEV master branch
 o openssl: fix SSL/TLS versions in verbose output
 o curl: show size of inhibited data when using -v
 o build: Removed WIN32 definition from the Visual Studio projects
 o build: Removed WIN64 definition from the libcurl Visual Studio projects
 o vtls: Use bool for Curl_ssl_getsessionid() return type
 o sockfilt.c: Replace 100ms sleep with thread throttle
 o sockfilt.c: Reduce the number of individual memory allocations
 o vtls: Don't set cert info count until memory allocation is successful
 o nss: Don't ignore Curl_ssl_init_certinfo() OOM failure
 o nss: Don't ignore Curl_extract_certinfo() OOM failure
 o vtls: Fixed compilation warning and an ignored return code
 o sockfilt.c: Fixed compilation warnings
 o darwinssl: Fixed compilation warning
 o vtls: Use '(void) arg' for unused parameters
 o sepheaders.c: Fixed resource leak on failure
 o lib1900.c: Fixed cppcheck error [17]
 o ldap: Fixed Unicode connection details in Win32 initialsation / bind calls
 o ldap: Fixed Unicode DN, attributes and filter in Win32 search calls

Revision 1.141.2.1 / (download) - annotate - [select for diffs], Thu Nov 27 08:18:54 2014 UTC (4 years, 5 months ago) by tron
Branch: pkgsrc-2014Q3
Changes since 1.141: +2 -2 lines
Diff to previous 1.141 (colored) next main 1.142 (colored)

Pullup ticket #4560 - requested by he
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.143
- www/curl/PLIST                                                1.45
- www/curl/distinfo                                             1.99

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Fri Nov  7 14:10:16 UTC 2014

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   Changes 7.39.0:
   * SSLv3 is disabled by default
   * CURLOPT_COOKIELIST: Added "RELOAD" command [5]
   * build: Added WinIDN build configuration options to Visual Studio projects
   * ssh: improve key file search
   * SSL: public key pinning. Use CURLOPT_PINNEDPUBLICKEY and --pinnedpubkey
   * vtls: remove QsoSSL support, use gskit!
   * mk-ca-bundle: added SHA-384 signature algorithm
   * docs: added many examples for libcurl opts and other doc improvements
   * build: Added VC ssh2 target to main Makefile
   * MinGW: Added support to build with nghttp2
   * NetWare: Added support to build with nghttp2
   * build: added Watcom support to build with WinSSL
   * build: Added optional specific version generation of VC project files

   Bugfixes:
   * curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds [9]
   * openssl: build fix for versions < 0.9.8e [1]
   * newlines: fix mixed newlines to LF-only [2]
   * ntlm: Fixed HTTP proxy authentication when using Windows SSPI [3]
   * sasl_sspi: Fixed Unicode build [4]
   * file: reject paths using embedded %00
   * threaded-resolver: revert Curl_expire_latest() switch [6]
   * configure: allow --with-ca-path with PolarSSL too
   * HTTP/2: Fix busy loop when EOF is encountered
   * CURLOPT_CAPATH: return failure if set without backend support
   * nss: do not fail if a CRL is already cached
   * smtp: Fixed intermittent "SSL3_WRITE_PENDING: bad write retry" error
   * fixed 20+ nits/memory leaks identified by Coverity scans
   * curl_schannel.c: Fixed possible memory or handle leak
   * multi-uv.c: call curl_multi_info_read() better
   * Cmake: Check for OpenSSL before OpenLDAP
   * Cmake: Fix library list provided to cURL tests
   * Cmake: Avoid cycle directory dependencies
   * Cmake: Build with GSS-API libraries (MIT or Heimdal)
   * vtls: provide backend defines for internal source code
   * nss: fix a connection failure when FTPS handle is reused
   * tests/http_pipe.py: Python 3 support
   * cmake: build tool_hugehelp (ENABLE_MANUAL)
   * cmake: enable IPv6 by default if available
   * tests: move TESTCASES to Makefile.inc, add show for cmake
   * ntlm: Avoid unnecessary buffer allocation for SSPI based type-2 token
   * ntlm: Fixed empty/bad base-64 decoded buffer return codes
   * ntlm: Fixed empty type-2 decoded message info text
   * cmake: add CMake/Macros.cmake to the release tarball
   * cmake: add SUPPORT_FEATURES and SUPPORT_PROTOCOLS
   * cmake: use LIBCURL_VERSION from curlver.h
   * cmake: generate pkg-config and curl-config
   * fixed several superfluous variable assignements identified by cppcheck
   * cleanup of 'CURLcode result' return code
   * pipelining: only output "is not blacklisted" in debug builds
   * SSL: Remove SSLv3 from SSL default due to POODLE attack
   * gskit.c: remove SSLv3 from SSL default
   * darwinssl: detect possible future removal of SSLv3 from the framework
   * ntlm: Only define ntlm data structure when USE_NTLM is defined
   * ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash()
   * ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash()
   * sspi: Only call CompleteAuthToken() when complete is needed
   * http_negotiate: Fixed missing check for USE_SPNEGO
   * HTTP: return larger than 3 digit response codes too [7]
   * openssl: Check for NPN / ALPN via OpenSSL version number
   * openssl: enable NPN separately from ALPN
   * sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
   * sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failure
   * resume: consider a resume from [content-length] to be OK [8]
   * sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
   * build-openssl.bat: Fix x64 release build
   * cmake: drop _BSD_SOURCE macro usage
   * cmake: fix gethostby{addr,name}_r in CurlTests
   * cmake: clean OtherTests, fixing -Werror
   * cmake: fix struct sockaddr_storage check
   * Curl_single_getsock: fix hold/pause sock handling
   * SSL: PolarSSL default min SSL version TLS 1.0
   * cmake: fix ZLIB_INCLUDE_DIRS use [10]
   * buildconf: stop checking for libtool

Revision 1.143 / (download) - annotate - [select for diffs], Fri Nov 7 14:10:16 2014 UTC (4 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base
Branch point for: pkgsrc-2014Q4
Changes since 1.142: +2 -2 lines
Diff to previous 1.142 (colored)

Changes 7.39.0:
* SSLv3 is disabled by default
* CURLOPT_COOKIELIST: Added "RELOAD" command [5]
* build: Added WinIDN build configuration options to Visual Studio projects
* ssh: improve key file search
* SSL: public key pinning. Use CURLOPT_PINNEDPUBLICKEY and --pinnedpubkey
* vtls: remove QsoSSL support, use gskit!
* mk-ca-bundle: added SHA-384 signature algorithm
* docs: added many examples for libcurl opts and other doc improvements
* build: Added VC ssh2 target to main Makefile
* MinGW: Added support to build with nghttp2
* NetWare: Added support to build with nghttp2
* build: added Watcom support to build with WinSSL
* build: Added optional specific version generation of VC project files

Bugfixes:
* curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds [9]
* openssl: build fix for versions < 0.9.8e [1]
* newlines: fix mixed newlines to LF-only [2]
* ntlm: Fixed HTTP proxy authentication when using Windows SSPI [3]
* sasl_sspi: Fixed Unicode build [4]
* file: reject paths using embedded %00
* threaded-resolver: revert Curl_expire_latest() switch [6]
* configure: allow --with-ca-path with PolarSSL too
* HTTP/2: Fix busy loop when EOF is encountered
* CURLOPT_CAPATH: return failure if set without backend support
* nss: do not fail if a CRL is already cached
* smtp: Fixed intermittent "SSL3_WRITE_PENDING: bad write retry" error
* fixed 20+ nits/memory leaks identified by Coverity scans
* curl_schannel.c: Fixed possible memory or handle leak
* multi-uv.c: call curl_multi_info_read() better
* Cmake: Check for OpenSSL before OpenLDAP
* Cmake: Fix library list provided to cURL tests
* Cmake: Avoid cycle directory dependencies
* Cmake: Build with GSS-API libraries (MIT or Heimdal)
* vtls: provide backend defines for internal source code
* nss: fix a connection failure when FTPS handle is reused
* tests/http_pipe.py: Python 3 support
* cmake: build tool_hugehelp (ENABLE_MANUAL)
* cmake: enable IPv6 by default if available
* tests: move TESTCASES to Makefile.inc, add show for cmake
* ntlm: Avoid unnecessary buffer allocation for SSPI based type-2 token
* ntlm: Fixed empty/bad base-64 decoded buffer return codes
* ntlm: Fixed empty type-2 decoded message info text
* cmake: add CMake/Macros.cmake to the release tarball
* cmake: add SUPPORT_FEATURES and SUPPORT_PROTOCOLS
* cmake: use LIBCURL_VERSION from curlver.h
* cmake: generate pkg-config and curl-config
* fixed several superfluous variable assignements identified by cppcheck
* cleanup of 'CURLcode result' return code
* pipelining: only output "is not blacklisted" in debug builds
* SSL: Remove SSLv3 from SSL default due to POODLE attack
* gskit.c: remove SSLv3 from SSL default
* darwinssl: detect possible future removal of SSLv3 from the framework
* ntlm: Only define ntlm data structure when USE_NTLM is defined
* ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash()
* ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash()
* sspi: Only call CompleteAuthToken() when complete is needed
* http_negotiate: Fixed missing check for USE_SPNEGO
* HTTP: return larger than 3 digit response codes too [7]
* openssl: Check for NPN / ALPN via OpenSSL version number
* openssl: enable NPN separately from ALPN
* sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
* sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failure
* resume: consider a resume from [content-length] to be OK [8]
* sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
* build-openssl.bat: Fix x64 release build
* cmake: drop _BSD_SOURCE macro usage
* cmake: fix gethostby{addr,name}_r in CurlTests
* cmake: clean OtherTests, fixing -Werror
* cmake: fix struct sockaddr_storage check
* Curl_single_getsock: fix hold/pause sock handling
* SSL: PolarSSL default min SSL version TLS 1.0
* cmake: fix ZLIB_INCLUDE_DIRS use [10]
* buildconf: stop checking for libtool

Revision 1.142 / (download) - annotate - [select for diffs], Thu Oct 9 14:07:09 2014 UTC (4 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.141: +1 -3 lines
Diff to previous 1.141 (colored)

Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles.

Revision 1.141 / (download) - annotate - [select for diffs], Sun Sep 14 16:43:44 2014 UTC (4 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base
Branch point for: pkgsrc-2014Q3
Changes since 1.140: +2 -2 lines
Diff to previous 1.140 (colored)

Update to 7.38.0:

 Changes:

    supports HTTP/2 draft-14
    CURLE_HTTP2 is a new error code
    CURLAUTH_NEGOTIATE is a new auth define
    CURL_VERSION_GSSAPI is a new capability bit
    no longer use fbopenssl for anything
    schannel: use CryptGenRandom for random numbers
    axtls: define curlssl_random using axTLS's PRNG
    cyassl: use RNG_GenerateBlock to generate a good random number
    findprotocol: show unsupported protocol within quotes
    version: detect and show LibreSSL
    version: detect and show BoringSSL
    imap/pop3/smtp: Kerberos (SASL GSSAPI) authentication via Windows SSPI
    http2: requires nghttp2 0.6.0 or later

Bugfixes:

    SECURITY ADVISORY: cookie leak with IP address as domain
    SECURITY ADVISORY: cookie leak for TLDs
    fix a build failure on Debian when NSS support is enabled
    HTTP/2: fixed compiler warnings when built disabled
    cyassl: return the correct error code on no CA cert
    http: Deprecate GSS-Negotiate macros due to bad naming
    http: Fixed Negotiate: authentication
    multi: Improve proxy CONNECT performance (regression)
    ntlm_wb: Avoid invoking ntlm_auth helper with empty username
    ntlm_wb: Fix hard-coded limit on NTLM auth packet size
    url.c: use the preferred symbol name: *READDATA
    smtp: fixed a segfault during test 1320 torture test
    cyassl: made it compile with version 2.0.6 again
    nss: do not check the version of NSS at run time
    c-ares: fix build without IPv6 support
    HTTP/2: use base64url encoding
    SSPI Negotiate: Fix 3 memory leaks
    libtest: fixed duplicated line in Makefile
    conncache: fix compiler warning
    openssl: make ossl_send return CURLE_OK better
    HTTP/2: Support expect: 100-continue
    HTTP/2: Fix infinite loop in readwrite_data()
    parsedate: fix the return code for an overflow edge condition
    darwinssl: don't use strtok()
    http_negotiate_sspi: Fixed specific username and password not working
    openssl: replace call to OPENSSL_config
    http2: show the received header for better debugging
    HTTP/2: Move :authority before non-pseudo header fields
    HTTP/2: Reset promised stream, not its associated stream
    HTTP/2: added some more logging for debugging stream problems
    ntlm: Added support for SSPI package info query
    ntlm: Fixed hard coded buffer for SSPI based auth packet generation
    sasl_sspi: Fixed memory leak with not releasing Package Info struct
    sasl_sspi: Fixed SPN not being converted to wchar under Unicode builds
    sasl: Use a dynamic buffer for DIGEST-MD5 SPN generation
    http_negotiate_sspi: Use a dynamic buffer for SPN generation
    sasl_sspi: Fixed missing free of challenge buffer on SPN failure
    sasl_sspi: Fixed hard coded buffer for response generation
    Curl_poll + Curl_wait_ms: fix timeout return value
    docs/SSLCERTS: update the section about NSS database
    create_conn: prune dead connections
    openssl: fix version report for the 0.9.8 branch
    mk-ca-bundle.pl: switched to using hg.mozilla.org
    http: fix the Content-Range: parser
    Curl_disconnect: don't free the URL
    win32: Fixed WinSock 2 #if
    NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth
    curl.1: clarify --limit-rate's effect on both directions
    disconnect: don't touch easy-related state on disconnects
    Cmake: big cleanup and numerous fixes
    HTTP/2: supports draft-14 - moved :headers before the non-psuedo headers
    HTTP/2: Reset promised stream, not its associated stream
    configure.ac: Add support for recent GSS-API implementations for HP-UX
    CONNECT: close proxy connections that fail
    CURLOPT_NOBODY.3: clarify this option is for downloads
    darwinssl: fix CA certificate checking using PEM format
    resolve: cache lookup for async resolvers
    low-speed-limit: avoid timeout flood
    polarssl: implement CURLOPT_SSLVERSION
    multi: convert CURLM_STATE_CONNECT_PEND handling to a list
    curl_multi_cleanup: remove superfluous NULL assigns
    polarssl: support CURLOPT_CAPATH / --capath
    progress: size_dl/size_ul are always >= 0, and clear "KNOWN" properly

Revision 1.140 / (download) - annotate - [select for diffs], Tue Jul 22 11:38:26 2014 UTC (4 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.139: +2 -3 lines
Diff to previous 1.139 (colored)

Update to 7.37.1:

 Changes:

    bits.close: introduce connection close tracking
    darwinssl: Add support for --cacert
    polarssl: add ALPN support
    docs: Added new option man pages

Bugfixes:

    build: Fixed incorrect reference to curl_setup.h in Visual Studio files
    build: Use $(TargetDir) and $(TargetName) macros for .pdb and .lib output
    curl.1: clarify that -u can't specify a user with colon
    openssl: Fix uninitialized variable use in NPN callback
    curl_easy_reset: reset the URL
    curl_version_info.3: returns a pointer to a static struct
    url-parser: only use if_nametoindex if detected by configure
    select: with winsock, avoid passing unsupported arguments to select()
    gnutls: don't use deprecated type names anymore
    gnutls: allow building with nghttp2 but without ALPN support
    tests: Fix portability issue with the tftpd server
    curl_sasl_sspi: Fixed corrupt hostname in DIGEST-MD5 SPN
    curl_sasl: extended native DIGEST-MD5 cnonce to be a 32-byte hex string
    random: use Curl_rand() for proper random data
    Curl_ossl_init: call OPENSSL_config for initing engines
    config-win32.h: Updated for VC12
    winbuild: Don't USE_WINSSL when WITH_SSL is being used
    getinfo: HTTP CONNECT code not reset between transfers
    Curl_rand: Use a fake entropy for debug builds when CURL_ENTROPY set
    http2: avoid segfault when using the plain-text http2
    conncache: move the connection counter to the cache struct
    http2: better return code error checking
    curlbuild: fix GCC build on SPARC systems without configure script
    tool_metalink: Support polarssl as digest provider
    curl.h: reverse the enum/define setup for old symbols
    curl.h: moved two really old deprecated symbols
    curl.h: renamed CURLOPT_DEPRECATEDx to CURLOPT_OBSOLETEx
    buildconf: do not search tools in current directory.
    OS400: make it compilable again. Make RPG binding up to date
    nss: do not abort on connection failure (failing tests 305 and 404)
    nss: make the fallback to SSLv3 work again
    tool: prevent valgrind from reporting possibly lost memory (nss only)
    progress callback: skip last callback update on errors
    nss: fix a memory leak when CURLOPT_CRLFILE is used
    compiler warnings: potentially uninitialized variables
    url.c: Fixed memory leak on OOM
    gnutls: ignore invalid certificate dates with VERIFYPEER disabled
    gnutls: fix SRP support with versions of GnuTLS from 2.99.0
    gnutls: fixed a couple of uninitialized variable references
    gnutls: fixed compilation against versions < 2.12.0
    build: Fixed overridden compiler PDB settings in VC7 to VC12
    ntlm_wb: Fixed buffer size not being large enough for NTLMv2 sessions
    netrc: don't abort if home dir cannot be found
    netrc: fixed thread safety problem by using getpwuid_r if available
    cookie: avoid mutex deadlock
    configure: respect host tool prefix for krb5-config
    gnutls: handle IP address in cert name check

Revision 1.139 / (download) - annotate - [select for diffs], Thu May 29 23:37:56 2014 UTC (4 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.138: +2 -1 lines
Diff to previous 1.138 (colored)

Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.

Revision 1.138 / (download) - annotate - [select for diffs], Thu May 22 08:17:54 2014 UTC (5 years ago) by adam
Branch: MAIN
Changes since 1.137: +2 -2 lines
Diff to previous 1.137 (colored)

Changes 7.37.0:
URL parser: IPv6 zone identifiers are now supported
CURLOPT_PROXYHEADER: set headers for proxy-only
CURLOPT_HEADEROPT: added
curl: add --proxy-header
sasl: Added support for DIGEST-MD5 via Windows SSPI
sasl: Added DIGEST-MD5 qop-option validation in native challange handling
imap: Expanded mailbox SEARCH support to use URL query strings
imap: Extended FETCH support to include PARTIAL URL specifier
nss: implement non-blocking SSL handshake
build: Reworked Visual Studio project files
poll: enable poll on darwin13
mk-ca-bundle: added -p
libtests: add a wait_ms() function

Revision 1.137 / (download) - annotate - [select for diffs], Sat May 3 20:01:28 2014 UTC (5 years ago) by ryoon
Branch: MAIN
Changes since 1.136: +2 -1 lines
Diff to previous 1.136 (colored)

nroff is required for hugehelp()
Fix build under OpenBSD 5.5

Revision 1.136 / (download) - annotate - [select for diffs], Sun Mar 30 12:57:54 2014 UTC (5 years, 1 month ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.135: +2 -3 lines
Diff to previous 1.135 (colored)

Upstream release notes:

Fixed in 7.36.0 - March 26 2014
Release contains security-related bug fixes

Changes:

    ntlm: Added support for NTLMv2
    tool: Added support for URL specific options
    openssl: add ALPN support
    gtls: add ALPN support
    nss: add ALPN and NPN support
    added CURLOPT_EXPECT_100_TIMEOUT_MS
    tool: add --no-alpn and --no-npn
    added CURLOPT_SSL_ENABLE_NPN and CURLOPT_SSL_ENABLE_ALPN
    winssl: enable TLSv1.1 and TLSv1.2 by default
    winssl: TLSv1.2 disables certificate signatures using MD5 hash
    winssl: enable hostname verification of IP address using SAN or CN
    darwinssl: Don't omit CN verification when an IP address is used
    http2: build with current nghttp2 version
    polarssl: dropped support for PolarSSL < 1.3.0
    openssl: info message with SSL version used

Bugfixes:

    SECURITY ADVISORY: wrong re-use of connections
    SECURITY ADVISORY: IP address wildcard certificate validation
    SECURITY ADVISORY: not verifying certs for TLS to IP address / Darwinssl
    SECURITY ADVISORY: not verifying certs for TLS to IP address / Winssl
    nss: allow to use ECC ciphers if NSS implements them
    netrc: Fixed a memory leak in an OOM condition
    ftp: fixed a memory leak on wildcard error path
    pipeline: Fixed a NULL pointer dereference on OOM
    nss: prefer highest available TLS version
    100-continue: fix timeout condition
    ssh: Fixed a NULL pointer dereference on OOM condition
    formpost: use semicolon in multipart/mixaed
    --help: add missing --tlsv1.x options
    formdata: Fixed memory leak on OOM condition
    ConnectionExists: reusing possible HTTP+NTLM connections better
    mingw32: fix compilation
    chunked decoder: track overflows correctly
    curl_easy_setopt.3: add CURL_HTTP_VERSION_2_0
    dict: fix memory leak in OOM exit path
    valgrind: added suppression on optimized code
    curl: output protocol headers using binary mode
    tool: Added URL index to password prompt for multiple operations
    ConnectionExists: re-use non-NTLM connections better
    axtls: call ssl_read repeatedly
    multi: make MAXCONNECTS default 4 x number of easy handles function
    configure: Fix the --disable-crypto-auth option
    multi: ignore SIGPIPE internally
    curl.1: update the description of --tlsv1
    SFTP: skip reading the dir when NOBODY=1
    easy: Fixed a memory leak on OOM condition
    tool: Fixed incorrect return code when setting HTTP request fails
    configure: Tiny fix to honor POSIX
    tool: Do not output libcurl source for the information only parameters
    Rework Open Watcom make files to use standard Wmake features
    x509asn: moved out Curl_verifyhost from NSS builds
    configure: call it GSS-API
    hostcheck: Curl_cert_hostcheck is not used by NSS builds
    multi_runsingle: move timestamp into INIT
    remote_port: allow connect to port 0
    parse_remote_port: error out on illegal port numbers better
    ssh: Pass errors from libssh2_sftp_read up the stack
    docs: remove documentation on setting up krb4 support
    polarssl: build fixes to work with PolarSSL 1.3.x
    polarssl: fix possible handshake timeout issue in multi
    nss: allow to enable/disable cipher-suites better
    ssh: prevent a logic error that could result in an infinite loop
    http2: free resources on disconnect
    polarssl: avoid extra newlines in debug messages
    rtsp: parse "Session:" header properly
    trynextip: don't store 'ai' on failed connects
    Curl_cert_hostcheck: strip trailing dots in host name and wildcard

Revision 1.132.2.1 / (download) - annotate - [select for diffs], Tue Mar 11 12:47:11 2014 UTC (5 years, 2 months ago) by tron
Branch: pkgsrc-2013Q4
Changes since 1.132: +2 -2 lines
Diff to previous 1.132 (colored) next main 1.133 (colored)

Pullup ticket #4338 - requested by taca
www/curl: security update

Revisions pulled up:
- www/curl/Makefile                                             1.133-1.134
- www/curl/PLIST                                                1.43
- www/curl/distinfo                                             1.91-1.92
- www/curl/patches/patch-aa                                     1.25

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Tue Dec 31 11:48:03 UTC 2013

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo

   Log Message:
   Changes 7.34.0:
   SSL: protocol version can be specified more precisely
   imap/pop3/smtp: Added graceful cancellation of SASL authentication
   Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
   base64: Added validation of base64 input strings when decoding
   curl_easy_setopt: Added the ability to set the login options separately
   smtp: Added support for additional SMTP commands
   curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
   nss: allow to use TLS > 1.0 if built against recent NSS
   SECURITY: added this document to describe our security processes
   parseconfig: warn if unquoted white spaces are detected

   Bugfixes:
   SECURITY VULNERABILITY: libcurl cert name check ignore with GnuTLS
   darwinssl: un-break iOS build after PKCS/12 feature added
   tool: use XFERFUNCTION to save some casts
   usercertinmem: fix memory leaks
   ssh: Handle successful SSH_USERAUTH_NONE
   NSS: acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option
   test906: Fixed failing test on some platforms
   sasl: initialize NSS before using NTLM crypto
   sasl: Fixed memory leak in OAUTH2 message creation
   imap/pop3/smtp: Fixed QUIT / LOGOUT being sent when SSL connect fails
   cmake: unbreak for non-Windows platforms
   ssh: initialize per-handle data in ssh_connect()
   glob: fix broken URLs
   configure: check for long long when building with cyassl
   CURLOPT_RESOLVE: mention they don't time-out
   docs/examples/httpput.c: fix build for MSVC
   FTP: make the data connection work when going through proxy
   NSS: support for CERTINFO feature
   curl_multi_wait: accept 0 from multi_timeout() as valid timeout
   glob_range: pass the closing bracket for a-z ranges
   tool_help: Updated --list-only description to include POP3
   Curl_ssl_push_certinfo_len: don't %.*s non-zero-terminated string
   cmake: fix Windows build with IPv6 support
   ares: Fixed compilation under Visual Studio 2012
   curl_easy_setopt.3: clarify CURLOPT_SSL_VERIFYHOST documentation
   curl.1: mention that -O does no URL decoding
   darwinssl: PKCS/12 import feature now requires Lion or later
   darwinssl: check for SSLSetSessionOption() presence when toggling BEAST
   configure: Fix test with -Werror=implicit-function-declaration
   sigpipe: factor out sigpipe_reset from easy.c
   curl_multi_cleanup: ignore SIGPIPE
   globbing: curl glob counter mismatch with {} list use
   parseconfig: dash options can't specified with colon or equals
   digest: fix CURLAUTH_DIGEST_IE
   curl.h: for OpenBSD
   darwinssl: Fix #if 10.6.0 for SecKeychainSearch
   TFTP: fix return codes for connect timeout
   login options: remove the ;[options] support from CURLOPT_USERPWD
   imap: Fixed incorrect fallback to clear text authentication
   parsedate: avoid integer overflow
   curl.1: document -J doesn't %-decode
   multi: add timer inaccuracy margin to timeout/connecttimeout

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Sat Feb  1 11:07:14 UTC 2014

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo
   	pkgsrc/www/curl/patches: patch-aa

   Log Message:
   Changes 7.35.0:
   imap/pop3/smtp: Added support for SASL authentication downgrades
   imap/pop3/smtp: Extended the login options to support multiple auth mechanisms
   TheArtOfHttpScripting: major update, converted layout and more
   mprintf: Added support for I, I32 and I64 size specifiers
   makefile: Added support for VC7, VC11 and VC12

   Bugfixes:
   SECURITY ADVISORY: re-use of wrong HTTP NTLM connection
   curl_easy_setopt: Fixed OAuth 2.0 Bearer option name
   pop3: Fixed APOP being determined by CAPA response rather than by timestamp
   Curl_pp_readresp: zero terminate line
   FILE: don't wait due to CURLOPT_MAX_RECV_SPEED_LARGE
   docs: mention CURLOPT_MAX_RECV/SEND_SPEED_LARGE don't work for FILE://
   pop3: Fixed auth preference not being honored when CAPA not supported
   imap: Fixed auth preference not being honored when CAPABILITY not supported
   threaded resolver: Use pthread_t * for curl_thread_t
   FILE: we don't support paused transfers using this protocol
   connect: Try all addresses in first connection attempt
   curl_easy_setopt.3: Added SMTP information to CURLOPT_INFILESIZE_LARGE
   OpenSSL: Fix forcing SSLv3 connections
   openssl: allow explicit sslv2 selection
   FTP parselist: fix "total" parser
   conncache: fix possible dereference of null pointer
   multi.c: fix possible dereference of null pointer
   mk-ca-bundle: introduces -d and warns about using this script
   ConnectionExists: fix NTLM check for new connection
   trynextip: fix build for non-IPV6 capable systems
   Curl_updateconninfo: don't do anything for UDP "connections"
   darwinssl: un-break Leopard build after PKCS-12 change
   threaded-resolver: never use NULL hints with getaddrinf
   multi_socket: remind app if timeout didn't run
   OpenSSL: deselect weak ciphers by default
   error message: Sensible message on timeout when transfer size unknown
   curl_easy_setopt.3: mention how to unset CURLOPT_INFILESIZE*
   win32: Fixed use of deprecated function 'GetVersionInfoEx' for VC12
   configure: fix gssapi linking on HP-UX
   chunked-parser: abort on overflows, allow 64 bit chunks
   chunked parsing: relax the CR strictness
   cookie: max-age fixes
   progress bar: always update when at 100%
   progress bar: increase update frequency to 10Hz
   tool: Fixed incorrect return code if command line parser runs out of memory
   tool: Fixed incorrect return code if password prompting runs out of memory
   HTTP POST: omit Content-Length if data size is unknown
   GnuTLS: disable insecure ciphers
   GnuTLS: honor --slv2 and the --tlsv1[.N] switches
   multi: Fixed a memory leak on OOM condition
   netrc: Fixed a memory and file descriptor leak on OOM
   getpass: fix password parsing from console
   TFTP: fix crash on time-out
   hostip: don't remove DNS entries that are in use
   tests: lots of tests fixed to pass the OOM torture tests

Revision 1.135 / (download) - annotate - [select for diffs], Wed Feb 12 23:18:44 2014 UTC (5 years, 3 months ago) by tron
Branch: MAIN
Changes since 1.134: +2 -1 lines
Diff to previous 1.134 (colored)

Recursive PKGREVISION bump for OpenSSL API version bump.

Revision 1.134 / (download) - annotate - [select for diffs], Sat Feb 1 11:07:14 2014 UTC (5 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.133: +2 -2 lines
Diff to previous 1.133 (colored)

Changes 7.35.0:
imap/pop3/smtp: Added support for SASL authentication downgrades
imap/pop3/smtp: Extended the login options to support multiple auth mechanisms
TheArtOfHttpScripting: major update, converted layout and more
mprintf: Added support for I, I32 and I64 size specifiers
makefile: Added support for VC7, VC11 and VC12

Bugfixes:
SECURITY ADVISORY: re-use of wrong HTTP NTLM connection
curl_easy_setopt: Fixed OAuth 2.0 Bearer option name
pop3: Fixed APOP being determined by CAPA response rather than by timestamp
Curl_pp_readresp: zero terminate line
FILE: don't wait due to CURLOPT_MAX_RECV_SPEED_LARGE
docs: mention CURLOPT_MAX_RECV/SEND_SPEED_LARGE don't work for FILE://
pop3: Fixed auth preference not being honored when CAPA not supported
imap: Fixed auth preference not being honored when CAPABILITY not supported
threaded resolver: Use pthread_t * for curl_thread_t
FILE: we don't support paused transfers using this protocol
connect: Try all addresses in first connection attempt
curl_easy_setopt.3: Added SMTP information to CURLOPT_INFILESIZE_LARGE
OpenSSL: Fix forcing SSLv3 connections
openssl: allow explicit sslv2 selection
FTP parselist: fix "total" parser
conncache: fix possible dereference of null pointer
multi.c: fix possible dereference of null pointer
mk-ca-bundle: introduces -d and warns about using this script
ConnectionExists: fix NTLM check for new connection
trynextip: fix build for non-IPV6 capable systems
Curl_updateconninfo: don't do anything for UDP "connections"
darwinssl: un-break Leopard build after PKCS-12 change
threaded-resolver: never use NULL hints with getaddrinf
multi_socket: remind app if timeout didn't run
OpenSSL: deselect weak ciphers by default
error message: Sensible message on timeout when transfer size unknown
curl_easy_setopt.3: mention how to unset CURLOPT_INFILESIZE*
win32: Fixed use of deprecated function 'GetVersionInfoEx' for VC12
configure: fix gssapi linking on HP-UX
chunked-parser: abort on overflows, allow 64 bit chunks
chunked parsing: relax the CR strictness
cookie: max-age fixes
progress bar: always update when at 100%
progress bar: increase update frequency to 10Hz
tool: Fixed incorrect return code if command line parser runs out of memory
tool: Fixed incorrect return code if password prompting runs out of memory
HTTP POST: omit Content-Length if data size is unknown
GnuTLS: disable insecure ciphers
GnuTLS: honor --slv2 and the --tlsv1[.N] switches
multi: Fixed a memory leak on OOM condition
netrc: Fixed a memory and file descriptor leak on OOM
getpass: fix password parsing from console
TFTP: fix crash on time-out
hostip: don't remove DNS entries that are in use
tests: lots of tests fixed to pass the OOM torture tests

Revision 1.133 / (download) - annotate - [select for diffs], Tue Dec 31 11:48:03 2013 UTC (5 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.132: +2 -2 lines
Diff to previous 1.132 (colored)

Changes 7.34.0:
SSL: protocol version can be specified more precisely
imap/pop3/smtp: Added graceful cancellation of SASL authentication
Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
base64: Added validation of base64 input strings when decoding
curl_easy_setopt: Added the ability to set the login options separately
smtp: Added support for additional SMTP commands
curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
nss: allow to use TLS > 1.0 if built against recent NSS
SECURITY: added this document to describe our security processes
parseconfig: warn if unquoted white spaces are detected

Bugfixes:
SECURITY VULNERABILITY: libcurl cert name check ignore with GnuTLS
darwinssl: un-break iOS build after PKCS/12 feature added
tool: use XFERFUNCTION to save some casts
usercertinmem: fix memory leaks
ssh: Handle successful SSH_USERAUTH_NONE
NSS: acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option
test906: Fixed failing test on some platforms
sasl: initialize NSS before using NTLM crypto
sasl: Fixed memory leak in OAUTH2 message creation
imap/pop3/smtp: Fixed QUIT / LOGOUT being sent when SSL connect fails
cmake: unbreak for non-Windows platforms
ssh: initialize per-handle data in ssh_connect()
glob: fix broken URLs
configure: check for long long when building with cyassl
CURLOPT_RESOLVE: mention they don't time-out
docs/examples/httpput.c: fix build for MSVC
FTP: make the data connection work when going through proxy
NSS: support for CERTINFO feature
curl_multi_wait: accept 0 from multi_timeout() as valid timeout
glob_range: pass the closing bracket for a-z ranges
tool_help: Updated --list-only description to include POP3
Curl_ssl_push_certinfo_len: don't %.*s non-zero-terminated string
cmake: fix Windows build with IPv6 support
ares: Fixed compilation under Visual Studio 2012
curl_easy_setopt.3: clarify CURLOPT_SSL_VERIFYHOST documentation
curl.1: mention that -O does no URL decoding
darwinssl: PKCS/12 import feature now requires Lion or later
darwinssl: check for SSLSetSessionOption() presence when toggling BEAST
configure: Fix test with -Werror=implicit-function-declaration
sigpipe: factor out sigpipe_reset from easy.c
curl_multi_cleanup: ignore SIGPIPE
globbing: curl glob counter mismatch with {} list use
parseconfig: dash options can't specified with colon or equals
digest: fix CURLAUTH_DIGEST_IE
curl.h: for OpenBSD
darwinssl: Fix #if 10.6.0 for SecKeychainSearch
TFTP: fix return codes for connect timeout
login options: remove the ;[options] support from CURLOPT_USERPWD
imap: Fixed incorrect fallback to clear text authentication
parsedate: avoid integer overflow
curl.1: document -J doesn't %-decode
multi: add timer inaccuracy margin to timeout/connecttimeout

Revision 1.132 / (download) - annotate - [select for diffs], Thu Oct 17 07:56:36 2013 UTC (5 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base
Branch point for: pkgsrc-2013Q4
Changes since 1.131: +6 -13 lines
Diff to previous 1.131 (colored)

Changes 7.33.0:
* test code for testing the event based API
* CURLM_ADDED_ALREADY: new error code
* test TFTP server: support "writedelay" within
* krb4 support has been removed
* imap/pop3/smtp: added basic SASL XOAUTH2 support
* darwinssl: add support for PKCS12 files for client authentication
* darwinssl: enable BEAST workaround on iOS 7 & later
* Pass password to OpenSSL engine by user interface
* c-ares: Add support for various DNS binding options
* cookies: add expiration
* curl: added --oauth2-bearer option

Revision 1.131 / (download) - annotate - [select for diffs], Tue Aug 13 17:07:32 2013 UTC (5 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.130: +2 -2 lines
Diff to previous 1.130 (colored)

Changes 7.32.0:
curl: allow timeouts to accept decimal values
OS400: add slist and certinfo EBCDIC support
OS400: new SSL backend GSKit
CURLOPT_XFERINFOFUNCTION: introducing a new progress callback
LIBCURL-STRUCTS: new document

Bugfixes:
dotdot: introducing dot file path cleanup
docs: fix typo in curl_easy_getinfo manpage
test1230: avoid using hard-wired port number
test1396: invoke the correct test tool
SIGPIPE: ignored while inside the library
darwinssl: fix crash that started happening in Lion
OpenSSL: check for read errors, don't assume
c-ares: improve error message on failed resolve
printf: make sure %x are treated unsigned
formpost: better random boundaries
url: restore the functionality of 'curl -u :'
curl.1: fix typo in --xattr description
digest: improve nonce generation
configure: automake 1.14 compatibility tweak
curl.1: document the --post303 option in the man page
curl.1: document the --sasl-ir option in the man page
setup-vms.h: sk_pop symbol tweak
tool_paramhlp: try harder to catch negatives
cmake: Fix for MSVC2010 project generation
asyn-ares: Don't blank ares servers if none configured
curl_multi_wait: set revents for extra fds
Reinstate "WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup()
ftp_do_more: consider DO_MORE complete when server connects back
curl_easy_perform: gradually increase the delay time
curl: fix symbolic names for CURLUSESSL_* enum in --libcurl output
curl: fix upload of a zip file in OpenVMS
build: fix linking on Solaris 10
curl_formadd: CURLFORM_FILECONTENT wrongly rejected some option combos
curl_formadd: fix file upload on VMS
curl_easy_pause: on unpause, trigger mulit-socket handling
md5 & metalink: use better build macros on Apple operating systems
darwinssl: fix build error in crypto authentication under Snow Leopard
curl: make --progress-bar update the line less frequently
configure: don't error out on variable confusions (CFLAGS, LDFLAGS etc)
mk-ca-bundle: skip more untrusted certificates
formadd: wrong pointer for file name when CURLFORM_BUFFERPTR used
FTP: when EPSV gets a 229 but fails to connect, retry with PASV
mk-ca-bundle.1: don't install on make install
VMS: lots of updates and fixes of the build procedure
global dns cache: didn't work (regression)
global dns cache: fix memory leak

Revision 1.130 / (download) - annotate - [select for diffs], Sat Jun 29 19:24:57 2013 UTC (5 years, 10 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.129: +2 -3 lines
Diff to previous 1.129 (colored)

update of cURL to the current version. Upstream changelog:

Changes:
--------

darwinssl: add TLS session resumption
darwinssl: add TLS crypto authentication
imap/pop3/smtp: Added support for ;auth= in the URL
imap/pop3/smtp: Added support for ;auth= to CURLOPT_USERPWD
usercertinmem.c: add example showing user cert in memory
url: Added smtp and pop3 hostnames to the protocol detection list
imap/pop3/smtp: Added support for enabling the SASL initial response
curl -E: allow to use ':' in certificate nicknames

Bugfixes:
---------

SECURITY VULNERABILITY: curl_easy_unescape() may parse data beyond
    the end of the input buffer [26]
FTP: access files in root dir correctly
configure: try pthread_create without -lpthread
FTP: handle a 230 welcome response
curl-config: don't output static libs when they are disabled
CURL_CHECK_CA_BUNDLE: don't check for paths when cross-compiling
Various documentation updates
getinfo.c: reset timecond when clearing session-info variables
FILE: prevent an artificial timeout event due to stale speed-check data
ftp_state_pasv_resp: connect through proxy also when set by env
sshserver: disable StrictHostKeyChecking
ftpserver: Fixed imap logout confirmation data
curl_easy_init: use less mallocs
smtp: Fixed unknown percentage complete in progress bar
smtp: Fixed sending of double CRLF caused by first in EOB
bindlocal: move brace out of #ifdef
winssl: Fixed invalid memory access during SSL shutdown
OS X framework: fix invalid symbolic link
OpenSSL: allow empty server certificate subject
axtls: prevent memleaks on SSL handshake failures
cookies: only consider full path matches
Revert win32 MemoryTracking: wcsdup() _wcsdup() and _tcsdup()
Curl_cookie_add: handle IPv6 hosts
ossl_send: SSL_write() returning 0 is an error too
ossl_recv: SSL_read() returning 0 is an error too
Digest auth: escape user names with backslash or " in them
curl_formadd.3: fixed wrong "end-marker" syntax
libcurl-tutorial.3: fix incorrect backslash
curl_multi_wait: reduce timeout if the multi handle wants to
tests/Makefile: typo in the perlcheck target
axtls: honor disabled VERIFYHOST
OpenSSL: avoid double free in the PKCS12 certificate code
multi_socket: reduce timeout inaccuracy margin
digest: support auth-int for empty entity body
axtls: now done non-blocking
lib1900: use tutil_tvnow instead of gettimeofday
curl_easy_perform: avoid busy-looping
CURLOPT_COOKIELIST: take cookie share lock
multi_socket: react on socket close immediately

Revision 1.129 / (download) - annotate - [select for diffs], Sat Jun 29 12:08:50 2013 UTC (5 years, 10 months ago) by drochner
Branch: MAIN
Changes since 1.128: +2 -2 lines
Diff to previous 1.128 (colored)

add patch from upstream to fix possible buffer overflow in URL parser
(CVE-2013-2174), bump PKGREV

Revision 1.128 / (download) - annotate - [select for diffs], Fri May 31 12:42:31 2013 UTC (5 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.127: +2 -1 lines
Diff to previous 1.127 (colored)

Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.

Revision 1.127 / (download) - annotate - [select for diffs], Sun Apr 14 16:39:48 2013 UTC (6 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.126: +2 -3 lines
Diff to previous 1.126 (colored)

Update to 7.30.0:

Fixed in 7.30.0 - April 12 2013
Release contains security-related bug fix

Changes:

    imap: Changed response tag generation to be completely unique
    imap: Added support for SASL-IR extension
    imap: Added support for the list command
    imap: Added support for the append command
    imap: Added custom request parsing
    imap: Added support to the fetch command for UID and SECTION properties
    imap: Added parsing and verification of the UIDVALIDITY mailbox attribute
    darwinssl: Make certificate errors less techy
    imap/pop3/smtp: Added support for the STARTTLS capability
    checksrc: ban use of sprintf, vsprintf, strcat, strncat and gets
    curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag
    Added CURLMOPT_MAX_HOST_CONNECTIONS, CURLMOPT_MAX_TOTAL_CONNECTIONS for new multi interface connection handling
    Added CURLMOPT_MAX_PIPELINE_LENGTH, CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE, CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE, CURLMOPT_PIPELINING_SITE_BL and CURLMOPT_PIPELI NING_SERVER_BL for new pipelining control

Bugfixes:

    SECURITY ADVISORY: cookie tailmatching to avoid cross-domain leakage
    darwinssl: Fix build under Leopard
    DONE: consider callback-aborted transfers premature
    ntlm: Fixed memory leaks
    smtp: Fixed an issue when processing EHLO failure responses
    pop3: Fixed incorrect return value from pop3_endofresp()
    pop3: Fixed SASL authentication capability detection
    pop3: Fixed blocking SSL connect when connecting via POP3S
    imap: Fixed memory leak when performing multiple selects
    nss: fix misplaced code enabling non-blocking socket mode
    AddFormData: prevent only directories from being posted
    darwinssl: fix infinite loop if server disconnected abruptly
    metalink: fix improbable crash parsing metalink filename
    show proper host name on failed resolve
    MacOSX-Framework: Make script work in Xcode 4.0 and later
    strlcat: remove function
    darwinssl: Fix send glitchiness with data > 32 or so KB
    polarssl: better 1.1.x and 1.2.x support
    various documentation improvements
    multi: NULL pointer reference when closing an unused multi handle
    SOCKS: fix socks proxy when noproxy matched
    install-sh: updated to support multiple source files as arguments
    PolarSSL: added human readable error strings
    resolver_error: remove wrong error message output
    docs: updates HTML index and general improvements
    curlbuild.h.dist: enhance non-configure GCC ABI detection logic
    sasl: Fixed null pointer reference when decoding empty digest challenge
    easy: do not ignore poll() failures other than EINTR
    darwinssl: disable ECC ciphers under Mountain Lion by default
    CONNECT: count received headers
    build: fixes for VMS
    CONNECT: clear 'rewindaftersend' on success
    HTTP proxy: insert slash in URL if missing
    hiperfifo: updated to use current libevent API
    getinmemory.c: abort the transfer nicely if not enough memory
    improved win32 memorytracking
    corrected proxy header response headers count
    FTP quote operations on re-used connection
    tcpkeepalive on win32
    tcpkeepalive on Mac OS X
    easy: acknowledge the CURLOPT_MAXCONNECTS option properly
    easy interface: restore default MAXCONNECTS to 5
    win32: don't set SO_SNDBUF for windows vista or later versions
    HTTP: made cookie sort function more deterministic
    winssl: Fixed memory leak if connection was not successful
    FTP: wait on both connections during active STOR state
    connect: treat a failed local bind of an interface as a non-fatal error
    darwinssl: disable insecure ciphers by default
    FTP: handle "rubbish" in front of directory name in 257 responses
    mk-ca-bundle: Fixed lost OpenSSL output with "-t"

Revision 1.126 / (download) - annotate - [select for diffs], Sun Mar 17 21:33:33 2013 UTC (6 years, 2 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.125: +2 -2 lines
Diff to previous 1.125 (colored)

Make "curl-config --libs" return proper ldflags for shared libraries.

After curl 7.25.0 update (imported to pkgsrc at 20120417),
"curl-config --libs" no longer returns "-Wl,-R/usr/pkg/lib"
while "curl-config --static-libs" still returns it.

Fixes the root cause of libcurl part of PR pkg/46567, and this is
also required to fix openoffice3 issue as mentioned in PR pkg/46983.
The problem is tracked and reported by Yasushi Oshima.

Bump PKGREVISION.

Revision 1.125 / (download) - annotate - [select for diffs], Sun Mar 10 13:21:05 2013 UTC (6 years, 2 months ago) by obache
Branch: MAIN
Changes since 1.124: +2 -1 lines
Diff to previous 1.124 (colored)

Fix NULL pointer reference when closing an unused multi handle.
(upstream commit da3fc1ee91de656a30f3a12de394bcba55119872)

PR pkg/47610 by dieter roelants

Bump PKGREVISION.

