./www/curl, Client that groks URLs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 7.58.0, Package name: curl-7.58.0, Maintainer: pkgsrc-users

Curl is a command line tool for transferring files with URL syntax, supporting
FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. Curl supports
HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,
proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,
kerberos...), file transfer resume, proxy tunneling and a busload of other
useful tricks.


Required to run:
[devel/libidn2]

Required to build:
[pkgtools/cwrappers]

Package options: gssapi, idn, inet6

Master sites:

SHA1: 42fff9f33ad4ed9e797ee1e7c0a3cda7f8dff7ff
RMD160: 61d5e9f5165f4bbeac3b81de55f27561d90a7c86
Filesize: 2824.09 KB

Version history: (Expand)


CVS history: (Expand)


   2018-01-24 13:17:44 by Leonardo Taccari | Files touched by this commit (1)
Log message:
curl: Delete if-def block regarding TEST_TARGET and test dependencies

Define TEST_TARGET unconditionally and do not add `perl' to USE_TOOLS, `perl'
is already needed as tool.
   2018-01-24 08:57:19 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
curl: update to 7.58.0.

This release includes the following changes:

 o new libssh-powered SSH SCP/SFTP back-end
 o curl-config: add --ssl-backends [10]

This release includes the following bugfixes:

 o http2: fix incorrect trailer buffer size [40]
 o http: prevent custom Authorization headers in redirects [55]
 o travis: add boringssl build [1]
 o examples/xmlstream.c: don't switch off CURL_GLOBAL_SSL [2]
 o SSL: Avoid magic allocation of SSL backend specific data [3]
 o lib: don't export all symbols, just everything curl_* [4]
 o libssh2: send the correct CURLE error code on scp file not found
 o libssh2: return CURLE_UPLOAD_FAILED on failure to upload
 o openssl: enable pkcs12 in boringssl builds [5]
 o libssh2: remove dead code from SSH_SFTP_QUOTE [6]
 o sasl_getmesssage: make sure we have a long enough string to pass [7]
 o conncache: fix several lock issues [8]
 o threaded-shared-conn.c: new example
 o conncache: only allow multiplexing within same multi handle [9]
 o configure: check for netinet/in6.h [11]
 o URL: tolerate backslash after drive letter for FILE: [12]
 o openldap: add commented out debug possibilities [13]
 o include: get netinet/in.h before linux/tcp.h [14]
 o CONNECT: keep close connection flag in http_connect_state struct [15]
 o BINDINGS: another PostgreSQL client
 o curl: limit -# update frequency for unknown total size [16]
 o configure: add AX_CODE_COVERAGE only if using gcc [17]
 o curl.h: remove incorrect comment about ERRORBUFFER
 o openssl: improve data-pending check for https proxy [18]
 o curl: remove __EMX__ #ifdefs [19]
 o CURLOPT_PRIVATE.3: fix grammar [20]
 o sftp: allow quoted commands to use relative paths [21]
 o CURLOPT_DNS_CACHE_TIMEOUT.3: see also CURLOPT_RESOLVE
 o RESOLVE: output verbose text when trying to set a duplicate name
 o openssl: Disable file buffering for Win32 SSLKEYLOGFILE [22]
 o multi_done: prune DNS cache [23]
 o tests: update .gitignore for libtests
 o tests: mark data files as non-executable in git
 o CURLOPT_DNS_LOCAL_IP4.3: fixed the "SEE ALSO" to not self-reference
 o curl.1: documented two missing valid exit codes
 o curl.1: mention http:// and https:// as valid proxy prefixes
 o vtls: replaced getenv() with curl_getenv() [24]
 o setopt: less *or equal* than INT_MAX/1000 should be fine [25]
 o examples/smtp-mail.c: use separate defines for options and mail
 o curl: support >256 bytes warning messsages [26]
 o conncache: fix a return code
 o krb5: fix a potential access of uninitialized memory
 o rand: add a clang-analyzer work-around
 o CURLOPT_READFUNCTION.3: refer to argument with correct name [27]
 o brotli: allow compiling with version 0.6.0
 o content_encoding: rework zlib_inflate [28]
 o curl_easy_reset: release mime-related data [29]
 o examples/rtsp: fix error handling macros [30]
 o build-openssl.bat: Added support for VC15
 o build-wolfssl.bat: Added support for VC15
 o build: Added Visual Studio 2017 project files
 o winbuild: Added support for VC15
 o curl: Support size modifiers for --max-filesize [32]
 o examples/cacertinmem: ignore cert-already-exists error [33]
 o brotli: data at the end of content can be lost [34]
 o curl_version_info.3: call the argument 'age' [35]
 o openssl: fix memory leak of SSLKEYLOGFILE filename
 o build: remove HAVE_LIMITS_H check [36]
 o --mail-rcpt: fix short-text description
 o scripts: allow all perl scripts to be run directly [37]
 o progress: calculate transfer speed on milliseconds if possible [38]
 o system.h: check __LONG_MAX__ for defining curl_off_t [31]
 o easy: fix connection ownership in curl_easy_pause [39]
 o setopt: reintroduce non-static Curl_vsetopt() for OS400 support [41]
 o setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values [42]
 o configure.ac: append extra linker flags instead of prepending them [43]
 o HTTP: bail out on negative Content-Length: values [44]
 o docs: comment about CURLE_READ_ERROR returned by curl_mime_filedata
 o mime: clone mime tree upon easy handle duplication [45]
 o openssl: enable SSLKEYLOGFILE support by default [46]
 o smtp/pop3/imap_get_message: decrease the data length too... [47]
 o CURLOPT_TCP