Revision 1.121.2.1 / (download) - annotate - [select for diffs], Wed Feb 13 19:09:06 2013 UTC (6 years, 3 months ago) by tron
Branch: pkgsrc-2012Q4
Changes since 1.121: +2 -2 lines
Diff to previous 1.121 (colored) next main 1.122 (colored)

Pullup ticket #4066 - requested by drochner
www/curl: security patch

Revisions pulled up:
- www/curl/Makefile                                             1.123 via patch
- www/curl/distinfo                                             1.81
- www/curl/patches/patch-CVE-2013-0249                          1.1

---
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Fri Feb  8 15:45:42 UTC 2013

   Modified Files:
           pkgsrc/www/curl: Makefile distinfo
   Added Files:
           pkgsrc/www/curl/patches: patch-CVE-2013-0249

   Log Message:
   add patch from upstream to fix SASL buffer overflow vulnerability
   (CVE-2013-0249), bump PKGREV

Revision 1.124 / (download) - annotate - [select for diffs], Mon Feb 11 12:20:43 2013 UTC (6 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.123: +2 -3 lines
Diff to previous 1.123 (colored)

Update to 7.29.0:

Fixed in 7.29.0 - February 6 2013

Release contains security-related bug fix
(already fixed in pkgsrc)

Changes:

    test: offer "automake" output and check for perl better
    always-multi: always use non-blocking internals
    imap: Added support for sasl digest-md5 authentication
    imap: Added support for sasl cram-md5 authentication
    imap: Added support for sasl ntlm authentication
    imap: Added support for sasl login authentication
    imap: Added support for sasl plain text authentication
    imap: Added support for login disabled server capability
    mk-ca-bundle: add -f, support passing to stdout and more
    writeout: -w now supports remote_ip/port and local_ip/port

Bugfixes:

    SECURITY ADVISORY: SASL buffer overflow vulnerability
    nss: prevent NSS from crashing on client auth hook failure
    darwinssl: Fixed inability to disable peer verification on Snow Leopard and Lion
    curl_multi_remove_handle: fix memory leak triggered with CURLOPT_RESOLVE
    SCP: relative path didn't work as documented
    setup_once.h: HP-UX issue workaround
    configure: fix cross pkg-config detection
    runtests: Do not add undefined values to @INC
    build: fix compilation with CURL_DISABLE_CRYPTO_AUTH flag
    multi: fix re-sending request on early connection close
    HTTP: remove stray CRLF in chunk-encoded content-free request bodies
    build: fix AIX compilation and usage of events/revents
    VC Makefiles: add missing hostcheck
    nss: clear session cache if a client certificate from file is used
    nss: fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE
    fix HTTP CONNECT tunnel establishment upon delayed response
    --libcurl: fix for non-zero default options
    FTP: reject illegal port numbers in EPSV 229 responses
    build: use per-target '_CPPFLAGS' for those currently using default
    configure: fix automake 1.13 compatibility
    curl: ignore SIGPIPE
    pop3: Added support for non-blocking SSL upgrade
    pop3: Fixed default authentication detection
    imap: Fixed usernames and passwords that contain escape characters
    packages/DOS/common.dj: remove COFF debug info generation
    imap/pop3/smtp: Fixed failure detection during TLS upgrade
    pop3: Fixed no known authentication mechanism when fallback is required
    formadd: reject trying to read a directory where a file is expected
    formpost: support quotes, commas and semicolon in file names
    docs: update the comments about loading CA certs with NSS
    docs: fix typos in man pages
    darwinssl: Fix bug where packets were sometimes transmitted twice
    winbuild: include version info for .dll .exe
    schannel: Removed extended error connection setup flag
    VMS: fix and generate the VMS build config

Revision 1.123 / (download) - annotate - [select for diffs], Fri Feb 8 15:45:42 2013 UTC (6 years, 3 months ago) by drochner
Branch: MAIN
Changes since 1.122: +2 -2 lines
Diff to previous 1.122 (colored)

add patch from upstream to fix SASL buffer overflow vulnerability
(CVE-2013-0249), bump PKGREV

Revision 1.122 / (download) - annotate - [select for diffs], Wed Feb 6 23:20:52 2013 UTC (6 years, 3 months ago) by jperkin
Branch: MAIN
Changes since 1.121: +2 -2 lines
Diff to previous 1.121 (colored)

PKGREVISION bumps for the security/openssl 1.0.1d update.

Revision 1.121 / (download) - annotate - [select for diffs], Mon Dec 17 23:26:47 2012 UTC (6 years, 5 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base
Branch point for: pkgsrc-2012Q4
Changes since 1.120: +1 -2 lines
Diff to previous 1.120 (colored)

Add a libidn option (defaulting to on) which allows libidn support to be
turned off in www/curl.

Modify the curl package to be aware of the libidn option. Ensure default
is on.

No functional change, so no version number bump.

Revision 1.120 / (download) - annotate - [select for diffs], Sun Dec 16 01:52:38 2012 UTC (6 years, 5 months ago) by obache
Branch: MAIN
Changes since 1.119: +2 -1 lines
Diff to previous 1.119 (colored)

recursive bump from cyrus-sasl libsasl2 shlib major bump.

Revision 1.119 / (download) - annotate - [select for diffs], Thu Dec 6 16:24:29 2012 UTC (6 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.118: +2 -2 lines
Diff to previous 1.118 (colored)

Changes 7.28.1:

This release includes the following changes:
 o metalink/md5: Use CommonCrypto on Apple operating systems
 o href_extractor: new example code extracting href elements
 o NSS can be used for metalink hashing [13]

This release includes the following bugfixes:
 o Fix broken libmetalink-aware OpenSSL build
 o gnutls: fix the error is fatal logic [1]
 o darwinssl: un-broke iOS build, fix error on server disconnect
 o asyn-ares: restore functionality with c-ares < 1.6.1 [2]
 o tlsauthtype: deal with the string case insensitively [3]
 o Fixed MSVC libssh2 static build
 o evhiperfifo: fix the pointer passed to WRITEDATA [6]
 o BUGS: fix the bug tracker URL [4]
 o winbuild: Use machine type of development environment
 o FTP: prevent the multi interface from blocking [5]
 o uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
 o httpcustomheader.c: free the headers after use
 o fix >2000 bytes POST over NTLM-using proxy [7]
 o redirects to URLs with fragments [8]
 o don't send '#' fragments when using proxy [9]
 o OpenSSL: show full issuer string [10]
 o fix HTTP auth regression [11]
 o CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value [12]
 o ftp: EPSV-disable fix over SOCKS [14]
 o Digest: Add microseconds into nounce calculation [15]
 o SCP/SFTP: improve error code used for send failures
 o SSL: Several SSL-backend related fixes
 o removed the notorious "additional stuff not fine" debug output
 o OpenSSL: Disable SSL/TLS compression - avoid the "CRIME" attack
 o FILE: Make upload-writes unbuffered
 o custom memory callbacks failure with HTTP proxy (and more) [16]
 o TFTP: handle resends
 o autoconf: don't force-disable compiler debug option
 o winbuild: Fix PDB file output [17]
 o test2032: spurious failure caused by premature termination [18]
 o memory leak: CURLOPT_RESOLVE with multi interface [19]

Revision 1.118 / (download) - annotate - [select for diffs], Sun Oct 28 06:30:13 2012 UTC (6 years, 6 months ago) by asau
Branch: MAIN
Changes since 1.117: +1 -2 lines
Diff to previous 1.117 (colored)

Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.117 / (download) - annotate - [select for diffs], Fri Oct 12 07:36:11 2012 UTC (6 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.116: +2 -3 lines
Diff to previous 1.116 (colored)

Changes 7.28.0:

SSH: added agent based authentication
ftp: active conn, allow application to set sockopt after accept() call with CURLSOCKTYPE_ACCEPT
multi: add curl_multi_wait()
metalink: Added support for Microsoft Windows CryptoAPI
md5: Added support for Microsoft Windows CryptoAPI
parse_proxy: treat "socks://x" as a socks4 proxy
socks: Added support for IPv6 connections through SOCKSv5 proxy
Bugfixes:

WSAPoll disabled on Windows builds due to its bugs
segfault on request retries
curl-config: parentheses fix
VC build: add define for openssl
globbing: fix segfault when >9 globs were used
fixed a few clang-analyzer warnings
metalink: change code order to build with gnutls-nettle
gtls: fix build failure by including nettle-specific headers
change preferred HTTP auth on a handle previously used for another auth
file: use fdopen() to avoid race condition
Added DWANT_IDN_PROTOTYPES define for MSVC too
verbose: fixed (nil) output of hostnames in re-used connections
metalink: Un-broke the build when building --with-darwinssl
curl man page cleanup
Avoid leak of local device string when reusing connection
Curl_socket_check: fix return code for timeout
nss: do not print misleading NSS error codes
configure: remove the --enable/disable-nonblocking options
darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
NTLM: re-use existing connection better
schannel crash on multi and easy handle cleanup
SOCKS: truly disable it if CURL_DISABLE_PROXY is defined
mk-ca-bundle: detect start of trust section better
gnutls: do not fail on non-fatal handshake errors
SMTP: only send SIZE if supported
ftpserver: respond with a 250 to SMTP EHLO
ssh: do not crash if MD5 fingerprint is not provided by libssh2
winbuild: Added support for building with SPNEGO enabled
metalink: Fixed validation of binary files containing EOF
setup.h: fixed for MS VC10 build
cmake: use standard findxxx modules for cmake v2.8+
HTTP_ONLY: disable more protocols
Curl_reconnect_request: clear pointer on failure
https.c example: remember to call curl_global_init()
metalink: Filter resource URLs by type
multi interface: CURLOPT_LOW_SPEED_* fix during rate limitation
curl_schannel: Removed buffer limit and optimized buffer strategy

Revision 1.116 / (download) - annotate - [select for diffs], Wed Oct 3 21:58:28 2012 UTC (6 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.115: +2 -1 lines
Diff to previous 1.115 (colored)

Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.

I hope that's all of them.

Revision 1.115 / (download) - annotate - [select for diffs], Wed Aug 1 12:27:11 2012 UTC (6 years, 9 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3
Changes since 1.114: +2 -3 lines
Diff to previous 1.114 (colored)

update to 7.27.0
changes:
-added --metalink for metalink download support
-pop3: added more authentication types
-error message improvements
-bugfixes

Revision 1.114 / (download) - annotate - [select for diffs], Fri Jul 20 08:22:04 2012 UTC (6 years, 10 months ago) by marino
Branch: MAIN
Changes since 1.113: +2 -1 lines
Diff to previous 1.113 (colored)

www/curl: Fix TCP_KEEPIDLE unit for DragonFly

DragonFly uses millisecond rather than second as the unit of TCP_KEEPIDLE.
Patch multiples obtained value by 1000 on DragonFly.
Patch will be submitted to curl at SourceForge.

Revision 1.113 / (download) - annotate - [select for diffs], Tue May 29 14:58:05 2012 UTC (6 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)

Update to 7.26:

This release includes the following changes:

 o nss: the minimal supported version of NSS bumped to 3.12.x
 o nss: human-readable names are now provided for NSS errors if available
 o add a manual page for mk-ca-bundle
 o added --post303 and the CURL_REDIR_POST_303 option for CURLOPT_POSTREDIR
 o smtp: Add support for DIGEST-MD5 authentication
 o pop3: Added support for additional pop3 commands

This release includes the following bugfixes:

 o nss: libcurl now uses NSS_InitContext() to prevent collisions if available [1]
 o URL parse: reject numerical IPv6 addresses outside brackets [4]
 o MD5: fix OOM memory leak [5]
 o OpenSSL cert: provide more details when cert check fails
 o HTTP: empty chunked POST ended up in two zero size chunks [6]
 o fixed a regression when curl resolved to multiple addresses and the first
   isn't supported [7]
 o -# progress meter: avoid superfluous updates and duplicate lines [8]
 o headers: surround GCC attribute names with double underscores [9]
 o PolarSSL: correct return code for CRL matches
 o PolarSSL: include version number in version string
 o PolarSSL: add support for asynchronous connect
 o mk-ca-bundle: revert the LWP usage [12]
 o IPv6 cookie domain: get rid of the first bracket before the second
 o connect.c: return changed to CURLE_COULDNT_CONNECT when opensocket fails
 o OpenSSL: Made cert hostname check conform to RFC 6125 [10]
 o HTTP: reset expected DL/UL sizes on redirects [11]
 o CMake: fix Windows LDAP/LDAPS option handling [2]
 o CMake: fix MS Visual Studio x64 unsigned long long literal suffix [3]
 o configure: update detection logic of getaddrinfo() thread-safeness
 o configure: check for gethostbyname in the watt lib
 o curl-config.1: fix curl-config usage in example [13]
 o smtp: Fixed non-escaping of dot character at beginning of line
 o MakefileBuild.vc: use the correct IDN variable
 o autoconf: improve handling of versioned symbols
 o curl.1: clarify -x usage
 o curl: shorten user-agent
 o smtp: issue with the multi-interface always sending postdata [14]
 o compile error with GnuTLS+Nettle fixed
 o winbuild: fix IPv6 enabled build

Revision 1.112 / (download) - annotate - [select for diffs], Tue Apr 17 17:50:58 2012 UTC (7 years, 1 month ago) by drochner
Branch: MAIN
Changes since 1.111: +2 -2 lines
Diff to previous 1.111 (colored)

update to 7.25.0
changes:
-new options, minor improvements
-bugfixes

Revision 1.111 / (download) - annotate - [select for diffs], Sat Jan 28 14:41:14 2012 UTC (7 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1
Changes since 1.110: +2 -3 lines
Diff to previous 1.110 (colored)

Update to 7.24.0:

Fixed in 7.24.0 - January 24 2012

 Release contains security-related bug fix

 Changes:
   * CURLOPT_QUOTE: SFTP supports the '*'-prefix now
   * CURLOPT_DNS_SERVERS: set name servers if possible
   * Add support for using nettle instead of gcrypt as gnutls backend
   * CURLOPT_INTERFACE: avoid resolving interfaces names with magic prefixes
   * Added CURLOPT_ACCEPTTIMEOUT_MS
   * configure: add symbols versioning option --enable-versioned-symbols

 Bugfixes:
   * curl was vulnerable to a data injection attack for certain protocols CVE-2012-0036
   * curl was vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL
   * SSL session share: move the age counter to the share object
   * -J -O: use -O name if no Content-Disposition header comes!
   * protocol_connect: show verbose connect and set connect time
   * query-part: ignore the URI part for given protocols
   * gnutls: only translate winsock errors for old versions
   * POP3: fix end of body detection
   * POP3: detect when LIST returns no mails
   * TELNET: improved treatment of options
   * configure: add support for pkg-config detection of libidn
   * CyaSSL 2.0+ library initialization adjustment
   * multi interface: only use non-NULL socker function pointer
   * call opensocket callback properly for active FTP
   * don't call close socket callback for sockets created with accept()
   * differentiate better between host/proxy errors
   * SSH: fix CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5
   * multi: handle timeouts on DNS servers by checking for new sockets
   * CURLOPT_DNS_SERVERS: fix return code
   * POP3: fixed escaped dot not being stripped out
   * OpenSSL: check for the SSLv2 function in configure
   * MakefileBuild: fix the static build
   * create_conn: don't switch to HTTP protocol if tunneling is enabled
   * multi interface: fix block when CONNECT_ONLY option is used
   * Fix connection reuse for TLS upgraded connections
   * multiple file upload with -F and custom type
   * multi interface: active FTP connections are no longer blocking
   * Android build fix
   * timer: restore PRETRANSFER timing
   * libcurl.m4: Fix quoting arguments of AC_LANG_PROGRAM
   * appconnect time fixed for non-blocking connect ssl backends
   * do not include SSL handshake into time spent waiting for 100-continue
   * handle dns cache case insensitive
   * use new host name casing for subsequent HTTP requests
   * CURLOPT_RESOLVE: avoid adding already present host names
   * SFTP mkdir: use correct permission
   * resolve: don't leak pre-populated dns entries
   * --retry: Retry transfers on timeout and DNS errors
   * negotiate with SSPI backend: use the correct buffer for input
   * SFTP dir: increase buffer size counter to avoid cut off file names
   * TFTP: fix resending (again)
   * c-ares: don't include getaddrinfo-using code
   * FTP: CURLE_PARTIAL_FILE will not close the control channel
   * win32-threaded-resolver: stop using a dummy socket
   * OpenSSL: remove reference to openssl internal struct
   * OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option no longer enabled
   * OpenSSL: fix PKCS#12 certificate parsing related memory leak
   * OpenLDAP: fix LDAP connection phase memory leak
   * Telnet: Use correct file descriptor for telnet upload
   * Telnet: Remove bogus optimisation of telnet upload
   * URL parse: user name with ipv6 numerical address
   * polarssl: show cipher suite name correctly with 1.1.0
   * polarssl: havege_rand is not present in version 1.1.0 WARNING, we still use the old API which is said to be
     insecure
   * gnutls: enforced use of SSLv3

Revision 1.109.2.1 / (download) - annotate - [select for diffs], Sat Jan 28 06:26:18 2012 UTC (7 years, 3 months ago) by sbd
Branch: pkgsrc-2011Q4
Changes since 1.109: +2 -1 lines
Diff to previous 1.109 (colored) next main 1.110 (colored)

Pullup ticket #3663 - requested by drochner
www/curl security update

Revisions pulled up:
- www/curl/Makefile                                             1.110
- www/curl/distinfo                                             1.73
- www/curl/patches/patch-ba                                     1.1
- www/curl/patches/patch-bb                                     1.1
- www/curl/patches/patch-bc                                     1.1
- www/curl/patches/patch-bd                                     1.1
- www/curl/patches/patch-be                                     1.1
- www/curl/patches/patch-bf                                     1.1

---
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Thu Jan 26 11:25:55 UTC 2012

   Modified Files:
           pkgsrc/www/curl: Makefile distinfo
   Added Files:
           pkgsrc/www/curl/patches: patch-ba patch-bb patch-bc patch-bd patch-be
               patch-bf

   Log Message:
   add patches from upstream to fix 2 security problems:
   -data injection attack for certain protocols (CVE-2012-0036)
   -SSL CBC IV vulnerability (OpenSSL related, CVE-2011-3389)
   bump PKGREV

Revision 1.110 / (download) - annotate - [select for diffs], Thu Jan 26 11:25:55 2012 UTC (7 years, 3 months ago) by drochner
Branch: MAIN
Changes since 1.109: +2 -1 lines
Diff to previous 1.109 (colored)

add patches from upstream to fix 2 security problems:
-data injection attack for certain protocols (CVE-2012-0036)
-SSL CBC IV vulnerability (OpenSSL related, CVE-2011-3389)
bump PKGREV

Revision 1.109 / (download) - annotate - [select for diffs], Wed Nov 30 20:56:08 2011 UTC (7 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base
Branch point for: pkgsrc-2011Q4
Changes since 1.108: +2 -2 lines
Diff to previous 1.108 (colored)

Update to 7.23.1:

Fixed in 7.23.1 - November 17 2011

Bugfixes:

    Windows: curl would fail if it found no CA cert, unless -k was used. Even if a non-SSL protocol URL was used

Fixed in 7.23.0 - November 15 2011

Changes:

    Empty headers can be sent in HTTP requests by terminating with a semicolon
    SSL session sharing support added to curl_share_setopt()
    Added support to MAIL FROM for the optional SIZE parameter
    smtp: Added support for NTLM authentication
    curl tool: code split into tool_*.[ch] files

Bugfixes:

    handle HTTP redirects to "//hostname/path"
    SMTP without --mail-from caused segfault
    prevent extra progress meter headers between multiple files
    allow Content-Length to be replaced when sending HTTP requests
    curl now always sets postfieldsize to allow --data-binary and --data to be mixed in the same command line
    curl_multi_fdset: avoid FD_SET out of bounds
    lots of MinGW build tweaks
    Curl_gethostname: return un-qualified machine name
    fixed the openssl version number configure check
    nss: certificates from files are no longer looked up by file base names
    returning abort from the progress function when using the multi interface would not properly cancel the transfer and close the connection
    fix libcurl.m4 to not fail with modern gcc versions
    ftp: improved the failed PORT host name resolved error message
    TFTP timeout and unexpected block adjustments
    HTTP and GOPHER test server-side connection closing adjustments
    fix endless loop upon transport connection timeout
    don't clobber errno on failed connect
    typecheck: allow NULL to unset CURLOPT_ERRORBUFFER
    formdata: ack read callback abort
    make --show-error properly position independent
    set the ipv6-connection boolean correctly on connect
    SMTP: fix end-of-body string escaping
    gtls: only call gnutls_transport_set_lowat with HTTP: handle multiple auths in a single WWW-Authenticate line
    curl_multi_fdset: correct fdset with FTP PORT use
    windbuild: fix the static build
    fix builds with GnuTLS version 3
    fix calling of OpenSSL's ERR_remove_state(0)
    HTTP auth: fix proxy Negotiate bug when Negotiate not requested
    ftp PORT: don't hang if bind() fails
    -# would crash on terminals wider than 256 columns

Fixed in 7.22.0 - September 13 2011

Changes:

    Added CURLOPT_GSSAPI_DELEGATION
    Added support for NTLM delegation to Samba's winbind daemon helper ntlm_auth
    Display notes from setup file in testcurl.pl
    BSD-style lwIP TCP/IP stack experimental support on Windows
    OpenSSL: Use SSL_MODE_RELEASE_BUFFERS if available
    --delegation was added to set CURLOPT_GSSAPI_DELEGATION
    nss: start with no database if the selected database is broken
    telnet: allow programatic use on Windows

Bugfixes:

    curl_getdate: detect some illegal dates better
    when sending a request and an error is received before the (entire) request body is sent, stop sending the request and close the connection after having received the entire response. This is equally true if an Expect: 100-continue header was used.
    When using both -J and a single -O with multiple URLs, a missing init could cause a segfault
    -J fixed for escaped quotes
    -J fixed for file names with semicolons
    progress: reset flags at transfer start to avoid wrong CURLINFO_CONTENT_LENGTH_DOWNLOAD
    curl_gssapi: Guard files with HAVE_GSSAPI and rename private header
    silence picky compilers: mark unused parameters
    help output: more gnu like output
    libtests: stop checking for CURLM_CALL_MULTI_PERFORM
    setting a non-HTTP proxy with an environment variable or with CURLOPT_PROXY / --proxy (without specifying CURLOPT_PROXYTYPE) would still make it do proxy-like HTTP requests
    CURLFORM_BUFFER: insert filename as documented (regression)
    SOCKS: fix the connect timeout
    ftp_doing: bail out on error properly while multi interfacing
    improved Content-Encoded decoding error message
    asyn-thread: check for dotted addresses before thread starts
    cmake: find winsock when building on windows
    Curl_retry_request: check return code
    cookies: handle 'secure=' as if it was 'secure'
    tests: break busy loops in tests 502, 555, and 573
    FTP: fix proxy connect race condition with multi interface and SOCKS proxy
    RTSP: GET_PARAMETER requests have a body
    fixed several memory leaks in OOM situations
    bad expire(0) caused multi_socket API to hang
    Avoid ftruncate() static define with mingw64
    mk-ca-bundle.pl: ignore untrusted certs
    builds with PolarSSL 1.0.0

Revision 1.108 / (download) - annotate - [select for diffs], Tue Nov 22 18:40:27 2011 UTC (7 years, 6 months ago) by shattered
Branch: MAIN
Changes since 1.107: +1 -2 lines
Diff to previous 1.107 (colored)

Revert last change per joerg@'s objections.

Revision 1.107 / (download) - annotate - [select for diffs], Sun Nov 20 14:03:40 2011 UTC (7 years, 6 months ago) by shattered
Branch: MAIN
Changes since 1.106: +2 -1 lines
Diff to previous 1.106 (colored)

Avoid deadlock if FETCH_USING is set to wget or curl and we're building
one of them.

Revision 1.106 / (download) - annotate - [select for diffs], Tue Jun 28 10:11:08 2011 UTC (7 years, 10 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.105: +2 -2 lines
Diff to previous 1.105 (colored)

Update curl 7.21.7.

This release includes the following changes:

 o recognize the [protocol]:// prefix in proxy hosts where the protocol is one
   of socks4, socks4a, socks5 or socks5h.
 o Added CURLOPT_CLOSESOCKETFUNCTION and CURLOPT_CLOSESOCKETDATA

This release includes the following bugfixes:

 o SECURITY ADVISORY: inappropriate GSSAPI delegation. Full details at
   http://curl.haxx.se/docs/adv_20110623.html
 o NTLM: work with unicode
 o fix connect with SOCKS proxy when using the multi interface
 o anyauthput.c: stdint.h must not be included unconditionally
 o CMake: improved build
 o SCP/SFTP enable non-blocking earlier
 o GnuTLS handshake: fix timeout
 o cyassl: build without filesystem
 o HTTPS over HTTP proxy using the multi interface
 o speedcheck: invalid timeout event on a reused handle
 o Force connection close for HTTP 200 OK when time condition matched
 o curl_formget: fix FILE * leak
 o configure: improved OpenSSL detection
 o Android build: support gingerbread
 o CURLFORM_STREAM: acknowledge CURLFORM_FILENAME
 o windows build: use correct MS CRT
 o pop3: remove extra space in LIST command

Revision 1.105 / (download) - annotate - [select for diffs], Mon May 2 13:12:41 2011 UTC (8 years ago) by wiz
Branch: MAIN
Changes since 1.104: +2 -3 lines
Diff to previous 1.104 (colored)

Update to 7.21.6:

Fixed in 7.21.6 - April 22 2011

Changes:

    Added --tr-encoding and CURLOPT_TRANSFER_ENCODING

Bugfixes:

    curl-config: fix --version
    curl_easy_setopt.3: CURLOPT_PROXYTYPE clarification
    use HTTPS properly after CONNECT
    SFTP: close file before post quote operations

Fixed in 7.21.5 - April 17 2011

Changes:

    SOCKOPTFUNCTION: callback can say already-connected
    Added --netrc-file
    Added (new) support for cyassl
    TSL-SRP: enabled with OpenSSL
    Added CURLE_NOT_BUILT_IN and CURLE_UNKNOWN_OPTION

Bugfixes:

    nss: avoid memory leak on SSL connection failure
    nss: do not ignore failure of SSL handshake
    multi: better failed connect handling when using FTP, SMTP, POP3 and IMAP
    runtests.pl: fix pid number concatenation that prevented it from killing the correct process at times
    PolarSSL: Return 0 on receiving TLS CLOSE_NOTIFY alert
    curl_easy_setopt.3: Removed wrong reference to CURLOPT_USERPASSWORD
    multi: close connection on timeout
    IMAP in multi mode does SSL connections non-blocking
    honours the --disable-ldaps configure option
    Force setopt constants written by --libcurl to be long
    ssh_connect: treat libssh2 return code better
    SFTP upload could stall the state machine when the multi_socket API was used
    SFTP and SCP could leak memory when used with the multi interface and the connection was closed
    Added missing file to repair the MSVC makefiles
    Fixed detection of recvfrom arguments on Android/bionic
    GSS: handle reuse fix
    transfer: avoid insane conversion of time_t
    nss: do not ignore value of CURLOPT_SSL_VERIFYPEER in certain cases
    SMTP-multi: non-blocking connect
    SFTP-multi: set cselect for sftp and scp to fix "stall" risk
    configure: removed wrongly claimed default paths
    pop3: fixed torture tests to succeed
    symbols-in-versions: many corrections
    if a HTTP request gets retried because the connection was dead, rewind if any data was sent as part of it
    only probe for working ipv6 once and then re-use that info for further requests
    requests that are asked to bound to a local interface/port will no longer wrongly re-use connections that aren't
    libcurl.m4: Add missing quotes in AC_LINK_IFELSE
    progress output: don't print the last update on a separate line
    POP3: the command to send is STLS, not STARTTLS
    POP3: PASS command was not sent after upgrade to TLS
    configure: fix libtool warning
    nss: allow to use multiple client certificates for a single host
    HTTP pipelining: Fix handling of zero-length responses
    Don't list NTLM in curl-config when HTTP is disabled
    curl_easy_setopt.3: CURLOPT_RESOLVE typo version
    OpenSSL: build fine with no-sslv2 versions
    checkconnection: don't call with NULL pointer with RTSP and multi interface
    Borland makefile updates
    configure: libssh2 link fix without pkg-config
    certinfo crash
    CCC crash

Revision 1.104 / (download) - annotate - [select for diffs], Fri Apr 22 13:42:07 2011 UTC (8 years, 1 month ago) by obache
Branch: MAIN
Changes since 1.103: +2 -1 lines
Diff to previous 1.103 (colored)

recursive bump from gettext-lib shlib bump.

Revision 1.103 / (download) - annotate - [select for diffs], Wed Mar 9 19:22:24 2011 UTC (8 years, 2 months ago) by asau
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1
Changes since 1.102: +2 -2 lines
Diff to previous 1.102 (colored)

Update to curl 7.21.4

This release includes the following changes:

 o CURLINFO_FTP_ENTRY_PATH now supports SFTP
 o introduced new framework for unit-testing
 o IDN: use win32 API if told to
 o ares: ask for both IPv4 and IPv6 addresses
 o HTTP: do Negotiate authentication using SSPI on windows
 o Windows build: alternative makefile
 o TLS-SRP: support added when using GnuTLS

This release includes the following bugfixes:

 o SMTP: add brackets for MAIL FROM
 o ossl_seed: no more RAND_screen (on Windows)
 o multi: connect fail => use next IP address
 o use the timeout when using multiple IP addresses similar to how
   the easy interface does it
 o cookies: tricked dotcounter fixed
 o pubkey_show: allocate buffer to fit any-size result
 o Curl_nss_connect: avoid PATH_MAX
 o Curl_do: avoid using stale conn pointer
 o tftpd test server: avoid buffer overflow report from glibc
 o nss: avoid CURLE_OUT_OF_MEMORY given a file name without any slash
 o nss: fix a bug in handling of CURLOPT_CAPATH
 o CMake: Use upstream CheckTypeSize module
 o OpenSSL get_cert_chain: support larger data sets
 o SCP/SFTP transfers: acknowledge speedcheck
 o GnuTLS builds: fix memory leak
 o connect problem: use UDP correctly
 o Borland C++ makefile tweaks
 o OpenSSL: improved error message on SSL_CTX_new failures
 o HTTP: memory leak on multiple Location:
 o ares_query_completed_cb: don't touch invalid data
 o ares: memory leak fix
 o mk-ca-bundle: use new cacert url
 o Curl_gmtime: added a portable gmtime and check for NULL
 o curl.1: typo in -v description
 o CURLOPT_SOCKOPTFUNCTION: return proper error code
 o --keepalive-time: warn if not supported properly
 o file: add support for CURLOPT_TIMECONDITION
 o nss: avoid memory leaks and failure of NSS shutdown
 o multi: fix CURLM_STATE_TOOFAST for multi_socket

Revision 1.102 / (download) - annotate - [select for diffs], Mon Feb 28 14:53:06 2011 UTC (8 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.101: +2 -2 lines
Diff to previous 1.101 (colored)

Reset maintainer for retired developers.

Revision 1.101 / (download) - annotate - [select for diffs], Thu Dec 23 00:23:56 2010 UTC (8 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.100: +2 -2 lines
Diff to previous 1.100 (colored)

Update to 7.21.3:

Changes:

    * Added --noconfigure switch to testcurl.pl
    * Added --xattr option
    * Added CURLOPT_RESOLVE and --resolve
    * Added CURLAUTH_ONLY
    * Added version-check.pl to the examples dir

Bugfixes:

    * check for libcurl features for some command line options
    * Curl_setopt: disallow CURLOPT_USE_SSL without SSL support
    * http_chunks: remove debug output
    * URL-parsing: consider ? a divider
    * SSH: avoid using the libssh2_ prefix
    * SSH: use libssh2_session_handshake() to work on win64
    * ftp: prevent server from hanging on closed data connection
      when stopping a transfer before the end of the full transfer
      (ranges)
    * LDAP: detect non-binary attributes properly
    * ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
    * gnutls->handshake: improved timeout handling
    * security: Pass the right parameter to init
    * krb5: Use GSS_ERROR to check for error
    * TFTP: resend the correct data
    * configure: fix autoconf 2.68 warning: no AC_LANG_SOURCE call detected
    * GnuTLS: now detects socket errors on Windows
    * symbols-in-versions: updated en masse
    * added a couple examples that were missing from the tar ball
    * Curl_send/recv_plain: return errno on failure
    * Curl_wait_for_resolv (for c-ares): correct timeout
    * ossl_connect_common: detect connection re-use
    * configure: Prevent link errors with --librtmp
    * openldap: use remote port in URL passed to ldap_init_fd()
    * url: provide dead_connection flag in Curl_handler::disconnect
    * lots of compiler warning fixes
    * ssh: fix a download resume point calculation
    * fix getinfo CURLINFO_LOCAL* for reused connections
    * multi: the returned running handles conuter could turn negative
    * multi: only ever consider pipelining for connections doing HTTP(S)

Revision 1.100 / (download) - annotate - [select for diffs], Sat Oct 16 23:58:04 2010 UTC (8 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.99: +4 -4 lines
Diff to previous 1.99 (colored)

Update to 7.21.2:

Changes:

    * curl -T: ignore file size of special files
    * Added GOPHER protocol support
    * Added mk-ca-bundle.vbs script
    * c-ares build now requires c-ares >= 1.6.0

Bugfixes:

    * --remote-header-name security vulnerability fixed
    * multi: support the timeouts correctly, fixes known bug #62
    * multi: use timeouts properly for MAX_RECV/SEND_SPEED
    * negotiation: Wrong proxy authorization
    * multi: avoid sending multiple complete messages
    * cmdline: make -F type= accept ;charset=
    * RESUME_FROM: clarify what ftp uploads do
    * http: handle trailer headers in all chunked responses
    * Curl_is_connected: use correct errno
    * Added SSPI build to Watcom makefile
    * progress: callback for POSTs less than MAX_INITIAL_POST_SIZE
    * linking problem on Fedora 13
    * Link curl and the test apps with -lrt explicitly when necessary
    * chunky parser: only rewind stream internally if needed
    * remote-header-name: don't output filename when NULL
    * Curl_timeleft: avoid returning "no timeout" by mistake
    * timeout: use the correct start value as offset
    * FTP: fix wrong timeout trigger
    * buildconf got better output on failures
    * rtsp: avoid SIGSEGV on malformed header
    * LDAP: Support for tunnelling queries through HTTP proxy
    * configure's --enable-werror had a bashism
    * test565: Don't hardcode IP:PORT
    * configure: check for gcrypt if using GnuTLS
    * configure: don't enable RTMP if the lib detect fails
    * curl_easy_duphandle: clone the c-ares handle correctly
    * MacOSX-Framework: updates for Snowleopard
    * support URL containing colon without trailing port number
    * parsedate: allow time specified without seconds
    * curl_easy_escape: don't escape "unreserved" characters
    * SFTP: avoid downloading negative sizes
    * Lots of GSS/KRB FTP fixes
    * TFTP: Work around tftpd-hpa upload bug
    * libcurl.m4: several fixes
    * HTTP: remove special case for 416
    * examples: use example.com in example URLs
    * globbing: fix crash on unballanced open brace
    * cmake: build fixed

Revision 1.99 / (download) - annotate - [select for diffs], Sun Aug 15 11:14:36 2010 UTC (8 years, 9 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3
Changes since 1.98: +2 -2 lines
Diff to previous 1.98 (colored)

update to 7.21.1
changes: bugfixes

Revision 1.98 / (download) - annotate - [select for diffs], Wed Jul 21 17:29:48 2010 UTC (8 years, 10 months ago) by drochner
Branch: MAIN
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)

update to 7.21.0
changes:
added the --proto and -proto-redir options
new configure option --enable-threaded-resolver
improve TELNET ability with libcurl
added support for PolarSSL
added support for FTP wildcard matching and downloads
added support for RTMP
added CURLINFO_PRIMARY_PORT, CURLINFO_LOCAL_IP and CURLINFO_LOCAL_PORT

Revision 1.97 / (download) - annotate - [select for diffs], Fri Apr 2 06:51:31 2010 UTC (9 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.96: +2 -1 lines
Diff to previous 1.96 (colored)

Added PKGCONFIG_OVERRIDE for other packages to build/configure correctly

Revision 1.93.2.1 / (download) - annotate - [select for diffs], Sun Feb 28 23:14:01 2010 UTC (9 years, 2 months ago) by tron
Branch: pkgsrc-2009Q4
Changes since 1.93: +2 -2 lines
Diff to previous 1.93 (colored) next main 1.94 (colored)

Pullup ticket #3026 - requested by spz
curl: security update

Revisions pulled up:
- www/curl/Makefile			1.96
- www/curl/distinfo			1.64
- www/curl/patches/patch-ab		delete
---
Module Name:    pkgsrc
Committed By:   wiz
Date:           Tue Feb 16 12:51:44 UTC 2010

Modified Files:
        pkgsrc/www/curl: Makefile distinfo
Removed Files:
        pkgsrc/www/curl/patches: patch-ab

Log Message:
Update to 7.20.0:

Version 7.20.0 (9 February 2010)

Daniel Stenberg (9 Feb 2010)
- When downloading compressed content over HTTP and the app asked libcurl to
  automatically uncompress it with the CURLOPT_ENCODING option, libcurl could
  wrongly provide the callback with more data than the maximum documented
  amount. An application could thus get tricked into badness if the maximum
  limit was trusted to be enforced by libcurl itself (as it is documented).

  This is further detailed and explained in the libcurl security advisory
  20100209 at

    http://curl.haxx.se/docs/adv_20100209.html

Daniel Fandrich (3 Feb 2010)
- Changed the Watcom makefiles to make them easier to keep in sync with
  Makefile.inc since that can't be included directly.

Yang Tse (2 Feb 2010)
- Symbol CURL_FORMAT_OFF_T now obsoleted, will be removed in a future release,
  symbol will not be available when building with CURL_NO_OLDIES defined. Use
  of CURL_FORMAT_CURL_OFF_T is preferred since 7.19.0

Daniel Stenberg (1 Feb 2010)
- Using the multi_socket API, it turns out at times it seemed to "forget"
  connections (which caused a hang). It turned out to be an existing (7.19.7)
  bug in libcurl (that's been around for a long time) and it happened like
  this:

  The app calls curl_multi_add_handle() to add a new easy handle, libcurl will
  then set it to timeout in 1 millisecond so libcurl will tell the app about
  it.

  The app's timeout fires off that there's a timeout, the app calls libcurl as
  we so often document it:

  do {
   res = curl_multi_socket_action(... TIMEOUT ...);
  } while(CURLM_CALL_MULTI_PERFORM == res);

  And this is the problem number one:

  When curl_multi_socket_action() is called with no specific handle, but only
  a timeout-action, it will *only* perform actions within libcurl that are
  marked to run at this time. In this case, the request would go from INIT to
  CONNECT and return CURLM_CALL_MULTI_PERFORM. When the app then calls libcurl
  again, there's no timer set for this handle so it remains in the CONNECT
  state. The CONNECT state is a transitional state in libcurl so it reports no
  sockets there, and thus libcurl never tells the app anything more about that
  easy handle/connection.

  libcurl _does_ set a 1ms timeout for the handle at the end of
  multi_runsingle() if it returns CURLM_CALL_MULTI_PERFORM, but since the loop
  is instant the new job is not ready to run at that point (and there's no
  code that makes libcurl call the app to update the timout for this new
  timeout). It will simply rely on that some other timeout will trigger later
  on or that something else will update the timeout callback. This makes the
  bug fairly hard to repeat.

  The fix made to adress this issue:

  We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
  simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
  benefit that this goes in line with my long-term wishes to get rid of the
  CURLM_CALL_MULTI_PERFORM all together from the public API.

  The downside of this fix, is that the counter we return in 'running_handles'
  in several of our public functions then gets a slightly new and possibly
  confusing behavior during times:

  If an app adds a handle that fails to connect (very quickly) it may just
  as well never appear as a 'running_handle' with this fix. Previously it
  would first bump the counter only to get it decreased again at next call.
  Even I have used that change in handle counter to signal "end of a
  transfer". The only *good* way to find the end of a individual transfer
  is calling curl_multi_info_read() to see if it returns one.

  Of course, if the app previously did the looping before it checked the
  counter, it really shouldn't be any new effect.

Yang Tse (26 Jan 2010)
- Constantine Sapuntzakis' and Joshua Kwan's work done in the last four months
  relative to the asynchronous DNS lookups, along with with some integration
  adjustments I have done are finally committed to CVS.

  Currently these enhancements will benefit builds done using c-ares on any
  platform as well as Windows builds using the default threaded resolver.

  This release does not make generally available POSIX threaded DNS lookups
  yet. There is no configure option to enable this feature yet. It is possible
  to experimantally try this feature running configure with compiler flags that
  make simultaneous definition of preprocessor symbols USE_THREADS_POSIX and
  HAVE_PTHREAD_H, as well as whatever reentrancy compiler flags and linker ones
  are required to link and properly use pthread_* functions on each platform.

Daniel Stenberg (26 Jan 2010)
- Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
  proxy that cannot be resolved when using c-ares. This matches the behaviour
  when not using c-ares.

Bj
- Added a new flag: -J/--remote-header-name. This option tells the
  -O/--remote-name option to use the server-specified Content-Disposition
  filename instead of extracting a filename from the URL.

Daniel Stenberg (21 Jan 2010)
- Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
  libcurl options for controlling what to get and how to receive posssibly
  interleaved RTP data.

Daniel Stenberg (20 Jan 2010)
- As was pointed out on the http-state mailing list, the order of cookies in a
  HTTP Cookie: header _needs_ to be sorted on the path length in the cases
  where two cookies using the same name are set more than once using
  (overlapping) paths. Realizing this, identically named cookies must be
  sorted correctly. But detecting only identically named cookies and take care
  of them individually is harder than just to blindly and unconditionally sort
  all cookies based on their path lengths. All major browsers also already do
  this, so this makes our behavior one step closer to them in the cookie area.

  Test case 8 was the only one that broke due to this change and I updated it
  accordingly.

Daniel Stenberg (19 Jan 2010)
- David McCreedy brought a fix and a new test case (129) to make libcurl work
  again when downloading files over FTP using ASCII and it turns out that the
  final size of the file is not the same as the initial size the server
  reported. This is very common since servers don't take the newline
  conversions into account.

Kamil Dudka (14 Jan 2010)
- Suppressed side effect of OpenSSL configure checks, which prevented NSS from
  being properly detected under certain circumstances. It had been caused by
  strange behavior of pkg-config when handling PKG_CONFIG_LIBDIR. pkg-config
  distinguishes among empty and non-existent environment variable in that case.

Daniel Stenberg (12 Jan 2010)
- Gil Weber reported a peculiar flaw with the multi interface when doing SFTP
  transfers: curl_multi_fdset() would return -1 and not set and file
  descriptors several times during a transfer of a single file. It turned out
  to be due to two different flaws now fixed. Gil's excellent recipe helped me
  nail this.

Daniel Stenberg (11 Jan 2010)
- Made sure that the progress callback is repeatedly called at a regular
  interval even during very slow connects.

- The tests/runtests.pl script now checks to see if the test case that runs is
  present in the tests/data/Makefile.am and outputs a notice message on the
  screen if not. Each test file has to be included in that Makefile.am to get
  included in release archives and forgetting to add files there is a common
  mistake. This is an attempt to make it harder to forget.

Daniel Stenberg (9 Jan 2010)
- Johan van Selst found and fixed a OpenSSL session ref count leak:

  ossl_connect_step3() increments an SSL session handle reference counter on
  each call. When sessions are re-used this reference counter may be
  incremented many times, but it will be decremented only once when done (by
  Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
  if this reference count remains positive. When a session is re-used the
  reference counter should be corrected by explicitly calling
  SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
  introducing a memory leak.

  (http://curl.haxx.se/bug/view.cgi?id=2926284)

Daniel Stenberg (7 Jan 2010)
- Make sure the progress callback is called repeatedly even during very slow
  name resolves when c-ares is used for resolving.

Claes Jakobsson (6 Jan 2010)
- Julien Chaffraix fixed so that the fragment part in an URL is not sent
  to the server anymore.

Kamil Dudka (3 Jan 2010)
- Julien Chaffraix eliminated a duplicated initialization in singlesocket().

Daniel Stenberg (2 Jan 2010)
- Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
  versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
  control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
  option names are still working but the new ones are the ones listed and
  documented.

Daniel Stenberg (1 Jan 2010)
- Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
  command is a special "hack" used by the drftpd server, but even though it is
  a custom extension I've deemed it fine to add to libcurl since this server
  seems to survive and people keep using it and want libcurl to support
  it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  usable from the curl tool with --ftp-pret. Using this option on a server
  that doesn't support this command will make libcurl fail.

  I added test cases 1107 and 1108 to verify the functionality.

  The PRET command is documented at
  http://www.drftpd.org/index.php/Distributed_PASV

Yang Tse (30 Dec 2009)
- Steven M. Schweda improved VMS build system, and Craig A. Berry helped
  with the patch and testing.

Daniel Stenberg (26 Dec 2009)
- Renato Botelho and Peter Pentchev brought a patch that makes the libcurl
  headers work correctly even on FreeBSD systems before v8.

  (http://curl.haxx.se/bug/view.cgi?id=2916915)

Daniel Stenberg (17 Dec 2009)
- David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
  available.

- Follow-up fix for the proxy fix I did for Jon Nelson's bug. It turned out I
  was a bit too quick and broke test case 1101 with that change. The order of
  some of the setups is sensitive. I now changed it slightly again to make
  sure we do them in this order:

  1 - parse URL and figure out what protocol is used in the URL
  2 - prepend protocol:// to URL if missing
  3 - parse name+password off URL, which needs to know what protocol is used
      (since only some allows for name+password in the URL)
  4 - figure out if a proxy should be used set by an option
  5 - if no proxy option, check proxy environment variables
  6 - run the protocol-specific setup function, which needs to have the proxy
      already set

Daniel Stenberg (15 Dec 2009)
- Jon Nelson found a regression that turned out to be a flaw in how libcurl
  detects and uses proxies based on the environment variables. If the proxy
  was given as an explicit option it worked, but due to the setup order
  mistake proxies would not be used fine for a few protocols when picked up
  from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
  test case 1106 that verifies this functionality.

  (http://curl.haxx.se/bug/view.cgi?id=2913886)

Daniel Stenberg (12 Dec 2009)
- IMAP, POP3 and SMTP support and their TLS versions (including IMAPS, POP3S
  and SMTPS) are now supported. The current state may not yet be solid, but
  the foundation is in place and the test suite has some initial support for
  these protocols. Work will now persue to make them nice libcurl citizens
  until release.

  The work with supporting these new protocols was sponsored by
  networking4all.com - thanks!

Daniel Stenberg (10 Dec 2009)
- Siegfried Gyuricsko found out that the curl manual said --retry would retry
  on FTP errors in the transient 5xx range. Transient FTP errors are in the
  4xx range. The code itself only tried on 5xx errors that occured _at login_.
  Now the retry code retries on all FTP transfer failures that ended with a
  4xx response.

  (http://curl.haxx.se/bug/view.cgi?id=2911279)

- Constantine Sapuntzakis figured out a case which would lead to libcurl
  accessing alredy freed memory and thus crash when using HTTPS (with
  OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
  of cleaning things up. I fixed it.

  (http://curl.haxx.se/bug/view.cgi?id=2905220)

Daniel Stenberg (7 Dec 2009)
- Martin Storsjo made libcurl use the Expect: 100-continue header for posts
  with unknown size. Previously it was only used for posts with a known size
  larger than 1024 bytes.

Daniel Stenberg (1 Dec 2009)
- If the Expect: 100-continue header has been set by the application through
  curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
  data->state.expect100header accordingly - the current code (in 7.19.7 at
  least) doesn't handle this properly. Martin Storsjo provided the fix!

Yang Tse (28 Nov 2009)
- Added Diffie-Hellman parameters to several test harness certificate files in
  PEM format. Required by several stunnel versions used by our test harness.

Daniel Stenberg (28 Nov 2009)
- Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
  rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.

Daniel Stenberg (26 Nov 2009)
- Extended and fixed the change I did on Dec 11 for the the progress
  meter/callback during FTP command/response sequences. It turned out it was
  really lame before and now the progress meter SHOULD get called at least
  once per second.

Daniel Stenberg (23 Nov 2009)
- Bjorn Augustsson reported a bug which made curl not report any problems even
  though it failed to write a very small download to disk (done in a single
  fwrite call). It turned out to be because fwrite() returned success, but
  there was insufficient error-checking for the fclose() call which tricked
  curl to believe things were fine.

Yang Tse (23 Nov 2009)
- David Byron modified Makefile.dist vc8 and vc9 targets in order to allow
  finer granularity control when generating src and lib makefiles.

Yang Tse (22 Nov 2009)
- I modified configure to force removal of the curlbuild.h file included in
  distribution tarballs for use by non-configure systems. As intended, this
  would get overwriten when doing in-tree builds. But VPATH builds would end
  having two curlbuild.h files, one in the source tree and another in the
  build tree. With the modification I introduced 5 Nov 2009 this could become
  an issue when running libcurl's test suite.

Daniel Stenberg (20 Nov 2009)
- Constantine Sapuntzakis identified a write after close, as the sockets were
  closed by libcurl before the SSL lib were shutdown and they may write to its
  socket. Detected to at least happen with OpenSSL builds.

- Jad Chamcham pointed out a bug with connection re-use. If a connection had
  CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
  same proxy with the tunnel option disabled would still wrongly re-use that
  previous connection and the outcome would only be badness.

Yang Tse (18 Nov 2009)
- I modified the memory tracking system to make it intolerant with zero sized
  malloc(), calloc() and realloc() function calls.

Daniel Stenberg (17 Nov 2009)
- Constantine Sapuntzakis provided another fix for the DNS cache that could
  end up with entries that wouldn't time-out:

  1. Set up a first web server that redirects (307) to a http://server:port
     that's down
  2. Have curl connect to the first web server using curl multi

  After the curl_easy_cleanup call, there will be curl dns entries hanging
  around with in_use != 0.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)

- Marc Kleine-Budde fixed: curl saved the LDFLAGS set during configure into
  its pkg-config file.  So -Wl stuff ended up in the .pc file, which is really
  bad, and breaks if there are multiple -Wl in our LDFLAGS (which are in
  PTXdist). bug #2893592 (http://curl.haxx.se/bug/view.cgi?id=2893592)

Kamil Dudka (15 Nov 2009)
- David Byron improved the configure script to use pkg-config to find OpenSSL
  (and in particular the list of required libraries) even if a path is given
  as argument to --with-ssl

Yang Tse (15 Nov 2009)
- I removed enable-thread / disable-thread configure option. These were only
  placebo options. The library is always built as thread safe as possible on
  every system.

Claes Jakobsson (14 Nov 2009)
- curl-config now accepts '--configure' to see what arguments was
  passed to the configure script when building curl.

Daniel Stenberg (14 Nov 2009)
- Claes Jakobsson restored the configure functionality to detect NSS when
  --with-nss is set but not "yes".

  I think we can still improve that to check for pkg-config in that path etc,
  but at least this patch brings back the same functionality we had before.

- Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
  the client certificate. It also disable the key name test as some engines
  can select a private key/cert automatically (When there is only one key
  and/or certificate on the hardware device used by the engine)

Yang Tse (14 Nov 2009)
- Constantine Sapuntzakis provided the fix that ensures that an SSL connection
  won't be reused unless protection level for peer and host verification match.

  I refactored how preprocessor symbol _THREAD_SAFE definition is done.

Kamil Dudka (12 Nov 2009)
- Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
  closed NSPR descriptor. The issue was hard to find, reported several times
  before and always closed unresolved. More info at the RH bug:
  https://bugzilla.redhat.com/534176

- libcurl-NSS now tries to reconnect with TLS disabled in case it detects
  a broken TLS server. However it does not happen if SSL version is selected
  manually. The approach was originally taken from PSM. Kaspar Brand helped me
  to complete the patch. Original bug reports:
  https://bugzilla.redhat.com/525496
  https://bugzilla.redhat.com/527771

Yang Tse (12 Nov 2009)
- I modified configure script to make the getaddrinfo function check also
  verify if the function is thread safe.

Yang Tse (11 Nov 2009)
- Marco Maggi reported that compilation failed when configured --with-gssapi
  and GNU GSS installed due to a missing mutual exclusion of header files in
  the Kerberos 5 code path. He also verified that my patch worked for him.

Daniel Stenberg (11 Nov 2009)
- Constantine Sapuntzakis posted bug #2891595
  (http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
  in the DNS cache would linger too long if the request that added it was in
  use that long. He also provided the patch that now makes libcurl capable of
  still doing a request while the DNS hash entry may get timed out.

- Christian Schmitz noticed that the progress meter/callback was not properly
  used during the FTP connection phase (after the actual TCP connect), while
  it of course should be. I also made the speed check get called correctly so
  that really slow servers will trigger that properly too.

Kamil Dudka (5 Nov 2009)
- Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
  in non-blocking mode.

Yang Tse (5 Nov 2009)
- I removed leading 'curl' path on the 'curlbuild.h' include statement in
  curl.h, adjusting auto-makefiles include path, to enhance portability to
  OS's without an orthogonal directory tree structure such as OS/400.

Daniel Stenberg (4 Nov 2009)
- I fixed several problems with the transfer progress meter. It showed the
  wrong percentage for small files, most notable for <1000 bytes and could
  easily end up showing more than 100% at the end. It also didn't show any
  percentage, transfer size or estimated transfer times when transferring
  less than 100 bytes.

Revision 1.96 / (download) - annotate - [select for diffs], Tue Feb 16 12:51:43 2010 UTC (9 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.95: +2 -3 lines
Diff to previous 1.95 (colored)

Update to 7.20.0:

Version 7.20.0 (9 February 2010)

Daniel Stenberg (9 Feb 2010)
- When downloading compressed content over HTTP and the app asked libcurl to
  automatically uncompress it with the CURLOPT_ENCODING option, libcurl could
  wrongly provide the callback with more data than the maximum documented
  amount. An application could thus get tricked into badness if the maximum
  limit was trusted to be enforced by libcurl itself (as it is documented).

  This is further detailed and explained in the libcurl security advisory
  20100209 at

    http://curl.haxx.se/docs/adv_20100209.html

Daniel Fandrich (3 Feb 2010)
- Changed the Watcom makefiles to make them easier to keep in sync with
  Makefile.inc since that can't be included directly.

Yang Tse (2 Feb 2010)
- Symbol CURL_FORMAT_OFF_T now obsoleted, will be removed in a future release,
  symbol will not be available when building with CURL_NO_OLDIES defined. Use
  of CURL_FORMAT_CURL_OFF_T is preferred since 7.19.0

Daniel Stenberg (1 Feb 2010)
- Using the multi_socket API, it turns out at times it seemed to "forget"
  connections (which caused a hang). It turned out to be an existing (7.19.7)
  bug in libcurl (that's been around for a long time) and it happened like
  this:

  The app calls curl_multi_add_handle() to add a new easy handle, libcurl will
  then set it to timeout in 1 millisecond so libcurl will tell the app about
  it.

  The app's timeout fires off that there's a timeout, the app calls libcurl as
  we so often document it:

  do {
   res = curl_multi_socket_action(... TIMEOUT ...);
  } while(CURLM_CALL_MULTI_PERFORM == res);

  And this is the problem number one:

  When curl_multi_socket_action() is called with no specific handle, but only
  a timeout-action, it will *only* perform actions within libcurl that are
  marked to run at this time. In this case, the request would go from INIT to
  CONNECT and return CURLM_CALL_MULTI_PERFORM. When the app then calls libcurl
  again, there's no timer set for this handle so it remains in the CONNECT
  state. The CONNECT state is a transitional state in libcurl so it reports no
  sockets there, and thus libcurl never tells the app anything more about that
  easy handle/connection.

  libcurl _does_ set a 1ms timeout for the handle at the end of
  multi_runsingle() if it returns CURLM_CALL_MULTI_PERFORM, but since the loop
  is instant the new job is not ready to run at that point (and there's no
  code that makes libcurl call the app to update the timout for this new
  timeout). It will simply rely on that some other timeout will trigger later
  on or that something else will update the timeout callback. This makes the
  bug fairly hard to repeat.

  The fix made to adress this issue:

  We introduce a loop in lib/multi.c around all calls to multi_runsingle() and
  simply check for CURLM_CALL_MULTI_PERFORM internally. This has the added
  benefit that this goes in line with my long-term wishes to get rid of the
  CURLM_CALL_MULTI_PERFORM all together from the public API.

  The downside of this fix, is that the counter we return in 'running_handles'
  in several of our public functions then gets a slightly new and possibly
  confusing behavior during times:

  If an app adds a handle that fails to connect (very quickly) it may just
  as well never appear as a 'running_handle' with this fix. Previously it
  would first bump the counter only to get it decreased again at next call.
  Even I have used that change in handle counter to signal "end of a
  transfer". The only *good* way to find the end of a individual transfer
  is calling curl_multi_info_read() to see if it returns one.

  Of course, if the app previously did the looping before it checked the
  counter, it really shouldn't be any new effect.

Yang Tse (26 Jan 2010)
- Constantine Sapuntzakis' and Joshua Kwan's work done in the last four months
  relative to the asynchronous DNS lookups, along with with some integration
  adjustments I have done are finally committed to CVS.

  Currently these enhancements will benefit builds done using c-ares on any
  platform as well as Windows builds using the default threaded resolver.

  This release does not make generally available POSIX threaded DNS lookups
  yet. There is no configure option to enable this feature yet. It is possible
  to experimantally try this feature running configure with compiler flags that
  make simultaneous definition of preprocessor symbols USE_THREADS_POSIX and
  HAVE_PTHREAD_H, as well as whatever reentrancy compiler flags and linker ones
  are required to link and properly use pthread_* functions on each platform.

Daniel Stenberg (26 Jan 2010)
- Mike Crowe made libcurl return CURLE_COULDNT_RESOLVE_PROXY when it is the
  proxy that cannot be resolved when using c-ares. This matches the behaviour
  when not using c-ares.

Bj
- Added a new flag: -J/--remote-header-name. This option tells the
  -O/--remote-name option to use the server-specified Content-Disposition
  filename instead of extracting a filename from the URL.

Daniel Stenberg (21 Jan 2010)
- Chris Conroy brought support for RTSP transfers, and with it comes 8(!) new
  libcurl options for controlling what to get and how to receive posssibly
  interleaved RTP data.

Daniel Stenberg (20 Jan 2010)
- As was pointed out on the http-state mailing list, the order of cookies in a
  HTTP Cookie: header _needs_ to be sorted on the path length in the cases
  where two cookies using the same name are set more than once using
  (overlapping) paths. Realizing this, identically named cookies must be
  sorted correctly. But detecting only identically named cookies and take care
  of them individually is harder than just to blindly and unconditionally sort
  all cookies based on their path lengths. All major browsers also already do
  this, so this makes our behavior one step closer to them in the cookie area.

  Test case 8 was the only one that broke due to this change and I updated it
  accordingly.

Daniel Stenberg (19 Jan 2010)
- David McCreedy brought a fix and a new test case (129) to make libcurl work
  again when downloading files over FTP using ASCII and it turns out that the
  final size of the file is not the same as the initial size the server
  reported. This is very common since servers don't take the newline
  conversions into account.

Kamil Dudka (14 Jan 2010)
- Suppressed side effect of OpenSSL configure checks, which prevented NSS from
  being properly detected under certain circumstances. It had been caused by
  strange behavior of pkg-config when handling PKG_CONFIG_LIBDIR. pkg-config
  distinguishes among empty and non-existent environment variable in that case.

Daniel Stenberg (12 Jan 2010)
- Gil Weber reported a peculiar flaw with the multi interface when doing SFTP
  transfers: curl_multi_fdset() would return -1 and not set and file
  descriptors several times during a transfer of a single file. It turned out
  to be due to two different flaws now fixed. Gil's excellent recipe helped me
  nail this.

Daniel Stenberg (11 Jan 2010)
- Made sure that the progress callback is repeatedly called at a regular
  interval even during very slow connects.

- The tests/runtests.pl script now checks to see if the test case that runs is
  present in the tests/data/Makefile.am and outputs a notice message on the
  screen if not. Each test file has to be included in that Makefile.am to get
  included in release archives and forgetting to add files there is a common
  mistake. This is an attempt to make it harder to forget.

Daniel Stenberg (9 Jan 2010)
- Johan van Selst found and fixed a OpenSSL session ref count leak:

  ossl_connect_step3() increments an SSL session handle reference counter on
  each call. When sessions are re-used this reference counter may be
  incremented many times, but it will be decremented only once when done (by
  Curl_ossl_session_free()); and the internal OpenSSL data will not be freed
  if this reference count remains positive. When a session is re-used the
  reference counter should be corrected by explicitly calling
  SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid
  introducing a memory leak.

  (http://curl.haxx.se/bug/view.cgi?id=2926284)

Daniel Stenberg (7 Jan 2010)
- Make sure the progress callback is called repeatedly even during very slow
  name resolves when c-ares is used for resolving.

Claes Jakobsson (6 Jan 2010)
- Julien Chaffraix fixed so that the fragment part in an URL is not sent
  to the server anymore.

Kamil Dudka (3 Jan 2010)
- Julien Chaffraix eliminated a duplicated initialization in singlesocket().

Daniel Stenberg (2 Jan 2010)
- Make curl support --ssl and --ssl-reqd instead of the previous FTP-specific
  versions --ftp-ssl and --ftp-ssl-reqd as these options are now used to
  control SSL/TLS for IMAP, POP3 and SMTP as well in addition to FTP. The old
  option names are still working but the new ones are the ones listed and
  documented.

Daniel Stenberg (1 Jan 2010)
- Ingmar Runge enhanced libcurl's FTP engine to support the PRET command. This
  command is a special "hack" used by the drftpd server, but even though it is
  a custom extension I've deemed it fine to add to libcurl since this server
  seems to survive and people keep using it and want libcurl to support
  it. The new libcurl option is named CURLOPT_FTP_USE_PRET, and it is also
  usable from the curl tool with --ftp-pret. Using this option on a server
  that doesn't support this command will make libcurl fail.

  I added test cases 1107 and 1108 to verify the functionality.

  The PRET command is documented at
  http://www.drftpd.org/index.php/Distributed_PASV

Yang Tse (30 Dec 2009)
- Steven M. Schweda improved VMS build system, and Craig A. Berry helped
  with the patch and testing.

Daniel Stenberg (26 Dec 2009)
- Renato Botelho and Peter Pentchev brought a patch that makes the libcurl
  headers work correctly even on FreeBSD systems before v8.

  (http://curl.haxx.se/bug/view.cgi?id=2916915)

Daniel Stenberg (17 Dec 2009)
- David Byron fixed Curl_ossl_cleanup to actually call ENGINE_cleanup when
  available.

- Follow-up fix for the proxy fix I did for Jon Nelson's bug. It turned out I
  was a bit too quick and broke test case 1101 with that change. The order of
  some of the setups is sensitive. I now changed it slightly again to make
  sure we do them in this order:

  1 - parse URL and figure out what protocol is used in the URL
  2 - prepend protocol:// to URL if missing
  3 - parse name+password off URL, which needs to know what protocol is used
      (since only some allows for name+password in the URL)
  4 - figure out if a proxy should be used set by an option
  5 - if no proxy option, check proxy environment variables
  6 - run the protocol-specific setup function, which needs to have the proxy
      already set

Daniel Stenberg (15 Dec 2009)
- Jon Nelson found a regression that turned out to be a flaw in how libcurl
  detects and uses proxies based on the environment variables. If the proxy
  was given as an explicit option it worked, but due to the setup order
  mistake proxies would not be used fine for a few protocols when picked up
  from '[protocol]_proxy'. Obviously this broke after 7.19.4. I now also added
  test case 1106 that verifies this functionality.

  (http://curl.haxx.se/bug/view.cgi?id=2913886)

Daniel Stenberg (12 Dec 2009)
- IMAP, POP3 and SMTP support and their TLS versions (including IMAPS, POP3S
  and SMTPS) are now supported. The current state may not yet be solid, but
  the foundation is in place and the test suite has some initial support for
  these protocols. Work will now persue to make them nice libcurl citizens
  until release.

  The work with supporting these new protocols was sponsored by
  networking4all.com - thanks!

Daniel Stenberg (10 Dec 2009)
- Siegfried Gyuricsko found out that the curl manual said --retry would retry
  on FTP errors in the transient 5xx range. Transient FTP errors are in the
  4xx range. The code itself only tried on 5xx errors that occured _at login_.
  Now the retry code retries on all FTP transfer failures that ended with a
  4xx response.

  (http://curl.haxx.se/bug/view.cgi?id=2911279)

- Constantine Sapuntzakis figured out a case which would lead to libcurl
  accessing alredy freed memory and thus crash when using HTTPS (with
  OpenSSL), multi interface and the CURLOPT_DEBUGFUNCTION and a certain order
  of cleaning things up. I fixed it.

  (http://curl.haxx.se/bug/view.cgi?id=2905220)

Daniel Stenberg (7 Dec 2009)
- Martin Storsjo made libcurl use the Expect: 100-continue header for posts
  with unknown size. Previously it was only used for posts with a known size
  larger than 1024 bytes.

Daniel Stenberg (1 Dec 2009)
- If the Expect: 100-continue header has been set by the application through
  curl_easy_setopt with CURLOPT_HTTPHEADER, the library should set
  data->state.expect100header accordingly - the current code (in 7.19.7 at
  least) doesn't handle this properly. Martin Storsjo provided the fix!

Yang Tse (28 Nov 2009)
- Added Diffie-Hellman parameters to several test harness certificate files in
  PEM format. Required by several stunnel versions used by our test harness.

Daniel Stenberg (28 Nov 2009)
- Markus Koetter provided a polished and updated version of Chad Monroe's TFTP
  rework patch that now integrates TFTP properly into libcurl so that it can
  be used non-blocking with the multi interface and more. BLKSIZE also works.

  The --tftp-blksize option was added to allow setting the TFTP BLKSIZE from
  the command line.

Daniel Stenberg (26 Nov 2009)
- Extended and fixed the change I did on Dec 11 for the the progress
  meter/callback during FTP command/response sequences. It turned out it was
  really lame before and now the progress meter SHOULD get called at least
  once per second.

Daniel Stenberg (23 Nov 2009)
- Bjorn Augustsson reported a bug which made curl not report any problems even
  though it failed to write a very small download to disk (done in a single
  fwrite call). It turned out to be because fwrite() returned success, but
  there was insufficient error-checking for the fclose() call which tricked
  curl to believe things were fine.

Yang Tse (23 Nov 2009)
- David Byron modified Makefile.dist vc8 and vc9 targets in order to allow
  finer granularity control when generating src and lib makefiles.

Yang Tse (22 Nov 2009)
- I modified configure to force removal of the curlbuild.h file included in
  distribution tarballs for use by non-configure systems. As intended, this
  would get overwriten when doing in-tree builds. But VPATH builds would end
  having two curlbuild.h files, one in the source tree and another in the
  build tree. With the modification I introduced 5 Nov 2009 this could become
  an issue when running libcurl's test suite.

Daniel Stenberg (20 Nov 2009)
- Constantine Sapuntzakis identified a write after close, as the sockets were
  closed by libcurl before the SSL lib were shutdown and they may write to its
  socket. Detected to at least happen with OpenSSL builds.

- Jad Chamcham pointed out a bug with connection re-use. If a connection had
  CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the
  same proxy with the tunnel option disabled would still wrongly re-use that
  previous connection and the outcome would only be badness.

Yang Tse (18 Nov 2009)
- I modified the memory tracking system to make it intolerant with zero sized
  malloc(), calloc() and realloc() function calls.

Daniel Stenberg (17 Nov 2009)
- Constantine Sapuntzakis provided another fix for the DNS cache that could
  end up with entries that wouldn't time-out:

  1. Set up a first web server that redirects (307) to a http://server:port
     that's down
  2. Have curl connect to the first web server using curl multi

  After the curl_easy_cleanup call, there will be curl dns entries hanging
  around with in_use != 0.

  (http://curl.haxx.se/bug/view.cgi?id=2891591)

- Marc Kleine-Budde fixed: curl saved the LDFLAGS set during configure into
  its pkg-config file.  So -Wl stuff ended up in the .pc file, which is really
  bad, and breaks if there are multiple -Wl in our LDFLAGS (which are in
  PTXdist). bug #2893592 (http://curl.haxx.se/bug/view.cgi?id=2893592)

Kamil Dudka (15 Nov 2009)
- David Byron improved the configure script to use pkg-config to find OpenSSL
  (and in particular the list of required libraries) even if a path is given
  as argument to --with-ssl

Yang Tse (15 Nov 2009)
- I removed enable-thread / disable-thread configure option. These were only
  placebo options. The library is always built as thread safe as possible on
  every system.

Claes Jakobsson (14 Nov 2009)
- curl-config now accepts '--configure' to see what arguments was
  passed to the configure script when building curl.

Daniel Stenberg (14 Nov 2009)
- Claes Jakobsson restored the configure functionality to detect NSS when
  --with-nss is set but not "yes".

  I think we can still improve that to check for pkg-config in that path etc,
  but at least this patch brings back the same functionality we had before.

- Camille Moncelier added support for the file type SSL_FILETYPE_ENGINE for
  the client certificate. It also disable the key name test as some engines
  can select a private key/cert automatically (When there is only one key
  and/or certificate on the hardware device used by the engine)

Yang Tse (14 Nov 2009)
- Constantine Sapuntzakis provided the fix that ensures that an SSL connection
  won't be reused unless protection level for peer and host verification match.

  I refactored how preprocessor symbol _THREAD_SAFE definition is done.

Kamil Dudka (12 Nov 2009)
- Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly
  closed NSPR descriptor. The issue was hard to find, reported several times
  before and always closed unresolved. More info at the RH bug:
  https://bugzilla.redhat.com/534176

- libcurl-NSS now tries to reconnect with TLS disabled in case it detects
  a broken TLS server. However it does not happen if SSL version is selected
  manually. The approach was originally taken from PSM. Kaspar Brand helped me
  to complete the patch. Original bug reports:
  https://bugzilla.redhat.com/525496
  https://bugzilla.redhat.com/527771

Yang Tse (12 Nov 2009)
- I modified configure script to make the getaddrinfo function check also
  verify if the function is thread safe.

Yang Tse (11 Nov 2009)
- Marco Maggi reported that compilation failed when configured --with-gssapi
  and GNU GSS installed due to a missing mutual exclusion of header files in
  the Kerberos 5 code path. He also verified that my patch worked for him.

Daniel Stenberg (11 Nov 2009)
- Constantine Sapuntzakis posted bug #2891595
  (http://curl.haxx.se/bug/view.cgi?id=2891595) which identified how an entry
  in the DNS cache would linger too long if the request that added it was in
  use that long. He also provided the patch that now makes libcurl capable of
  still doing a request while the DNS hash entry may get timed out.

- Christian Schmitz noticed that the progress meter/callback was not properly
  used during the FTP connection phase (after the actual TCP connect), while
  it of course should be. I also made the speed check get called correctly so
  that really slow servers will trigger that properly too.

Kamil Dudka (5 Nov 2009)
- Dropped misleading timeouts in libcurl-NSS and made sure the SSL socket works
  in non-blocking mode.

Yang Tse (5 Nov 2009)
- I removed leading 'curl' path on the 'curlbuild.h' include statement in
  curl.h, adjusting auto-makefiles include path, to enhance portability to
  OS's without an orthogonal directory tree structure such as OS/400.

Daniel Stenberg (4 Nov 2009)
- I fixed several problems with the transfer progress meter. It showed the
  wrong percentage for small files, most notable for <1000 bytes and could
  easily end up showing more than 100% at the end. It also didn't show any
  percentage, transfer size or estimated transfer times when transferring
  less than 100 bytes.

Revision 1.95 / (download) - annotate - [select for diffs], Tue Feb 9 16:05:38 2010 UTC (9 years, 3 months ago) by drochner
Branch: MAIN
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)

add a patch from upstream to fix "data callback excessive length"
which is security critical

Revision 1.94 / (download) - annotate - [select for diffs], Sun Jan 17 12:02:48 2010 UTC (9 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.93: +2 -1 lines
Diff to previous 1.93 (colored)

Recursive PKGREVISION bump for jpeg update to 8.

Revision 1.93 / (download) - annotate - [select for diffs], Sun Nov 15 20:09:48 2009 UTC (9 years, 6 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base
Branch point for: pkgsrc-2009Q4
Changes since 1.92: +2 -3 lines
Diff to previous 1.92 (colored)

update to 7.19.7
changes:
--T. is now for non-blocking uploading from stdin
-SYST handling on FTP for OS/400 FTP server cases
-libcurl refuses to read a single HTTP header longer than 100K
-added the --crlfile option to curl
+bugfices

Revision 1.92 / (download) - annotate - [select for diffs], Mon Oct 26 10:39:05 2009 UTC (9 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.91: +3 -1 lines
Diff to previous 1.91 (colored)

Set default path for CA certificates. Bump PKGREVISION.

From Matthias Pfaller.

Revision 1.90.2.1 / (download) - annotate - [select for diffs], Fri Aug 28 12:35:45 2009 UTC (9 years, 8 months ago) by tron
Branch: pkgsrc-2009Q2
Changes since 1.90: +2 -2 lines
Diff to previous 1.90 (colored) next main 1.91 (colored)

Pullup ticket #2877 - requested by wiz
curl: security update

Revisions pulled up:
- www/curl/Makefile			1.91
- www/curl/distinfo			1.60
---
Module Name:	pkgsrc
Committed By:	wiz
Date:		Sun Aug 16 13:47:35 UTC 2009

Modified Files:
	pkgsrc/www/curl: Makefile distinfo

Log Message:
Update to 7.19.6:

Version 7.19.6 (12 August 2009)

Daniel Stenberg (12 Aug 2009)
- Carsten Lange reported a bug and provided a patch for TFTP upload and the
  sending of the TSIZE option. I don't like fixing bugs just hours before
  a release, but since it was broken and the patch fixes this for him I decided
  to get it in anyway.

Daniel Stenberg (11 Aug 2009)
- Peter Sylvester made the HTTPS test server use specific certificates for
  each test, so that the test suite can now be used to actually test the
  verification of cert names etc. This made an error show up in the OpenSSL-
  specific code where it would attempt to match the CN field even if a
  subjectAltName exists that doesn't match. This is now fixed and verified
  in test 311.

- Benbuck Nason posted the bug report #2835196
  (http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
  warnings when mixing ints and bools.

Daniel Fandrich (10 Aug 2009)
- Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow.

Daniel Fandrich (9 Aug 2009)
- Fixed some memory leaks in the command-line tool that caused most of the
  torture tests to fail.

Daniel Stenberg (2 Aug 2009)
- Curt Bogmine reported a problem with SNI enabled on a particular server. We
  should introduce an option to disable SNI, but as we're in feature freeze
  now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
  shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
  Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
  option for SNI, or are we simply not using it?

Daniel Stenberg (1 Aug 2009)
- Scott Cantor posted the bug report #2829955
  (http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
  verification flaw found and exploited by Moxie Marlinspike. The presentation
  he did at Black Hat is available here:
  https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike

  Apparently at least one CA allowed a subjectAltName or CN that contain a
  zero byte, and thus clients that assumed they would never have zero bytes
  were exploited to OK a certificate that didn't actually match the site. Like
  if the name in the cert was "example.com\0theatualsite.com", libcurl would
  happily verify that cert for example.com.

  libcurl now better uses the length of the extracted name, not using the zero
  termination for getting the string length.

  This fixing only made and needed in OpenSSL interfacing code.

- Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
  only in some OpenSSL installs - like on Windows) isn't thread-safe and we
  agreed that moving it to the global_init() function is a decent way to deal
  with this situation.

- Alexander Beedie provided the patch for a noproxy problem: If I have set
  CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
  could still end up using a proxy if a proxy environment variable was set.

Daniel Stenberg (27 Jul 2009)
- All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
  CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
  send when using FTP, as a sign that libcurl shall simply ignore the response
  from the server instead of treating it as an error. Not treating a 400+ FTP
  response code as an error means that failed commands will not abort the
  chain of commands, nor will they cause the connection to get disconnected.

Daniel Stenberg (26 Jul 2009)
- Johan van Selst posted bug report #2825989
  (http://curl.haxx.se/bug/view.cgi?id=2825989) pointing out that
  OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm, and
  provided the solution too: to use OpenSSL_add_all_algorithms() in addition
  to the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
  OpenSSL 0.9.5

Daniel Stenberg (23 Jul 2009)
- Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
  They introduce known_host support for SSH keys to libcurl. See docs for
  details. Note that this feature depends on a new enough libssh2 version, to
  be supported in libssh2 1.2 and later (or current git repo at this time).

Michal Marek (22 Jul 2009)
- David Binderman found a memory and fd leak in lib/gtls.c:load_file()
  (https://bugzilla.novell.com/523919). When looking at the code, I found that
  also the ptr pointer can leak.

Kamil Dudka (20 Jul 2009)
- Claes Jakobsson improved the support for client certificates handling in
  NSS-powered libcurl. Now the client certificates can be selected
  automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
  slots is no more performed. It used to cause problems with HW tokens.

- Fixed reference counting for NSS client certificates. Now the PEM reader
  module should be always properly unloaded on Curl_nss_cleanup(). If the
  unload fails though, libcurl will try to reuse the already loaded instance.

Daniel Fandrich (15 Jul 2009)
- Added nonblock.c to the non-automake makefiles (note that the dependencies
  in the Watcom makefiles aren't quite correct).

Michal Marek (15 Jul 2009)
- Changed the description of CURLINFO_OS_ERRNO to make it clear that the
  errno is not reset on success.

Guenter Knauf (14 Jul 2009)
- renamed generated config.h to curl_config.h to avoid any future clashes
  with config.h from other projects.

Daniel Stenberg (9 Jul 2009)
- Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for
  setting a file descriptor non-blocking. Used by the functionality Eric
  himself brough on June 15th.

Daniel Stenberg (8 Jul 2009)
- Constantine Sapuntzakis posted bug report #2813123
  (http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
  problem:

  Url A is accessed using auth. Url A redirects to Url B (on a different
  server0. Url B reuses a persistent connection. Url B has auth, even though
  it's on a different server.

  Note: if Url B does not reuse a persistent connection, auth is not sent.

  reason:

  data->state.first_host is not initialized becuase Curl_http_connect is not
  called when a connection is reused.

  Solution:

  move initialization of data->state.first_host to Curl_http. No code before
  Curl_http uses data->state.first_host anyway.

Guenter Knauf (4 Jul 2009)
- Markus Koetter provided a patch to avoid getnameinfo() usage which broke a
  couple of both IPv4 and IPv6 autobuilds.

Daniel Stenberg (29 Jun 2009)
- Markus Koetter made CURLOPT_FTPPORT (and curl's -P/--ftpport) support a port
  range if given colon-separated after the host name/address part. Like
  "192.168.0.1:2000-10000"

- Modified the separators used for CURLOPT_CERTINFO in multi-part outputs. I
  don't know how they got wrong in the first place, but using this output
  format makes it possible to quite easily separate the string into an array
  of multiple items.

Daniel Fandrich (16 June 2009)
- Added a few more compiler warning options for gcc.

Daniel Stenberg (16 Jun 2009)
- Reuven Wachtfogel made curl -o - properly produce a binary output on windows
  (no newline translations). Use -B/--use-ascii if you rather get the ascii
  approach.

Michal Marek (16 Jun 2009)
- When doing non-anonymous ftp via http proxies and the password is not
  provided in the url, add it there (squid needs this).

Daniel Stenberg (15 Jun 2009)
- Eric Wong's patch:

  This allows curl(1) to be used as a client-side tunnel for arbitrary stream
  protocols by abusing chunked transfer encoding in both the HTTP request and
  HTTP response.  This requires server support for sending a response while a
  request is still being read, of course.

  If attempting to read from stdin returns EAGAIN, then we pause our sender.
  This leaves curl to attempt to read from the socket while reading from stdin
  (and thus sending) is paused.

  This change was needed to allow successfully tunneling the git protocol over
  HTTP (--no-buffer is needed, as well).

Patrick Monnerat (15 Jun 2009)
- Replaced use of standard C library rand()/srand() by our own pseudo-random
  number generator.

Yang Tse (11 Jun 2009)
- I adapted testcurl script to allow building test harness programs when
  cross-compiling for a *-*-mingw* host.

Daniel Stenberg (10 Jun 2009)
- Fabian Keil ran clang on the (lib)curl code, found a bunch of warnings and
  contributed a range of patches to fix them.

Yang Tse (10 Jun 2009)
- I introduced configure script option --enable-curldebug which now allows
  the decoupled enabling or disabling of the curl debug memory tracking
  feature from the --enable-debug option which no longer controls this.

  curl --version will list 'Debug' feature for debug enabled builds, and
  will list 'TrackMemory' feature for curl debug memory tracking capable
  builds. These features are independent and can be controlled when running
  the configure script. When --enable-debug is given both features will be
  enabled, unless some restriction prevents memory tracking from being used.

  Internally, definition of preprocessor symbol DEBUGBUILD restricts code
  which is only compiled for debug enabled builds. And symbol CURLDEBUG is
  used to differentiate code which is _only_ used for memory tracking.

Yang Tse (9 Jun 2009)
- Daniel Steinberg pointed out that Curl_FormInit() in formdata.c was not
  initializing the fread callback pointer and this triggered a compiler
  warning, also provided a friendly suggestion on how to fix it.

Daniel Stenberg (8 Jun 2009)
- Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
  issue with client certs that caused issues like segfaults.
  http://curl.haxx.se/mail/lib-2009-05/0316.html

- Triggered by bug report #2798852 and the patch in there, I fixed configure
  to detect gnutls build options with pkg-config only and not libgnutls-config
  anymore since GnuTLS has stopped distributing that tool. If an explicit path
  is given to configure, we will instead guess on how to link and use that
  lib. I did not use the patch from the bug report.

Yang Tse (8 Jun 2009)
- Igor Novoseltsev adjusted Makefile.vxworks to get sources and headers
  included from Makefile.inc, and provided docs\INSTALL VxWorks section.

- I removed buildconf.bat from release and daily snapshot archives. This
  file is only for CVS tree checkout builds.

Daniel Stenberg (8 Jun 2009)
- Eric Wong fixed --no-buffer to actually switch off output buffering. Been
  broken since 7.19.0

Bill Hoffman (6 Jun 2009)
- Added some cmake docs and fixed socklen_t in the build.

Yang Tse (5 Jun 2009)
- John E. Malmberg provided VMS specific patch: "This fixes an existing bug
  in urlglob.c where it was not converting the Curl Unix exit code to a VMS
  DCL compatible exit code.  This fix required the enhancement described next.
  This also adds an enhancement to main.c so that when curl is run under a
  Unix shell like Bash on VMS, it will return the standard Unix exit codes
  and messages." And another patch for docs/examples.

  I introduced os-specific.c and os-specific.h for use in curl tool code
  and adjusted John E. Malmberg's patch placement to use these new files
  as an effort to prevent main.c from growing ad infinitum. Code already
  existing in main.c which is OS specific should be moved into these files.

Daniel Stenberg (4 June 2009)
- Setting the Content-Length: header from your app when you do a POST or PUT
  is almost always a VERY BAD IDEA. Yet there are still apps out there doing
  this, and now recently it triggered a bug/side-effect in libcurl as when
  libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
  knows it will just get a 401/407 back. If the app then replaced the
  Content-Length header, it caused the server to wait for input that libcurl
  wouldn't send. Aaron Oneal reported this problem in bug report #2799008
  (http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.

Yang Tse (4 Jun 2009)
- Igor Novoseltsev provided patches and information, that after some
  adjustments to better fit curl's way of doing things, have resulted
  in the posibility of building libcurl for VxWorks.

Daniel Fandrich (2 June 2009)
- Checked in a Google Android make file. To use it, you must first
  create a config.h file by running configure in the Android environment,
  which doesn't seem to be easy to do. If no easy way can be found, a
  static config-android.h may need to be created and checked in to the
  libcurl source tree.

Daniel Stenberg (1 June 2009)
- Claes Jakobsson fixed the configure script to better find and use NSS
  without pkg-config.

Yang Tse (1 Jun 2009)
- John E. Malmberg provided a VMS specific clean-up for curl.h, and pointed
  out that the configure script was failing to detect the timeval struct on
  VMS when building with _XOPEN_SOURCE_EXTENDED undefined due to definition
  taking place in socket.h instead of time.h.  I have adjusted configure
  script to also include this header when checking struct timeval.

Daniel Stenberg (27 May 2009)
- Frank McGeough provided a small OpenSSL #include fix to make libcurl compile
  fine with Nokia 5th edition 1.0 SDK for Symbian.

- Andre Guibert de Bruet found a call to a OpenSSL function that didn't check
  for a failure properly.

- Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear
  the auth credentials back in 7.19.0 and earlier while now you have to set ""
  to get the same effect. His patch brings back the ability to use NULL.

- Claes Jakobsson fixed libcurl-NSS to build fine even without the
  PK11_CreateGenericObject() function.

Daniel Stenberg (25 May 2009)
- bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed
  out that the cookie parser would leak memory when it parses cookies that are
  received with domain, path etc set multiple times in the same header. While
  such a cookie is questionable, they occur in the wild and libcurl no longer
  leaks memory for them. I added such a header to test case 8.

Daniel Fandrich (22 May 2009)
- Removed some obsolete digest code that caused a valgrind error in test 551.

Daniel Fandrich (20 May 2009)
- Added "non-existing host" test keywords to make it easy to skip those
  tests on machines that have broken DNS configurations (such as
  those configured to use OpenDNS).

Daniel Stenberg (19 May 2009)
- Kamil Dudka brought the patch from the Redhat bug entry
  https://bugzilla.redhat.com/show_bug.cgi?id=427966 which was libcurl closing
  a bad file descriptor when closing down the FTP data connection.  Caolan
  McNamara seems to be the original author of it.

Revision 1.91 / (download) - annotate - [select for diffs], Sun Aug 16 13:47:35 2009 UTC (9 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base, pkgsrc-2009Q3
Changes since 1.90: +2 -2 lines
Diff to previous 1.90 (colored)

Update to 7.19.6:

Version 7.19.6 (12 August 2009)

Daniel Stenberg (12 Aug 2009)
- Carsten Lange reported a bug and provided a patch for TFTP upload and the
  sending of the TSIZE option. I don't like fixing bugs just hours before
  a release, but since it was broken and the patch fixes this for him I decided
  to get it in anyway.

Daniel Stenberg (11 Aug 2009)
- Peter Sylvester made the HTTPS test server use specific certificates for
  each test, so that the test suite can now be used to actually test the
  verification of cert names etc. This made an error show up in the OpenSSL-
  specific code where it would attempt to match the CN field even if a
  subjectAltName exists that doesn't match. This is now fixed and verified
  in test 311.

- Benbuck Nason posted the bug report #2835196
  (http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler
  warnings when mixing ints and bools.

Daniel Fandrich (10 Aug 2009)
- Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow.

Daniel Fandrich (9 Aug 2009)
- Fixed some memory leaks in the command-line tool that caused most of the
  torture tests to fail.

Daniel Stenberg (2 Aug 2009)
- Curt Bogmine reported a problem with SNI enabled on a particular server. We
  should introduce an option to disable SNI, but as we're in feature freeze
  now I've addressed the obvious bug here (pointed out by Peter Sylvester): we
  shouldn't try to enable SNI when SSLv2 or SSLv3 is explicitly selected.
  Code for OpenSSL and GnuTLS was fixed. NSS doesn't seem to have a particular
  option for SNI, or are we simply not using it?

Daniel Stenberg (1 Aug 2009)
- Scott Cantor posted the bug report #2829955
  (http://curl.haxx.se/bug/view.cgi?id=2829955) mentioning the recent SSL cert
  verification flaw found and exploited by Moxie Marlinspike. The presentation
  he did at Black Hat is available here:
  https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike

  Apparently at least one CA allowed a subjectAltName or CN that contain a
  zero byte, and thus clients that assumed they would never have zero bytes
  were exploited to OK a certificate that didn't actually match the site. Like
  if the name in the cert was "example.com\0theatualsite.com", libcurl would
  happily verify that cert for example.com.

  libcurl now better uses the length of the extracted name, not using the zero
  termination for getting the string length.

  This fixing only made and needed in OpenSSL interfacing code.

- Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present
  only in some OpenSSL installs - like on Windows) isn't thread-safe and we
  agreed that moving it to the global_init() function is a decent way to deal
  with this situation.

- Alexander Beedie provided the patch for a noproxy problem: If I have set
  CURLOPT_NOPROXY to "*", or to a host that should not use a proxy, I actually
  could still end up using a proxy if a proxy environment variable was set.

Daniel Stenberg (27 Jul 2009)
- All the quote options (CURLOPT_QUOTE, CURLOPT_POSTQUOTE and
  CURLOPT_PREQUOTE) now accept a preceeding asterisk before the command to
  send when using FTP, as a sign that libcurl shall simply ignore the response
  from the server instead of treating it as an error. Not treating a 400+ FTP
  response code as an error means that failed commands will not abort the
  chain of commands, nor will they cause the connection to get disconnected.

Daniel Stenberg (26 Jul 2009)
- Johan van Selst posted bug report #2825989
  (http://curl.haxx.se/bug/view.cgi?id=2825989) pointing out that
  OpenSSL-powered libcurl didn't support the SHA-2 digest algorithm, and
  provided the solution too: to use OpenSSL_add_all_algorithms() in addition
  to the older SSLeay_* alternative. OpenSSL_add_all_algorithms was added in
  OpenSSL 0.9.5

Daniel Stenberg (23 Jul 2009)
- Added CURLOPT_SSH_KNOWNHOSTS, CURLOPT_SSH_KEYFUNCTION, CURLOPT_SSH_KEYDATA.
  They introduce known_host support for SSH keys to libcurl. See docs for
  details. Note that this feature depends on a new enough libssh2 version, to
  be supported in libssh2 1.2 and later (or current git repo at this time).

Michal Marek (22 Jul 2009)
- David Binderman found a memory and fd leak in lib/gtls.c:load_file()
  (https://bugzilla.novell.com/523919). When looking at the code, I found that
  also the ptr pointer can leak.

Kamil Dudka (20 Jul 2009)
- Claes Jakobsson improved the support for client certificates handling in
  NSS-powered libcurl. Now the client certificates can be selected
  automatically by a NSS built-in hook. Additionally pre-login to all PKCS11
  slots is no more performed. It used to cause problems with HW tokens.

- Fixed reference counting for NSS client certificates. Now the PEM reader
  module should be always properly unloaded on Curl_nss_cleanup(). If the
  unload fails though, libcurl will try to reuse the already loaded instance.

Daniel Fandrich (15 Jul 2009)
- Added nonblock.c to the non-automake makefiles (note that the dependencies
  in the Watcom makefiles aren't quite correct).

Michal Marek (15 Jul 2009)
- Changed the description of CURLINFO_OS_ERRNO to make it clear that the
  errno is not reset on success.

Guenter Knauf (14 Jul 2009)
- renamed generated config.h to curl_config.h to avoid any future clashes
  with config.h from other projects.

Daniel Stenberg (9 Jul 2009)
- Eric Wong introduced curlx_nonblock() that the curl tool now (re-)uses for
  setting a file descriptor non-blocking. Used by the functionality Eric
  himself brough on June 15th.

Daniel Stenberg (8 Jul 2009)
- Constantine Sapuntzakis posted bug report #2813123
  (http://curl.haxx.se/bug/view.cgi?id=2813123) and an a patch that fixes the
  problem:

  Url A is accessed using auth. Url A redirects to Url B (on a different
  server0. Url B reuses a persistent connection. Url B has auth, even though
  it's on a different server.

  Note: if Url B does not reuse a persistent connection, auth is not sent.

  reason:

  data->state.first_host is not initialized becuase Curl_http_connect is not
  called when a connection is reused.

  Solution:

  move initialization of data->state.first_host to Curl_http. No code before
  Curl_http uses data->state.first_host anyway.

Guenter Knauf (4 Jul 2009)
- Markus Koetter provided a patch to avoid getnameinfo() usage which broke a
  couple of both IPv4 and IPv6 autobuilds.

Daniel Stenberg (29 Jun 2009)
- Markus Koetter made CURLOPT_FTPPORT (and curl's -P/--ftpport) support a port
  range if given colon-separated after the host name/address part. Like
  "192.168.0.1:2000-10000"

- Modified the separators used for CURLOPT_CERTINFO in multi-part outputs. I
  don't know how they got wrong in the first place, but using this output
  format makes it possible to quite easily separate the string into an array
  of multiple items.

Daniel Fandrich (16 June 2009)
- Added a few more compiler warning options for gcc.

Daniel Stenberg (16 Jun 2009)
- Reuven Wachtfogel made curl -o - properly produce a binary output on windows
  (no newline translations). Use -B/--use-ascii if you rather get the ascii
  approach.

Michal Marek (16 Jun 2009)
- When doing non-anonymous ftp via http proxies and the password is not
  provided in the url, add it there (squid needs this).

Daniel Stenberg (15 Jun 2009)
- Eric Wong's patch:

  This allows curl(1) to be used as a client-side tunnel for arbitrary stream
  protocols by abusing chunked transfer encoding in both the HTTP request and
  HTTP response.  This requires server support for sending a response while a
  request is still being read, of course.

  If attempting to read from stdin returns EAGAIN, then we pause our sender.
  This leaves curl to attempt to read from the socket while reading from stdin
  (and thus sending) is paused.

  This change was needed to allow successfully tunneling the git protocol over
  HTTP (--no-buffer is needed, as well).

Patrick Monnerat (15 Jun 2009)
- Replaced use of standard C library rand()/srand() by our own pseudo-random
  number generator.

Yang Tse (11 Jun 2009)
- I adapted testcurl script to allow building test harness programs when
  cross-compiling for a *-*-mingw* host.

Daniel Stenberg (10 Jun 2009)
- Fabian Keil ran clang on the (lib)curl code, found a bunch of warnings and
  contributed a range of patches to fix them.

Yang Tse (10 Jun 2009)
- I introduced configure script option --enable-curldebug which now allows
  the decoupled enabling or disabling of the curl debug memory tracking
  feature from the --enable-debug option which no longer controls this.

  curl --version will list 'Debug' feature for debug enabled builds, and
  will list 'TrackMemory' feature for curl debug memory tracking capable
  builds. These features are independent and can be controlled when running
  the configure script. When --enable-debug is given both features will be
  enabled, unless some restriction prevents memory tracking from being used.

  Internally, definition of preprocessor symbol DEBUGBUILD restricts code
  which is only compiled for debug enabled builds. And symbol CURLDEBUG is
  used to differentiate code which is _only_ used for memory tracking.

Yang Tse (9 Jun 2009)
- Daniel Steinberg pointed out that Curl_FormInit() in formdata.c was not
  initializing the fread callback pointer and this triggered a compiler
  warning, also provided a friendly suggestion on how to fix it.

Daniel Stenberg (8 Jun 2009)
- Claes Jakobsson provided a patch for libcurl-NSS that fixed a bad refcount
  issue with client certs that caused issues like segfaults.
  http://curl.haxx.se/mail/lib-2009-05/0316.html

- Triggered by bug report #2798852 and the patch in there, I fixed configure
  to detect gnutls build options with pkg-config only and not libgnutls-config
  anymore since GnuTLS has stopped distributing that tool. If an explicit path
  is given to configure, we will instead guess on how to link and use that
  lib. I did not use the patch from the bug report.

Yang Tse (8 Jun 2009)
- Igor Novoseltsev adjusted Makefile.vxworks to get sources and headers
  included from Makefile.inc, and provided docs\INSTALL VxWorks section.

- I removed buildconf.bat from release and daily snapshot archives. This
  file is only for CVS tree checkout builds.

Daniel Stenberg (8 Jun 2009)
- Eric Wong fixed --no-buffer to actually switch off output buffering. Been
  broken since 7.19.0

Bill Hoffman (6 Jun 2009)
- Added some cmake docs and fixed socklen_t in the build.

Yang Tse (5 Jun 2009)
- John E. Malmberg provided VMS specific patch: "This fixes an existing bug
  in urlglob.c where it was not converting the Curl Unix exit code to a VMS
  DCL compatible exit code.  This fix required the enhancement described next.
  This also adds an enhancement to main.c so that when curl is run under a
  Unix shell like Bash on VMS, it will return the standard Unix exit codes
  and messages." And another patch for docs/examples.

  I introduced os-specific.c and os-specific.h for use in curl tool code
  and adjusted John E. Malmberg's patch placement to use these new files
  as an effort to prevent main.c from growing ad infinitum. Code already
  existing in main.c which is OS specific should be moved into these files.

Daniel Stenberg (4 June 2009)
- Setting the Content-Length: header from your app when you do a POST or PUT
  is almost always a VERY BAD IDEA. Yet there are still apps out there doing
  this, and now recently it triggered a bug/side-effect in libcurl as when
  libcurl sends a POST or PUT with NTLM, it sends an empty post first when it
  knows it will just get a 401/407 back. If the app then replaced the
  Content-Length header, it caused the server to wait for input that libcurl
  wouldn't send. Aaron Oneal reported this problem in bug report #2799008
  (http://curl.haxx.se/bug/view.cgi?id=2799008) and helped us verify the fix.

Yang Tse (4 Jun 2009)
- Igor Novoseltsev provided patches and information, that after some
  adjustments to better fit curl's way of doing things, have resulted
  in the posibility of building libcurl for VxWorks.

Daniel Fandrich (2 June 2009)
- Checked in a Google Android make file. To use it, you must first
  create a config.h file by running configure in the Android environment,
  which doesn't seem to be easy to do. If no easy way can be found, a
  static config-android.h may need to be created and checked in to the
  libcurl source tree.

Daniel Stenberg (1 June 2009)
- Claes Jakobsson fixed the configure script to better find and use NSS
  without pkg-config.

Yang Tse (1 Jun 2009)
- John E. Malmberg provided a VMS specific clean-up for curl.h, and pointed
  out that the configure script was failing to detect the timeval struct on
  VMS when building with _XOPEN_SOURCE_EXTENDED undefined due to definition
  taking place in socket.h instead of time.h.  I have adjusted configure
  script to also include this header when checking struct timeval.

Daniel Stenberg (27 May 2009)
- Frank McGeough provided a small OpenSSL #include fix to make libcurl compile
  fine with Nokia 5th edition 1.0 SDK for Symbian.

- Andre Guibert de Bruet found a call to a OpenSSL function that didn't check
  for a failure properly.

- Mike Crowe pointed out that setting CURLOPT_USERPWD to NULL used to clear
  the auth credentials back in 7.19.0 and earlier while now you have to set ""
  to get the same effect. His patch brings back the ability to use NULL.

- Claes Jakobsson fixed libcurl-NSS to build fine even without the
  PK11_CreateGenericObject() function.

Daniel Stenberg (25 May 2009)
- bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed
  out that the cookie parser would leak memory when it parses cookies that are
  received with domain, path etc set multiple times in the same header. While
  such a cookie is questionable, they occur in the wild and libcurl no longer
  leaks memory for them. I added such a header to test case 8.

Daniel Fandrich (22 May 2009)
- Removed some obsolete digest code that caused a valgrind error in test 551.

Daniel Fandrich (20 May 2009)
- Added "non-existing host" test keywords to make it easy to skip those
  tests on machines that have broken DNS configurations (such as
  those configured to use OpenDNS).

Daniel Stenberg (19 May 2009)
- Kamil Dudka brought the patch from the Redhat bug entry
  https://bugzilla.redhat.com/show_bug.cgi?id=427966 which was libcurl closing
  a bad file descriptor when closing down the FTP data connection.  Caolan
  McNamara seems to be the original author of it.

Revision 1.90 / (download) - annotate - [select for diffs], Tue Jun 9 18:31:35 2009 UTC (9 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base
Branch point for: pkgsrc-2009Q2
Changes since 1.89: +4 -2 lines
Diff to previous 1.89 (colored)

Update to 7.19.5:

Version 7.19.5 (18 May 2009)

Daniel Stenberg (17 May 2009)
- James Bursa posted a patch to the mailing list that fixed a problem with
  no_proxy which made it not skip the proxy if the URL entered contained a
  user name. I added test case 1101 to verify.

Daniel Stenberg (11 May 2009)
- Balint Szilakszi reported a memory leak when libcurl did gzip decompression
  of streams that had some parts (legitimately) missing. We now provide and use
  a proper cleanup function for the content encoding submodule.
  http://curl.haxx.se/mail/lib-2009-05/0092.html

- Kamil Dudka provided a fix for libcurl-NSS reported by Michael Cronenworth
  at https://bugzilla.redhat.com/show_bug.cgi?id=453612#c12

  If an incorrect password is given while loading a private key, libcurl ends
  up in an infinite loop consuming memory. The bug is critical.

- I fixed the problem with doing NTLM, POST and then following a 302 redirect,
  as reported by Ebenezer Ikonne (on curl-users) and Laurent Rabret (on
  curl-library). The transfer was mistakenly marked to get more data to send
  but since it didn't actually have that, it just hung there...

Daniel Stenberg (10 May 2009)
- Andre Guibert de Bruet correctly pointed out an over-alloc with one wasted
  byte in the digest code.

Yang Tse (9 May 2009)
- Removed DOS and TPF package's subdirectory Makefile.am, it was only used
  to include some files in the distribution tarball serving no other purpose.
  Files from the DOS and TPF subdirectories are now included in the EXTRA_DIST
  of the Makefile in the parent subdirectory.

Yang Tse (8 May 2009)
- Changed host name literal in several tests to one under the haxx.se domain.

- Renamed vc6 workspace and project files to avoid filename clash when used
  for conversion to later VS versions.

Daniel Stenberg (8 May 2009)
- Constantine Sapuntzakis fixed bug report #2784055
  (http://curl.haxx.se/bug/view.cgi?id=2784055) identifying a problem to
  connect to SOCKS proxies when using the multi interface. It turned out to
  almost not work at all previously. We need to wait for the TCP connect to
  be properly verified before doing the SOCKS magic.

  There's still a flaw in the FTP code for this.

Daniel Stenberg (7 May 2009)
- Made the SO_SNDBUF setting for the data connection socket for ftp uploads as
  well. See change 28 Apr 2009.

Yang Tse (7 May 2009)
- Fixed an issue affecting FTP transfers, introduced with the transfer.c
  patch committed May 4.

Daniel Stenberg (7 May 2009)
- Man page *roff problems fixed thanks to input from Colin Watson. Problems
  reported in the Debian package.

- Vijay G filed bug report #2723236
  (http://curl.haxx.se/bug/view.cgi?id=2723236) identifying a problem with
  libcurl's TFTP code and its lack of dealing with the OACK packet.

Yang Tse (5 May 2009)
- Fixed the --ftp-port address of test #251 to the CLIENTIP address, and
  reverted the change affecting test suite harness committed 4 May.

Daniel Stenberg (5 May 2009)
- Inspired by Michael Smith's session id fix for OpenSSL, I did the
  corresponding fix in the GnuTLS code: make sure to store the new session id
  in case the previous re-used one is rejected.

Daniel Stenberg (4 May 2009)
- Michael Smith posted bug report #2786255
  (http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
  libcurl did not deal with SSL session ids properly if the server rejected a
  re-use of one. Starting now, it will forget the rejected one and remember
  the new. This change was for OpenSSL only, it is likely that other SSL lib
  code needs similar fixes.

Yang Tse (4 May 2009)
- Applied David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and
  non-ASCII platform HTTP requests" patch addressing two HTTP PUT problems:
  1) On non-ASCII platforms not all of the protocol portions of the PUT are
  being translated to ASCII.  2) On all platforms the line endings of part of
  the protocol portions are mangled from CRLF to CRCRLF if data->set.crlf or
  data->set.prefer_ascii are set (depending on CURL_DO_LINEEND_CONV).

- Applied David McCreedy's patch to fix test suite harness to allow test FTP
  server and client on different machines, providing FTP client address when
  running the FTP test server.

Daniel Fandrich (3 May 2009)
- Added and disabled test case 563 which shows KNOWN_BUGS #59.  The bug
  report failed to mention that a proxy must be used to reproduce it.

Yang Tse (2 May 2009)
- Use a build-time configured curl_socklen_t data type instead of socklen_t.

Yang Tse (1 May 2009)
- Applied David McCreedy's patches "TPF-platform specific changes to various
  files" and "http.c fix to Curl_proxyCONNECT for non-ASCII platforms", the
  former with minor edits.

Daniel Stenberg (30 Apr 2009)
- I was going to fix issue #59 in KNOWN_BUGS

  If the CURLOPT_PORT option is used on an FTP URL like
  "ftp://example.com/file;type=A" the ";type=A" is stripped off.

  I added test case 562 to verify, only to find out that I couldn't repeat
  this bug so I hereby consider it not a bug anymore!

Daniel Stenberg (29 Apr 2009)
- Based on bug report #2723219 (http://curl.haxx.se/bug/view.cgi?id=2723219)
  I've now made TFTP "connections" not being kept for re-use within libcurl.
  TFTP is UDP-based so the benefit was really low (if even existing) to begin
  with so instead of tracking down to fix this problem we instead removed the
  re-use. I also enabled test case 1099 that I wrote a few days ago to verify
  that this change fixes the reported problem.

Daniel Stenberg (28 Apr 2009)
- Constantine Sapuntzakis filed bug report #2783090
  (http://curl.haxx.se/bug/view.cgi?id=2783090) pointing out that on windows
  we need to grow the SO_SNDBUF buffer somewhat to get really good upload
  speeds. http://support.microsoft.com/kb/823764 has the details. Friends
  confirmed that simply adding 32 to CURL_MAX_WRITE_SIZE is enough.

- Bug report #2709004 (http://curl.haxx.se/bug/view.cgi?id=2709004) by Tim
  Chen pointed out how curl couldn't upload with resume when reading from a
  pipe.

  This ended up with the introduction of a new return code for the
  CURLOPT_SEEKFUNCTION callback that basically says that the seek failed but
  that libcurl may try to resolve the situation anyway. In our case this means
  libcurl will attempt to instead read that much data from the stream instead
  of seeking and that way curl can now upload with resume when data is read
  from a stream!

Daniel Stenberg (26 Apr 2009)
- Bug report #2779733 (http://curl.haxx.se/bug/view.cgi?id=2779733) by Sven
  Wegener pointed out that CURLINFO_APPCONNECT_TIME didn't work with the multi
  interface and provided a patch that fixed the problem!

Daniel Stenberg (24 Apr 2009)
- Kamil Dudka fixed another NSS-related leak when client certs were used.

- Bug report #2779245 (http://curl.haxx.se/bug/view.cgi?id=2779245) by Rainer
  Koenig pointed out that the man page didn't tell that the *_proxy
  environment variables can be specified lower case or UPPER CASE and the
  lower case takes precedence,

Daniel Fandrich (21 Apr 2009)
- Added new libcurl source files to Amiga, RiscOS and VC6 build files.

Yang Tse (21 Apr 2009)
- Moved potential inclusion of system's malloc.h and memory.h header files to
  setup_once.h.  Inclusion of each header file is based on the definition of
  NEED_MALLOC_H and NEED_MEMORY_H respectively.

  Renamed libcurl's memory.h to curl_memory.h

Daniel Stenberg (20 Apr 2009)
- Leanic Lefever reported a crash and did some detailed research on why and
  how it occurs (http://curl.haxx.se/mail/lib-2009-04/0289.html). The
  conclusion was that if an error is detected and Curl_done() is called for
  the connection, ftp_done() could at times return another error code that
  then would take precedence and that new code confused existing logic that
  works for the first error code (CURLE_SEND_ERROR) only.

- Gisle Vanem noticed that --libtool would produce bogus strings at times for
  OBJECTPOINT options. Now we've introduced a new function - my_setopt_str -
  within the app for setting plain string options to avoid the risk of this
  mistake happening.

Daniel Stenberg (17 Apr 2009)
- Pramod Sharma reported and tracked down a bug when doing FTP over a HTTP
  proxy. libcurl would then wrongly close the connection after each
  request. In his case it had the weird side-effect that it killed NTLM auth
  for the proxy causing an inifinite loop!

  I added test case 1098 to verify this fix. The test case does however not
  properly verify that the transfers are done persistently - as I couldn't
  think of a clever way to achieve it right now - but you need to read the
  stderr output after a test run to see that it truly did the right thing.

Daniel Stenberg (13 Apr 2009)
- bug report #2727981 (http://curl.haxx.se/bug/view.cgi?id=2727981) by Martin
  Storsj
  confusing as it set the method to either GET or HEAD. The example he showed
  looked like:

   curl_easy_setopt(curl, CURLOPT_PUT, 1);
   curl_easy_setopt(curl, CURLOPT_NOBODY, 0);

  The new way doesn't alter the method until the request is about to start. If
  CURLOPT_NOBODY is then 1 the HTTP request will be HEAD. If CURLOPT_NOBODY is
  0 and the request happens to have been set to HEAD, it will then instead be
  set to GET. I believe this will be less surprising to users, and hopefully
  not hit any existing users badly.

- Toshio Kuratomi reported a memory leak problem with libcurl+NSS that turned
  out to be leaking cacerts. Kamil Dudka helped me complete the fix. The issue
  is found in Redhat's bug tracker:
  https://bugzilla.redhat.com/show_bug.cgi?id=453612

  There are still memory leaks present, but they seem to have other reasons.

Daniel Fandrich (11 Apr 2009)
- Added new libcurl source files to Symbian OS build files.
- Improved Symbian support for SSL.

Yang Tse (10 Apr 2009)
- Daniel Johnson improved the MacOSX-Framework shell script to now perform all
  the steps required to build a Mac OS X four way fat ppc/i386/ppc64/x86_64
  libcurl.framework.  Four way fat framework requires OS X 10.5 SDK or later.

Yang Tse (8 Apr 2009)
- Removed Sun compilers preprocessor block from curlbuild.h.dist, this also
  removes it from the curlbuild.h file originally distributed by the cURL
  project as this file is intended for systems not capable of running the
  configure script.  For those who have been building curl out of the source
  code curl distribution tarball provided by curl.haxx.se the change implies
  nothing.  Previous change in this area committed 2 Apr becomes irrelevant.

Daniel Stenberg (6 Apr 2009)
- I clarified in the docs that CURLOPT_SEEKFUNCTION should return 0 on success
  and 1 on fatal errors. Previously it only mentioned non-zero on fatal
  errors. This is a slight change in meaning, but it follows what we've done
  elsewhere before and it opens up for LOTS of more useful return codes
  whenever we can think of them...

Yang Tse (2 Apr 2009)
- Fix curl_off_t definition for builds done using Sun compilers and a
  non-configured libcurl. In this case curl_off_t data type was gated
  to the off_t data type which depends on the _FILE_OFFSET_BITS. This
  configuration is exactly the unwanted configuration for our curl_off_t
  data type which must not depend on such setting. This breaks ABI for
  libcurl libraries built with Sun compilers which were built without
  having run the configure script with _FILE_OFFSET_BITS different than
  64 and using the ILP32 data model.

Daniel Stenberg (1 Apr 2009)
- Andre Guibert de Bruet fixed a NULL pointer use in an infof() call if a
  strdup() call failed.

Daniel Fandrich (31 Mar 2009)
- Properly return an error code in curl_easy_recv (reported by Jim Freeman).

Daniel Stenberg (18 Mar 2009)
- Kamil Dudka brought a patch that enables 6 additional crypto algorithms when
  NSS is used. These ciphers were added in NSS 3.4 and require to be enabled
  explicitly.

Daniel Stenberg (13 Mar 2009)
- Use libssh2_version() to present the libssh2 version in case the libssh2
  library is found to support it.

Yang Tse (12 Mar 2009)
- Added missing Curl_read() return code checking in TELNET transfers.

- Pierre Brico found and fixed TELNET transfers not being aborted upon
  a write callback failure.

Daniel Stenberg (11 Mar 2009)
- Kamil Dudka made the curl tool properly call curl_global_init() before any
  other libcurl function.

Yang Tse (11 Mar 2009)
- Added missing TELNET timeout support for Windows builds. This issue was
  reported by Pierre Brico.

Daniel Stenberg (9 Mar 2009)
- Frank Hempel found out a bug and provided the fix:

  curl_easy_duphandle did not necessarily duplicate the CURLOPT_COOKIEFILE
  option. It only enabled the cookie engine in the destination handle if
  data->cookies is not NULL (where data is the source handle). In case of a
  newly initialized handle which just had the cookie support enabled by a
  curl_easy_setopt(handle, CURL_COOKIEFILE, "")-call, handle->cookies was
  still NULL because the setopt-call only appends the value to
  data->change.cookielist, hence duplicating this handle would not have the
  cookie engine switched on.

  We also concluded that the slist-functionality would be suitable for being
  put in its own module rather than simply hanging out in lib/sendf.c so I
  created lib/slist.[ch] for them.

- Andreas Farber made the 'buildconf' script check for the presence of m4
  scripts to make it detect a bad checkout earlier. People with older
  checkouts who don't do cvs update with the -d option won't get the new dirs
  and then will get funny outputs that can be a bit hard to understand and
  fix.

Daniel Stenberg (8 Mar 2009)
- Andre Guibert de Bruet found and fixed a code segment in ssluse.c where the
  allocation of the memory BIO was not being properly checked.

- Andre Guibert de Bruet fixed the gnutls-using code: There are a few places
  in the gnutls code where we were checking for negative values for errors,
  when the man pages state that GNUTLS_E_SUCCESS is returned on success and
  other values indicate error conditions.

- Bill Egert pointed out (http://curl.haxx.se/bug/view.cgi?id=2671602) that
  curl didn't use sprintf() in a way that is documented to work in POSIX but
  since we use our own printf() code (from libcurl) that shouldn't be a
  problem. Nonetheless I modified the code to not rely on such particular
  features and to not cause further raised eyebrowse with no good reason.

Daniel Fandrich (5 Mar 2009)
- Expanded the security section of the libcurl-tutorial man page to cover
  more issues for authors to consider when writing robust libcurl-using
  applications.

Yang Tse (5 Mar 2009)
- Fixed NTLM authentication memory leak on SSPI enabled Windows builds. This
  issue was noticed by Chris Deidun.

Daniel Fandrich (4 Mar 2009)
- Fixed a problem with m4 quoting in the OpenSSL configure check reported
  by Daniel Johnson.

Daniel Stenberg (3 Mar 2009)
- David James brought a patch that make libcurl close (all) dead connections
  whenever you attempt to open a new connection.

  1. After cleaning up a dead connection, "continue" instead of
     returning FALSE. This ensures that we clean up all dead connections,
     rather than just cleaning up the first dead connection.
  2. Move up the cleanup for dead connections so that it occurs for
     all connections, rather than just the connections which have the same
     preferences as our current new connection.

Revision 1.85.4.2 / (download) - annotate - [select for diffs], Sun Mar 15 15:07:22 2009 UTC (10 years, 2 months ago) by tron
Branch: pkgsrc-2008Q4
Changes since 1.85.4.1: +2 -5 lines
Diff to previous 1.85.4.1 (colored) to branchpoint 1.85 (colored) next main 1.86 (colored)

Pullup ticket 2722 - requested by bouyer
curl: build fix

Revisions pulled up:
- www/curl/Makefile				patch
- www/curl/distinfo				patch
- www/curl/patches/patch-ab			patch
- www/curl/patches/patch-ac			patch
- www/curl/patches/patch-ad			patch
- www/curl/patches/patch-ae			patch
- www/curl/patches/patch-af			patch
---
The security patch for CVE-2009-0037 has changed on the master site which
changed the checksum and size of "curl-7.18.1-CVE-2009-0037.patch".
Update to the latest version and integrate it directly to avoid further
build breaks.

Revision 1.85.4.1 / (download) - annotate - [select for diffs], Fri Mar 13 04:51:54 2009 UTC (10 years, 2 months ago) by rtr
Branch: pkgsrc-2008Q4
Changes since 1.85: +5 -2 lines
Diff to previous 1.85 (colored)

pullup ticket #2716 - requested by tron
curl: fix for security vulnerability

revisions pulled up:
pkgsrc/www/curl/Makefile	patch provided
pkgsrc/www/curl/distinfo	patch provided

   http://curl.haxx.se/docs/adv_20090303.html

Revision 1.89 / (download) - annotate - [select for diffs], Wed Mar 4 14:47:01 2009 UTC (10 years, 2 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2009Q1-base, pkgsrc-2009Q1
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)

Update "curl" package to version 7.19.4. Changes since version 7.19.3:
Changes:
 - Added CURLOPT_NOPROXY and the corresponding --noproxy
 - the OpenSSL-specific code disables TICKET (rfc5077) which is enabled
   by default in openssl 0.9.8j
 - Added CURLOPT_TFTP_BLKSIZE
 - Added CURLOPT_SOCKS5_GSSAPI_SERVICE and CURLOPT_SOCKS5_GSSAPI_NEC -
   with the corresponding curl options --socks5-gssapi-service and
   --socks5-gssapi-nec
 - Improved IPv6 support when built with with c-ares >= 1.6.1
 - Added CURLPROXY_HTTP_1_0 and --proxy1.0
 - Added docs/libcurl/symbols-in-versions
 - Added CURLINFO_CONDITION_UNMET
 - Added support for Digest and NTLM authentication using GnuTLS
 - CURLOPT_FTP_CREATE_MISSING_DIRS can now be set to 2 to retry the CWD
   even when MKD fails
 - GnuTLS initing moved to curl_global_init()
 - Added CURLOPT_REDIR_PROTOCOLS and CURLOPT_PROTOCOLS
Bugfixes:
 - missing ssh.obj in VS makefiles
 - FTP ;type=i URLs now work with CURLOPT_PROXY_TRANSFER_MODE in
   Turkish locale
 - realms with quoted quotation marks in HTTP Digest headers
 - VC9 makefiles are now really included
 - multi interface memory leak with CURLMOPT_MAXCONNECTS set
 - CURLINFO_CONTENT_LENGTH_DOWNLOAD size from file:// "transfers" with
   CURLOPT_NOBODY set true
 - memory leak on some libz errors for content encodings
 - NSS-enabled build is repaired
 - superfluous wait in SFTP downloads removed
 - FTP with the multi interface no longer kills the control connection
   as easily on transfer failures
 - compilation halting when using VS2008 to build a Windows 2000 target
 - ease creation of libcurl Mac OS X Framework
 - CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD
   are -1 if unknown
 - Negotiate proxy authentication
 - CURLOPT_INTERFACE and CURLOPT_LOCALPORT used together

This update fixes the security problem reported in CVE-2009-0037.

Revision 1.88 / (download) - annotate - [select for diffs], Sat Feb 21 13:38:37 2009 UTC (10 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)

Update to 7.19.3:
This release adds CURLAUTH_DIGEST_IE and vc9 makefiles and has
around 30 bugfixes.

Revision 1.87 / (download) - annotate - [select for diffs], Thu Jan 8 17:22:16 2009 UTC (10 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.86: +1 -20 lines
Diff to previous 1.86 (colored)

Some cleanup.

Revision 1.86 / (download) - annotate - [select for diffs], Thu Jan 8 16:25:45 2009 UTC (10 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.85: +2 -3 lines
Diff to previous 1.85 (colored)

Update to 7.19.2:

7.19.2

Three added regressions in 7.19.1 have been fixed: a build failure
when using the MSVC 6 makefile, a crash when using --interface name
on Linux, and multi interface downloading HTTPS pages with libcurl
built powered by OpenSSL.

7.19.1

CURLOPT_CERTINFO, CURLINFO_CERTINFO, CURLOPT_POSTREDIR, CURLOPT_USERNAME,
CURLOPT_PASSWORD, CURLOPT_PROXYUSERNAME, and CURLOPT_PROXYPASSWORD
were added. 24 bugs were fixed.

7.19.0

Some new libcurl options, new Boolean options handling in the curl
tool, and around 40 bugfixes.

7.18.2

This release adds CURLFORM_STREAM, CURLINFO_REDIRECT_URL, and the
two new functions curl_easy_send() and curl_easy_recv(). libcurl
now supports CURLOPT_NOBODY over SFTP, and curl now runs on Symbian
OS. At least 21 described bugfixes were made.

7.18.1

This release adds support for HttpOnly cookies. It no longer
distributes or installs a CA cert bundle. SSLv2 is now disabled by
default. Resumed transfers work with SFTP. At least 23 described
bugfixes were made.

Revision 1.85 / (download) - annotate - [select for diffs], Mon Sep 22 18:19:41 2008 UTC (10 years, 8 months ago) by minskim
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base, pkgsrc-2008Q3-base, pkgsrc-2008Q3
Branch point for: pkgsrc-2008Q4
Changes since 1.84: +2 -2 lines
Diff to previous 1.84 (colored)

Set PRIVILEGED_STAGES+=clean for every platform.

Some files are generated during install, and cannot be cleaned by an
unprivileged user.

Revision 1.84 / (download) - annotate - [select for diffs], Thu Jul 31 19:47:10 2008 UTC (10 years, 9 months ago) by manu
Branch: MAIN
CVS Tags: cube-native-xorg-base, cube-native-xorg
Changes since 1.83: +2 -2 lines
Diff to previous 1.83 (colored)

Added a LDAP option to curl, so that ldap:// and ldaps:// URL are supported

Revision 1.83 / (download) - annotate - [select for diffs], Sat Jul 5 00:20:49 2008 UTC (10 years, 10 months ago) by minskim
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper
Changes since 1.82: +2 -2 lines
Diff to previous 1.82 (colored)

"make clean" requires the superuser privilege on Darwin.

Revision 1.80.2.1 / (download) - annotate - [select for diffs], Tue May 13 12:55:30 2008 UTC (11 years ago) by rtr
Branch: pkgsrc-2008Q1
Changes since 1.80: +2 -2 lines
Diff to previous 1.80 (colored) next main 1.81 (colored)

pullup ticket #2375 - requested by dholland
curl: fix broken build on netbsd 3

revisions pulled up:
- pkgsrc/www/curl/Makefile		1.82
- pkgsrc/www/curl/distinfo		1.55
- pkgsrc/www/curl/patches/patch-aa	1.12

   Module Name:	pkgsrc
   Committed By:	dholland
   Date:		Mon May 12 20:37:06 UTC 2008

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo
   Added Files:
   	pkgsrc/www/curl/patches: patch-aa

   Log Message:
   Add explicit -lkrb5 with -lgssapi, when enabled. Fixes broken build
   on NetBSD 3.x. PR pkg/38331. PKGREVISION++.
   Ok: joerg

Revision 1.82 / (download) - annotate - [select for diffs], Mon May 12 20:37:06 2008 UTC (11 years ago) by dholland
Branch: MAIN
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)

Add explicit -lkrb5 with -lgssapi, when enabled. Fixes broken build
on NetBSD 3.x. PR pkg/38331. PKGREVISION++.
Ok: joerg

Revision 1.81 / (download) - annotate - [select for diffs], Fri May 2 05:08:22 2008 UTC (11 years ago) by xtraeme
Branch: MAIN
Changes since 1.80: +5 -1 lines
Diff to previous 1.80 (colored)

Some files cannot be removed at the clean stage as non-root user, so
use the same strategy than python uses: PRIVILEGED_STAGES+=clean.

Revision 1.80 / (download) - annotate - [select for diffs], Mon Mar 10 18:35:54 2008 UTC (11 years, 2 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base
Branch point for: pkgsrc-2008Q1
Changes since 1.79: +2 -1 lines
Diff to previous 1.79 (colored)

-make the gssapi option default on NetBSD (where Kerberos comes for free)
 (suggested by Todd Kover in PR pkg/36144)
-propagate the krb dependency through bl3 if necessary
-bump PKGREVISION

Revision 1.79 / (download) - annotate - [select for diffs], Sun Mar 2 14:40:26 2008 UTC (11 years, 2 months ago) by bjs
Branch: MAIN
Changes since 1.78: +19 -17 lines
Diff to previous 1.78 (colored)


Update to version 7.18.0 and add SSHv2 support via the newly imported
security/libssh2 package.

Changes:

 o --data-urlencode
 o CURLOPT_PROXY_TRANSFER_MODE
 o --no-keepalive - now curl does connections with keep-alive enabled by
   default
 o --socks4a added (proxy type CURLPROXY_SOCKS4A for libcurl)
 o --socks5-hostname added (CURLPROXY_SOCKS5_HOSTNAME for libcurl)
 o curl_easy_pause()
 o CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA
 o --keepalive-time
 o curl --help output was re-ordered

This release includes the following bugfixes:

 o curl-config --features and --protocols show the correct output when built
   with NSS, and also when SCP, SFTP and libz are not available
 o free problem in the curl tool for users with empty home dir
 o curl.h version 7.17.1 problem when building C++ apps with MSVC
 o SFTP and SCP use persistent connections
 o segfault on bad URL
 o variable wrapping when using absolutely huge send buffer sizes
 o variable wrapping when using debug callback and the HTTP request wasn't sent
   in one go
 o SSL connections with NSS done with the multi-interface
 o setting a share no longer activates cookies
 o Negotiate now works on auth and proxy simultanouesly
 o support HTTP Digest nonces up to 1023 letters
 o resumed ftp upload no longer requires the read callback to return full
   buffers
 o no longer default-appends ;type= on FTP URLs thru proxies
 o SSL session id caching
 o POST with callback over proxy requiring NTLM or Digest
 o Expect: 100-continue flaw on re-used connection with POSTs
 o build fix for MSVC 9.0 (VS2008)
 o Windows curl builds failed file truncation when retry downloading
 o SSL session ID cache memory leak
 o bad connection re-use check with environment variable-activated proxy use
 o --libcurl now generates a return statement as well
 o socklen_t is no longer used in the public includes
 o time zone offsets from -1400 to +1400 are now accepted by the date parser
 o allows more spaces in WWW/Proxy-Authenticate: headers
 o curl-config --libs skips /usr/lib64
 o range support for file:// transfers
 o libcurl hang with huge POST request and request-body read from callback
 o removed extra newlines from many error messages
 o improved pipelining
 o improved OOM handling for data url encoded HTTP POSTs when read from a file
 o test suite could pick wrong tool(s) if more than one existed in the PATH
 o curl_multi_fdset() failed to return socket while doing CONNECT over proxy
 o curl_multi_remove_handle() on a handle that is in used for a pipeline now
   break that pipeline
 o CURLOPT_COOKIELIST memory leaks
 o progress meter/callback during http proxy CONNECT requests
 o auth for http proxy when the proxy closes connection after first response

Revision 1.78 / (download) - annotate - [select for diffs], Fri Jan 18 05:09:48 2008 UTC (11 years, 4 months ago) by tnn
Branch: MAIN
Changes since 1.77: +2 -1 lines
Diff to previous 1.77 (colored)

Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@

Revision 1.77 / (download) - annotate - [select for diffs], Mon Nov 12 00:15:45 2007 UTC (11 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.76: +2 -3 lines
Diff to previous 1.76 (colored)

Remove ftp.rge.com from MASTER_SITES, doesn't resolve.
From Zafer Aydogan in PR 37340.

Revision 1.76 / (download) - annotate - [select for diffs], Thu Nov 1 08:37:09 2007 UTC (11 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)

Update to 7.17.1:

Version 7.17.1 (29 October 2007)

Dan F (25 October 2007)
- Added the --static-libs option to curl-config

Daniel S (25 October 2007)
- Made libcurl built with NSS possible to ignore the peer verification.
  Previously it would fail if the ca bundle wasn't present, even if the code
  ignored the verification results.

Patrick M (25 October 2007)
- Fixed test server to allow null bytes in binary posts.
_ Added tests 35, 544 & 545 to check binary data posts, both static (in place)
  and dynamic (copied).

Daniel S (25 October 2007)
- Michal Marek fixed the test script to be able to use valgrind even when the
  lib is built shared with libtool.

- Fixed a few memory leaks when the same easy handle is re-used to request
  URLs with different protocols. FTP and TFTP related leaks. Caught thanks to
  Dan F's new test cases.

Dan F (24 October 2007)
- Fixed the test FTP and TFTP servers to support the >10000 test number
  notation

- Added test cases 2000 through 2003 which test multiple protocols using the
  same easy handle

- Fixed the filecheck: make target to work outside the source tree

Daniel S (24 October 2007)
- Vladimir Lazarenko pointed out that we should do some 'mt' magic when
  building with VC8 to get the "manifest" embedded to make fine stand-alone
  binaries. The maketgz and the src/Makefile.vc6 files were adjusted
  accordingly.

Daniel S (23 October 2007)
- Bug report #1812190 (http://curl.haxx.se/bug/view.cgi?id=1812190) points out
  that libcurl tried to re-use connections a bit too much when using non-SSL
  protocols tunneled over a HTTP proxy.

Daniel S (22 October 2007)
- Michal Marek forwarded the bug report
  https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to
  FTP that caused memory havoc. His work together with my efforts created two
  fixes:

  #1 - FTP::file was moved to struct ftp_conn, because is has to be dealt with
       at connection cleanup, at which time the struct HandleData could be
       used by another connection.
       Also, the unused char *urlpath member is removed from struct FTP.

  #2 - provide a Curl_reset_reqproto() function that frees
       data->reqdata.proto.* on connection setup if needed (that is if the
       SessionHandle was used by a different connection).

  A long-term goal is of course to somehow get rid of how the reqdata struct
  is used, as it is too error-prone.

- Bug report #1815530 (http://curl.haxx.se/bug/view.cgi?id=1815530) points out
  that specifying a proxy with a trailing slash didn't work (unless it also
  contained a port number).

Patrick M (15 October 2007)
- Fixed the dynamic CURLOPT_POSTFIELDS problem: this option is now static again
  and option CURLOPT_COPYPOSTFIELDS has been added to support dynamic mode.

Patrick M (12 October 2007)
- Added per-protocol callback static tables, replacing callback ptr storage
  in the connectdata structure by a single handler table ptr.

Dan F (11 October 2007)
- Fixed the -l option of runtests.pl

- Added support for skipping tests based on key words.

Daniel S (9 October 2007)
- Michal Marek removed the no longer existing return codes from the curl.1
  man page.

Daniel S (7 October 2007)
- Known bug #47, which confused libcurl if doing NTLM auth over a proxy with
  a response that was larger than 16KB is now improved slightly so that now
  the restriction at 16KB is for the headers only and it should be a rare
  situation where the response-headers exceed 16KB. Thus, I consider #47 fixed
  and the header limitation is now known as known bug #48.

Daniel S (5 October 2007)
- Michael Wallner made the CULROPT_COOKIELIST option support a new magic
  string: "FLUSH". Using that will cause libcurl to flush its cookies to the
  CURLOPT_COOKIEJAR file.

- The new file docs/libcurl/ABI describes how we view ABI breakages, soname
  bumps and what the version number's significance to all that is.

Daniel S (4 October 2007)
- I enabled test 1009 and made the --local-port use a wide range to reduce the
  risk of failures.

- Kim Rinnewitz reported that --local-port didn't work with TFTP transfers.
  This happened because the tftp code always uncondionally did a bind()
  without caring if one already had been done and then it failed. I wrote a
  test case (1009) to verify this, but it is a bit error-prone since it will
  have to pick a fixed local port number and since the tests are run on so
  many different hosts in different situations I'll add it in disabled state.

Yang Tse (3 October 2007)
- Fixed issue related with the use of ares_timeout() result.

Daniel S (3 October 2007)
- Alexey Pesternikov introduced CURLOPT_OPENSOCKETFUNCTION and
  CURLOPT_OPENSOCKETDATA to set a callback that allows an application to
  replace the socket() call used by libcurl. It basically allows the app to
  change address, protocol or whatever of the socket.

- I renamed the CURLE_SSL_PEER_CERTIFICATE error code to
  CURLE_PEER_FAILED_VERIFICATION (standard CURL_NO_OLDIES style), and made
  this return code get used by the previous SSH MD5 fingerprint check in case
  it fails.

- Based on a patch brought by Johnny Luong, libcurl now offers
  CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both
  make the SCP or SFTP connection verify the remote host's md5 checksum of the
  public key before doing a connect, to reduce the risk of a man-in-the-middle
  attack.

Daniel S (2 October 2007)
- libcurl now handles chunked-encoded CONNECT responses

Daniel S (1 October 2007)
- Alex Fishman reported a curl_easy_escape() problem that was made the
  function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a
  signed / unsigned mistake in the code. I fixed it and added test case 543 to
  verify.

Daniel S (29 September 2007)
- Immanuel Gregoire fixed a problem with persistent transfers over SFTP.

Daniel S (28 September 2007)
- Adapted the c-ares code to the API change c-ares 1.5.0 brings in the
  notifier callback(s).

Dan F (26 September 2007)
- Enabled a few more gcc warnings with --enable-debug.  Renamed a few
  variables to avoid shadowing global declarations.

Daniel S (26 September 2007)
- Philip Langdale provided the new CURLOPT_POST301 option for
  curl_easy_setopt() that alters how libcurl functions when following
  redirects. It makes libcurl obey the RFC2616 when a 301 response is received
  after a non-GET request is made. Default libcurl behaviour is to change
  method to GET in the subsequent request (like it does for response code 302
  - because that's what many/most browsers do), but with this CURLOPT_POST301
  option enabled it will do what the spec says and do the next request using
  the same method again. I.e keep POST after 301.

  The curl tool got this option as --post301

  Test case 1011 and 1012 were added to verify.

- Max Katsev reported that when doing a libcurl FTP request with
  CURLOPT_NOBODY enabled but not CURLOPT_HEADER, libcurl wouldn't do TYPE
  before it does SIZE which makes it less useful. I walked over the code and
  made it do this properly, and added test case 542 to verify it.

Daniel S (24 September 2007)
- Immanuel Gregoire fixed KNOWN_BUGS #44: --ftp-method nocwd did not handle
  URLs ending with a slash properly (it should list the contents of that
  directory). Test case 351 brought back and also test 1010 was added.

Daniel S (21 September 2007)
- Mark Davies fixed Negotiate authentication over proxy, and also introduced
  the --proxy-negotiate command line option to allow a user to explicitly
  select it.

Daniel S (19 September 2007)
- Rob Crittenden provided an NSS update with the following highlights:

  o It looks for the NSS database first in the environment variable SSL_DIR,
    then in /etc/pki/nssdb, then it initializes with no database if neither of
    those exist.

  o If the NSS PKCS#11 libnspsem.so driver is available then PEM files may be
    loaded, including the ca-bundle. If it is not available then only
    certificates already in the NSS database are used.

  o Tries to detect whether a file or nickname is being passed in so the right
    thing is done

  o Added a bit of code to make the output more like the OpenSSL module,
    including displaying the certificate information when connecting in
    verbose mode

  o Improved handling of certificate errors (expired, untrusted, etc)

  The libnsspem.so PKCS#11 module is currently only available in Fedora
  8/rawhide. Work will be done soon to upstream it. The NSS module will work
  with or without it, all that changes is the source of the certificates and
  keys.

Daniel S (18 September 2007)
- Immanuel Gregoire pointed out that public key SSH auth failed if no
  public/private key was specified and there was no HOME environment variable,
  and then it didn't continue to try the other auth methods. Now it will
  instead try to get the files id_dsa.pub and id_dsa from the current
  directory if none of the two conditions were met.

Dan F (17 September 2007)
- Added hooks to the test suite to make it possible to test a curl running
  on a remote host.

- Changed some FTP tests to validate the format of the PORT and EPRT commands
  sent by curl, if not the addresses themselves.

Daniel S (15 September 2007)
- Michal Marek made libcurl automatically append ";type=<a|i>" when using HTTP
  proxies for FTP urls.

- Günter Knauf fixed LDAP builds in the Windows makefiles and fixed LDAPv3
  support on Windows.

Dan F (13 September 2007)
- Added LDAPS, SCP and SFTP to curl-config --protocols. Removed and
  fixed some AC_SUBST configure entries.

Revision 1.75 / (download) - annotate - [select for diffs], Sat Sep 15 09:29:11 2007 UTC (11 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base, pkgsrc-2007Q3
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)

Update to 7.17.0:

 Changes:

    * support for OS/400 Secure Sockets Layer library
    * curl_easy_setopt() now allocates strings passed to it
    * SCP and SFTP support now requires libssh2 0.16 or later
    * LDAP libraries are now linked "regularly" and not with dlopen
    * HTTP transfers have the download size info "available" earlier
    * FTP transfers have the download size info "available" earlier
    * builds and runs on OS/400
    * several error codes and options were marked as obsolete and subject to future removal (set CURL_NO_OLDIES to see if your application is using them)
    * SFTP errors can return more specific error codes

Bugfixes:

    * test cases 31, 46, 61, 506, 517 now work in time zones that use leap seconds
    * problem with closed proxy connection during HTTP CONNECT auth negotiation
    * transfer-encoding skipping didn't ignore the 407 response bodies properly
    * CURLOPT_SSL_VERIFYHOST set to 1
    * CONNECT endless loop
    * krb5 support builds with Heimdal
    * added returned error string for connection refused case
    * re-use of dead FTP control connections
    * login to FTP servers that don't require (nor understand) PASS after the USER command
    * bad free of memory from libssh2
    * the SFTP PWD command works
    * HTTP Digest auth on a re-used connection
    * FTPS data connection close
    * AIX 4 and 5 get to use non-blocking sockets
    * small POST with NTLM
    * resumed file:// transfers
    * CURLOPT_DNS_CACHE_TIMEOUT and CURLOPT_DNS_USE_GLOBAL_CACHE are 64 bit "clean"
    * memory leak when handling compressed data streams from broken servers
    * no NTLM unicode response
    * resume HTTP PUT using Digest authentication
    * FTP NOBODY requests on directories sent "SIZE (null)"
    * FTP NOBODY request on file crash
    * excessively long FTP server responses and response lines
    * file:// upload then FTP:// upload crash
    * TFTP error 0 is no longer treated as success
    * uploading empty file over FTP on re-used connection
    * superfluous CWD command on re-used FTP connections without subdirs used

Revision 1.74 / (download) - annotate - [select for diffs], Fri Sep 7 22:12:24 2007 UTC (11 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.73: +2 -2 lines
Diff to previous 1.73 (colored)

Convert packages that test and use USE_INET6 to use the options framework
and to support the "inet6" option instead.

Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files.  Replace:

	BUILD_DEFS+=	USE_INET6
with
	BUILD_DEFS+=	IPV6_READY

and teach the README-generation tools to look for that instead.

This nukes USE_INET6 from pkgsrc proper.  We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.

Revision 1.73 / (download) - annotate - [select for diffs], Thu Jul 19 21:58:17 2007 UTC (11 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)

Update to 7.16.4:

Version 7.16.4 (10 July 2007)

Daniel S (10 July 2007)
- Kees Cook notified us about a security flaw
  (http://curl.haxx.se/docs/adv_20070710.html) in which libcurl failed to
  properly reject some outdated or not yet valid server certificates when
  built with GnuTLS. Kees also provided the patch.

James H (5 July 2007)
- Gavrie Philipson provided a patch that will use a more specific error
  message for an scp:// upload failure.  If libssh2 has his matching
  patch, then the error message return by the server will be used instead
  of a more generic error.

Daniel S (1 July 2007)
- Thomas J. Moore provided a patch that introduces Kerberos5 support in
  libcurl. This also makes the options change name to --krb (from --krb4) and
  CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still

- Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5
  proxy.

Daniel S (27 June 2007)
- James Housley: Add two new options for the SFTP/SCP/FILE protocols:
  CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the
  premissions for files and directories created on the remote
  server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and
  CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755

- I corrected the 10-at-a-time.c example and applied a patch for it by James
  Bursa.

Daniel S (26 June 2007)
- Robert Iakobashvili re-arranged the internal hash code to work with a custom
  hash function for different hashes, and also expanded the default size for
  the socket hash table used in multi handles to greatly enhance speed when
  very many connections are added and the socket API is used.

- James Housley made the CURLOPT_FTPLISTONLY mode work for SFTP directory
  listings as well

Daniel S (25 June 2007)
- Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or
  chunked encoding (that also lacks "Connection: close"). It now simply
  assumes that the connection WILL be closed to signal the end, as that is how
  RFC2616 section 4.4 point #5 says we should behave.

Revision 1.72 / (download) - annotate - [select for diffs], Tue Jul 3 17:11:55 2007 UTC (11 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)

Update to 7.16.3:

Version 7.16.3 (25 June 2007)

Daniel S (23 June 2007)
- As reported by "Tro" in http://curl.haxx.se/mail/lib-2007-06/0161.html and
  http://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do
  no-body requests on FTP files on re-used connections properly, or at least
  it didn't provide the info back in the header callback properly in the
  subsequent requests.

Daniel S (21 June 2007)
- Gerrit Bruchhäuser pointed out a warning that the Intel(R) Thread Checker
  tool reports and it was indeed a legitimate one and it is one fixed. It was
  a use of a share without doing the proper locking first.

Daniel S (20 June 2007)
- Adam Piggott filed bug report #1740263
  (http://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when
  getting a large amount of URLs with curl, they were fetched slower and
  slower... which turned out to be because the --libcurl data collecting which
  wrongly always was enabled, but no longer is...

Daniel S (18 June 2007)
- Robson Braga Araujo filed bug report #1739100
  (http://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl
  could not actually list the contents of the root directory of a given FTP
  server if the login directory isn't root. I fixed the problem and added
  three test cases (one is disabled for now since I identified KNOWN_BUGS #44,
  we cannot use --ftp-method nocwd and list ftp directories).

Daniel S (14 June 2007)
- Shmulik Regev:

  I've encountered (and hopefully fixed) a problem involving proxy CONNECT
  requests and easy handles state management. The problem isn't simple to
  reproduce since it depends on socket state. It only manifests itself when
  working with non-blocking sockets.

  Here is the scenario:

  1. in multi_runsingle the easy handle is in the CURLM_STATE_WAITCONNECT and
  calls Curl_protocol_connect

  2. in Curl_proxyCONNECT, line 1247, if the socket isn't ready the function
  returns and conn->bits.tunnel_connecting is TRUE

  3. when the call to Curl_protocol_connect returns the protocol_connect flag
  is false and the easy state is changed to CURLM_STATE_PROTOCONNECT which
  isn't correct if a proxy is used.  Rather CURLM_STATE_WAITPROXYCONNECT
  should be used.

  I discovered this while performing an HTTPS request through a proxy (squid)
  on my local network. The problem caused openssl to fail as it read the proxy
  response to the CONNECT call ('HTTP/1.0 Established') rather than the SSL
  handshake (the exact openssl error was 'wrong ssl version' but this isn't
  very important)

- Dave Vasilevsky filed bug report #1736875
  (http://curl.haxx.se/bug/view.cgi?id=1736875) almost simultanouesly as Dan
  Fandrich mentioned a related build problem on the libcurl mailing list:
  http://curl.haxx.se/mail/lib-2007-06/0131.html. Both problems had the same
  reason: the definitions of the POLL* defines and the pollfd struct in the
  libcurl code was depending on HAVE_POLL instead of HAVE_SYS_POLL_H.

Daniel S (13 June 2007)
- Tom Regner provided a patch and worked together with James Housley, so now
  CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP
  ones.

- Rich Rauenzahn filed bug report #1733119
  (http://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the
  fix.  The problem is that for 64bit HPUX builds, several socket-related
  functions would still assume int (32 bit) arguments and not socklen_t (64
  bit) ones.

Daniel S (12 June 2007)
- James Housley brought his revamped SSH code that is state-machine driven to
  really take advantage of the now totally non-blocking libssh2 (in CVS).

Dan F (8 June 2007)
- Incorporated Daniel Black's test706 and test707 SOCKS test cases.

- Fixed a few problems when starting the SOCKS server.

- Reverted some recent changes to runtests.pl that weren't compatible with
  perl 5.0.

- Fixed the test harness so that it actually kills the ssh being used as
  the SOCKS server.

Daniel S (6 June 2007)
- -s/--silent can now be used to toggle off the silence again if used a second
  time.

Daniel S (5 June 2007)
- Added Daniel Black's work that adds the first few SOCKS test cases. I also
  fixed two minor SOCKS problems to make the test cases run fine.

Daniel S (31 May 2007)
- Feng Tu made (lib)curl support "upload" resuming work for file:// URLs.

Daniel S (30 May 2007)
- I modified the 10-at-a-time.c example to transfer 500 downloads in parallel
  with a c-ares enabled build only to find that it crashed miserably, and this
  was due to some select()isms left in the code. This was due to API
  restrictions in c-ares 1.3.x, but with the upcoming c-ares 1.4.0 this is no
  longer the case so now libcurl runs much better with c-ares and the multi
  interface with > 1024 file descriptors in use.

  Extra note: starting now we require c-ares 1.4.0 for asynchronous name
  resolves.

- Added CURLMOPT_MAXCONNECTS which is a curl_multi_setopt() option for setting
  the maximum size of the connection cache maximum size of the multi handle.

Daniel S (27 May 2007)
- When working with a problem Stefan Becker had, I found an off-by-one buffer
  overwrite in Curl_select(). While fixing it, I also improved its performance
  somewhat by changing calloc to malloc and breaking out of a loop earlier
  (when possible).

Daniel S (25 May 2007)
- Rob Crittenden fixed bug #1705802
  (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
  Black identifying several FTP-SSL test cases fail when we build libcurl with
  NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.

Daniel S (24 May 2007)
- Song Ma filed bug report #1724016
  (http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading
  glob-ranges for TFTP was broken in CVS. Fixed now.

- 'mytx' in bug report #1723194 (http://curl.haxx.se/bug/view.cgi?id=1723194)
  pointed out that the warnf() function in the curl tool didn't properly deal
  with the cases when excessively long words were used in the string to chop
  up.

Daniel S (22 May 2007)
- Andre Guibert de Bruet fixed a memory leak in the function that verifies the
  peer's name in the SSL certificate when built for OpenSSL. The leak happens
  for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN
  name from UTF8. He also fixed a leak when PKCS #12 parsing failed.

Daniel S (18 May 2007)
- Feng Tu reported that curl -w did wrong on TFTP transfers in bug report
  #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the
  transfer-related info "variables" were indeed overwritten with zeroes
  wrongly and have now been adjusted. The upload size still isn't accurate.

Daniel S (17 May 2007)
- Feng Tu pointed out a division by zero error in the TFTP connect timeout
  code for timeouts less than five seconds, and also provided a fix for it.
  Bug report #1715392 (http://curl.haxx.se/bug/view.cgi?id=1715392)

Dan F (16 May 2007)
- Added support for compiling under Minix 3.1.3 using ACK.

Dan F (14 May 2007)
- Added SFTP directory listing test case 613.

- Added support for quote commands before a transfer using SFTP and test
  case 614.

- Changed the post-quote commands to occur after the transferred file is
  closed.

- Allow SFTP quote commands chmod, chown, chgrp to set a value of 0.

Dan F (9 May 2007)
- Kristian Gunstone fixed a problem where overwriting an uploaded file with
  sftp didn't truncate it first, which would corrupt the file if the new
  file was shorter than the old.

Dan F (8 May 2007)
- Added FTPS test cases 406 and 407

Daniel S (8 May 2007)
- CURLE_FTP_COULDNT_STOR_FILE is now known as CURLE_UPLOAD_FAILED. This is
  because I just made SCP uploads return this value if the file size of
  the upload file isn't given with CURLOPT_INFILESIZE*. Docs updated to
  reflect this news, and a define for the old name was added to the public
  header file.

Daniel S (7 May 2007)
- James Bursa fixed a bug in the multi handle code that made the connection
  cache grow a bit too much, beyond the normal 4 * easy_handles.

Daniel S (2 May 2007)
- Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0
  when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is
  not very nice if the client wants to be able to use _either_ a HTTP 1.1
  server or one within the aliases list... so starting now, libcurl will
  simply consider 200-alias matches the to be HTTP 1.0 compliant.

- Tobias Rundström reported a problem they experienced with xmms2 and recent
  libcurls, which turned out to be the 25-nov-2006 change which treats HTTP
  responses without Content-Length or chunked encoding as without bodies. We
  now added the conditional that the above mentioned response is only without
  body if the response is HTTP 1.1.

- Jeff Pohlmeyer improved the hiperfifo.c example to use the
  CURLMOPT_TIMERFUNCTION callback option.

- Set the timeout for easy handles to expire really soon after addition or
  when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform,
  to make applications using only curl_multi_socket() to properly function
  when adding easy handles "on the fly". Bug report and test app provided by
  Michael Wallner.

Dan F (30 April 2007)
- Improved the test harness to allow running test servers on other than
  the default port numbers, allowing more than one test suite to run
  simultaneously on the same host.

Daniel S (28 April 2007)
- Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before,
  since it then inits libgcrypt and libgcrypt is being evil and EXITS the
  application if it fails to get a fine random seed. That's really not a nice
  thing to do by a library.

- Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had
  been removed from a multi handle, and then fixed another flaw that prevented
  curl_easy_duphandle() to work even after the first fix - the handle was
  still marked as using the multi interface.

Daniel S (26 April 2007)
- Peter O'Gorman found a problem with SCP downloads when the downloaded file
  was 16385 bytes (16K+1) and it turned out we didn't properly always "suck
  out" all data from libssh2. The effect being that libcurl would hang on the
  socket waiting for data when libssh2 had in fact already read it all...

Dan F (25 April 2007)
- Added support in runtests.pl for "!n" test numbers to disable individual
  tests.  Changed -t to only keep log files around when -k is specified,
  to have the same behaviour as without -t.

Daniel S (25 April 2007)
- Sonia Subramanian brought our attention to a problem that happens if you set
  the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection
  in the connection cache is closed to make room for the new one when you call
  curl_easy_perform(). It would then wrongly free range-related data in the
  connection close funtion.

Yang Tse (25 April 2007)
- Steve Little fixed compilation on VMS 64-bit mode

Daniel S (24 April 2007)
- Robert Iakobashvili made the 'master_buffer' get allocated first once it is
  can/will be used as it then makes the common cases save 16KB of data for each
  easy handle that isn't used for pipelining.

Dan F (23 April 2007)
- Added <postcheck> support to the test harness.

- Added tests 610-612 to test more SFTP post-quote commands.

Daniel S (22 April 2007)
- Song Ma's warning if -r/--range is given with a "bad" range, also noted in
  the man page now.

- Daniel Black filed bug #1705177
  (http://curl.haxx.se/bug/view.cgi?id=1705177) where --without-ssl
  --with-gnutl outputs a warning about SSL not being enabled even though GnuTLS
  was found and used.

Daniel S (21 April 2007)
- Daniel Black filed bug #1704675
  (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free
  problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on
  closedown after a failure and a bad #ifdef for NSS when closing down SSL.

Yang Tse (20 April 2007)
- Save one call to curlx_tvnow(), which calls gettimeofday(), in each of
  Curl_socket_ready(), Curl_poll() and Curl_select() when these are called
  with a zero timeout or a timeout value indicating a blocking call should
  be performed.

Daniel S (18 April 2007)
- James Housley made SFTP uploads use libssh2's non-blocking API

- Prevent the internal progress meter from updating more frequently than once
  per second.

Dan F (17 April 2007)
- Added test cases 296, 297 and 298 to test --ftp-method handling

Daniel S (16 April 2007)
- Robert Iakobashvil added curl_multi_socket_action() to libcurl, which is a
  function that deprecates the curl_multi_socket() function. Using the new
  function the application tell libcurl what action that was found in the
  socket that it passes in. This gives a significant performance boost as it
  allows libcurl to avoid a call to poll()/select() for every call to
  curl_multi_socket*().

  I added a define in the public curl/multi.h header file that will make your
  existing application automatically use curl_multi_socket_action() instead of
  curl_multi_socket() when you recompile. But of course you'll get better
  performance if you adjust your code manually and actually pass in the
  correct action bitmask to this function.

Daniel S (14 April 2007)
- Jay Austin added "DH PARAMETERS" to the stunnel.pem certificate for the test
  suite to make stunnel run better in some (most?) environments.

Dan F (13 April 2007)
- Added test cases 294 and 295 to test --ftp-account handling

- Improved handling of out of memory in ftp.

Yang Tse (13 April 2007)
- Fix test case 534 which started to fail 2007-04-13 due to the existance
  of a new host on the net with the same silly domain the test was using
  for a host which was supposed not to exist.

Daniel S (12 April 2007)
- Song Ma found a memory leak in the if2ip code if you pass in an interface
  name longer than the name field of the ifreq struct (typically 6 bytes), as
  then it wouldn't close the used dummy socket. Bug #1698974
  (http://curl.haxx.se/bug/view.cgi?id=1698974)

Revision 1.71 / (download) - annotate - [select for diffs], Sun Apr 15 13:29:23 2007 UTC (12 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base, pkgsrc-2007Q2
Changes since 1.70: +2 -2 lines
Diff to previous 1.70 (colored)

Update to 7.16.2:

Version 7.16.2 (11 April 2007)

Yang Tse (10 April 2007)
- Ravi Pratap provided some fixes for HTTP pipelining

- configure script will ignore --enable-sspi option for non-native Windows.

Daniel S (9 April 2007)
- Nick Zitzmann did ssh.c cleanups

Daniel S (3 April 2007)
- Rob Jones fixed better #ifdef'ing for a bunch of #include lines.

Daniel S (2 April 2007)
- Nick Zitzmann made the CURLOPT_POSTQUOTE option work for SFTP as well. The
  accepted commands are as follows:

  chgrp (gid) (path)
    Changes the group ID of the file or directory at (path) to (gid). (gid)
    must be a number.

  chmod (perms) (path)
    Changes the permissions of the file or directory at (path) to
    (perms). (perms) must be a number in the format used by the chmod Unix
    command.

  chown (uid) (path)
    Changes the user ID of the file or directory at (path) to (uid). (uid)
    must be a number.

  ln (source) (dest)
    Creates a symbolic link at (dest) that points to the file located at
    (source).

  mkdir (path)
    Creates a new directory at (path).

  rename (source) (dest)
    Moves the file or directory at (source) to (dest).

  rm (path)
    Deletes the file located at (path).

  rmdir (path)
    Deletes the directory located at (path). This command will raise an error
    if the directory is not empty.

  symlink (source) (dest)
    Same as ln.

Daniel S (1 April 2007)
- Robert Iakobashvili made curl_multi_remove_handle() a lot faster when many
  easy handles are added to a multi handle, by avoiding the looping over all
  the handles to find which one to remove.

- Matt Kraai provided a patch that makes curl build on QNX 6 fine again.

Daniel S (31 March 2007)
- Fixed several minor issues detected by the coverity.com scanner.

- "Pixel" fixed a problem that appeared when you used -f with user+password
  embedded in the URL.

Dan F (29 March 2007)
- Don't tear down the ftp connection if the maximum filesize was exceeded
  and added tests 290 and 291 to check.

- Added ftps upload and SSL required tests 401 and 402.

- Send an EOF message before closing an SCP channel, as recommended by
  RFC4254. Enable libssh2 tracing when ssh debugging is turned on.

Yang Tse (27 March 2007)
- Internal function Curl_select() renamed to Curl_socket_ready()

  New Internal wrapper function Curl_select() around select (2), it
  uses poll() when a fine poll() is available, so now libcurl can be
  built without select() support at all if a fine poll() is available.

Daniel S (25 March 2007)
- Daniel Johnson fixed multi code to traverse the easy handle list properly.
  A left-over bug from the February 21 fix.

Dan F (23 March 2007)
- Added --pubkey option to curl and made --key also work for SCP/SFTP,
  plus made --pass work on an SSH private key as well.

- Changed the test harness to attempt to gracefully shut down servers
  before resorting to the kill -9 hammer.

- Added test harness infrastructure to support scp/sftp tests, using
  OpenSSH as the server.

- Fixed a memory leak when specifying a proxy with a file: URL.

Yang Tse (20 March 2007)
- Fixed: When a signal was caught awaiting for an event using Curl_select()
  or Curl_poll() with a non-zero timeout both functions would restart the
  specified timeout. This could even lead to the extreme case that if a
  signal arrived with a frecuency lower to the specified timeout neither
  function would ever exit.

  Added experimental symbol definition check CURL_ACKNOWLEDGE_EINTR in
  Curl_select() and Curl_poll(). When compiled with CURL_ACKNOWLEDGE_EINTR
  defined both functions will return as soon as a signal is caught. Use it
  at your own risk, all calls to these functions in the library should be
  revisited and checked before fully supporting this feature.

Yang Tse (19 March 2007)
- Bryan Henderson fixed the progress function so that it can get called more
  frequently allowing same calling frecuency for the client progress callback.

Dan F (15 March 2007)
- Various memory leaks plugged and NULL pointer fixes made in the ssh code.

Daniel (15 March 2007)
- Nick made the curl tool accept globbing ranges that only is one number, i.e
  you can now use [1-1] without curl complaining.

Daniel (10 March 2007)
- Eygene Ryabinkin:

  The problem is the following: when we're calling Curl_done and it decides to
  keep the connection opened ('left intact'), then the caller is not notified
  that the connection was done via the NULLifying of the pointer, so some easy
  handle is keeping the pointer to this connection.

  Later ConnectionExists can select such connection for reuse even if we're
  not pipelining: pipeLen is zero, so the (pipeLen > 0 && !canPipeline) is
  false and we can reuse this connection for another easy handle. But thus the
  connection will be shared between two easy handles if the handle that wants
  to take the ownership is not the same as was not notified of the connection
  was done in Curl_done. And when some of these easy handles will get their
  connection really freed the another one will still keep the pointer.

  My fix was rather trivial: I just added the NULLification to the 'else'
  branch in the Curl_done. My tests with Git and ElectricFence showed no
  problems both for HTTP pulling and cloning. Repository size is about 250 Mb,
  so it was a considerable amount of Curl's work.

Dan F (9 March 2007)
- Updated the test harness to add a new "crypto" feature check and updated the
  appropriate test case to use it.  For now, this is treated the same as the
  "SSL" feature because curl doesn't list it separately.

Daniel (9 March 2007)
- Robert Iakobashvili fixed CURLOPT_INTERFACE for IPv6.

- Robert A. Monat improved the maketgz and VC6/8 generating to set the correct
  machine type too.

- Justin Fletcher fixed a file descriptor leak in the curl tool when trying to
  upload a file it couldn't open. Bug #1676581
  (http://curl.haxx.se/bug/view.cgi?id=1676581)

Dan F (9 March 2007)
- Updated the test harness to check for protocol support before running each
  test, fixing KNOWN_BUGS #11.

Dan F (7 March 2007)
- Reintroduced (after a 3 year hiatus) an FTPS test case (400) into the test
  harness.  It is very limited as it supports only ftps:// URLs with
  --ftp-ssl-control specified, which implicitly encrypts the control
  channel but not the data channels.  That allows stunnel to be used with
  an unmodified ftp server in exactly the same way that the test https
  server is set up.

Dan F (7 March 2007)
- Honour --ftp-ssl-control on ftps:// URLs to allow encrypted control and
  unencrypted data connections.

Dan F (6 March 2007)
- Fixed a couple of improper pointer uses detected by valgrind in test
  cases 181 & 216.

Daniel (2 March 2007)
- Robert A. Monat and Shmulik Regev helped out to fix the new */Makefile.vc8
  makefiles that are included in the source release archives, generated from
  the Makefile.vc6 files by the maketgz script. I also modified the root
  Makefile to have a VC variable that defaults to vc6 but can be overridden to
  allow it to be used for vc8 as well. Like this:

    nmake VC=vc8 vc

Daniel (27 February 2007)
- Hang Kin Lau found and fixed: When I use libcurl to connect to an https
  server through a proxy and have the remote https server port set using the
  CURLOPT_PORT option, protocol gets reset to http from https after the first
  request.

  User defined URL was modified internally by libcurl and subsequent reuse of
  the easy handle may lead to connection using a different protocol (if not
  originally http).

  I found that libcurl hardcoded the protocol to "http" when it tries to
  regenerate the URL if CURLOPT_PORT is set. I tried to fix the problem as
  follows and it's working fine so far

Daniel (25 February 2007)
- Adam D. Moss made the HTTP CONNECT procedure less blocking when used from
  the multi interface. Note that it still does a part of the connection in a
  blocking manner.

Daniel (23 February 2007)
- Added warning outputs if the command line uses more than one of the options
  -v, --trace and --trace-ascii, since it could really confuse the user.
  Clarified this fact in the man page.

Daniel (21 February 2007)
- Ravi Pratap provided work on libcurl making pipelining more robust and
  fixing some bugs:
  o Don't mix GET and POST requests in a pipeline
  o Fix the order in which requests are dispatched from the pipeline
  o Fixed several curl bugs with pipelining when the server is returning
    chunked encoding:
    * Added states to chunked parsing for final CRLF
    * Rewind buffer after parsing chunk with data remaining
    * Moved chunked header initializing to a spot just before receiving
      headers

Daniel (20 February 2007)
- Linus Nielsen Feltzing changed the CURLOPT_FTP_SSL_CCC option to handle
  active and passive CCC shutdown and added the --ftp-ssl-ccc-mode command
  line option.

Daniel (19 February 2007)
- Ian Turner fixed the libcurl.m4 macro's support for --with-libcurl.

- Shmulik Regev found a memory leak in re-used HTTPS connections, at least
  when the multi interface was used.

- Robson Braga Araujo made passive FTP transfers work with SOCKS (both 4 and
  5).

Daniel (18 February 2007)
- Jeff Pohlmeyer identified two problems: first a rather obscure problem with
  the multi interface and connection re-use that could make a
  curl_multi_remove_handle() ruin a pointer in another handle.

  The second problem was less of an actual problem but more of minor quirk:
  the re-using of connections wasn't properly checking if the connection was
  marked for closure.

Daniel (16 February 2007)
- Duncan Mac-Vicar Prett and Michal Marek reported problems with resetting
  CURLOPT_RANGE back to no range on an easy handle when using FTP.

Dan F (14 February 2007)
- Fixed curl-config --libs so it doesn't list unnecessary libraries (and
  therefore introduce unnecessary dependencies) when it's not needed.
  Also, don't bother adding a library path of /usr/lib

Daniel (13 February 2007)
- The default password for anonymous FTP connections is now changed to be
  "ftp@example.com".

- Robert A. Monat made libcurl build fine with VC2005 - it doesn't have
  gmtime_r() like the older VC versions. He also made use of some machine-
  specific defines to differentiate the "OS" define.

Daniel (12 February 2007)
- Rob Crittenden added support for NSS (Network Security Service) for the
  SSL/TLS layer. http://www.mozilla.org/projects/security/pki/nss/

  This is the fourth supported library for TLS/SSL that libcurl supports!

- Shmulik Regev fixed so that the final CRLF of HTTP response headers are sent
  to the debug callback.

- Shmulik Regev added CURLOPT_HTTP_CONTENT_DECODING and
  CURLOPT_HTTP_TRANSFER_DECODING that if set to zero will disable libcurl's
  internal decoding of content or transfer encoded content. This may be
  preferable in cases where you use libcurl for proxy purposes or similar. The
  command line tool got a --raw option to disable both at once.

- release tarballs made with maketgz will from now on have a LIBCURL_TIMESTAMP
  define set to hold the exact date and time of when the tarball was built, as
  a human readable string using the UTC time zone.

- Jeff Pohlmeyer fixed a flaw in curl_multi_add_handle() when adding a handle
  that has an easy handle present in the "closure" list pending closure.

Daniel (6 February 2007)
- Regular file downloads wiht SFTP and SCP are now done using the non-blocking
  API of libssh2, if the libssh2 headers seem to support them. This will make
  SCP and SFTP much more responsive and better libcurl citizens when used with
  the multi interface etc.

Daniel (5 February 2007)
- Michael Wallner added support for CURLOPT_TIMEOUT_MS and
  CURLOPT_CONNECTTIMEOUT_MS that, as their names suggest, do the timeouts with
  millisecond resolution. The only restriction to that is the alarm()
  (sometimes) used to abort name resolves as that uses full seconds. I fixed
  the FTP response timeout part of the patch.

  Internally we now count and keep the timeouts in milliseconds but it also
  means we multiply set timeouts with 1000. The effect of this is that no
  timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which
  equals 24.86 days.  We probably couldn't before either since the code did
  *1000 on the timeout values on several places already.

Daniel (3 February 2007)
- Yang Tse fixed the cookie expiry date in several test cases that started to
  fail since they used "1 feb 2007"...

- Manfred Schwarb reported that socks5 support was broken and help us pinpoint
  the problem. The code now tries harder to use httproxy and proxy where
  apppropriate, as not all proxies are HTTP...

Revision 1.70 / (download) - annotate - [select for diffs], Fri Feb 2 19:14:24 2007 UTC (12 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base, pkgsrc-2007Q1
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)

Update to 7.16.1:

Package info: scp support not enabled (libssh2 is not packaged).

Version 7.16.1 (29 January 2007)

Daniel (29 January 2007)
- Michael Wallner reported that when doing a CONNECT with a custom User-Agent
  header, you got _two_ User-Agent headers in the CONNECT request...! Added
  test case 287 to verify the fix.

Daniel (28 January 2007)
- curl_easy_reset() now resets the CA bundle path correctly.

- David McCreedy fixed the Curl command line tool for HTTP on non-ASCII
  platforms.

Daniel (25 January 2007)
- Added the --libcurl [file] option to curl. Append this option to any
  ordinary curl command line, and you will get a libcurl-using source code
  written to the file that does the equivalent operation of what your command
  line operation does!

Dan F (24 January 2007)
- Fixed a dangling pointer problem that prevented the http_proxy environment
  variable from being properly used in many cases (and caused test case 63
  to fail).

Daniel (23 January 2007)
- David McCreedy did NTLM changes mainly for non-ASCII platforms:

  #1
  There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT
  defined.  I noticed this while testing various configurations.  Line 867 of
  the current http_ntlm.c is a closing bracket for an if/else pair that only
  gets compiled in if USE_NTLM2SESSION is defined.  But this closing bracket
  wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was
  defined.  Lines 198 and 140 of my patch wraps that closing bracket in an
  #ifdef USE_NTLM2SESSION.

  #2
  I noticed several picky compiler warnings when DEBUG_ME is defined.  I've
  fixed them with casting.  By the way, DEBUG_ME was a huge help in
  understanding this code.

  #3
  Hopefully the last non-ASCII conversion patch for libcurl in a while.  I
  changed the "NTLMSSP" literal to hex since this signature must always be in
  ASCII.

  Conversion code was strategically added where necessary.  And the
  Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c
  creates are NOT translated on non-ASCII platforms.

Dan F (22 January 2007)
- Converted (most of) the test data files into genuine XML.  A handful still
  are not, due mainly to the lack of support for XML character entities
  (e.g. & => &amp; ).  This will make it easier to validate test files using
  tools like xmllint, as well as to edit and view them using XML tools.

Daniel (16 January 2007)
- Armel Asselin improved libcurl to behave a lot better when an easy handle
  doing an FTP transfer is removed from a multi handle before completion. The
  fix also fixed the "alive counter" to be correct on "premature removal" for
  all protocols.

Dan F (16 January 2007)
- Fixed a small memory leak in tftp uploads discovered by curl's memory leak
  detector.  Also changed tftp downloads to URL-unescape the downloaded
  file name.

Daniel (14 January 2007)
- David McCreedy provided libcurl changes for doing HTTP communication on
  non-ASCII platforms. It does add some complexity, most notably with more
  #ifdefs, but I want to see this supported added and I can't see how we can
  add it without the extra stuff added.

- Setting CURLOPT_COOKIELIST to "ALL" when no cookies at all was present,
  libcurl would crash when trying to read a NULL pointer.

Daniel (12 January 2007)
- Toby Peterson found a nasty bug that prevented (lib)curl from properly
  downloading (most) things that were larger than 4GB on 32 bit systems.  Matt
  Witherspoon helped as narrow down the problem.

Daniel (5 January 2007)
- Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to
  curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
  will make libcurl shutdown SSL/TLS after the authentication is done on a
  FTP-SSL operation.

Daniel (4 January 2007)
- David McCreedy made changes to allow base64 encoding/decoding to work on
  non-ASCII platforms.

Daniel (3 January 2007)
- Matt Witherspoon fixed the flaw which made libcurl 7.16.0 always store
  downloaded data in two buffers, just to be able to deal with a special HTTP
  pipelining case. That is now only activated for pipelined transfers. In
  Matt's case, it showed as a considerable performance difference,

Daniel (2 January 2007)
- Victor Snezhko helped us fix bug report #1603712
  (http://curl.haxx.se/bug/view.cgi?id=1603712) (known bug #36) --limit-rate
  (CURLOPT_MAX_SEND_SPEED_LARGE and CURLOPT_MAX_RECV_SPEED_LARGE) are broken
  on Windows (since 7.16.0, but that's when they were introduced as previous
  to that the limiting logic was made in the application only and not in the
  library). It was actually also broken on select()-based systems (as apposed
  to poll()) but we haven't had any such reports. We now use select(), Sleep()
  or delay() properly to sleep a while without waiting for anything input or
  output when the rate limiting is activated with the easy interface.

- Modified libcurl.pc.in to use Libs.private for the libs libcurl itself needs
  to get built static. It has been mentioned before and was again brought to
  our attention by Nathanael Nerode who filed debian bug report #405226
  (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405226).

Daniel (29 December 2006)
- Make curl_easy_duphandle() set the magic number in the new handle.

Daniel (22 December 2006)
- Robert Foreman provided a prime example snippet showing how libcurl would
  get confused and not acknowledge the 'no_proxy' variable properly once it
  had used the proxy and you re-used the same easy handle. I made sure the
  proxy name is properly stored in the connect struct rather than the
  sessionhandle/easy struct.

- David McCreedy fixed a bad call to getsockname() that wrongly used a size_t
  variable to point to when it should be a socklen_t.

- When setting a proxy with environment variables and (for example) running
  'curl [URL]' with a URL without a protocol prefix, curl would not send a
  correct request as it failed to add the protocol prefix.

Daniel (21 December 2006)
- Robson Braga Araujo reported bug #1618359
  (http://curl.haxx.se/bug/view.cgi?id=1618359) and subsequently provided a
  patch for it: when downloading 2 zero byte files in a row, curl 7.16.0
  enters an infinite loop, while curl 7.16.1-20061218 does one additional
  unnecessary request.

  Fix: During the "Major overhaul introducing http pipelining support and
  shared connection cache within the multi handle." change, headerbytecount
  was moved to live in the Curl_transfer_keeper structure. But that structure
  is reset in the Transfer method, losing the information that we had about
  the header size. This patch moves it back to the connectdata struct.

Daniel (16 December 2006)
- Brendan Jurd provided a fix that now prevents libcurl from getting a SIGPIPE
  during certain conditions when GnuTLS is used.

Daniel (11 December 2006)
- Alexey Simak found out that when doing FTP with the multi interface and
  something went wrong like it got a bad response code back from the server,
  libcurl would leak memory. Added test case 538 to verify the fix.

  I also noted that the connection would get cached in that case, which
  doesn't make sense since it cannot be re-use when the authentication has
  failed. I fixed that issue too at the same time, and also that the path
  would be "remembered" in vain for cases where the connection was about to
  get closed.

Daniel (6 December 2006)
- Sebastien Willemijns reported bug #1603712
  (http://curl.haxx.se/bug/view.cgi?id=1603712) which is about connections
  getting cut off prematurely when --limit-rate is used. While I found no such
  problems in my tests nor in my reading of the code, I found that the
  --limit-rate code was severly flawed (since it was moved into the lib, since
  7.15.5) when used with the easy interface and it didn't work as documented
  so I reworked it somewhat and now it works for my tests.

Daniel (5 December 2006)
- Stefan Krause pointed out a compiler warning with a picky MSCV compiler when
  passing a curl_off_t argument to the Curl_read_rewind() function which takes
  an size_t argument. Curl_read_rewind() also had debug code left in it and it
  was put in a different source file with no good reason when only used from
  one single spot.

- Sh Diao reported that CURLOPT_CLOSEPOLICY doesn't work, and indeed, there is
  no code present in the library that receives the option. Since it was not
  possible to use, we know that no current users exist and thus we simply
  removed it from the docs and made the code always use the default path of
  the code.

- Jared Lundell filed bug report #1604956
  (http://curl.haxx.se/bug/view.cgi?id=1604956) which identified setting
  CURLOPT_MAXCONNECTS to zero caused libcurl to SIGSEGV. Starting now, libcurl
  will always internally use no less than 1 entry in the connection cache.

- Sh Diao reported that CURLOPT_FORBID_REUSE no works, and indeed it broke in
  the 7.16.0 release.

- Martin Skinner brought back bug report #1230118 to haunt us once again.
  (http://curl.haxx.se/bug/view.cgi?id=1230118) curl_getdate() did not work
  properly for all input dates on Windows. It was mostly seen on some TZ time
  zones using DST. Luckily, Martin also provided a fix.

- Alexey Simak filed bug report #1600447
  (http://curl.haxx.se/bug/view.cgi?id=1600447) in which he noted that active
  FTP connections don't work with the multi interface. The problem is here
  that the multi interface state machine has a state during which it can wait
  for the data connection to connect, but the active connection is not done in
  the same step in the sequence as the passive one is so it doesn't quite work
  for active. The active FTP code still use a blocking function to allow the
  remote server to connect.

  The fix (work-around is a better word) for this problem is to set the
  boolean prematurely that the data connection is completed, so that the "wait
  for connect" phase ends at once.

  The proper fix, left for the future, is of course to make the active FTP
  case to act in a non-blocking way too.

- Matt Witherspoon fixed a problem case when the CPU load went to 100% when a
  HTTP upload was disconnected:

  "What appears to be happening is that my system (Linux 2.6.17 and 2.6.13) is
  setting *only* POLLHUP on poll() when the conditions in my previous mail
  occur. As you can see, select.c:Curl_select() does not check for POLLHUP. So
  basically what was happening, is poll() was returning immediately (with
  POLLHUP set), but when Curl_select() looked at the bits, neither POLLERR or
  POLLOUT was set. This still caused Curl_readwrite() to be called, which
  quickly returned. Then the transfer() loop kept continuing at full speed
  forever."

Daniel (1 December 2006)
- Toon Verwaest reported that there are servers that send the Content-Range:
  header in a third, not suppported by libcurl, format and we agreed that we
  could make the parser more forgiving to accept all the three found
  variations.

Daniel (25 November 2006)
- Venkat Akella found out that libcurl did not like HTTP responses that simply
  responded with a single status line and no headers nor body. Starting now, a
  HTTP response on a persistent connection (i.e not set to be closed after the
  response has been taken care of) must have Content-Length or chunked
  encoding set, or libcurl will simply assume that there is no body.

  To my horror I learned that we had no less than 57(!) test cases that did bad
  HTTP responses like this, and even the test http server (sws) responded badly
  when queried by the test system if it is the test system. So although the
  actual fix for the problem was tiny, going through all the newly failing test
  cases got really painful and boring.

Daniel (24 November 2006)
- James Housley did lots of work and introduced SFTP downloads.

Daniel (13 November 2006)
- Ron in bug #1595348 (http://curl.haxx.se/bug/view.cgi?id=1595348) pointed
  out a stack overwrite (and the corresponding fix) on 64bit Windows when
  dealing with HTTP chunked encoding.

Daniel (9 November 2006)
- Nir Soffer updated libcurl.framework.make:
  o fix symlinks, should link to Versions, not to ./Versions
  o indentation improvments

- Dmitriy Sergeyev found a SIGSEGV with his test04.c example posted on 7 Nov
  2006. It turned out we wrongly assumed that the connection cache was present
  when tearing down a connection.

- Ciprian Badescu found a SIGSEGV when doing multiple TFTP transfers using the
  multi interface, but I could also repeat it doing multiple sequential ones
  with the easy interface. Using Ciprian's test case, I could fix it.

Daniel (8 November 2006)
- Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without
  CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
  SSL handshake. This is now stopped.

Daniel (7 November 2006)
- Olaf fixed a leftover problem with the CONNECT fix of his that would leave a
  wrong error message in the error message buffer.

Daniel (3 November 2006)
- Olaf Stueben provided a patch that I edited slightly. It fixes the notorious
  KNOWN_BUGS #25, which happens when a proxy closes the connection when
  libcurl has sent CONNECT, as part of an authentication negotiation. Starting
  now, libcurl will re-connect accordingly and continue the authentication as
  it should.

Daniel (2 November 2006)
- James Housley brought support for SCP transfers, based on the libssh2 library
  for the actual network protocol stuff.

  Added these new curl_easy_setopt() options:

    CURLOPT_SSH_AUTH_TYPES
    CURLOPT_SSH_PUBLIC_KEYFILE
    CURLOPT_SSH_PRIVATE_KEYFILE

Revision 1.69 / (download) - annotate - [select for diffs], Thu Nov 2 18:01:09 2006 UTC (12 years, 6 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base, pkgsrc-2006Q4
Changes since 1.68: +9 -7 lines
Diff to previous 1.68 (colored)

DESTDIR support.

Revision 1.68 / (download) - annotate - [select for diffs], Tue Oct 31 23:04:22 2006 UTC (12 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.67: +2 -2 lines
Diff to previous 1.67 (colored)

Update to 7.16.0:

Version 7.16.0 (30 October 2006)

Daniel (25 October 2006)
- Fixed CURLOPT_FAILONERROR to return CURLE_HTTP_RETURNED_ERROR even for the
  case when 401 or 407 are returned, *IF* no auth credentials have been given.
  The CURLOPT_FAILONERROR option is not possible to make fool-proof for 401
  and 407 cases when auth credentials is given, but we've now covered this
  somewhat more.

  You might get some amounts of headers transferred before this situation is
  detected, like for when a "100-continue" is received as a response to a
  POST/PUT and a 401 or 407 is received immediately afterwards.

  Added test 281 to verify this change.

Daniel (23 October 2006)
- Ravi Pratap provided a major update with pipelining fixes. We also no longer
  re-use connections (for pipelining) before the name resolving is done.

Daniel (21 October 2006)
- Nir Soffer made the tests/libtest/Makefile.am use a proper variable for all
  the single test applications' link and dependences, so that you easier can
  override those from the command line when using make.

- Armel Asselin separated CA cert verification problems from problems with
  reading the (local) CA cert file to let users easier pinpoint the actual
  problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code.

Daniel (18 October 2006)
- Removed the "protocol-guessing" for URLs with host names starting with FTPS
  or TELNET since they are practically non-existant. This leaves us with only
  three different prefixes that would assume the protocol is anything but
  HTTP, and they are host names starting with "ftp.", "dict." or "ldap.".

Daniel (17 October 2006)
- Bug report #1579171 pointed out code flaws detected with "prefast", and they
  were 1 - a too small memory clear with memset() in the threaded resolver and
  2 - a range of potentially bad uses of the ctype family of is*() functions
  such as isdigit(), isalnum(), isprint() and more. The latter made me switch
  to using our own set of these functions/macros using uppercase letters, and
  with some extra set of crazy typecasts to avoid mistakingly passing in
  negative numbers to the underlying is*() functions.

- With Jeff Pohlmeyer's help, I fixed the expire timer when using
  curl_multi_socket() during name resolves with c-ares and the LOW_SPEED
  options now work fine with curl_multi_socket() as well.

Daniel (16 October 2006)
- Added a check in configure that simply tries to run a program (not when
  cross-compiling) in order to detect problems with run-time libraries that
  otherwise would occur when the sizeof tests for curl_off_t would run and
  thus be much more confusing to users. The check of course should run after
  all lib-checks are done and before any other test is used that would run an
  executable built for testing-purposes.

Dan F (13 October 2006)
- The tagging of application/x-www-form-urlencoded POST body data sent
  to the CURLOPT_DEBUGFUNCTION callback has been fixed (it was erroneously
  included as part of the header).  A message was also added to the
  command line tool to show when data is being sent, enabled when
  --verbose is used.

Daniel (12 October 2006)
- Starting now, adding an easy handle to a multi stack that was already added
  to a multi stack will cause CURLM_BAD_EASY_HANDLE to get returned.

- Jeff Pohlmeyer has been working with the hiperfifo.c example source code,
  and while doing so it became apparent that the current timeout system for
  the socket API really was a bit awkward since it become quite some work to
  be sure we have the correct timeout set.

  Jeff then provided the new CURLMOPT_TIMERFUNCTION that is yet another
  callback the app can set to get to know when the general timeout time
  changes and thus for an application like hiperfifo.c it makes everything a
  lot easier and nicer. There's a CURLMOPT_TIMERDATA option too of course in
  good old libcurl tradition.

  Jeff has also updated the hiperfifo.c example code to use this news.

Daniel (9 October 2006)
- Bogdan Nicula's second test case (posted Sun, 08 Oct 2006) converted to test
  case 535 and it now runs fine. Again a problem with the pipelining code not
  taking all possible (error) conditions into account.

Daniel (6 October 2006)
- Bogdan Nicula's hanging test case (posted Wed, 04 Oct 2006) was converted to
  test case 533 and the test now runs fine.

Daniel (4 October 2006)
- Dmitriy Sergeyev provided an example source code that crashed CVS libcurl
  but that worked nicely in 7.15.5. I converted it into test case 532 and
  fixed the problem.

Daniel (29 September 2006)
- Removed a few other no-longer present options from the header file.

- Support for FTP third party transfers was removed. Here's why:

  o The recent multi interface changes broke it and the design of the 3rd party
    transfers made it very hard to fix the problems
  o It was still blocking and thus nasty for the multi interface
  o It was a lot of extra code for a very rarely used feature
  o It didn't use the same code as for "plain" FTP transfers, so it didn't work
    fine for IPv6 and it didn't properly re-use connections and more
  o There's nobody around who's willing to work on and improve the existing
    code

  This does not mean that third party transfers are banned forever, only that
  they need to be done better if they are to be re-added in the future.

  The CURLOPT_SOURCE_* options are removed from the lib and so are the --3p*
  options from the command line tool. For this reason, I also bumped the
  version info for the lib.

Daniel (28 September 2006)
- Reported in #1561470 (http://curl.haxx.se/bug/view.cgi?id=1561470), libcurl
  would crash if a bad function sequence was used when shutting down after
  using the multi interface (i.e using easy_cleanup after multi_cleanup) so
  precautions have been added to make sure it doesn't any more - test case 529
  was added to verify.

Daniel (27 September 2006)
- The URL in the cookie jar file is now changed since it was giving a 404.
  Reported by Timothy Stone. The new URL will take the visitor to a curl web
  site mirror with the document.

Daniel (24 September 2006)
- Bernard Leak fixed configure --with-gssapi-libs.

- Cory Nelson made libcurl use the WSAPoll() function if built for Windows
  Vista (_WIN32_WINNT >= 0x0600)

Daniel (23 September 2006)
- Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
  encrypt the control connection and use the data connection "plain".

- Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
  as it now will read the full data sent from servers. The SOCKS-related code
  was also moved to the new lib/socks.c source file.

Daniel (21 September 2006)
- Added test case 531 in an attempt to repeat bug report #1561470
  (http://curl.haxx.se/bug/view.cgi?id=1561470) that is said to crash when an
  FTP upload fails with the multi interface. It did not, but I made a failed
  upload still assume the control connection to be fine.

Daniel (20 September 2006)
- Armel Asselin fixed problems when you gave a proxy URL with user name and
  empty password or no password at all. Test case 278 and 279 were added to
  verify.

Daniel (12 September 2006)
- Added docs/examples/10-at-a-time.c by Michael Wallner

- Added docs/examples/hiperfifo.c by Jeff Pohlmeyer

Daniel (11 September 2006)
- Fixed my breakage from earlier today so that doing curl_easy_cleanup() on a
  handle that is part of a multi handle first removes the handle from the
  stack.

- Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
  session-ID re-use on demand since there obviously are broken servers out
  there that misbehave with session-IDs used.

- Jeff Pohlmeyer presented a *multi_socket()-using program that exposed a
  problem with it (SIGSEGV-style). It clearly showed that the existing
  socket-state and state-difference function wasn't good enough so I rewrote
  it and could then re-run Jeff's program without any crash. The previous
  version clearly could miss to tell the application when a handle changed
  from using one socket to using another.

  While I was at it (as I could use this as a means to track this problem
  down), I've now added a 'magic' number to the easy handle struct that is
  inited at curl_easy_init() time and cleared at curl_easy_cleanup() time that
  we can use internally to detect that an easy handle seems to be fine, or at
  least not closed or freed (freeing in debug builds fill the area with 0x13
  bytes but in normal builds we can of course not assume any particular data
  in the freed areas).

Daniel (9 September 2006)
- Michele Bini fixed how the hostname is put in NTLM packages. As servers
  don't expect fully qualified names we need to cut them off at the first dot.

- Peter Sylvester cleaned up and fixed the getsockname() uses in ftp.c. Some
  of them can be completetly removed though...

Daniel (6 September 2006)
- Ravi Pratap and I have implemented HTTP Pipelining support. Enable it for a
  multi handle using CURLMOPT_PIPELINING and all HTTP connections done on that
  handle will be attempted to get pipelined instead of done in parallell as
  they are performed otherwise.

  As a side-effect from this work, connections are now shared between all easy
  handles within a multi handle, so if you use N easy handles for transfers,
  each of them can pick up and re-use a connection that was previously used by
  any of the handles, be it the same or one of the others.

  This separation of the tight relationship between connections and easy
  handles is most noticable when you close easy handles that have been used in
  a multi handle and check amount of used memory or watch the debug output, as
  there are times when libcurl will keep the easy handle around for a while
  longer to be able to close it properly. Like for sending QUIT to close down
  an FTP connection.

  This is a major change.

Daniel (4 September 2006)
- Dmitry Rechkin (http://curl.haxx.se/bug/view.cgi?id=1551412) provided a
  patch that while not fixing things very nicely, it does make the SOCKS5
  proxy connection slightly better as it now acknowledges the timeout for
  connection and it no longer segfaults in the case when SOCKS requires
  authentication and you did not specify username:password.

Daniel (31 August 2006)
- Dmitriy Sergeyev found and fixed a multi interface flaw when using asynch
  name resolves. It could get stuck in the wrong state.

Gisle (29 August 2006)
- Added support for other MS-DOS compilers (desides djgpp). All MS-DOS
  compiler now uses the same config.dos file (renamed to config.h by
  make). libcurl now builds fine using Watcom and Metaware's High-C
  using the Watt-32 tcp/ip-stack.

Daniel (29 August 2006)
- David McCreedy added CURLOPT_SOCKOPTFUNCTION and CURLOPT_SOCKOPTDATA to
  allow applications to set their own socket options.

Daniel (25 August 2006)
- Armel Asselin reported that the 'running_handles' counter wasn't updated
  properly if you removed a "live" handle from a multi handle with
  curl_multi_remove_handle().

Daniel (22 August 2006)
- David McCreedy fixed a remaining mistake from the August 19 TYPE change.

- Peter Sylvester pointed out a flaw in the AllowServerConnect() in the FTP
  code when doing pure ipv6 EPRT connections.

Daniel (19 August 2006)
- Based on a patch by Armel Asselin, the FTP code no longer re-issues the TYPE
  command on subsequent requests on a re-used connection unless it has to.

- Armel Asselin fixed a crash in the FTP code when using SINGLECWD mode and
  files in the root directory.

- Andrew Biggs pointed out a "Expect: 100-continue" flaw where libcurl didn't
  send the whole request at once, even though the Expect: header was disabled
  by the application. An effect of this change is also that small (< 1024
  bytes) POSTs are now always sent without Expect: header since we deem it
  more costly to bother about that than the risk that we send the data in
  vain.

Daniel (9 August 2006)
- Armel Asselin made the CURLOPT_PREQUOTE option work fine even when
  CURLOPT_NOBODY is set true. PREQUOTE is then run roughly at the same place
  in the command sequence as it would have run if there would've been a
  transfer.

Daniel (8 August 2006)
- Fixed a flaw in the "Expect: 100-continue" treatment. If you did two POSTs
  on a persistent connection and allowed the first to use that header, you
  could not disable it for the second request.

Daniel (7 August 2006)
- Domenico Andreolfound a quick build error which happened because
  src/config.h.in was not a proper duplcate of lib/config.h.in which it
  should've been and this was due to the maketgz script not doing the cp
  properly.

Revision 1.67 / (download) - annotate - [select for diffs], Fri Oct 6 08:04:03 2006 UTC (12 years, 7 months ago) by rillig
Branch: MAIN
Changes since 1.66: +6 -2 lines
Diff to previous 1.66 (colored)

Specifying USE_TOOLS in a comment does not work. (hi wiz!)

Revision 1.66 / (download) - annotate - [select for diffs], Thu Aug 10 14:18:14 2006 UTC (12 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.65: +4 -8 lines
Diff to previous 1.65 (colored)

Update to 7.15.5, convert to options.mk.

Version 7.15.5 (7 August 2006)

Daniel (2 August 2006)
- Mark Lentczner fixed how libcurl was not properly doing chunked encoding
  if the header "Transfer-Encoding: chunked" was set by the application.
  http://curl.haxx.se/bug/view.cgi?id=1531838

Daniel (1 August 2006)
- Maciej Karpiuk fixed a crash that would occur if we passed Curl_strerror()
  an unknown error number on glibc systems.
  http://curl.haxx.se/bug/view.cgi?id=1532289

Daniel (31 July 2006)
- *ALERT* curl_multi_socket() and curl_multi_socket_all() got modified
  prototypes: they both now provide the number of running handles back to the
  calling function. It makes the functions resemble the good old
  curl_multi_perform() more and provides a nice way to know when the multi
  handle goes empty.

  ALERT2: don't use the curl_multi_socket*() functionality in anything
  production-like until I say it's somewhat settled, as I suspect there might
  be some further API changes before I'm done...

Daniel (28 July 2006)
- Yves Lejeune fixed so that replacing Content-Type: when doing multipart
  formposts work exactly the way you want it (and the way you'd assume it
  works).

Daniel (27 July 2006)
- David McCreedy added --ftp-ssl-reqd which makes curl *require* SSL for both
  control and data connection, as the existing --ftp-ssl option only requests
  it.

- [Hiper-related work] Added a function called curl_multi_assign() that will
  set a private pointer added to the internal libcurl hash table for the
  particular socket passed in to this function:

  CURLMcode curl_multi_assign(CURLM *multi_handle,
                              curl_socket_t sockfd,
                              void *sockp);

  'sockp' being a custom pointer set by the application to be associated with
  this socket. The socket has to be already existing and in-use by libcurl,
  like having already called the callback telling about its existance.

  The set hashp pointer will then be passed on to the callback in upcoming
  calls when this same socket is used (in the brand new 'socketp' argument).

Daniel (26 July 2006)
- Dan Nelson added the CURLOPT_FTP_ALTERNATIVE_TO_USER libcurl option and curl
  tool option named --ftp-alternative-to-user. It provides a mean to send a
  particular command if the normal USER/PASS approach fails.

- Michael Jerris added magic that builds lib/curllib.vcproj automatically for
  newer MSVC.

Daniel (25 July 2006)
- Georg Horn made the transfer timeout error message include more details.

Daniel (20 July 2006)
- David McCreedy fixed a build error when building libcurl with HTTP disabled,
  problem added with the curl_formget() patch.

Daniel (17 July 2006)
- Jari Sundell did some excellent research and bug tracking, figured out that
  we did wrong and patched it: When nodes were removed from the splay tree,
  and we didn't properly remove it from the splay tree when an easy handle was
  removed from a multi stack and thus we could wrongly leave a node in the
  splay tree pointing to (bad) memory.

Daniel (14 July 2006)
- David McCreedy fixed a flaw where the CRLF counter wasn't properly cleared
  for FTP ASCII transfers.

Daniel (8 July 2006)
- Ates Goral pointed out that libcurl's cookie parser did case insensitive
  string comparisons on the path which is incorrect and provided a patch that
  fixes this. I edited test case 8 to include details that test for this.

- Ingmar Runge provided a source snippet that caused a crash. The reason for
  the crash was that libcurl internally was a bit confused about who owned the
  DNS cache at all times so if you created an easy handle that uses a shared
  DNS cache and added that to a multi handle it would crash. Now we keep more
  careful internal track of exactly what kind of DNS cache each easy handle
  uses: None, Private (allocated for and used only by this single handle),
  Shared (points to a cache held by a shared object), Global (points to the
  global cache) or Multi (points to the cache within the multi handle that is
  automatically shared between all easy handles that are added with private
  caches).

Daniel (4 July 2006)
- Toshiyuki Maezawa fixed a problem where you couldn't override the
  Proxy-Connection: header when using a proxy and not doing CONNECT.

Daniel (24 June 2006)
- Michael Wallner added curl_formget(), which allows an application to extract
  (serialise) a previously built formpost (as with curl_formadd()).

Daniel (23 June 2006)
- Arve Knudsen found a flaw in curl_multi_fdset() for systems where
  curl_socket_t is unsigned (like Windows) that could cause it to wrongly
  return a max fd of -1.

Daniel (20 June 2006)
- Peter Silva introduced CURLOPT_MAX_SEND_SPEED_LARGE and
  CURLOPT_MAX_RECV_SPEED_LARGE that limit tha maximum rate libcurl is allowed
  to send or receive data. This kind of adds the the command line tool's
  option --limit-rate to the library.

  The rate limiting logic in the curl app is now removed and is instead
  provided by libcurl itself. Transfer rate limiting will now also work for -d
  and -F, which it didn't before.

Daniel (19 June 2006)
- Made -K on a file that couldn't be read cause a warning to be displayed.

Daniel (13 June 2006)
- Dan Fandrich implemented --enable-hidden-symbols configure option to enable
  -fvisibility=hidden on gcc >= 4.0.  This reduces the size of the libcurl
  binary and speeds up dynamic linking by hiding all the internal symbols from
  the symbol table.

Revision 1.65 / (download) - annotate - [select for diffs], Tue Jul 4 06:30:25 2006 UTC (12 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.64: +2 -1 lines
Diff to previous 1.64 (colored)

Mention (in a comment) that test target needs perl.

Revision 1.64 / (download) - annotate - [select for diffs], Mon Jul 3 21:32:09 2006 UTC (12 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)

Update to 7.15.4:

Version 7.15.4 (12 June 2006)

Daniel (8 June 2006)
- Brian Dessent fixed the code for cygwin in three distinct ways:

  The first modifies {lib,src}/setup.h to not include the winsock headers
  under Cygwin.  This fixes the reported build problem.  Cygwin attempts as
  much as possible to emulate a posix environment under Windows.  This means
  that WIN32 is *not* #defined and (to the extent possible) everything is done
  as it would be on a *ix type system.  Thus <sys/socket.h> is the proper
  include, and even though winsock2.h is present, including it just introduces
  a whole bunch of incompatible socket API stuff.

  The second is a patch I've included in the Cygwin binary packages for a
  while.  It skips two unnecessary library checks (-lwinmm and -lgdi32).  The
  checks are innocuous and they do succeed, but they pollute LIBS with
  unnecessary stuff which gets recorded as such in the libcurl.la file, which
  brings them into the build of any libcurl-downstream.  As far as I know
  these libs are really only necessary for mingw, so alternatively they could
  be designed to only run if $host matches *-*-mingw* but I took the safer
  route of skipping them for *-*-cygwin*.

  The third patch replaces all uses of the ancient and obsolete __CYGWIN32__
  with __CYGWIN__. Ref: <http://cygwin.com/ml/cygwin/2003-09/msg01520.html>.

Daniel (7 June 2006)
- Mikael Sennerholm provided a patch that added NTLM2 session response support
  to libcurl. The 21 NTLM test cases were again modified to comply...

Daniel (27 May 2006)
- scar Morales Vivó updated the libcurl.framework.make file.

Daniel (26 May 2006)
- Olaf Stüben fixed a bug that caused Digest authentication with md5-sess to
  fail. When using the md5-sess, the result was not Md5 encoded and Base64
  transformed.

Daniel (25 May 2006)
- Michael Wallner provided a patch that allows "SESS" to be set with
  CURLOPT_COOKIELIST, which then makes all session cookies get cleared.

Daniel (24 May 2006)
- Tor Arntsen made test 271 run fine again since the TFTP path fix.

Daniel (23 May 2006)
- Martin Michlmayr filed debian bug report #367954, but the same error also
  showed up in the autobuilds. It seems a rather long-since introduced shell
  script flaw in the configure script suddenly was detected by the bash
  version in Debian Unstable. It had previously passed undetected by all
  shells used so far...

- David McCreedy updated lib/config-tpf.h

Daniel (11 May 2006)
- Fixed the configure's check for old-style SSLeay headers since I fell over a
  case with a duplicate file name (a krb4 implementation with an err.h
  file). I converted the check to manually make sure three of the headers are
  present before considering them fine.

- David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended
  checks on the to-be-returned socket to make sure it truly seems to be alive
  and well. For SSL connection it (only) uses OpenSSL functions.

Daniel (10 May 2006)
- Fixed DICT in two aspects:

  1 - allow properly URL-escaped words, like using %20 for spaces

  2 - properly escape certain letters within a word to comply to the RFC2229

Daniel (9 May 2006)
- Andreas Ntaflos reported a bug in libcurl.m4: When configuring my GNU
  autotools project, which optionally (default=yes) uses libcurl on a system
  without a (usable) libcurl installation, but not specifying
  `--without-libcurl', configure determines correctly that no libcurl is
  available, however, the LIBCURL variable gets expanded to `LIBCURL = -lcurl'
  in the resulting Makefiles.

  David Shaw fixed the flaw.

- Robson Braga Araujo fixed two problems in the recently added non-blocking SSL
  connects. The state machine was not reset properly so that subsequent
  connects using the same handle would fail, and there were two memory leaks.

- Robson Braga Araujo fixed a memory leak when you added an easy handle to a
  multi stack and that easy handle had already been used to do one or more
  easy interface transfers, as then the code threw away the previously used
  DNS cache without properly freeing it.

Daniel (8 May 2006)
- Dan Fandrich went over the TFTP code and he pointed out and fixed numerous
  problems:

  * The received file is corrupted when a packet is lost and retransmitted
    (this is a serious problem!)

  * Transmitting a file aborts if a block is lost and retransmitted

  * Data is stored in the wrong location in the buffer for uploads, so uploads
    always fail (I don't see how it could have ever worked, but it did on x86
    at least)

  * A number of calls are made to strerror instead of Curl_strerror, making
    the code not thread safe

  * There are references to errno instead of Curl_sockerrno(), causing
    incorrect error messages on Windows

  * The file name includes a leading / which violates RFC3617. Doing something
    similar to ftp, where two slashes after the host name means an absolute
    reference seems a reasonable extension to fix this.

  * Failures in EBCDIC conversion are not propagated up to the caller but are
    silently ignored

- Fixed known bug #28. The TFTP code no longer assumes a packed struct and
  thus works reliably on more platforms.

Daniel (5 May 2006)
- Roland Blom filed bug report #1481217
  (http://curl.haxx.se/bug/view.cgi?id=1481217), with follow-ups by Michele
  Bini and David Byron. libcurl previously wrongly used GetLastError() on
  windows to get error details after socket-related function calls, when it
  really should use WSAGetLastError() instead.

  When changing to this, the former function Curl_ourerrno() is now instead
  called Curl_sockerrno() as it is necessary to only use it to get errno from
  socket-related functions as otherwise it won't work as intended on Windows.

Daniel (4 May 2006)
- Mark Eichin submitted bug report #1480821
  (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a
  problem with how libcurl dealt with GnuTLS and a case where gnutls returned
  GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected
  return code, making Curl_ssl_send() confuse the upper layer - causing random
  28 bytes trash data to get inserted in the transfered stream.

  The proper fix was to make the Curl_gtls_send() function return the proper
  return codes that the callers would expect. The Curl_ossl_send() function
  already did this.

Daniel (2 May 2006)
- Added a --checkfor option to curl-config to allow users to easier
  write for example shell scripts that test for the presence of a
  new-enough libcurl version. If --checkfor is given a version string
  newer than what is currently installed, curl-config will return a
  non-zero exit code and output a string about the unfulfilled
  requirement.

Daniel (26 April 2006)
- David McCreedy brought initial line end conversions when doing FTP ASCII
  transfers. They are done on non-windows systems and translate CRLF to LF.

  I modified the 15 LIST-using test cases accordingly. The downside is that now
  we'll have even more trouble to get the tests to run on Windows since they
  should get CRLF newlines left intact which the *nix versions don't. I figure
  the only sane thing to do is to add some kind of [newline] macro for the test
  case files and have them expanded to the proper native line ending when the
  test cases are run. This is however left to implement.

Daniel (25 April 2006)
- Paul Querna fixed libcurl to better deal with deflate content encoding
  when the stream (wrongly) lacks a proper zlib header. This seems to be the
  case on too many actual server implementations.

Daniel (21 April 2006)
- Ale Vesely fixed CURLOPT_INTERFACE when using a hostname.

Daniel (19 April 2006)
- Based on previous info from Tor Arntsen, I made configure detect the Intel
  ICC compiler to add a compiler option for it, in order for configure to
  properly be able to detect function prototypes.

- Robson Braga Araujo provided a patch that makes libcurl less eager to close
  the control connection when using FTP, for example when you remove an easy
  handle from a multi stack.

- Applied a patch by Ates Goral and Katie Wang that corrected my bad fix
  attempt from April 10.

Daniel (11 April 2006)
- #1468330 (http://curl.haxx.se/bug/view.cgi?id=1468330) pointed out a bad
  typecast in the curl tool leading to a crash with (64bit?) VS2005 (at least)
  since the struct timeval field tv_sec is an int while time_t is 64bit.

Daniel (10 April 2006)
- Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and
  CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL
  connection time-out!

- I merged my hiper patch (http://curl.haxx.se/libcurl/hiper/) into the main
  sources. See the lib/README.multi_socket for implementation story with
  details. Don't expect it to work fully yet. I don't intend to blow any
  whistles or ring any bells about it until I'm more convinced it works at
  least somewhat reliably.

Daniel (7 April 2006)
- David McCreedy's EBCDIC and TPF changes. Three new curl_easy_setopt()
  options (callbacks) were added:

  CONV_FROM_NETWORK_FUNCTION
  CONV_TO_NETWORK_FUNCTION
  CONV_FROM_UTF8_FUNCTION

Daniel (5 April 2006)
- Michele Bini modified the NTLM code to work for his "weird IIS case"
  (http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash
  function in addition to the LM one and making some other adjustments in the
  order the different parts of the data block are sent in the Type-2 reply.
  Inspiration for this work was taken from the Firefox NTLM implementation.

  I edited the existing 21(!) NTLM test cases to run fine with these news. Due
  to the fact that we now properly include the host name in the Type-2 message
  the test cases now only compare parts of that chunk.

Daniel (28 March 2006)
- #1451929 (http://curl.haxx.se/bug/view.cgi?id=1451929) detailed a bug that
  occurred when asking libcurl to follow HTTP redirects and the original URL
  had more than one question mark (?). Added test case 276 to verify.

Daniel (27 March 2006)
- David Byron found a problem multiple -d options when libcurl was built with
  --enable-debug, as then curl used free() on memory allocated both with
  normal malloc() and with libcurl-provided functions, when the latter MUST be
  freed with curl_free() in debug builds.

Daniel (26 March 2006)
- Tor Arntsen figured out that TFTP was broken on a lot of systems since we
  called bind() with a too big argument in the 3rd parameter and at least
  Tru64, AIX and IRIX seem to be very picky about it.

Daniel (21 March 2006)
- David McCreedy added CURLINFO_FTP_ENTRY_PATH.

- Xavier Bouchoux made the SSL connection non-blocking for the multi interface
  (when using OpenSSL).

- Tor Arntsen fixed the AIX Toolbox RPM spec

Daniel (20 March 2006)
- David McCreedy fixed libcurl to no longer ignore AUTH failures and now it
  reacts properly according to the CURLOPT_FTP_SSL setting.

- Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file
  whose length was a multiple of 512 bytes could have random garbage
  appended. Also, stop processing TFTP packets which are too short to be
  legal.

- Ilja van Sprundel reported a possible crash in the curl tool when using
  "curl hostwithoutslash -d data -G"

Revision 1.60.2.1 / (download) - annotate - [select for diffs], Fri Mar 24 15:52:28 2006 UTC (13 years, 2 months ago) by salo
Branch: pkgsrc-2005Q4
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored) next main 1.61 (colored)

Pullup ticket 1250 - requested by Marc Recht
security update for curl

Revisions pulled up:
- pkgsrc/www/curl/Makefile		1.62, 1.63
- pkgsrc/www/curl/PLIST			1.19
- pkgsrc/www/curl/distinfo		1.43, 1.44
- pkgsrc/www/curl/patches/patch-aa	removed
- pkgsrc/www/curl/patches/patch-ac	removed

   Module Name:		pkgsrc
   Committed By:	wiz
   Date:		Fri Mar  3 22:26:08 UTC 2006

   Modified Files:
   	pkgsrc/www/curl: Makefile PLIST distinfo
   Removed Files:
   	pkgsrc/www/curl/patches: patch-aa

   Log Message:
   Update to 7.15.2:

   Version 7.15.2 (27 February 2005)

   Daniel (22 February 2006)
   - Lots of work and analysis by "xbx___" in bug #1431750
     (http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two
     different but related bugs:

     1) Removing an easy handle from a multi handle before the transfer is done
        could leave a connection in the connection cache for that handle that is
        in a state that isn't suitable for re-use. A subsequent re-use could then
        read from a NULL pointer and segfault.

     2) When an easy handle was removed from the multi handle, there could be an
        outstanding c-ares DNS name resolve request. When the response arrived,
        it caused havoc since the connection struct it "belonged" to could've
        been freed already.

     Now Curl_done() is called when an easy handle is removed from a multi handle
     pre-maturely (that is, before the transfer was complteted). Curl_done() also
     makes sure to cancel all (if any) outstanding c-ares requests.

   Daniel (21 February 2006)
   - Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy
     type to the already provided type CURLPROXY_SOCKS4.

     I added a --socks4 option that works like the current --socks5 option but
     instead use the socks4 protocol.

   Daniel (20 February 2006)
   - Shmulik Regev fixed an issue with multi-pass authentication and compressed
     content when libcurl didn't honor the internal ignorebody flag.

   Daniel (18 February 2006)
   - Ulf Härnhammar fixed a format string (printf style) problem in the Negotiate
     code. It should however not be the cause of any troubles. He also fixed a
     few similar problems in the HTTP test server code.

   Daniel (17 February 2006)
   - Shmulik Regev provided a fix for the DNS cache when using short life times,
     as previously it could be holding on to old cached entries longer than
     requested.

   Daniel (11 February 2006)
   - Karl Moerder added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options
     that an app can use to let libcurl only connect to a remote host and then
     extract the socket from libcurl. libcurl will then not attempt to do any
     transfer at all after the connect is done.

   - Kent Boortz improved the configure check for GnuTLS to properly set LIBS
     instead of LDFLAGS.

   Daniel (8 February 2006)
   - Philippe Vaucher provided a brilliant piece of test code that show a problem
     with re-used FTP connections. If the second request on the same connection
     was set not to fetch a "body", libcurl could get confused and consider it an
     attempt to use a dead connection and would go acting mighty strange.

   Daniel (2 February 2006)
   - Make --limit-rate [num] mean bytes. It used to be that but it broke in my
     change done in November 2005.

   Daniel (30 January 2006)
   - Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the
     curl tool with --local-port. Plain and simply set the range of ports to bind
     the local end of connections to. Implemented on to popular demand.

   - Based on an error report by Philippe Vaucher, we no longer count a retried
     connection setup as a follow-redirect. It turns out 1) this fails when a FTP
     connection is re-setup and 2) it does make the max-redirs counter behave
     wrong.

   Daniel (24 January 2006)
   - Michal Marek provided a patch for FTP that makes libcurl continue to try
     PASV even after EPSV returned a positive response code, if libcurl failed to
     connect to the port number the EPSV response said. Obviously some people are
     going through protocol-sensitive firewalls (or similar) that don't
     understand EPSV and then they don't allow the second connection unless PASV
     was used. This also called for a minor fix of test case 238.

   Daniel (20 January 2006)
   - Duane Cathey was one of our friends who reported that curl -P [IP]
     (CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
     "native" IP while it works fine for ipv6-disabled builds!

     In the process of fixing this, I removed the support for LPRT since I can't
     think of many reasons to keep doing it and asking on the mailing list didn't
     reveal anyone else that could either. The code that sends EPRT and PORT is
     now also a lot simpler than before (IMHO).

   Daniel (19 January 2006)
   - Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl
     (built ipv4-only) didn't work.

   Daniel (18 January 2006)
   - As reported in bug #1408742 (http://curl.haxx.se/bug/view.cgi?id=1408742),
     the configure script complained about a missing "missing" script if you ran
     configure within a path whose name included one or more spaces. This is due
     to a flaw in automake (1.9.6 and earlier). I've now worked around it by
     including an "overloaded" version of the AM_MISSING_HAS_RUN script that'll
     be used instead of the one automake ships with. This kludge needs to be
     removed once we get an automake version with this problem corrected.
     Possibly we'll then need to convert this into a kludge depending on what
     automake version that is used and that is gonna be painful and I don't even
     want to think about that now...!

   Daniel (17 January 2006)
   - David Shaw: Here is the latest libcurl.m4 autoconf tests. It is updated with
     the latest features and protocols that libcurl supports and has a minor fix
     to better deal with the obscure case where someone has more than one libcurl
     installed at the same time.

   Daniel (16 January 2006)
   - David Shaw finally removed all traces of Gopher and we are now officially
     not supporting it. It hasn't been functioning for years anyway, so this is
     just finally stating what already was true. And a cleanup at the same time.

   - Bryan Henderson turned the 'initialized' variable for curl_global_init()
     into a counter, and thus you can now do multiple curl_global_init() and you
     are then supposed to dot of calls to curl_global_cleanup().
     Bryan has also updated the docs accordingly.

   Daniel (13 January 2006)
   - Andrew Benham fixed a race condition in the test suite that could cause the
    ript to kill all processes in the current process group!

   Daniel (12 January 2006)
   - Michael Jahn:

     Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thru
     HTTP proxh a proxy.  It would
     previously overwrite internal memory and cause unpredicted behaviour!

   Daniel (11 January 2006)
   - I decided to document the "secret option" here now, as I've receivedts from November 2005:

     I'm looking for feedback and comments. I added some experimental code the
     other day, that allows a libcurl user to select what method libcurl should
     use to reality is available in CVS code and in recent daily snapshots.

     Let me explain...

     The current name for the option is CURLOPT_FTP_FILEMETHOD (--ftp-method for
     the command line tool) andt do this:

     1 multicwd - like today, curl will do a single CWD operation for each path
              part in the given URL. For deep hierarchies this means very many
              commands. This is how RFC1738 says it should be done. This is the
             - no CWD at all is done, curl will do SIZE, RETR, STOR etc and give
              a full path to the server.

     3 singlecwd - make one CWD with the full target directory and then operate
             on the file "normally".

     (With the command line tool you do --ftp-method [METHOD], where [METHOD] is
     one of "multicwd", "nocwd" or "singlecwd".)

     What feedback I'm interested in:vers where one of these don't work?

     2 - What would proper names for the option and its arguments be, if we
         consider this feature good enough to get included and documented in
        ses?

     3 - Should we make libcurl able to "walk through" these options in case of
         (path related) failures, or should it fail and let the user redo any
         possible retries?

     (Thi any man page just yet since I'm not sure
     these names will be used or if the functionality will end up exactly like
     this.  And for the same reasons we have no test cases for these yet.)

   Daniel (10 January 2006)
   - When using a bad path over FTP, asinto all
     given subdirs, libcurl would still "remember" the full path as if it is the
     current directory libcurl is in so that the next curl_easy_perform() would
     get really confused if
---
   Module Name:		pkgsrc
   Committed By:	recht
   Date:		Tue Mar 21 21:49:47 UTC 2006

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo
   Removed Files:
   	pkgsrc/www/curl/patches: patch-ac

   Log Message:
   update to curl 7.15.3

   Fixes a TFTP packet buffer overflow vulnerability.
   See http://curl.haxx.se/docs/adv_20060320.html for details.

   Changes:
   - added docs for --ftp-method and CURLOPT_FTP_FILEMETHOD

   Bugfixes:
   - TFTP Packet Buffer Overflow Vulnerability
   - properly detecting problems with sending the FTP command USER
   - wrong error message shown when certificate verification failed
   - multi-part formpost with multi interface crash
   - the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL is acknowledged
   - "SSL: couldn't set callback" is now treated as a less serious problem
   - Interix build fix
   - fixed curl "hang" when out of file handles at start
   - prevent FTP uploads to URLs with trailing slash

Revision 1.63 / (download) - annotate - [select for diffs], Tue Mar 21 21:49:47 2006 UTC (13 years, 2 months ago) by recht
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base, pkgsrc-2006Q2, pkgsrc-2006Q1-base, pkgsrc-2006Q1
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)

update to curl 7.15.3

Fixes a TFTP packet buffer overflow vulnerability.
See http://curl.haxx.se/docs/adv_20060320.html for details.

Changes:
- added docs for --ftp-method and CURLOPT_FTP_FILEMETHOD

Bugfixes:
- TFTP Packet Buffer Overflow Vulnerability
- properly detecting problems with sending the FTP command USER
- wrong error message shown when certificate verification failed
- multi-part formpost with multi interface crash
- the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL is acknowledged
- "SSL: couldn't set callback" is now treated as a less serious problem
- Interix build fix
- fixed curl "hang" when out of file handles at start
- prevent FTP uploads to URLs with trailing slash

Revision 1.62 / (download) - annotate - [select for diffs], Fri Mar 3 22:26:08 2006 UTC (13 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.61: +2 -3 lines
Diff to previous 1.61 (colored)

Update to 7.15.2:

Version 7.15.2 (27 February 2005)

Daniel (22 February 2006)
- Lots of work and analysis by "xbx___" in bug #1431750
  (http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two
  different but related bugs:

  1) Removing an easy handle from a multi handle before the transfer is done
     could leave a connection in the connection cache for that handle that is
     in a state that isn't suitable for re-use. A subsequent re-use could then
     read from a NULL pointer and segfault.

  2) When an easy handle was removed from the multi handle, there could be an
     outstanding c-ares DNS name resolve request. When the response arrived,
     it caused havoc since the connection struct it "belonged" to could've
     been freed already.

  Now Curl_done() is called when an easy handle is removed from a multi handle
  pre-maturely (that is, before the transfer was complteted). Curl_done() also
  makes sure to cancel all (if any) outstanding c-ares requests.

Daniel (21 February 2006)
- Peter Su added support for SOCKS4 proxies. Enable this by setting the proxy
  type to the already provided type CURLPROXY_SOCKS4.

  I added a --socks4 option that works like the current --socks5 option but
  instead use the socks4 protocol.

Daniel (20 February 2006)
- Shmulik Regev fixed an issue with multi-pass authentication and compressed
  content when libcurl didn't honor the internal ignorebody flag.

Daniel (18 February 2006)
- Ulf Härnhammar fixed a format string (printf style) problem in the Negotiate
  code. It should however not be the cause of any troubles. He also fixed a
  few similar problems in the HTTP test server code.

Daniel (17 February 2006)
- Shmulik Regev provided a fix for the DNS cache when using short life times,
  as previously it could be holding on to old cached entries longer than
  requested.

Daniel (11 February 2006)
- Karl Moerder added the CURLOPT_CONNECT_ONLY and CURLINFO_LASTSOCKET options
  that an app can use to let libcurl only connect to a remote host and then
  extract the socket from libcurl. libcurl will then not attempt to do any
  transfer at all after the connect is done.

- Kent Boortz improved the configure check for GnuTLS to properly set LIBS
  instead of LDFLAGS.

Daniel (8 February 2006)
- Philippe Vaucher provided a brilliant piece of test code that show a problem
  with re-used FTP connections. If the second request on the same connection
  was set not to fetch a "body", libcurl could get confused and consider it an
  attempt to use a dead connection and would go acting mighty strange.

Daniel (2 February 2006)
- Make --limit-rate [num] mean bytes. It used to be that but it broke in my
  change done in November 2005.

Daniel (30 January 2006)
- Added CURLOPT_LOCALPORT and CURLOPT_LOCALPORTRANGE to libcurl. Set with the
  curl tool with --local-port. Plain and simply set the range of ports to bind
  the local end of connections to. Implemented on to popular demand.

- Based on an error report by Philippe Vaucher, we no longer count a retried
  connection setup as a follow-redirect. It turns out 1) this fails when a FTP
  connection is re-setup and 2) it does make the max-redirs counter behave
  wrong.

Daniel (24 January 2006)
- Michal Marek provided a patch for FTP that makes libcurl continue to try
  PASV even after EPSV returned a positive response code, if libcurl failed to
  connect to the port number the EPSV response said. Obviously some people are
  going through protocol-sensitive firewalls (or similar) that don't
  understand EPSV and then they don't allow the second connection unless PASV
  was used. This also called for a minor fix of test case 238.

Daniel (20 January 2006)
- Duane Cathey was one of our friends who reported that curl -P [IP]
  (CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
  "native" IP while it works fine for ipv6-disabled builds!

  In the process of fixing this, I removed the support for LPRT since I can't
  think of many reasons to keep doing it and asking on the mailing list didn't
  reveal anyone else that could either. The code that sends EPRT and PORT is
  now also a lot simpler than before (IMHO).

Daniel (19 January 2006)
- Jon Turner pointed out that doing -P [hostname] (CURLOPT_FTPPORT) with curl
  (built ipv4-only) didn't work.

Daniel (18 January 2006)
- As reported in bug #1408742 (http://curl.haxx.se/bug/view.cgi?id=1408742),
  the configure script complained about a missing "missing" script if you ran
  configure within a path whose name included one or more spaces. This is due
  to a flaw in automake (1.9.6 and earlier). I've now worked around it by
  including an "overloaded" version of the AM_MISSING_HAS_RUN script that'll
  be used instead of the one automake ships with. This kludge needs to be
  removed once we get an automake version with this problem corrected.
  Possibly we'll then need to convert this into a kludge depending on what
  automake version that is used and that is gonna be painful and I don't even
  want to think about that now...!

Daniel (17 January 2006)
- David Shaw: Here is the latest libcurl.m4 autoconf tests. It is updated with
  the latest features and protocols that libcurl supports and has a minor fix
  to better deal with the obscure case where someone has more than one libcurl
  installed at the same time.

Daniel (16 January 2006)
- David Shaw finally removed all traces of Gopher and we are now officially
  not supporting it. It hasn't been functioning for years anyway, so this is
  just finally stating what already was true. And a cleanup at the same time.

- Bryan Henderson turned the 'initialized' variable for curl_global_init()
  into a counter, and thus you can now do multiple curl_global_init() and you
  are then supposed to do the same amount of calls to curl_global_cleanup().
  Bryan has also updated the docs accordingly.

Daniel (13 January 2006)
- Andrew Benham fixed a race condition in the test suite that could cause the
  test script to kill all processes in the current process group!

Daniel (12 January 2006)
- Michael Jahn:

  Fixed FTP_SKIP_PASV_IP and FTP_USE_EPSV to "do right" when used on FTP thru
  HTTP proxy.

  Fixed PROXYTUNNEL to work fine when you do ftp through a proxy.  It would
  previously overwrite internal memory and cause unpredicted behaviour!

Daniel (11 January 2006)
- I decided to document the "secret option" here now, as I've received *NO*
  feedback at all on my mailing list requests from November 2005:

  I'm looking for feedback and comments. I added some experimental code the
  other day, that allows a libcurl user to select what method libcurl should
  use to reach a file on a FTP(S) server.

  This functionality is available in CVS code and in recent daily snapshots.

  Let me explain...

  The current name for the option is CURLOPT_FTP_FILEMETHOD (--ftp-method for
  the command line tool) and you set it to a long (there are currenly no
  defines for the argument values, just plain numericals). You can set three
  different "methods" that do this:

  1 multicwd - like today, curl will do a single CWD operation for each path
           part in the given URL. For deep hierarchies this means very many
           commands. This is how RFC1738 says it should be done. This is the
           default.

  2 nocwd - no CWD at all is done, curl will do SIZE, RETR, STOR etc and give
           a full path to the server.

  3 singlecwd - make one CWD with the full target directory and then operate
            on the file "normally".

  (With the command line tool you do --ftp-method [METHOD], where [METHOD] is
  one of "multicwd", "nocwd" or "singlecwd".)

  What feedback I'm interested in:

  1 - Do they work at all? Do you find servers where one of these don't work?

  2 - What would proper names for the option and its arguments be, if we
      consider this feature good enough to get included and documented in
      upcoming releases?

  3 - Should we make libcurl able to "walk through" these options in case of
      (path related) failures, or should it fail and let the user redo any
      possible retries?

  (This option is not documented in any man page just yet since I'm not sure
  these names will be used or if the functionality will end up exactly like
  this.  And for the same reasons we have no test cases for these yet.)

Daniel (10 January 2006)
- When using a bad path over FTP, as in when libcurl couldn't CWD into all
  given subdirs, libcurl would still "remember" the full path as if it is the
  current directory libcurl is in so that the next curl_easy_perform() would
  get really confused if it tried the same path again - as it would not issue
  any CWD commands at all, assuming it is already in the "proper" dir.

  Starting now, a failed CWD command sets a flag that prevents the path to be
  "remembered" after returning.

Daniel (7 January 2006)
- Michael Jahn fixed so that the second CONNECT when doing FTP over a HTTP
  proxy actually used a new connection and not sent the second request on the
  first socket!

Daniel (6 January 2006)
- Alexander Lazic made the buildconf run the buildconf in the ares dir if that
  is present instead of trying to mimic that script in curl's buildconf
  script.

Daniel (3 January 2006)
- Andres Garcia made the TFTP test server build with mingw.

Daniel (16 December 2005)
- Jean Jacques Drouin pointed out that you could only have a user name or
  password of 127 bytes or less embedded in a URL, where actually the code
  uses a 255 byte buffer for it! Modified now to use the full buffer size.

Daniel (12 December 2005)
- Dov Murik corrected the HTTP_ONLY define to disable the TFTP support properly

Revision 1.61 / (download) - annotate - [select for diffs], Sun Feb 5 23:11:20 2006 UTC (13 years, 3 months ago) by joerg
Branch: MAIN
Changes since 1.60: +2 -1 lines
Diff to previous 1.60 (colored)

Recursive revision bump / recommended bump for gettext ABI change.

Revision 1.56.2.2 / (download) - annotate - [select for diffs], Sat Dec 10 22:35:41 2005 UTC (13 years, 5 months ago) by snj
Branch: pkgsrc-2005Q3
Changes since 1.56.2.1: +2 -3 lines
Diff to previous 1.56.2.1 (colored) to branchpoint 1.56 (colored) next main 1.57 (colored)

Pullup ticket 949 - requested by Lubomir Sedlacik
security update for curl

Revisions pulled up:
- pkgsrc/www/curl/Makefile		1.60
- pkgsrc/www/curl/PLIST			1.18
- pkgsrc/www/curl/distinfo		1.42
- pkgsrc/www/curl/patches/patch-ab	removed

   Module Name:    pkgsrc
   Committed By:   salo
   Date:           Sat Dec 10 17:57:29 UTC 2005

   Modified Files:
           pkgsrc/www/curl: Makefile PLIST distinfo
   Removed Files:
           pkgsrc/www/curl/patches: patch-ab

   Log Message:
   Update to version 7.15.1

   Changes:

   - the libcurl.pc pkgconfig file now gets installed on make install
   - URL globbing now offers "range steps": [1-100:10]
   - LDAPv3 is now the preferred LDAP protocol version
   - --max-redirs and CURLOPT_MAXREDIRS set to 0 limits redirects
   - improved MSVC makefile

   Bugfixes:

   - URL buffer overflow problem (CVE-2005-4077)
   - using file:// on non-existing files are properly handled
   - builds fine on DJGPP
   - CURLOPT_ERRORBUFFER is now always filled in on errors
   - curl outputs error on bad --limit-rate units
   - fixed libcurl's use of poll() on cygwin
   - the GnuTLS code didn't support client certificates
   - TFTP over IPv6 works
   - no reverse lookups on IP addresses when ipv6-enabled
   - SSPI compatibility fix: using the proper DLLs
   - binary LDAP properties are now shown base64 encoded
   - Windows uploads from stdin using curl can now contain ctrl-Z bytes
   - -r [num] would produce an invalid HTTP Range: header
   - multi interface with multi IP hosts could leak socket descriptors
   - the GnuTLS code didn't handle rehandshakes
   - re-use of a dead FTP connection
   - name resolve error codes fixed for Windows builds
   - double WWW-Authenticate Digest headers are now handled
   - curl-config --vernum fixed

Revision 1.60 / (download) - annotate - [select for diffs], Sat Dec 10 17:57:29 2005 UTC (13 years, 5 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.59: +2 -3 lines
Diff to previous 1.59 (colored)

Update to version 7.15.1

Changes:

- the libcurl.pc pkgconfig file now gets installed on make install
- URL globbing now offers "range steps": [1-100:10]
- LDAPv3 is now the preferred LDAP protocol version
- --max-redirs and CURLOPT_MAXREDIRS set to 0 limits redirects
- improved MSVC makefile

Bugfixes:

- URL buffer overflow problem (CVE-2005-4077)
- using file:// on non-existing files are properly handled
- builds fine on DJGPP
- CURLOPT_ERRORBUFFER is now always filled in on errors
- curl outputs error on bad --limit-rate units
- fixed libcurl's use of poll() on cygwin
- the GnuTLS code didn't support client certificates
- TFTP over IPv6 works
- no reverse lookups on IP addresses when ipv6-enabled
- SSPI compatibility fix: using the proper DLLs
- binary LDAP properties are now shown base64 encoded
- Windows uploads from stdin using curl can now contain ctrl-Z bytes
- -r [num] would produce an invalid HTTP Range: header
- multi interface with multi IP hosts could leak socket descriptors
- the GnuTLS code didn't handle rehandshakes
- re-use of a dead FTP connection
- name resolve error codes fixed for Windows builds
- double WWW-Authenticate Digest headers are now handled
- curl-config --vernum fixed

Revision 1.59 / (download) - annotate - [select for diffs], Mon Dec 5 20:51:11 2005 UTC (13 years, 5 months ago) by rillig
Branch: MAIN
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)

Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html

Revision 1.56.2.1 / (download) - annotate - [select for diffs], Sun Oct 30 13:33:19 2005 UTC (13 years, 6 months ago) by salo
Branch: pkgsrc-2005Q3
Changes since 1.56: +3 -2 lines
Diff to previous 1.56 (colored)

Pullup ticket 862 - requested by Min Sik Kim
security update for curl

Revisions pulled up:
- pkgsrc/www/curl/Makefile		1.57, 1.58
- pkgsrc/www/curl/buildlink3.mk		1.9, 1.10
- pkgsrc/www/curl/distinfo		1.39, 1.40
- pkgsrc/www/curl/patches/patch-ab	1.40

   Module Name:		pkgsrc
   Committed By:	reed
   Date:		Sat Oct 15 15:37:16 UTC 2005

   Modified Files:
   	pkgsrc/www/curl: Makefile buildlink3.mk distinfo

   Log Message:
   Update to version 7.15.0.

   This is a security issue.

   http://curl.haxx.se/mail/lib-2005-10/0061.html

   Also update BUILDLINK_RECOMMENDED.curl.
---
   Module Name:		pkgsrc
   Committed By:	reed
   Date:		Sat Oct 15 15:39:51 UTC 2005

   Modified Files:
   	pkgsrc/www/curl: buildlink3.mk

   Log Message:
   Change BUILDLINK_RECOMMENDED.curl from 7.15
   to real 7.15.0.
---
   Module Name:		pkgsrc
   Committed By:	minskim
   Date:		Thu Oct 20 16:25:15 UTC 2005

   Modified Files:
   	pkgsrc/www/curl: Makefile distinfo
   Added Files:
   	pkgsrc/www/curl/patches: patch-ab

   Log Message:
   Make "curl-config --vernum" work again.  It was broken in 7.15.0.
   Bump PKGREVISION.

Revision 1.58 / (download) - annotate - [select for diffs], Thu Oct 20 16:25:15 2005 UTC (13 years, 7 months ago) by minskim
Branch: MAIN
Changes since 1.57: +2 -1 lines
Diff to previous 1.57 (colored)

Make "curl-config --vernum" work again.  It was broken in 7.15.0.
Bump PKGREVISION.

Revision 1.57 / (download) - annotate - [select for diffs], Sat Oct 15 15:37:16 2005 UTC (13 years, 7 months ago) by reed
Branch: MAIN
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)

Update to version 7.15.0.

This is a security issue.

http://curl.haxx.se/mail/lib-2005-10/0061.html

Also update BUILDLINK_RECOMMENDED.curl.

Revision 1.56 / (download) - annotate - [select for diffs], Fri Sep 2 08:13:29 2005 UTC (13 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base
Branch point for: pkgsrc-2005Q3
Changes since 1.55: +5 -7 lines
Diff to previous 1.55 (colored)

Changes 7.14.1:
* GNU GSS support
* --ignore-content-length and CURLOPT_IGNORE_CONTENT_LENGTH added
* negotiates data connection SSL earlier when doing FTPS with PASV
* CURLOPT_COOKIELIST and CURLINFO_COOKIELIST
* trailer support for chunked encoded data streams
* -x/CURL_PROXY strings may now contain user+password
* --trace-time now outputs the full microsecond, all 6 digits
* Bugfixes

Revision 1.55 / (download) - annotate - [select for diffs], Sun Jun 12 13:43:36 2005 UTC (13 years, 11 months ago) by jmmv
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base, pkgsrc-2005Q2
Changes since 1.54: +16 -1 lines
Diff to previous 1.54 (colored)

Make the include/curl/multi.h self-contained to fix the build of packages
using it (such as the new drivel-2.0.0).  Bump PKGREVISION to 1.

The problem is that this header file requires the fd_set definitions, but
it only pulls in <sys/select.h> on AIX and NETWARE systems.  Instead, change
the inclusion to only happen if configure script detected it during build
time.

Revision 1.54 / (download) - annotate - [select for diffs], Tue May 17 13:25:32 2005 UTC (14 years ago) by adam
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)

Changes 7.14.0:
- Grigory Entin reported that curl's configure detects a fine poll() for Mac
  OS X 10.4 (while 10.3 or later detected a "bad" one), but the executable
  doesn't work as good as if built without poll(). I've adjusted the configure
  to always skip the fine-poll() test on Mac OS X (darwin).
- When doing a second request (after a disconnect) using the same easy handle,
  over a proxy that uses NTLM authentication, libcurl failed to use NTLM again
  properly (the auth method was accidentally reset to the same as had been set
  for host auth, which defaults to Basic).
- If -z/--time-cond is used with an invalid date syntax, this is no longer
  silently discarded. Instead a proper warning message is diplayed that
  informs about it. But it still continues without the condition.

Revision 1.53 / (download) - annotate - [select for diffs], Fri Apr 15 10:46:56 2005 UTC (14 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)

Chyanges 7.13.2:
* Bug-fixes and improvements

Revision 1.52 / (download) - annotate - [select for diffs], Mon Apr 11 21:47:52 2005 UTC (14 years, 1 month ago) by tv
Branch: MAIN
Changes since 1.51: +1 -2 lines
Diff to previous 1.51 (colored)

Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.

Revision 1.51 / (download) - annotate - [select for diffs], Sun Mar 27 13:21:07 2005 UTC (14 years, 2 months ago) by recht
Branch: MAIN
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)

take maintainership

Revision 1.50 / (download) - annotate - [select for diffs], Sat Mar 5 14:23:00 2005 UTC (14 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1
Changes since 1.49: +2 -3 lines
Diff to previous 1.49 (colored)

Update to 7.13.1:

Version 7.13.1 (4 March 2005)

Daniel (4 March 2005)
- Dave Dribin made it possible to set CURLOPT_COOKIEFILE to "" to activate
  the cookie "engine" without having to provide an empty or non-existing file.

- Rene Rebe fixed a -# crash when more data than expected was retrieved.

Daniel (22 February 2005)
- NTLM and ftp-krb4 buffer overflow fixed, as reported here:
  http://www.securityfocus.com/archive/1/391042 and the CAN report here:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490

  If these security guys were serious, we'd been notified in advance and we
  could've saved a few of you a little surprise, but now we weren't.

Daniel (19 February 2005)
- Ralph Mitchell reported a flaw when you used a proxy with auth, and you
  requested data from a host and then followed a redirect to another
  host. libcurl then didn't use the proxy-auth properly in the second request,
  due to the host-only check for original host name wrongly being extended to
  the proxy auth as well. Added test case 233 to verify the flaw and that the
  fix removed the problem.

Daniel (18 February 2005)
- Mike Dobbs reported a mingw build failure due to the lack of
  BUILDING_LIBCURL being defined when libcurl is built. Now this is defined by
  configure when mingw is used.

Daniel (17 February 2005)
- David in bug report #1124588 found and fixed a socket leak when libcurl
  didn't close the socket properly when returning error due to failing
  localbind

Daniel (16 February 2005)
- Christopher R. Palmer reported a problem with HTTP-POSTing using "anyauth"
  that picks NTLM. Thanks to David Byron letting me test NTLM against his
  servers, I could quickly repeat and fix the problem. It turned out to be:

  When libcurl POSTs without knowing/using an authentication and it gets back
  a list of types from which it picks NTLM, it needs to either continue
  sending its data if it keeps the connection alive, or not send the data but
  close the connection. Then do the first step in the NTLM auth. libcurl
  didn't send the data nor close the connection but simply read the
  response-body and then sent the first negotiation step. Which then failed
  miserably of course. The fixed version forces a connection if there is more
  than 2000 bytes left to send.

Daniel (14 February 2005)
- The configure script didn't check for ENGINE_load_builtin_engines() so it
  was never used.

Daniel (11 February 2005)
- Removed all uses of strftime() since it uses the localised version of the
  week day names and month names and servers don't like that.

Daniel (10 February 2005)
- Now the test script disables valgrind-testing when the test suite runs if
  libcurl is built shared. Otherwise valgrind only tests the shell that runs
  the wrapper-script named 'curl' that is a front-end to curl in this case.
  This should also fix the huge amount of reports of false positives when
  valgrind has identified leaks in (ba)sh and not in curl and people report
  that as curl bugs. Bug report #1116672 is one example.

  Also, the valgrind report parser has been adapted to check that at least one
  of the sources in a stack strace is one of (lib)curl's source files or
  otherwise it will not consider the problem to concern (lib)curl.

- Marty Kuhrt streamlined the VMS build.

Daniel (9 February 2005)
- David Byron fixed his SSL problems, initially mentioned here:
  http://curl.haxx.se/mail/lib-2005-01/0240.html. It turned out we didn't use
  SSL_pending() as we should.

- Converted lots of FTP code to a statemachine, so that the multi interface
  doesn't block while communicating commands-responses with an FTP server.

  I've added a comment like BLOCKING in the code on all spots I could find
  where we still have blocking operations. When we change curl_easy_perform()
  to use the multi interface, we'll also be able to simplify the code since
  there will only be one "internal interface".

  While doing this, I've now made CURLE_FTP_ACCESS_DENIED separate from the
  new CURLE_LOGIN_DENIED. The first one is now access denied to a function,
  like changing directory or retrieving a file, while the second means that we
  were denied login.

  The CVS tag 'before_ftp_statemachine' was set just before this went in, in
  case of future need.

- Gisle made the DICT code send CRLF and not just LF as the spec says so.

Daniel (8 February 2005)
- Gisle fixed problems when libcurl runs out of memory, and worked on making
  sure the proper error code is returned for those occations.

Daniel (7 February 2005)
- Maruko pointed out a problem with inflate decompressing exactly 64K
  contents.

Daniel (5 February 2005)
- Eric Vergnaud found a use of an uninitialised variable in the ftp when doing
  PORT on ipv6-enabled hosts.

- David Byron pointed out we could use BUFSIZE to read data (in
  lib/transfer.c) instead of using BUFSIZE -1.

Revision 1.45.2.1 / (download) - annotate - [select for diffs], Sat Feb 26 07:25:30 2005 UTC (14 years, 2 months ago) by snj
Branch: pkgsrc-2004Q4
Changes since 1.45: +2 -1 lines
Diff to previous 1.45 (colored) next main 1.46 (colored)

Pullup ticket 311 - requested by Lubomir Sedlacik
security fix for curl

Apply a manual patch that fixes a buffer overflow in the NTLM
authentication code.  See http://www.securityfocus.com/archive/1/391042
for more information.

Revision 1.49 / (download) - annotate - [select for diffs], Fri Feb 25 00:47:30 2005 UTC (14 years, 3 months ago) by salo
Branch: MAIN
Changes since 1.48: +2 -1 lines
Diff to previous 1.48 (colored)

Fix buffer overflow in the NTLM authentication code.  Patch from curl cvs.
Bump PKGREVISION.

Revision 1.48 / (download) - annotate - [select for diffs], Fri Feb 18 18:05:08 2005 UTC (14 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.47: +2 -3 lines
Diff to previous 1.47 (colored)

Update to 7.13.0:

This release includes the following changes:

 o added --ftp-account and CURLOPT_FTP_ACCOUNT
 o added CURLOPT_SOURCE_URL and CURLOPT_SOURCE_QUOTE
 o obsoleted CURLOPT_SOURCE_HOST, CURLOPT_SOURCE_PATH, CURLOPT_SOURCE_PORT
   and CURLOPT_PASV_HOST
 o added --3p-url, --3p-user and --3p-quote
 o -Q "+[command]" was added
 o src/getpass.c license issue sorted (code was rewritten)
 o curl -w now supports 'http_connect' for the proxy's response to CONNECT
 o introducing "curl-config --protocols"

This release includes the following bugfixes:

 o re-sending a request when retrying on a fresh connection with multi
   interface
 o improved valgrind report parser in the test suite
 o several valgrind reports
 o CURLOPT_FTPPORT and -P work when built ipv6-enabled
 o FTP third party transfers was much improved
 o proxy environment variables are now ignored when built HTTP-disabled
 o CURLOPT_PROXY can now disable HTTP proxy even when built HTTP-disabled
 o "curl dictionary.com" no longer assumes DICT protocol
 o re-invoke some system calls on EINTR
 o duplicate Host: when failed connection re-use
 o SOCKS5 version check
 o memory problem with cleaning up multi interface
 o SSL certificate name memory leak
 o -d with -G to multiple URLs crashed
 o double va_list access crash fixed
 o minor memory leak when "version" is set in a cookie header
 o builds fine on BeOS and NetBSD
 o builds and runs fine on FreeBSD

Revision 1.47 / (download) - annotate - [select for diffs], Fri Jan 7 09:37:21 2005 UTC (14 years, 4 months ago) by cube
Branch: MAIN
Changes since 1.46: +2 -1 lines
Diff to previous 1.46 (colored)

Add a patch that re-orders inclusion of select.h to avoid compilation
errors on NetBSD 1.6.

PKGREVISION++.
PR#28859 by Gilles Gravier.

Revision 1.46 / (download) - annotate - [select for diffs], Mon Jan 3 11:00:51 2005 UTC (14 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.45: +5 -2 lines
Diff to previous 1.45 (colored)

Update to 7.12.3. Enable libidn support.

Version 7.12.3 (20 December 2004)

Daniel (19 December 2004)
- I investigated our PKCS12 build problem on Solaris 2.7 with OpenSSL 0.9.7e,
  and it turned out to be the fault of the zlib 1.1.4 headers doing a typedef
  named 'free_func' and the OpenSSL headers have a prototype that uses
  'free_func' in one of its arguments. This is why the compile errors out.

  In other words, we need to include the openssl/pkcs12.h header before the
  zlib.h header and it builds fine. The configure script now checks for this
  file and it then gets included early in lib/urldata.h.

Daniel (18 December 2004)
- Samuel Listopad added support for PKCS12 formatted certificates.

- Samuel Listopad fixed -E to support "C:/path" (with forward slash) as well.

Daniel (16 December 2004)
- Gisle found and fixed a problem in the directory re-use for FTP.

  I added test case 215 and 216 to better verify the functionality.

- Dinar in bug report #1086121, found a file handle leak when a multipart
  formpost (including a file upload part) was aborted before the whole file
  was sent.

Daniel (15 December 2004)
- Tom Lee found out that globbing of strings with backslashes didn't work as
  you'd expect. Backslashes are such a central part of windows file names that
  forcing backslashes to have to be escaped with backslashes is a bit too
  awkward to users. Starting now, you only need to escape globbing characters
  such as the five letters: "[]{},". Added test case 214 to verify this.

Daniel (14 December 2004)
- Harshal Pradhan patched a HTTP persistent connection flaw: if the user name
  and/or password were modified between two requests on a persistent
  connection, the second request were still made with the first setup!

  I added test case 519 to verify the fix.

Daniel (13 December 2004)
- Gisle added CURLINFO_SSL_ENGINES to curl_easy_getinfo() to allow an app
  to list all available crypto ENGINES.

- Gisle fixed bug report #1083542, which pointed out a problem with resuming
  large file (>4GB) file:// transfers on windows.

Daniel (11 December 2004)
- Made the test suite HTTP server (sws) capable of using IPv6, and then
  extended the test environment to support that and also added three test
  cases (240, 241, 242) that run tests using IPv6. Test 242 uses a URL that
  didn't work before the 10 dec fix by Kai Sommerfeld.

- Made a failed file:// resume output an error message

- Corrected the CURLE_BAD_DOWNLOAD_RESUME error message in lib/strerror.c

- Dan Fandrich:

  simplified and consolidated the SSL checks in configure and the usage of the
  defines in lib/setup.h

  provided a first libcurl.pc.in file for pkg-config (but the result is not
  installed anywhere at this point)

  extended the cross compile section in the docs/INSTALL file

Daniel (10 December 2004)
- When providing user name in the URL and a IPv6-style IP-address (like in
  "ftp://user@[::1]/tmp"), the URL parser didn't get the host extracted
  properly.  Reported and fixed by Kai Sommerfeld.

Daniel (9 December 2004)
- Ton Voon provided a configure fix that should fix the notorious (mostly
  reported on Solaris) problem where the size_t check fails due to the SSL
  libs being found in a dir not searched through by the run-time linker.
  patch-tracker entry #1081707.

- Bryan Henderson pointed out in bug report #1081788 that the curl-config
  --vernum output wasn't zero prefixed properly (as claimed in documentation).
  This is fixed in maketgz now.

Daniel (8 December 2004)
- Matt Veenstra updated the mach-O framework files for Mac OS X.

- Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where
  libcurl always and unconditionally overwrote a stack-based array with 3 zero
  bytes. This is not an exploitable buffer overflow. No need to get alarmed.

Daniel (7 December 2004)
- Fixed so that the final error message is sent to the verbose info "stream"
  even if no errorbuffer is set.

Daniel (6 December 2004)
- Dan Fandrich added the --disable-cookies option to configure to build
  libcurl without cookie support. This is mainly useful if you want to build a
  minimalistic libcurl with no cookies support at all. Like for embedded
  systems or similar.

- Richard Atterer fixed libcurl's way of dealing with the EPSV
  response. Previously, libcurl would re-resolve the host name with the new
  port number and attempt to connect to that, while it should use the IP from
  the control channel. This bug made it hard to EPSV from an FTP server with
  multiple IP addresses!

Daniel (3 December 2004)
- Bug report #1078066: when a chunked transfer was pre-maturely closed exactly
  at a chunk boundary it was not considered an error and thus went unnoticed.
  Fixed by Maurice Barnum.

  Added test case 207 to verify.

Daniel (2 December 2004)
- Fixed the CONNECT loop to default timeout to 3600 seconds.

  Added test case 206 that makes CONNECT with Digest.

  Fixed a flaw that prepended "(nil)" to the initial CONNECT rqeuest's user-
  agent field.

Daniel (30 November 2004)
- Dan Fandrich's fix for libz 1.1 and "extra field" usage in a gzip stream

- Dan also helped me with input data to create three more test cases for the
  --compressed option.

Daniel (29 November 2004)
- I improved the test suite to enable binary contents in the tests (by proving
  it base64 encoded), like for testing decompress etc. Added test 220 and 221
  for this purpose. Tests can now also depend on libz to run.

- As reported by Reinout van Schouwen in Mandrake's bug tracker bug 12285
  (http://qa.mandrakesoft.com/show_bug.cgi?id=12285), when connecting to an
  IPv6 host with FTP, --disable-epsv (or --disable-eprt) effectively disables
  the ability to transfer a file. Now, when connected to an FTP server with
  IPv6, these FTP commands can't be disabled even if asked to with the
  available libcurl options.

Daniel (26 November 2004)
- As reported in Mandrake's bug tracker bug 12289
  (http://qa.mandrakesoft.com/show_bug.cgi?id=12289), curl would print a
  newline to "finish" the progress meter after each redirect and not only
  after a completed transfer.

Daniel (25 November 2004)
- FTP improvements:

  If EPSV, EPRT or LPRT is tried and doesn't work, it will not be retried on
  the same server again even if a following request is made using a persistent
  connection.

  If a second request is made to a server, requesting a file from the same
  directory as the previous request operated on, libcurl will no longer make
  that long series of CWD commands just to end up on the same spot. Note that
  this is only for *exactly* the same dir. There is still room for improvements
  to optimize the CWD-sending when the dirs are only slightly different.

  Added test 210, 211 and 212 to verify these changes. Had to improve the
  test script too and added a new primitive to the test file format.

Daniel (24 November 2004)
- Andrés García fixed the configure script to detect select properly when run
  with Msys/Mingw on Windows.

Daniel (22 November 2004)
- Made HTTP PUT and POST requests no longer use HEAD when doing multi-pass
  auth negotiation (NTLM, Digest and Negotiate), but instead use the request
  keyword "properly". Details in lib/README.httpauth. This also introduces
  CURLOPT_IOCTLFUNCTION and CURLOPT_IOCTLDATA, to be used by apps that use the
  "any" auth alternative as then libcurl may need to send the PUT/POST data
  more than once and thus may need to ask the app to "rewind" the read data
  stream to start.

  See also the new example using this: docs/examples/anyauthput.c

- David Phillips enhanced test 518. I made it depend on a "feature" so that
  systems without getrlimit() won't attempt to test 518. configure now checks
  for getrlimit() and setrlimit() for this test case.

Daniel (18 November 2004)
- David Phillips fixed libcurl to not crash anymore when more than FD_SETSIZE
  file descriptors are in use. Test case 518 added to verify.

Daniel (15 November 2004)
- To test my fix for the CURLINFO_REDIRECT_TIME bug, I added time_redirect and
  num_redirects support to the -w writeout option for the command line tool.

- Wojciech Zwiefka found out that CURLINFO_REDIRECT_TIME didn't work as
  documented.

Daniel (12 November 2004)
- Gisle Vanem modigied the MSVC and Netware makefiles to build without
  libcurl.def

- Dan Fandrich added the --disable-crypto-auth option to configure to allow
  libcurl to build without Digest support. (I figure it should also explicitly
  disable Negotiate and NTLM.)

-                 *** Modified Behaviour Alert ***

  Setting CURLOPT_POSTFIELDS to NULL will no longer do a GET.

  Setting CURLOPT_POSTFIELDS to "" will send a zero byte POST and setting
  CURLOPT_POSTFIELDS to NULL and CURLOPT_POSTFIELDSIZE to zero will also make
  a zero byte POST. Added test case 515 to verify this.

  Setting CURLOPT_HTTPPOST to NULL makes a zero byte post. Added test case 516
  to verify this.

  CURLOPT_POSTFIELDSIZE must now be set to -1 to signal "we don't know".
  Setting it to zero simply says this is a zero byte POST.

  When providing POST data with a read callback, setting the size up front
  is now made with CURLOPT_POSTFIELDSIZE and not with CURLOPT_INFILESIZE.

Daniel (11 November 2004)
- Dan Fandrich added --disable-verbose to the configure script to allow builds
  without verbose strings in the code, to save some 12KB space. Makes sense
  only for systems with very little memory resources.

- Jeff Phillips found out that a date string with a year beyond 2038 could
  crash the new date parser on systems with 32bit time_t. We now check for
  this case and deal with it.

Daniel (10 November 2004)
- I installed Heimdal on my Debian box (using the debian package) and noticed
  that configure --with-gssapi failed to create a nice build. Fixed now.

Daniel (9 November 2004)
- Gisle Vanem marked all external function calls with CURL_EXTERN so that now
  the Windows, Netware and other builds no longer need libcurl.def or similar
  files.

Daniel (8 November 2004)
- Made the configure script check for tld.h if libidn was detected, since
  libidn 0.3.X didn't have such a header and we don't work with anything
  before libidn 0.4.1 anyway! Suse 9.1 apparently ships with a 0.3.X version
  of libidn which makes the curl 7.12.2 build fail. Jean-Philippe
  Barrette-LaPierre helped pointing this out.

- Ian Gulliver reported in debian bug report #278691: if curl is invoked in an
  environment where stderr is closed the -v output will still be sent to file
  descriptor 2 which then might be the network socket handle! Now we have a
  weird hack instead that attempts to make sure that file descriptor 2 is
  opened (with a call to pipe()) before libcurl is called to do the transfer.
  configure now checks for pipe() and systems without pipe don't get the weird
  hack done.

Daniel (5 November 2004)
- Tim Sneddon made libcurl send no more than 64K in a single first chunk when
  doing a huge POST on VMS, as this is a system limitation. Default on general
  systems is 100K.

Daniel (4 November 2004)
- Andres Garcia made it build on mingw againa, my --retry code broke the build.

Daniel (2 November 2004)
- Added --retry-max-time that allows a maximum time that may not have been
  reached for a retry to be made. If not set there is no maximum time, only
  the amount of retries set with --retry.

- Paul Nolan provided a patch to make libcurl build nicely on Windows CE.

Daniel (1 November 2004)
- When cross-compiling, the configure script no longer attempts to use
  pkg-config on the build host in order to detect OpenSSL compiler options.

Daniel (27 October 2004)
- Dan Fandrich:

  An improvement to the gzip handling of libcurl. There were two problems with
  the old version: it was possible for a malicious gzip file to cause libcurl
  to leak memory, as a buffer was malloced to hold the header and never freed
  if the header ended with no file contents.  The second problem is that the
  64 KiB decompression buffer was allocated on the stack, which caused
  unexpectedly high stack usage and overflowed the stack on some systems
  (someone complained about that in the mailing list about a year ago).

  Both problems are fixed by this patch. The first one is fixed when a recent
  (1.2) version of zlib is used, as it takes care of gzip header parsing
  itself.  A check for the version number is done at run-time and libcurl uses
  that feature if it's present. I've created a define OLD_ZLIB_SUPPORT that
  can be commented out to save some code space if libcurl is guaranteed to be
  using a 1.2 version of zlib.

  The second problem is solved by dynamically allocating the memory buffer
  instead of storing it on the stack. The allocation/free is done for every
  incoming packet, which is suboptimal, but should be dwarfed by the actual
  decompression computation.

  I've also factored out some common code between deflate and gzip to reduce
  the code footprint somewhat.  I've tested the gzip code on a few test files
  and I tried deflate using the freshmeat.net server, and it all looks OK. I
  didn't try running it with valgrind, however.

- Added a --retry option to curl that takes a numerical option for the number
  of times the operation should be retried. It is retried if a transient error
  is detected or if a timeout occurred. By default, it will first wait one
  second between the retries and then double the delay time between each retry
  until the delay time is ten minutes which then will be the delay time
  between all forthcoming retries. You can set a static delay time with
  "--retry-delay [num]" where [num] is the number of seconds to wait between
  each retry.

Daniel (25 October 2004)
- Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on a
  file that was already completely downloaded caused an error, while it
  doesn't if you don't use --fail! I added test case 194 to verify the fix.
  Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in
  libcurl v8 due to all the kludges needed to support it.

- Mohun Biswas found out that formposting a zero-byte file didn't work very
  good. I fixed.

Daniel (19 October 2004)
- Alexander Krasnostavsky made it possible to make FTP 3rd party transfers
  with both source and destination being the same host. It can be useful if
  you want to move a file on a server or similar.

- Guillaume Arluison added CURLINFO_NUM_CONNECTS to allow an app to figure
  out how many new connects a previous transfer required.

  I added %{num_connects} to the curl tool and added test case 192 and 193
  to verify the new code.

Daniel (18 October 2004)
- Peter Wullinger pointed out that curl should call setlocale() properly to
  initiate the specific language operations, to make the IDN stuff work
  better.

Revision 1.45 / (download) - annotate - [select for diffs], Tue Nov 9 09:18:37 2004 UTC (14 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base
Branch point for: pkgsrc-2004Q4
Changes since 1.44: +2 -3 lines
Diff to previous 1.44 (colored)

Changes 7.12.2:
* the IDN code now verifies that only TLD-legitmate letters are used in the
  name or a warning is displayed (when verbose is enabled)
* provides error texts for IDN errors
* file upload parts in formposts now get their directory names cut off
* added CURLINFO_OS_ERRNO
* added CURLOPT_FTPSSLAUTH to allow ftp connects to attempt "AUTH TLS" instead
  before "AUTH SSL"
* curl_getdate() completely rewritten: may affect rare curl -z use cases
* bugfixes

Revision 1.44 / (download) - annotate - [select for diffs], Sun Oct 3 00:18:25 2004 UTC (14 years, 7 months ago) by tv
Branch: MAIN
Changes since 1.43: +2 -1 lines
Diff to previous 1.43 (colored)

Libtool fix for PR pkg/26633, and other issues.  Update libtool to 1.5.10
in the process.  (More information on tech-pkg.)

Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.

Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.

Revision 1.43 / (download) - annotate - [select for diffs], Sat Aug 21 11:31:00 2004 UTC (14 years, 9 months ago) by recht
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base, pkgsrc-2004Q3
Changes since 1.42: +3 -3 lines
Diff to previous 1.42 (colored)

update to Curl 7.12.1

Changes:

    * the version string now only contains info about (sub) package versions,
      while for example krb4 and ipv6 now only are available as 'features'
    * added curl_easy_reset()
    * socks proxy support even when libcurl is built ipv6-enabled
    * read callbacks can stop the transfer by returning CURL_READFUNC_ABORT
    * libcurl-tutorial.3 is the new man page formerly known as
      libcurl-the-guide
    * additional SSL trace data might be sent to the debug callback using two
      new types: CURLINFO_SSL_DATA_IN and CURLINFO_SSL_DATA_OUT
    * multipart formposts can upload files larger than system memory
    * the curl tool continues with the next URL even if one transfer fails
    * FTP 3rd party transfer support - seven new setopt() options

Bugfixes:

    * UTF-8 encoded certificate names can now be verified properly
    * krb4 link problem
    * HTTP Negotiate service name now provided in uppercase
    * no longer accepts any cookies with domain set to just a TLD
    * HTTP Digest properties without quotes in the header
    * bad Host: header case on re-used connections over proxy
    * duplicate Host: header case on re-used connections
    * curl -o name#[num] now works when no globbing for [num] exists
    * test suite runs fine with valgrind 2.1.x
    * negative Content-Length is ignored
    * test 505 runs fine on windows
    * curl_share_cleanup() crash
    * --trace files now get the final info lines too
    * multi interface connects fine to multi-IP resolving hosts
    * --limit-rate works on Mac OS X (and other systems with bad poll()s)
    * cookies can now hold 4999 bytes of content
    * HTTP POST/PUT with NTLM/Digest/Negotiate to a URL returning 3XX
    * HTTPS POST/PUT over a proxy requiring NTLM/Digest/Negotiate
    * less restrictive libidn requirements, 0.4.1 or later is fine
    * HTTP POST or PUT with Digest/Negotiate/NTLM selected but the server
      didn't require any authentication
    * win32 file:// transfer free memory bug
    * configure --disable-http builds a libcurl without HTTP support
    * CURLOPT_FILETIME had wrong type in curl.h, it expects a long argument
    * builds fine with Borland on Windows
    * the msvc curllib.dsp now builds the libcurl.lib file
    * builds fine on VMS
    * builds fine on NetWare
    * HTTP Digest authentication with proxies uses correct user name + password
    * builds fine with lcc-win32

Revision 1.42 / (download) - annotate - [select for diffs], Wed Jul 28 01:02:08 2004 UTC (14 years, 9 months ago) by minskim
Branch: MAIN
Changes since 1.41: +3 -1 lines
Diff to previous 1.41 (colored)

Enable pkgviews installation.

Revision 1.41 / (download) - annotate - [select for diffs], Wed Jun 2 12:07:48 2004 UTC (14 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base, pkgsrc-2004Q2
Changes since 1.40: +3 -2 lines
Diff to previous 1.40 (colored)

Changes 7.12.0:
 o added ability to "upload" to file:// URLs
 o added curl_global_init_mem()
 o removed curl_formparse()
 o the MSVC project file in the release archive is automatically built
 o curl --proxy-digest is a new command line option
 o the Windows version of libcurl can use wldap32.dll for LDAP
 o added curl_easy_strerror(), curl_multi_strerror() and curl_share_strerror()
 o IPv6-enabled Windows hosts now resolves names threaded/asynch as well
 o configure --with-libidn can be used to point out the root dir of a libidn
   installation (version 0.4.5 or later) for curl to use, then libcurl can
   resolve and use IDNA names (domain names with "international" letters)
Bugfixes:
 o incoming cookies with domains set with a prefixed dot now works better
 o CURLOPT_COOKIEFILE and CURLOPT_COOKIE can be used in the same request
 o improved peer certificate name verification
 o allocation failures cause no leaks nor crashes
 o the progress meter display now handles file sizes up to full 8 exabytes
   (which is as high a signed 64 bit number can reach)
 o general HTTP authentication improvements
 o HTTP Digest authentication with the proxy works
 o mulipart formposting with -F and file names with spaces work again
 o curl_easy_duphandle() now works when ares-enabled
 o HTTP Digest authentication works a lot more like the RFC says
 o curl works with telnet and stdin properly on Windows
 o configure --without-ssl works even when pkg-config has OpenSSL details
 o src/hugehelp.c builds correct again in non-configure build environments

Revision 1.40 / (download) - annotate - [select for diffs], Fri May 7 13:12:14 2004 UTC (15 years ago) by adam
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)

Changes 7.11.2:
* removed maximum user+password+hostname size limit
* removed maximum dir depth limit for FTP
* the ares build now requires c-ares 1.2.0 or later
* --tcp-nodelay and CURLOPT_TCP_NODELAY were added
* curl/curlver.h contains the libcurl version info now
* bugfixes

Revision 1.39 / (download) - annotate - [select for diffs], Sun Mar 28 20:47:05 2004 UTC (15 years, 1 month ago) by xtraeme
Branch: MAIN
Changes since 1.38: +2 -3 lines
Diff to previous 1.38 (colored)

Update curl to 7.11.1, provided by Stefan Kruger in PR pkg/24916.

This release includes the following changes:

 o CURLOPT_POSTFIELDSIZE_LARGE added to offer POSTs larger than 2GB
 o CURL_VERSION_LARGEFILE is a feature bit returned by libcurls that feature
   large file support
 o libcurl only requires winsock 1.1 on windows now
 o when doing FTP, curl now sends QUIT before disconnecting
 o name resolves can now timeout on windows too
 o $HOME is now recognized better when looking for .netrc files
 o now re-uses the ares handle when re-using curl handles
 o SO_BINDTODEVICE is used for network interface binding
 o configure --disable-manual disables the built-in huge manual from the
   command line tool
 o the default Accept: header used in HTTP requests changed
 o asynch dns lookups now require the c-ares library
 o curl --socks can be used to set a SOCKS5 proxy to use
 o response-headers received after a (proxy) CONNECT request are now passed
   to the header callback just like other headers

This release includes the following bugfixes:

 o builds and runs on Novell NetWare
 o Windows builds now report OS as "i386-pc-win32"
 o received signals during SSL connect is handled better
 o improved PUT/POST with NTLM/Digest authentication
 o following redirects and doing NTLM/Digest (where the first connection gets
   closed) with the multi interface work better now
 o file: progress meter and getinfo variables work now
 o CURLOPT_FRESH_CONNECT and CURLAUTH_NTLM now work when set together
 o share interface usage without (un)lock functions segfaulted
 o --limit-rate no longer cripples the --speed-limit feature
 o fixed verbose output problem with ipv6-enabled re-used connections
 o fixed the socks5 code to check version in the socks response properly
 o dns cache bug - fixed the 'inuse' counter
 o large file fix for Content-Length
 o better docs for the share interface
 o several configure fixes for mingw/msys
 o setting a Host: header is no longer affecting the Host: header used when
   libcurl follows a Location:
 o fixed numerous compiler warnings on several operating systems and compilers
 o PUTing from stdin couldn't disable chunked transfer-encoding
 o corrected the mingw makefiles
 o improved the configure libz detection
 o fixed EPRT/PORT use when doing FTP on ipv6-enabled AIX hosts
 o *nroff commands that only support -mandoc and not -man are now supported
   (for the built-in manual text in the command line tool)
 o fixed the unconditional #include of config.h in hugehelp.c
 o builds fine on MPE/iX
 o upload using chunked transfer-encoding now sends the last chunk properly
   teriminated with an extra CRLF
 o Fixed the progress meter display for files >2GB
 o persistant connections over a proxy messed up the proxy name/password
 o the socks5 code segfaulted if no username/password was set
 o the *_LARGE options now take curl_off_t types as parameters and this will
   make it possible to handle large files on windows too
 o builds with large file support even on systems without strtoll()

Revision 1.38 / (download) - annotate - [select for diffs], Fri Mar 26 02:27:56 2004 UTC (15 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base, pkgsrc-2004Q1
Changes since 1.37: +2 -1 lines
Diff to previous 1.37 (colored)

PKGREVISION bump after openssl-security-fix-update to 0.9.6m.
Buildlink files: RECOMMENDED version changed to current version.

Revision 1.37 / (download) - annotate - [select for diffs], Sat Mar 20 02:05:48 2004 UTC (15 years, 2 months ago) by snj
Branch: MAIN
Changes since 1.36: +4 -1 lines
Diff to previous 1.36 (colored)

Fix build on sparc64 with gcc2.  Correct a spelling error.

Revision 1.36 / (download) - annotate - [select for diffs], Thu Feb 19 01:24:01 2004 UTC (15 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.35: +4 -4 lines
Diff to previous 1.35 (colored)

Convert to buildlink3.
While here, add zlib buildlink2.mk to buildlink2.mk file, since libcurl
depends on it.

Revision 1.35 / (download) - annotate - [select for diffs], Sat Feb 14 17:21:54 2004 UTC (15 years, 3 months ago) by jlam
Branch: MAIN
Changes since 1.34: +1 -2 lines
Diff to previous 1.34 (colored)

LIBTOOL_OVERRIDE and SHLIBTOOL_OVERRIDE are now lists of shell globs
relative to ${WRKSRC}.  Remove redundant LIBTOOL_OVERRIDE settings that
are automatically handled by the default setting in bsd.pkg.mk.

Revision 1.34 / (download) - annotate - [select for diffs], Fri Jan 23 22:52:28 2004 UTC (15 years, 4 months ago) by recht
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

update to curl-7.11.0

Fixed in 7.11.0

Changes:
- allows the URL to be set by a callback when using the multi interface
- large file support was added. Use one of the new options:
  INFILESIZE_LARGE, RESUME_FROM_LARGE and MAXFILESIZE_LARGE
- the new --ftp-pasv overrides a previous --ftpport
- CURLOPT_FTPSSL and ftps:// now do ssl over FTP "The Right Way"
  (the curl tool now features the --ftp-ssl option)
- The Windows DLLs are built with an added "resource file"
- New LIBCURL_VERSION_* defines for easier checking version number
- Included Mac OS X 'framework' makefile in the release archive
- Removed the TRUE and FALSE #defines from the public curl header file
- Added CURLOPT_NETRC_FILE

For a complete list see the Changelog at http://curl.haxx.se/changes.html

Revision 1.33 / (download) - annotate - [select for diffs], Sun Dec 7 13:28:33 2003 UTC (15 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.32: +2 -3 lines
Diff to previous 1.32 (colored)

Update to 7.10.8:
7.10.8
SPNEGO support, Negotiate support, multiple -T flags work, IPv6
support on Windows, and more were added. More than 40 bugs were
fixed.
7.10.7
This release supports NTLM for proxies, --ftp-create-dirs, and
optional support for asynchronous name-resolving calls. It fixes
an information leak, minor memory leaks, a 64bit problem, two
cookie-related problems, URL globbing output using -o #[num], and
more.

Revision 1.32 / (download) - annotate - [select for diffs], Mon Nov 24 20:44:07 2003 UTC (15 years, 6 months ago) by erh
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base, pkgsrc-2003Q4
Changes since 1.31: +7 -1 lines
Diff to previous 1.31 (colored)

If USE_INET6 isn't "yes", explicitly disable building ipv6 support.

Revision 1.31 / (download) - annotate - [select for diffs], Wed Nov 12 03:39:43 2003 UTC (15 years, 6 months ago) by jschauma
Branch: MAIN
Changes since 1.30: +2 -1 lines
Diff to previous 1.30 (colored)

PKGREVISION++ after openssl update.

Revision 1.30 / (download) - annotate - [select for diffs], Wed Jul 30 10:29:02 2003 UTC (15 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

Update to 7.10.6:
Changes:
  * CURLOPT_SSL_CTX_FUNCTION allows a custom callback for SSL connections
  * multiple patches lets curl build and run on DOS
  * libcurl now deals with spaces in Location: redirects and URLifies them
  * curl --version shows more detailed info
  * curl_version_info() now returns info on NTLM, GSS-Negotiate and Debug
  * curl_version() includes "GSS" in the string if built with GSSAPI available
  * Pick-best-authentication option added (--anyauth, using the CURLOPT_HTTPAUTH set to CURLAUTH_ANY)
  * NTLM authentication support (--ntlm and CURLAUTH_NTLM)
  * GSS-Negotiate authentication support (--negotiate and CURLAUTH_GSSNEGOTIATE)
  * Digest authentication support added (--digest and CURLAUTH_DIGEST)
  * Allow curl to switch (back to) to Basic authentication (--basic)
  * libcurl supports name and password in proxy environment variables

Bugs:
  * double slash after the host name on a FTP URL again points out the root dir
  * obscure and rare DNS cache problem was fixed
  * multiple FTP connections to the same host with different user names didn't work properly
  * no more CWD commands without arguments for ftp connections
  * curl no longer uses setvbuf() due to portability problems
  * VMS build fixes
  * the curl tool has the -M manual compressed internally if built with libz
  * url globbing syntax error could cause segfault
  * Huge (>40-60KB) GET requests over HTTPS failed.
  * Content-Length now overrides socket-closed as a means of knowing when the response body is
    complete.
  * --progress-bar takes the initial size into account when doing resumed downloads
  * work around SSL bugs better
  * libcurl typically issues POST requests with less send() calls
  * better main makefile
  * external headers improved portability
  * Listing FTP directories without contents could leak a socket
  * Getting HTTP contents in one line without headers failed
  * bugfixed the socks5-proxy usage (twice)
  * h_aliases name-lookup rare crash fixed
  * improved curl -M output
  * curl_unescape() now only unescapes valid %HH codes

Revision 1.29 / (download) - annotate - [select for diffs], Tue Jul 22 04:14:22 2003 UTC (15 years, 10 months ago) by martti
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

COMMENT should start with a capital letter.

Revision 1.28 / (download) - annotate - [select for diffs], Thu Jul 17 22:55:32 2003 UTC (15 years, 10 months ago) by grant
Branch: MAIN
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)

s/netbsd.org/NetBSD.org/

Revision 1.27 / (download) - annotate - [select for diffs], Mon Jun 2 01:16:06 2003 UTC (15 years, 11 months ago) by jschauma
Branch: MAIN
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

Use tech-pkg@ in favor of packages@ as MAINTAINER for orphaned packages.
Should anybody feel like they could be the maintainer for any of thewe packages,
please adjust.

Revision 1.26 / (download) - annotate - [select for diffs], Tue May 20 11:54:12 2003 UTC (16 years ago) by wiz
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Update to 7.10.5.
Extract of changes:
- Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
  a very common type inet_addr() returns.
- George Comninos provided a fix that calls the progress meter when waiting
  for FTP command responses take >1 second. It'll make applications more
  "responsive" even when dealing with very slow ftp servers.
- George Comninos pointed out that libcurl uploads had two quirks:
   o when using FTP PORT command, it used blocking sockets!
   o it could loop a long time without doing progress meter updates
  Both items are fixed now.
- Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
  set to "".  This frees the application from having to know which encodings
  the library supports.
- Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
  given name is a network interface gave a real performance penalty on Linux,
  so now we more appropriately first check if it is an IP number and if so
  we don't check for a network interface with that name.
- CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
  to use EPRT and LPRT before the traditional PORT command. The command line
  tool sets this option with '--disable-eprt'.
- Added test case 62 and fixed some more on the cookie sending with a custom
  Host: header set.
- Made the "SSL read error: 5" error message more verbose, by adding code that
  queries the OpenSSL library to fill in the error buffer.
- Added sys/select.h include in the curl/multi.h file, after having been
  reminded about this by Rich Gray.
- I made each test set its own server requirements, thus abandoning the
  previous system where the test number implied what server(s) to use for a
  specific test.
- David Balazic made curl more RFC1738-compliant for FTP URLs, by fixing so
  that libcurl now uses one CWD command for each path part. A bunch of test
  cases were fixed to work accordingly.
- Cookie fixes.
- Peter Kovacs provided a patch that makes the CURLINFO_CONNECT_TIME work fine
  when using the multi interface (too).
- Peter Sylvester pointed out that curl_easy_setopt() will always (wrongly)
  return CURLE_OK no matter what happens.
- Dan Fandrich fixed some gzip decompression bugs and flaws.
- Formposting a file using a .html suffix is now properly set to Content-Type:    text/html.
- Fixed the SSL error handling to return proper SSL error messages again, they
  broke in 7.10.4. I also attempt to track down CA cert problems and then
  return the CURLE_SSL_CACERT error code.
- The curl tool now intercepts the CURLE_SSL_CACERT error code and displays
  a fairly big and explanatory error message. Kevin Roth helped me out with
  the wording.
- Nic Hines provided a second patch for gzip decompression, and fixed a bug
  when deflate or gzip contents were downloaded using chunked encoding.
- Dan Fandrich made libcurl support automatic decompression of gzip contents
  (as an addition to the previous deflate support).
- I made the CWD command during FTP session consider all 2xy codes to be OK
  responses.
- Vlad Krupin fixed a URL parsing issue. URLs that were not using a slash
  after the host name, but still had "?" and parameters appended, as in
  "http://hostname.com?foobar=moo", were not properly parsed by libcurl.
- Made CURLOPT_TIMECONDITION work for FTP transfers, using the same syntax as
  for HTTP. This then made -z work for ftp transfers too. Added test case 139
  and 140 for verifying this.
- Getting the file date of an ftp file used the wrong time zone when
  displayed. It is supposedly always GMT. Added test case 141 for this.
- Made the test suite's FTP server support MDTM.
- The default DEBUGFUNCTION, as enabled with CURLOPT_VERBOSE now outputs
  CURLINFO_HEADER_IN data as well. The most notable effect from this is that
  using curl -v, you get to see the incoming "headers" as well. This is
  perhaps most useful when doing ftp.
- James Bursa fixed a flaw in the Content-Type extraction code, which missed
  the first letter if no space followed the colon.
- Martijn Broenland found another cases where a server application didn't
  like the boundary string used by curl when foing a multi-part/formpost. We
  modified the boundary string to look like the one IE uses, as this is
  probably gonna make curl work with more applications.

Revision 1.25 / (download) - annotate - [select for diffs], Thu Apr 10 09:13:51 2003 UTC (16 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)

Update to 7.10.4:
Changes:
  * the curl tool now "clears" sensitive commands line args
  * no more emacs local variables in the source files
  * script for distributed, automatic, multi-platform testing added. Please join up and help us test
    the bleeding edge curl on various platforms!
  * the "scratch buffer" is now only allocated when actually needed
  * removed the strequal and strnequal macros from curl/curl.h
  * added CURLOPT_UNRESTRICTED_AUTH / --location-trusted

Bugs:
  * "curl -O" only, now outputs an error message accordingly
  * builds fine on Redhat Linux 9 (configure fix)
  * the CA cert bundle included a demo cert now removed
  * changing some attributes between two transfers when re-using a connection did not "take effect"
    properly
  * the test suite runs faster and hopefully a bit more reliably
  * improved configure check for presence of functions, needed for HPUX
  * the curl tool now makes a correct URL escaping when appending to the URL when using -T and the
    file name is appended to the URL.
  * configure --enable-libgcc now explicitly add -lgcc to the linker
  * better configure checks for headers (since some platforms got nasty warnings output previously)
  * configure --help looks nicer
  * data transfer bug on HP-UX systems
  * improved random seeding for systems without a reliable random source
  * 64bit Sparc compiler warnings removed
  * a case where a connect failure didn't return an error string
  * DNS cache problem in AIX 4.3 and later was fixed
  * a POST-then-GET problem when re-using the same handle in libcurl
  * extra precaution added for FTP servers returning 0 bytes to SIZE commands
  * looping issue in the receive function (i.e badly updated progress meter)
  * Fixed the 'Expect: 100-continue' behavior
  * CURLOPT_MAXCONNECTS segfault fixed
  * multi-interface connecting on Windows to non-listening ports fixed
  * Curl_base64_encode() now encodes zero-bytes too properly
  * fixed the infamous SSL error:00000000 outputs
  * zlib build fix in the mingw makefile
  * don't check for ca cert env variable if --insecure is used
  * always use strict cert name check unless --insecure is used
  * content-type extracting fixed
  * DEBUGFUNCTION could be called with wrong arguments in uploads
  * ftp downloads could wrongly return CURLE_PARTIAL_FILE in some conditions
  * the fopen.c example code didn't work
  * content-type extracting memory leak fixed
  * curl/multi.h was fixed for C++ compiles
  * .netrc file scanning for names+passwored fixed
  * curl-config --cflags works even when include dirs isn't /usr/include
  * CURLINFO_PRIVATE can return NULL properly

Revision 1.24 / (download) - annotate - [select for diffs], Sun Feb 9 08:46:36 2003 UTC (16 years, 3 months ago) by shell
Branch: MAIN
CVS Tags: netbsd-1-6-1-base, netbsd-1-6-1
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

Updated to curl-7.10.3

Patches by Adrian Portelli <adrianp@stindustries.net> (PR#20142)


Changes :
- Steve Oliphant pointed out that test case 105 did not work anymore
  and this was due to a missing fix for the password prompting.
- Bryan Kemp pointed out that curl -u could not provide a blank password
  without prompting the user. It can now. -u username: makes the password
  empty, while -u username makes curl prompt the user for a password.
- Kjetil Jacobsen found a remaining connect problem in the multi interface
  on ipv4 systems (Linux only?), that I fixed and Kjetil verified that it
  fixed his problems.
- memanalyze.pl now reads a file name from the command line, and no longer
  takes the data on stdin as before.
- Fixed tests/memanalyze.pl to work with file names that contain colons
  (as on Windows).
- Kjetil Jacobsen quickly pointed out that lib/share.h was missing...

* For more, see CHANGES.

Revision 1.23 / (download) - annotate - [select for diffs], Sat Dec 7 23:38:56 2002 UTC (16 years, 5 months ago) by jmmv
Branch: MAIN
Changes since 1.22: +2 -3 lines
Diff to previous 1.22 (colored)

Trivially update to curl 7.10.2.

Changes since 7.10.1:
- Dave Halbakken added curl_version_info to lib/libcurl.def to make libcurl
  properly build with MSVC on Windows.
- Doing HTTP PUT without a specified file size now makes libcurl use
  Transfer-Encoding: chunked.
- Bug report #634625 identified how curl returned timeout immediately when
  CURLOPT_CONNECTTIMEOUT was used and provided a fix.
- Lehel Bernadt found out and fixed. libcurl sent error message to the debug
  output when it stored the error message.
- Avery Fay found some problems with the DNS cache (when the cache time was
  set to 0 we got a memory leak, but when the leak was fixed he got a crash
  when he used the CURLOPT_INTERFACE with that) that had me do some real
  restructuring so that we now have a reference counter in the dns cache
  entries to prevent an entry to get flushed while still actually in use.
  I also detected that we previously didn't update the time stamp when we
  extracted an entry from the cache so that must've been a reason for some
  very weird dns cache bugs.
- Downgraded automake to 1.6.3 in an attempt to fix cygwin problems. (It
  turned out this didn't help though.)
- Disable the DNS cache (by setting the timeout to 0) made libcurl leak
  memory. Avery Fay brought the example code that proved this.
- Upgraded to autoconf 2.54 and automake 1.7 on the release-build host.
- Kevin Roth made the command line tool check for a CURL_CA_BUNDLE environment
  variable (if --cacert isn't used) and if not set, the Windows version will
  check for a file named "curl-ca-bundle.crt" in the current directory or the
  directory where curl is located. That file is then used as CA root cert
  bundle.
- Avery Fay pointed out that curl's configure scrip didn't get right if you
  used autoconf newer than 2.52. This was due to some badly quoted code.
- Emiliano Ida confirmed that we now build properly with the Borland C++
  compiler too. We needed yet another fix for the ISO cpp check in the curl.h
  header file.
- Yet another fix was needed to get the HTTP download without headers to work.
  This time it was needed if the first "believed header" was read all in the
  first read. Test 306 has not run properly since the 11th october fix.
- Zvi Har'El pointed out a problem with curl's name resolving on Redhat 8
  machines (running IPv6 disabled). Mats Lidell let me use an account on his
  machine and I could verify that gethostbyname_r() has been changed to return
  EAGAIN instead of ERANGE when the given buffer size is too small. This is
  glibc 2.2.93.
- Albert Chin helped me get the -no-undefined option corrected in
  lib/Makefile.am since Cygwin builds want it there while Solaris builds don't
  want it present. Kevin Roth helped me try it out on cygwin.
- Nikita Schmidt provided a bug fix for a FOLLOWLOCATION bug introduced when
  the ../ support got in (7.10.1).
- Fabrizio Ammollo pointed out a remaining problem with FOLLOWLOCATION in
  the multi interface.
- Richard Cooper's experimenting proved that -j (CURLOPT_COOKIESESSION) didn't
  work quite as supposed. You needed to set it *before* you use
  CURLOPT_COOKIEFILE, and we dont' want that kind of dependencies.
- Andrés García provided corrections for erratas in four libcurl man pages.
- Starting now, we generate and include PDF versions of all the docs in the
  release archives.
- Trying to connect to a host on a bad port number caused the multi interface
  to never return failure and it appeared to keep on trying forever (it just
  didn't do anything).
- Downloading HTTP without headers didn't work 100%, some of the initial data
  got written twice. Kevin Roth reported.
- Kevin Roth found out the "config file" parser in the client code could
  segfault, like if DOS newlines were used.

Revision 1.22 / (download) - annotate - [select for diffs], Sun Oct 20 20:10:06 2002 UTC (16 years, 7 months ago) by seb
Branch: MAIN
Changes since 1.21: +8 -5 lines
Diff to previous 1.21 (colored)

Fix documentation installation. Buildlink with zlib.  Bump PKGREVISION.

XXX Should buildlink2.mk's BUILDLINK_DEPENDS.curl version be bumped to 7.10.1?

Revision 1.21 / (download) - annotate - [select for diffs], Sun Oct 20 02:19:42 2002 UTC (16 years, 7 months ago) by shell
Branch: MAIN
Changes since 1.20: +3 -3 lines
Diff to previous 1.20 (colored)

Updated to curl-7.10.1


Changes :
- Jeff Lawson fixed a few problems with connection re-use that remained when
  you set CURLOPT_PROXY to "".
- Craig Davison found a terrible flaw and Cris Bailiff helped out in the
  search. Getting HTTP data from servers when the headers are split up in
  multiple reads, could cause junk data to get inserted among the saved
  headers. This only concerns HTTP(S) headers.
- Vincent Penquerc'h gave us the good suggestion that when the ERRRORBUFFER
  is set internally, the error text is sent to the debug function as well.
- Fixed the telnet code to timeout properly as the option tells it to. On
  non-windows platforms.
- John Crow pointed out that libcurl-the-guide wasn't included in the release
  tarball!
- Kevin Roth pointed out that make install didn't do right if build outside
  the source tree (ca-bundle wise).
- FOLLOW_LOCATION bugfix for the multi interface
[trim], more see CHANGES.

Revision 1.20 / (download) - annotate - [select for diffs], Sun Aug 25 21:52:03 2002 UTC (16 years, 9 months ago) by jlam
Branch: MAIN
Changes since 1.19: +4 -9 lines
Diff to previous 1.19 (colored)

Merge packages from the buildlink2 branch back into the main trunk that
have been converted to USE_BUILDLINK2.

Revision 1.18.2.3 / (download) - annotate - [select for diffs], Sun Jun 23 19:03:39 2002 UTC (16 years, 11 months ago) by jlam
Branch: buildlink2
Changes since 1.18.2.2: +2 -2 lines
Diff to previous 1.18.2.2 (colored) next main 1.19 (colored)

Merge from pkgsrc-current to buildlink2 branch.

Revision 1.18.2.2 / (download) - annotate - [select for diffs], Fri Jun 21 23:05:48 2002 UTC (16 years, 11 months ago) by jlam
Branch: buildlink2
Changes since 1.18.2.1: +2 -2 lines
Diff to previous 1.18.2.1 (colored)

Rename USE_BUILDLINK2_ONLY to USE_BUILDLINK2 for less verbosity.  Also
convert a few more packages to use the buildlink2 framework.

Revision 1.19 / (download) - annotate - [select for diffs], Mon Jun 10 01:32:37 2002 UTC (16 years, 11 months ago) by shell
Branch: MAIN
CVS Tags: pkgviews-base, pkgviews, netbsd-1-6-RELEASE-base, netbsd-1-6, buildlink2-base
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)

Updated to curl, from 7.9.6 to 7.9.7

Changes since 7.9.6 :
- More -(option) support
- Documentation updated
- little bug fixed and preformance improved

(please see CHANGES for more)

Revision 1.18.2.1 / (download) - annotate - [select for diffs], Thu Jun 6 06:54:53 2002 UTC (16 years, 11 months ago) by jlam
Branch: buildlink2
Changes since 1.18: +4 -9 lines
Diff to previous 1.18 (colored)

* Convert some more packages to use the buildlink2 framework.
* Re-add EVAL_PREFIX lines that I shouldn't have removed from the
  buildlink2.mk files.
* Add several more new buildlink2.mk files to facilitate converting more
  packages.

Revision 1.18 / (download) - annotate - [select for diffs], Sun Apr 21 12:07:45 2002 UTC (17 years, 1 month ago) by shell
Branch: MAIN
Branch point for: buildlink2
Changes since 1.17: +2 -3 lines
Diff to previous 1.17 (colored)

Updated to curl-7.9.6

- fmt on DESCR
- Regen PLIST
- Remove patch since it was applied


Changes since curl-7.9.5
(Lots of change, here is the recently changes, see CHANGE for more)

- Dirk Manske brought a fix that makes libcurl strip off white
  spaces from the beginning of cookie contents.
- Had to patch include/curl/curl.h since MSVC doesn't set the
  __STDC__ define. Moonesamy pointed out the problem, Bjorn Reese
  the solution.
- Fixed the TIMER_CONNECT to be more accurate for FTP transfers.
  Previously FTP transfers got the "connect done" time set after
  the initial FTP commands and not directly after the TCP/IP connect
  as it should.
- Jean-Philippe Barrette-LaPierre provided his patch that introduces
  CURLOPT_DEBUGFUNCTION and CURLOPT_DEBUGDATA. They allow a program
  to a set a callback to receive debug/information data. That
  includes headers and data that is received and sent. CURLOPT_VERBOSE
  still controls it.
  By default, there is an internal debugfunction that will make
  things look and work as before if not changed.
- Sebastien Willemijns found out that -x didn't use the default
  port number as is documented. It does now.
- libcurl-errors.3 is a new man page attempting to document all
  libcurl error codes

Revision 1.17 / (download) - annotate - [select for diffs], Fri Mar 15 12:05:09 2002 UTC (17 years, 2 months ago) by seb
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH003
Changes since 1.16: +16 -3 lines
Diff to previous 1.16 (colored)

Update to version 7.9.5nb1

LTCONFIG_OVERRIDE changed to LIBTOOL_OVERRIDE.
GNU make no longer needed.
Install some documentation in ${PREFIX}/share/doc/curl, and examples of
libcurl usage in ${PREFIX}/share/examples/curl.

XXX A buildlink.mk would be nice to have...

Bump PKGREVISION for the PLIST additions.

Revision 1.16 / (download) - annotate - [select for diffs], Fri Mar 15 08:20:43 2002 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.15: +1 -8 lines
Diff to previous 1.15 (colored)

suppress debugging options.

Revision 1.15 / (download) - annotate - [select for diffs], Fri Mar 15 08:18:45 2002 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.14: +8 -1 lines
Diff to previous 1.14 (colored)

re-enable IPv6.

Revision 1.14 / (download) - annotate - [select for diffs], Fri Mar 15 07:46:22 2002 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

upgrade to 7.9.5.

---
Version 7.9.5

Daniel (7 March 2002)
- Added docs/KNOWN_BUGS to the release archive.

Daniel (6 March 2002)
- Kevin Roth corrected a flaw in the curl client globbing code that made it
  mess up backslashes. This was most notable on windows (cygwin) machines when
  using file://.

- Brad provided another fix for building outside the source-tree.

- Ralph Mitchell patched away a few compiler warnings in tests/server/sws.c

Daniel (5 March 2002)
- I noticed that the typedef in curl.h for the progress callback prototype was
  wrong and thus applications that used it would not get the proper input
  data. It used size_t where the implementation actually uses doubles!

  I wish I could blame someone else, but this was my fault. Again.

Version 7.9.5-pre6

Daniel (4 March 2002)
- Cut off the changes done during 2001 from this changelog file and put them
  in a separate file (CHANGES.2001), available from CVS of course.

- I removed the multi directory. The example sources were moved to the
  docs/examples directory where they belong.

- Wrote 7 new man pages for the current functions in the new multi interface.
  They're all still pretty basic, but we can use them as a start and add more
  contents to them when we figure out what to write. The large amount of man
  pages for libcurl now present made me decide to put them in a new separate
  subdirectory in the docs directory. Named libcurl.

- Giuseppe Corbelli provided a template file for the EPM package manager, it
  gets generated nicely by the configure script now.

Version 7.9.5-pre5

Daniel (1 March 2002)
- Moved the memanalyze.pl script into the tests/ dir and added it to the
  release archives. It was previously only present in the CVS tree.

- Modified the February 17th Host: fix, as bug report #523718 pointed out that
  it caused crashes!

- Nico Baggus added more error codes to the VMS stuff.

- Wesley Laxton brought the code that introduced the new CURLOPT_PREQUOTE
  option. It is just another FTP quote option that allows the user to specify
  a list of FTP commands to issue *just before* the transfer command (RETR or
  STOR etc). It has turned up a few systems that really need this.

  The curl command line tool can also take advantage of this by prefixing the
  quote commands with a plus (+) in similar style that post transfer quote
  commands are specified.

  This is not yet documented. There is no test case for this yet.

Daniel (28 February 2002)
- Ralph Mitchell made some serious efforts and put a lot of sweat in setting
  up scripts and things for me to be able to repeat his problems, and I
  finally could.  I found a problem with the header byte counter that wasn't
  increased properly and thus we could return CURLE_GOT_NOTHING when we in
  fact had received data.

Daniel (27 February 2002)
- I had to revert the non-space parsing cookie fix I posted to the mailing
  list. Expire dates do have spaces and still need to get parsed properly!
  Instead we just ignore trailing white space and it seems to work...

Daniel (26 February 2002)
- Made the cookie property 'Max-Age' work, just since we already tried to
  support it, it is better to do it right. No one uses this anyway.

- The cookie parser could crash if a really weird (illegal) cookie line was
  received. I also made it better discard really oddly formatted lines better.

  Made the cookie jar store the second field from the left using the syntax
  that Netscape and Mozilla probably like. Curl itself ignores it.

  Added test case 31 for these cases.

  Clay Loveless' email regarding some cookie issues started my cleanup.

- Kevin Roth pointed out that my automake fiddles broke the ability to build
  outside the source-tree and I posted a patch to the mailing list that brings
  this ability back.

Version 7.9.5-pre4

Daniel (25 February 2002)
- Fiddled with the automake files to make all source files in the lib
  directory not have ../src in the include path, and the src sources shouldn't
  have ../lib!

- All 79 test cases ran OK under Linux and Solaris using the new HTTP server
  in the test suite. The new HTTP server was first donated by Georg Horn and
  subsequently modified to work with the test suite. It is currently still not
  portable enough to run on "all over" but this is a start and I can run all
  curl tests on my machines. This is an important requirement for the upcoming
  public release.

- Using -d and -I on the same command line now reports an error, as it implies
  two different HTTP requests that can't be mixed.

- Jeffrey Pohlmeyer provided a patch that made the -w/--write-out option
  support %{content_type} to get the content type of the recent download.

- Kevin Roth reported that pre2 and pre3 didn't compile properly on cygwin,
  and this was because I used #ifdef HAVE_WINSOCK_H in lib/multi.h to figure
  out if we could include winsock.h which turns out not to be a wise choice to
  do on cygwin since it has the file but can't include it!

Daniel (22 February 2002)
- Added src/config-vms.h to the release archive.

- Fixed the connection timeout value again, the change from February 18 wasn't
  complete.

Version 7.9.5-pre3

Daniel (21 February 2002)
- Kevin Roth and Andrés García both found out that lib/config.h.in was missing
  in the pre-release archive and thus the configure script failed.

Version 7.9.5-pre2

Daniel (20 February 2002)
- Andrés García provided a solution to bug report #515228. the total time
  counter was not set correctly when -I was used during some conditions (all
  headers were read in one single read).

- Nico Baggus provided a huge patch with minor tweaks all over to make curl
  compile nicely on VMS.

Daniel (19 February 2002)
- Rick Richardson found out that by replacing PF_UNSPEC with PF_INET in the
  getaddrinfo() calls, he could speed up some name resolving calls with an
  order of magnitudes on his Redhat Linux 7.2.

- Philip Gladstone found a second INADDR_NONE problem where we used long
  intead of in_addr_t which caused 64bit problemos. We really shouldn't define
  that on two different places.

Daniel (18 February 2002)
- Philip Gladstone found a problem in how HTTP requests were sent if the
  request couldn't be sent all at once.

- Emil found and corrected a bad connection timeout comparison that made curl
  use the longest of connect-timeout and timout as a timeout value, instead of
  the shortest as it was supposed to!

- Aron Roberts provided updated information about LDAP URL syntax to go into
  the manual as a replacement for the old references.

Daniel (17 February 2002)
- Philip Gladstone pointed out two missing include files that made curl core
  dump on 64bit architectures. We need to pay more attention on these details.
  It is *lethal* to for example forget the malloc() prototype, as 'int' is
  32bit and malloc() must return a 64bit pointer on these platforms.

- Giaslas Georgios fixed a problem with Host: headers on repeated requests on
  the same handle using a proxy.

Daniel (8 February 2002)
- Hanno L. Kranzhoff accurately found out that disabling the Expect: header
  when doing multipart formposts didn't work very well. It disabled other
  parts of the request header too, resulting in a broken header. When I fixed
  this, I also noticed that the Content-Type wasn't possible to disable. It is
  now, even though it probably is really stupid to try to do this (because of
  the boundary string that is included in the internally generated header,
  used as form part separator.)

Daniel (7 February 2002)
- I moved the config*.h files from the root directory to the lib/ directory.

- I've added the new test suite HTTP server to the CVS repository, It seems to
  work pretty good now, but we must make it get used by the test scripts
  properly and then we need to make sure that it compiles, builds and runs on
  most operating systems.

Version 7.9.5-pre1

Daniel (6 February 2002)
- Miklos Nemeth provided updated windows makefiles and INSTALL docs.

- Mr Larry Fahnoe found a problem with formposts and I managed to track down
  and patch this bug. This was actually two bugs, as the posted size was also
  said to be two bytes too large.

- Brent Beardsley found out and brought a correction for the
  CURLINFO_CONTENT_TYPE parser that was off one byte. This was my fault, I
  accidentaly broke Giaslas Georgios' patch.

Daniel (5 February 2002)
- Kevin Roth found yet another SSL download problem.

Version 7.9.4

- no changes since pre-release

Version 7.9.4-pre2

Daniel (3 February 2002)
- Eric Melville provided a few spelling corrections in the curl man page.

Daniel (1 February 2002)
- Andreas Damm corrected the unconditional use of gmtime() in getdate, it now
  uses gmtime_r() on all hosts that have it.

Daniel (31 January 2002)
- An anonymous bug report identified a problem in the DNS caching which made it
  sometimes allocate one byte too little to store the cache entry in. This
  happened when the port number started with 1!

- Albert Chin provided a patch that improves the gethostbyname_r() configure
  check on HP-UX 11.00.

Version 7.9.4-pre1

Daniel (30 January 2002)
- Georg Horn found another way the SSL reading failed due to the non-blocking
  state of the sockets! I fixed.

Daniel (29 January 2002)
- Multipart formposts now send the full request properly, including the CRLF.
  They were previously treated as part of the post data.

- The upload byte counter bugged.

- T. Bharath pointed out that we seed SSL on every connect, which is a time-
  consuming operation that should only be needed to do once. We patched
  libcurl to now only seed on the first connect when unseeded. The seeded
  status is global so it'll now only happen once during a program's life time.

  If the random_file or egdsocket is set, the seed will be re-made though.

- Giaslas Georgios introduced CURLINFO_CONTENT_TYPE that lets
  curl_easy_getinfo() read the content-type from the previous request.

Daniel (28 January 2002)
- Kjetil Jacobsen found a way to crash curl and after much debugging, it
  turned out it was a IPv4-linux only problem introduced in 7.9.3 related to
  name resolving.

- Andreas Damm posted a huge patch that made the curl_getdate() function fully
  reentrant!

- Steve Marx pointed out that you couldn't mix CURLOPT_CUSTOMREQUEST with
  CURLOPT_POSTFIELDS. You can now!

Daniel (25 January 2002)
- Krishnendu Majumdar pointed out that the header length counter was not reset
  between multiple requests on the same handle.

- Pedro Neves rightfully questioned why curl always append \r\n to the data
  that is sent in HTTP POST requests. Unfortunately, this broke the test suite
  as the test HTTP server is lame enough not to deal with this... :-O

- Following Location: headers when the connection didn't close didn't work as
  libcurl didn't properly stop reading. This problem was added in 7.9.3 due to
  the restructured internals. 'Frank' posted a bug report about this.

Daniel (24 January 2002)
- Kevin Roth very quickly spotted that we wrongly installed the example
  programs that were built in the multi directory, when 'make install' was
  used. :-/

Version 7.9.3

Daniel (23 January 2002)
- Andrés García found a persistancy problem when doing HTTP HEAD, that made
  curl "hang" until the connection was closed by the server. This problem has
  been introduced in 7.9.3 due to internal rewrites, this was not present in
  7.9.2.

Version 7.9.3-pre4

Daniel (19 January 2002)
- Antonio filed bug report #505514 and provided a fix! When doing multipart
  formposts, libcurl would include an error text in the actual post if a
  specified file wasn't found. This is not libcurl's job. Instead we add an
  empty part.

Daniel (18 January 2002)
- Played around with stricter compiler warnings for gcc (when ./configure
  --enable-debug is used) and changed some minor things to stop the warnings.

- Commented out the 'long long' and 'long double' checks in configure.in, as
  we don't currently use them anyway and the code in lib/mprintf.c that use
  them causes warnings.

- Saul Good and jonatan pointed out Mac OS X build problems with pre3 and how
  to correct them. Two compiler warnings were removed as well.

- Andrés García fixed two minor mingw32 building problems.

Version 7.9.3-pre3

Daniel (17 January 2002)
- docs/libcurl-the-guide is a new tutorial for our libcurl programming
  friends.

- Richard Archer brought back the ability to compile and build with OpenSSL
  versions before 0.9.5.
  [http://sourceforge.net/tracker/?func=detail&atid=100976&aid=504163&group_id=976]

- The DNS cache code didn't take the port number into account, which made it
  work rather bad on IPv6-enabled hosts (especially when doing passive
  FTP). Sterling fixed it.

Daniel (16 January 2002)
- Georg Horn could make a transfer time-out without error text. I found it and
  corrected it.

- SSL writes didn't work, they return an uninitialized value that caused
  havoc all over. Georg Horn experienced this.

- Kevin Roth patched the curl_version() function to use the proper OpenSSL
  function for version information. This way, curl will report the version of
  the SSL library actually running right now, not the one that had its headers
  installed when libcurl was built. Mainly intersting when running with shared
  OpenSSL libraries.

Version 7.9.3-pre2

Daniel (16 January 2002)
- Mofied the main transfer loop and related stuff to deal with non-blocking
  sockets in the upload section. While doing this, I've now separated the
  connection oriented buffers to have one for downloads and one for uploads
  (as two can happen simultaneously). I also shrunk the buffers to 20K
  each. As we have a scratch buffer twice the size of the upload buffer, we
  arrived at 80K for buffers compared with the previous 150K.

- Added the --cc option to curl-config command as it enables so very cool
  one-liners. Have a go a this one, building the simple.c example:

        $ `curl-config --cc --cflags --libs` -o example simple.c

Daniel (14 January 2002)
- I made all socket reads (recv) handle EWOULDBLOCK. I hope nicely. Now we
  only need to address all writes (send) too and then I'm ready for another
  pre-release...

- Stoned Elipot patched the in_addr_t configure test to make it work better on
  more platforms.

Daniel (9 January 2002)
- Cris Bailiff found out that filling up curl's SSL session cache caused a
  crash!

- Posted the curl questionnaire on the web site. If you haven't posted your
  opinions there yet, go there and do it now while it is still there:

        http://curl.haxx.se/q/

- Georg Horn quickly found out that the SSL reading no longer worked as
  supposed since the switch to non-blocking sockets. I've made a quick patch
  (for reading only) but we should improve it even further.

Version 7.9.3-pre1

Daniel (7 January 2002)
- I made the 'bool' typedef use an "unsigned char". It makes it the same on
  all platforms, no matter what the platform thinks the default format for
  char is. This was noticed since we made a silly comparison involving such a
  bool variable, and only one compiler/platform combination (on Debian Linux)
  complained about it (that happened to have its char unsigned by default).

- Bug report #495290 identified a cookie parsing problem that was corrected.
  When a Set-Cookie: line is received without a trailing semicolon, libcurl
  didn't read the last "name=value" pair of the line, leading to confusions...

- Sterling committed his updated DNS cache code.

- I worked with Georg Horn and comments from Götz Babin-Ebell and switched
  curl's socket operations completely over to non-blocking for the entire
  operation (previously we used non-blocking only for the connection phase).
  We had to do this to make the SSL connection phase timeout properly without
  the use of signals. A little extra code to deal with this was added.

- T. Bharath pointed out a slightly obscure cookie engine flaw.

- Pete Su pointed out that libcurl didn't treat HTTP code 204 as it should.
  204-replies never provides a response-body. This resulted in bad persistant
  behavior when 204 was received.

Daniel (5 January 2002)
- SM updated the VC++ library Makefiles for the new source files.

Daniel (4 January 2002)
- I discovered that we wrongly used inet_ntoa() (instead of inet_ntoa_r() in
  two places in the source code). One happened with VERBOSE set on connects,
  and the other when VERBOSE was on and krb4 over nat was used... I honestly
  don't think anyone has suffered from these mistakes.

- I replaced a lot of silly occurances of printf() to instead use the more
  appropriate Curl_infof() or Curl_failf(). The krb4 and telnet code were
  affected.

- Philip Gladstone found a few more problems with 64-bit archs (the 64-bit
  sparc on solaris 8).

- After discussions on the libcurl list with Raoul Cridlig, I just made FTP
  response lines get passed to the header callback if such a one is
  registered. It'll make it possible for any application to get all the
  responses an FTP server sends to libcurl.

Daniel (3 January 2002)
- Sterling Hughes brought a few buckets of code. Now, libcurl will
  automatically cache DNS lookups and re-use the previous results first if any
  such is available. It greatly improves speed when doing many repeated
  operations to the same host.

- As the test case uses --include and then --head, I had to modify src/main.c
  to deal with this situation slightly better than previously. When done, we
  have 100% good tests again in the main branch.

Daniel (2 January 2002)
- Made test case 25 run again in the multi-dev branch. But it seems that the
  changes done on dec-20 made test case 104 cease to work (in both branches).

- Philip Gladstone pointed out a few portability problems in the source code
  that didn't compile on 64-bit sparcs using Sun's native

Revision 1.13 / (download) - annotate - [select for diffs], Tue Feb 19 05:48:07 2002 UTC (17 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.12: +4 -1 lines
Diff to previous 1.12 (colored)

curl is IPv6 ready.

Revision 1.12 / (download) - annotate - [select for diffs], Mon Jan 14 00:31:53 2002 UTC (17 years, 4 months ago) by seb
Branch: MAIN
Changes since 1.11: +4 -2 lines
Diff to previous 1.11 (colored)

Added a couple of official mirror sites as per PR 15102.

Revision 1.11 / (download) - annotate - [select for diffs], Mon Jan 14 00:19:58 2002 UTC (17 years, 4 months ago) by seb
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Update to version 7.9.2. PR 15102 by Shell Hung <shell@shellhung.org>

Trivial patch on configure which fixes compilation on NetBSD/!i386 added.

Fixed in 7.9.2
- compiles and builds on the good old Mac OS (in addition to Mac OS X)
- bugfixed persistant connections over proxy with multiple protocols
- --disable-epsv is a new option to the curl command line tool
- bugfixed verbose ftp output on Tru64 unix
- added CURLOPT_FTP_USE_EPSV
- passive ftp download works with IPv6
- always return proper error code on failed connects
- bugfixed FTP response reader
- bugfixed verbose telnet
- added CURLINFO_STARTTRANSFER_TIME
- bugfixed conditional HTTP fetches based on time
- multiple calls to curl_global_init() is now treated better
- bugfixed multiple ftp requests
- made -p/--proxytunnel work for plain HTTP as well
- "current speed" progress meter bugfix
- improved the name resolver configure check
- libcurl now restores signal handlers and timeouts properly
- improved SSL over HTTP-proxy when using weird proxies(!)
- added the -1/--TLSv1 option
- bugfixed LDAP transfers

Revision 1.10 / (download) - annotate - [select for diffs], Sun Dec 23 19:33:18 2001 UTC (17 years, 5 months ago) by jlam
Branch: MAIN
Changes since 1.9: +6 -1 lines
Diff to previous 1.9 (colored)

Touch curl-config after configure is run to prevent regeneration.

Revision 1.9 / (download) - annotate - [select for diffs], Mon Nov 12 12:27:30 2001 UTC (17 years, 6 months ago) by seb
Branch: MAIN
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)

Upgrade to version 7.9.1

Fixed in 7.9.1
	much better connection re-use validity check
	bugfixed connection re-use for FTP urls containing name and password
	LDAP transfers no longer "hang"
	a memory leak in the cookie engine was removed
	CURLE_GOT_NOTHING is a new possible error code
	curl_easy_duphandle() now duplicates cookie parser status too
	--fail now only returns error if HTTP code is >= 400
	a possible memory leak when a transfer failed was removed
	builds better in cygwin
	"current speed" meter more accurate
	-c without -b saves the cookies now
	-0/--http1.0 can now be used to set HTTP 1.0 operations
	bugfixed libcurl for "thread-hopping" on Windows
	removed memory leak in IPv6-enabled libcurl
	'curl' no longer uses curl_formparse()
	non-blocking connects
	bugfixed curl_formadd()
	bugfixed CURLINFO_FILETIME
	bugfixed cookiejar

Revision 1.8 / (download) - annotate - [select for diffs], Wed Oct 3 22:36:41 2001 UTC (17 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.7: +1 -3 lines
Diff to previous 1.7 (colored)

bsd.buildlink.mk will automatically handle the REPLACE_BUILDLINK stuff, so
we can remove REPLACE_BUILDLINK settings containing *-config, *Conf.sh, and
*.pc.

Revision 1.7 / (download) - annotate - [select for diffs], Sat Sep 29 15:42:24 2001 UTC (17 years, 7 months ago) by seb
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)

Upgrade to version 7.9

Fixed in 7.9
	now properly returns an error code when connection to an SSL server
		with a non-legitimate certificate.
	displays certificate expire date with SSL and verbose output
	-R sets the timestamp of a downloaded file to the same as the remote
		file
	-c writes all cookies to a specified file (based on the new libcurl
		option CURLOPT_COOKIEJAR)
	SSL session ID caching is being done for multiple requests to the same
		hosts
	CURLOPT_COOKIEFILE can now be specified any number of times
	fixed portability issue in the SSL code
	-G improvements, now works with -I and on URLs including question mark.
	various windows compile, build and makefile fixes
	multiple curl_easy_perform() invokes when a previous invoke followed a
		Location: could lead to a crash
	curl_formadd() is a new function to replace the now deprecated
		curl_formparse() one, for building rfc1867 form posts.
	rfc1867-posts are now done including the Expect: 100-continue header.
	release archive now includes all docs as HTML pages too
	flushes the progress meter stream to improve look on windows
	fixed the configure script --with-ssl problem

Revision 1.6 / (download) - annotate - [select for diffs], Thu Sep 20 11:33:47 2001 UTC (17 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.5: +3 -2 lines
Diff to previous 1.5 (colored)

upgrade to 7.8.1, per PR 14022.
Summarized list of changes can be grabbed from http://curl.haxx.se/changes.html

Revision 1.5 / (download) - annotate - [select for diffs], Mon Aug 13 18:36:13 2001 UTC (17 years, 9 months ago) by nra
Branch: MAIN
Changes since 1.4: +4 -2 lines
Diff to previous 1.4 (colored)


Update www/curl to version 7.8.  PR 13704 by Stoned Elipot.

Fixed 7.8
        'curl-config --vernum' shows version number as a hexadecimal number
        libcurl's got two new functions (for global init/cleanup)
        SSL memory leak fixed
        new file format for the tests in the test suite
        netscape/mozilla cookie file parser bugfix
        everything is now built with autoconf 2.50, libtool 1.4
                and automake 1.4-p1
        libcurl's own version of 'strlcat' no longer pollutes the name space
        libcurl now treats an already completed resumed download as a
                successful operation, and not as an error like before
        https and ftps test cases added to the test suite (depend on stunnel)
        better white space awareness when parsing HTTP headers
        curl -I now plays ball even if the ftp server doesn't grok SIZE
        corrected resumed transfers on re-used persistent connections
        FTP PORT works again when libcurl is IPv6-enabled
        corrected path usage when doing multiple FTP transfers
        several Location: header related bugs corrected

Revision 1.4 / (download) - annotate - [select for diffs], Fri Jun 29 03:48:41 2001 UTC (17 years, 10 months ago) by jlam
Branch: MAIN
Changes since 1.3: +6 -5 lines
Diff to previous 1.3 (colored)

Convert to use buildlink.mk files and mark as USE_BUILDLINK_ONLY.

Revision 1.3 / (download) - annotate - [select for diffs], Fri Apr 6 03:47:23 2001 UTC (18 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH001
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)

upgrade to 7.7.1.

Version 7.7.1

Daniel (3 April 2001)
- Puneet Pawaia pointed out two serious problems. Libcurl would attempt to
  read bad memory during situations when an (ftp) connection attempt failed.
  Also, the lib/Makefile.vc6 was corrected.

- More investigations in the Location: following code made me realize that
  it was not clean enough to work transparantly with persistant and non-
  persistant connections. I think I've fixed it now.

Daniel (29 March 2001)
- Georg Horn mailed me some corrections for the Curl::easy perl interface.

- Experimental ftps:// support added. It is basically FTP over SSL for the
  control connection. It still makes all data transfers going over unencrypted
  connections. Rainer Weikusat's ftpd-ssl server hack supports this and I used
  that to verify the functionality.

Daniel (27 March 2001)
- Guenole Bescon discovered that if you set a CURLOPT_TIMEOUT and then tried
  to get a file from a site and it fails, the SIGALRM would still be sent
  after the timeout-time, quite inexpectedly!

- I added an ftp transfer example to docs/examples/ and I also wrote a tiny
  example makefile that can be used as a start when building one of the
  examples.

Version 7.7.1-beta1

Daniel (26 March 2001)
- Mohamed Lrhazi reported problems with 7.6.1 and persistant HTTP/1.0
  connections (when the server replied a Connection: Keep-Alive) and this
  problem was not properly dealt with in 7.7 either. A patch was posted to the
  curl-and-php mailing list.

Daniel (24 March 2001)
- Colin Watson reported about a problem and brought a patch that corrected it,
  which was about the man page and lines starting with a single quote (') in a
  way that gnroff doesn't like.

Daniel (23 March 2001)
- Peter Bray reported correctly that the root makefile used make instead of
  $(MAKE) for the test target.

- Corrected the Curl::easy perl interface to use curl_easy_setopt() and not
  curl_setopt() which was removed in 7.7!

- SM provided updates on three documents (MANUAL, INSTALL and FAQ).

- When following a Location:, libcurl would sometimes write to the URL string
  in a way it shouldn't. As the pointer is passed-in to libcurl from an
  application, we can't be allowed to write to it. The particular bug report
  from 'nk' that brought this up was because he had a read-only URL that then
  caused a libcurl crash!

- No longer reads HEAD responses longer than to the last header. Previously,
  curl would read the full reply if the connection was a "close" one.

- libcurl did re-use connections way too much. Doing "curl
  http://www.{microsoft,ibm}.com" would make it re-use the connection which
  made the second request return very odd results.

Daniel (22 March 2001)
- Edin Kadribasic made me aware that curl should not re-send POST requests
  when following 302-redirects. I made 302 work like 303 which means curl uses
  GET in the following request(s).

- libcurl now reset the "followed-location" counter on each invoke of
  curl_easy_perform() as it otherwise would sum up all redirects on the same
  connection and thus could reach the maxredirs counter wrongly.

- Jim Drash suggested curl_escape() should not re-encode what already looks
  like an encoded sequence and I think that's a fair suggestion.

Version 7.7

Daniel (22 March 2001)
- The configure script now fails with an error message if gethostbyname_r() is
  detected but it couldn't figure out how to invoke it (what amount of
  arguments it is supposed to get). Reports from Andrés García made me aware
  of this need.

- Talking with Jim Drash made me finally put the curl_escape and curl_unescape
  functions in the curl.h include file and write man pages for them. The
  escape function was modified to use the same interface as the unescape one
  had.

- No bug reports at all on the latest betas. Release time coming up.

Version 7.7-beta5

Daniel (19 March 2001)
- Georg Ottinger reported problems with using -C together with -L in the sense
  that the -C info got lost when it was redirected. I could not repeat this
  problem on the 7.7 branch why I leave this for the moment. Test case 39 was
  added to do exactly this, and it seems to do right.

- Christian Robottom Reis reported how his 7.7 beta didn't successfully do
  form posts as elegantly as 7.6.1 did. Indeed, this was a flaw in the header
  engine, as HTTP 1.1 has introduced a new 100 "transient" return code for PUT
  and POST operations that I need to add support for. Section 8.2.3 in RFC2616
  has all the details. Seems to work now!

Daniel (16 March 2001)
- After having experienced another machine break-down, we're back.

- Georg Horn's perl interface Curl::easy is now included in the curl release
  archive. The perl/ directory is now present. Please help me with docs,
  examples and updates you think fit.

- Made a new php/ directory in the release archive and moved the PHP examples
  into a subdirectory in there. Not much PHP info yet, but I plan to. Please
  help me here as well!

- Made libcurl return error if a transfer is aborted in the middle of a
  "chunk". It actually enables libcurl to discover premature transfer aborts
  even if the Content-Length: size is unknown.

Daniel (15 March 2001)
- Added --connect-timeout to curl, which sets the new CURLOPT_CONNECTTIMEOUT
  option in libcurl. It limits the time curl is allowed to spend in the
  connection phase. This differs from -m/--max-time that limits the entire
  file transfer operation. Requested by Larry Fahnoe and others.

  I also updated the curl.1 and curl_easy_setopt.3 man pages and removed the
  item from the TODO.

Version 7.7-beta4

Daniel (14 March 2001)
- Made curl grok IPv6 with HTTP proxies and got everything to compile nicely
  again when ENABLE_IPV6 is set.

  I need to remake things in the test suite. I can't test the FTP parts with
  curl built for IPv6 as it uses a different set of FTP commands then!

- I fell onto a bug report on php.net (posted by Lars Torben Wilson) that was
  a report meant for our project. Anyway, it said the .netrc parsing didn't
  work as supposed, and as I agreed with Lars, I made the netrc parser use
  getpwuid() to figure out the home directory of the effective user and try
  that netrc. It still uses the environment variable HOME for those that don't
  have that function or if the user doesn't return valid pwd info.

- Edin Kadribaic posted a bug report where he got a crash when a fetch with
  user+password in the URL followed a Location: to a second URL (absolute,
  without name+password). This bug has been around for a long while and
  crashes due to a read at address zero. Fixed now. Wrote test case 38, that
  tests this.

- Modified the test suite's httpserver slightly to append all client request
  data to its log file so that the test script now better can verify a range
  of requests and not only the last one, as it did previously.

- Updated the curl man page with --random-file and --egd-file details.

Version 7.7-beta3

Daniel (14 March 2001)
- Björn Stenberg provided similar fixes as Jörn did and some additional patches
  for non-SSL compiles.

- I increased the interface number for libcurl as I've removed the low level
  functions from the interface. I also took this opportunity to rename the
  Curl_strequal function to curl_strequal and Curl_strnequal to
  curl_strnequal, as they're public libcurl functions (even if they're still
  undocumented).

  This will make older programs not capable of using the new libcurl with
  just a drop-in replacement.

- Jörn Hartroth updated stuff for win32 compiles:
  o config-win32.h was fixed for socklen_t
  o lib/ssluse.c had a bad #endif placement
  o lib/file.c was made to compile on win32 again
  o lib/Makefile.m32 was updated with the new files
  o lib/libcurl.def matches the current interface state

Daniel (13 March 2001)
- It only took an hour or so before Jörn Hartroth found a problem in the
  chunked transfer-encoding. Given his fine example-site, I could easily spot
  the problem and when I re-read the spec (the part I have pasted in the top
  of the http_chunks.h file), I realized I had made my state-machine slightly
  wrong and didn't expect/handle the trailing CRLF that comes after the data
  in each chunk (and those extra two bytes sure feel wasted).

  Had to modify test case 34 to match this as well.

Version 7.7-beta2

Daniel (13 March 2001)
- Added the policy stuff to the curl_easy_setopt man page for the two supported
  policies.

- Implemented some support for the CURLOPT_CLOSEPOLICY option. The policies
  CURLCLOSEPOLICY_LEAST_RECENTLY_USED and CURLCLOSEPOLICY_OLDEST are now
  supported, and the "least recently used" is used as default if no policy
  is chosen.

Daniel (12 March 2001)
- Added CURLOPT_RANDOM_FILE and CURLOPT_EGDSOCKET to libcurl for seeding the
  SSL random engine. The random seeding support was also brought to the curl
  client with the new options --random-file <file> and --egd-file <file>. I
  need some people to really test this to know they work as supposed. Remember
  that libcurl now informs (if verbose is on) if the random seed is considered
  weak (HTTPS connections).

- Made the chunked transfer-encoding engine detected bad formatted data length
  and return error if so (we can't possibly extract sensible data if this is
  the case). Added a test case that detects this. Number 36. Now there are 60
  test cases.

- Added 5 new libcurl options to curl/curl.h that can be used to control the
  persistant connection support in libcurl. They're also documented (fairly
  thoroughly) in the curl_easy_setopt.3 man page. Three of them are now
  implemented, although not really tested at this point... Anyway, the new
  implemented options are named CURLOPT_MAXCONNECTS, CURLOPT_FRESH_CONNECT,
  CURLOPT_FORBID_REUSE. The ones still left to write code for are:
  CURLOPT_CLOSEPOLICY and its related option CURLOPT_CLOSEFUNCTION.

- Made curl (the actual command line tool) use the new libcurl 7.7 persistant
  connection support by re-using the same curl handle for every specified file
  transfer and after some more test case tweaking we have 100% test case OK.
  I made some test cases return HTTP/1.0 now to make sure that works as well.

- Had to add 'Connection: close' to the headers of a bunch of test cases so
  that curl behaves "old-style" since the test http server doesn't do multiple
  connections... Now I get 100% test case OK.

- The curl.haxx.se site, the main curl mailing list and my personal email are
  all dead today due to power blackout in the area where the main servers are
  located. Horrible.

- I've made persistance work over a squid HTTP proxy. I find it disturbing
  that it uses headers that aren't present in any HTTP standard though
  (Proxy-Connection:) and that makes me feel that I'm now on the edge of what
  the standard actually defines. I need to get this code excercised on a lot
  of different HTTP proxies before I feel safe.

  Now I'm facing the problem with my test suite servers (both FTP and HTTP)
  not supporting persistant connections and libcurl is doing them now. I have
  to fix the test servers to get all the test cases do OK.

Daniel (8 March 2001)
- Guenole Bescon reported that libcurl did output errors to stderr even if
  MUTE and NOPROGRESS was set. It turned out to be a bug and happens if
  there's an error and no ERRORBUFFER is set. This is now corrected.

Version 7.7-beta1

Daniel (8 March 2001)
- "Transfer-Encoding: chunked" is no longer any trouble for libcurl. I've
  added two source files and I've run some test downloads that look fine.

- HTTP HEAD works too, even on 1.1 servers.

Daniel (5 March 2001)
- The current 57 test cases now pass OK. It would suggest that libcurl works
  using the old-style with one connection per handle. The test suite doesn't
  handle multiple connections yet so there are no test cases for this.

- I patched the telnet.c heavily to not use any global variables anymore. It
  should make it a lot nicer library-wise.

- The file:// support was modified slightly to use the internal connect-first-
  then-do approach.

Daniel (4 March 2001)
- More bugs erased.

Version 7.7-alpha2

Daniel (4 March 2001)
- Now, there's even a basic check that a re-used connection is still alive
  before it is assumed so. A few first tests have proven that libcurl will
  then re-connect instead of re-use the dead connection!

Daniel (2 March 2001)
- Now they work intermixed as well. Major coolness!

- More fiddling around, my 'tiny' client I have for testing purposes now has
  proved to download both FTP and HTTP with persistant connections. They do
  not work intermixed yet though.

Daniel (1 March 2001)
- Wilfredo Sanchez pointed out a minor spelling mistake in a man page and that
  curl_slist_append() should take a const char * as second argument. It does
  now.

Daniel (22 February 2001)
- The persistant connections start to look good for HTTP. On a subsequent
  request, it seems that libcurl now can pick an already existing connection
  if a suitable one exists, or it opens a new one.

- Douglas R. Horner mailed me corrections to the curl_formparse() man page
  that I applied.

Daniel (20 February 2001)
- Added the docs/examples/win32sockets.c file for our windows friends.

- Linus Nielsen Feltzing provided brand new TELNET functionality and
  improvements:

  * Negotiation is now passive. Curl does not negotiate until the peer does.
  * Possibility to set negotiation options on the command line, currently only
    XDISPLOC, TTYPE and NEW_ENVIRON (called NEW_ENV).
  * Now sends the USER environment variable if the -u switch is used.
  * Use -t to set telnet options (Linus even updated the man page, awesome!)

- Haven't done this big changes to curl for a while. Moved around a lot of
  struct fields and stuff to make multiple connections get connection specific
  data in separate structs so that they can co-exist in a nice way. See the
  mailing lists for discussions around how this is gonna be implemented. Docs
  and more will follow.

  Studied the HTTP RFC to find out better how persistant connections should
  work. Seems cool enough.

Daniel (19 February 2001)
- Bob Schader brought me two files that help set up a MS VC++ libcurl project
  easier. He also provided me with an up-to-date libcurl.def file.

- I moved a bunch of prototypes from the public <curl/curl.h> file to the
  library private urldata.h. This is because of the upcoming changes. The
  low level interface is no longer being planned to become reality.

Daniel (15 February 2001)
- CURLOPT_POST is not required anymore. Just setting the POST string with
  CURLOPT_POSTFIELDS will switch on the HTTP POST. Most other things in
  libcurl already works this way, i.e they require only the parameter to
  switch on a feature so I think this works well with the rest. Setting a NULL
  string switches off the POST again.

- Excellent suggestions from Rich Gray, Rick Jones, Johan Nilsson and Bjorn
  Reese helped me define a way how to incorporate persistant connections into
  libcurl in a very smooth way. If done right, no change may have to be made
  to older programs and they will just start using persistant connections when
  applicable!

Daniel (13 February 2001)
- Changed the word 'timeouted' to 'timed out' in two different error messages.
  Suggested by Larry Fahnoe.

Version 7.6.1

Daniel (9 February 2001)
- Frank Reid and Cain Hopwood provided information and research around a HTTPS
  PUT/upload problem we seem to have. No solution found yet.

Daniel (8 February 2001)
- An interesting discussion is how to specify an empty password without having
  curl ask for it interactively? The current implmentation takes an empty
  password as a request for a password prompt. However, I still want to
  support a blank user field. Thus, today if you enter "-u :" (without user
  and password) curl will prompt for the password. Tricky. How would you
  specify you want the prompt otherwise?

- Made the netrc parse result possible to use for other protocols than FTP and
  HTTP (such as the upcoming TELNET fixes).

- The previously mentioned "MSVC++ problems" turned out to be a non-issue.

- Added a HTTP file upload code example in the docs/examples/ section on
  request.

- Adjusted the FTP response fix slightly.

Version 7.6.1-pre3

Daniel (7 February 2001)
- SM found a flaw in the response reading function for FTP that could make
  libcurl not get out of the loop properly when it should, if libcurl got -1
  returned when reading the socket.

- I found a similar mistake in http.c when using a proxy and reading the
  results from the proxy connection.

Daniel (6 February 2001)
- A friendly person named "SM" (nntp at iname.com) pointed out that the VC
  makefile in src/ needed the libpath set for the debug build to work.

- Daniel Gehriger stepped in to assist with the VC++ stuff Robert Weaver
  brought up yesterday.

Daniel (5 February 2001)
- Jun-ichiro itojun Hagino brought a big patch that brings IPv6-awareness to
  a bunch of different areas within libcurl.

- Robert Weaver told me about the problems the MS VC++ 6.0 compiler has with
  the 'static' keyword on a number of libcurl functions. I might need to add a
  patch that redefines static when libcurl is compiled with that compiler.
  How do I know when VC++ compiles, anyone?

Daniel (4 February 2001)
- curl_getinfo() was extended with two new options:
  CURLINFO_CONTENT_LENGTH_DOWNLOAD and CURLINFO_CONTENT_LENGTH_UPLOAD. They
  return the full assumed content length of the transfer in the given
  direction. The CURLINFO_CONTENT_LENGTH_DOWNLOAD will be the Content-Length:
  size of a HTTP download. Added descriptions to the man page as well. This
  was done after discussions with Bob Schader.

Daniel (3 February 2001)
- Ingo Ralf Blum provided another fix that makes curl build under the more
  recent cygwin installations. It seems they've changed the preset defines to
  not include WIN32 anymore.

Version 7.6.1-pre2

Daniel (31 January 2001)
- Curl_read() and curl_read() now return a ssize_t for the size, as it had to
  be able to return -1. The telnet support crashed due to this and there was a
  possibility to weird behaviour all over. Linus Nielsen Feltzing helped me
  find this.

- Added a configure.in check for a working getaddrinfo() if IPv6 is requested.
  I also made the configure script feature --enable-debug which sets a couple
  of compiler options when used. It assumes gcc.

Daniel (30 January 2001)
- I finally took a stab at the long-term FIXME item I've had on myself, and
  now libcurl will properly work when doing a HTTP range-request that follows
  a Location:. Previously that would make libcurl fail saying that the server
  doesn't seem to support range requests.

Daniel (29 January 2001)
- I added a test case for the HTTP PUT resume thing (test case 33).

Version 7.6.1-pre1

Daniel (29 January 2001)
- Yet another Content-Range change. Ok now? Bob Schader checks from his end
  and it works for him.

Daniel (27 January 2001)
- So the HTTP PUT resume fix wasn't good. There should appearantly be a
  Content-Range header when resuming a PUT.

- I noticed I broke the download-check that verifies that a resumed HTTP
  download is actually resumed. It got broke because my new 'httpreq' field
  in the main curl struct. I should get slapped. I added a test case for
  this now, so I won't be able to ruin this again without noticing.

- Added a test case for content-length verifying when downloading HTTP.

- Made the progress meter title say if the transfer is being transfered. It
  makes the output slightly better for resumes.

- When dealing with Location: and HTTP return codes, libcurl will not attempt
  to follow the spirit of RFC2616 better. It means that when POSTing to a
  URL that is being following to a second place, the standard will judge on
  what to do. All HTTP codes except 303 and 305 will cause curl to make a
  second POST operation. 303 will make a GET and 305 is not yet supported.

  I also wrote two test cases for this POST/GET/Location stuff.

Revision 1.2 / (download) - annotate - [select for diffs], Sat Feb 17 17:22:03 2001 UTC (18 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.1: +2 -1 lines
Diff to previous 1.1 (colored)

Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Mon Feb 5 14:32:21 2001 UTC (18 years, 3 months ago) by itojun
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

curl 7.6, fetch data from an URL (similar to wget)

Revision 1.1 / (download) - annotate - [select for diffs], Mon Feb 5 14:32:21 2001 UTC (18 years, 3 months ago) by itojun
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>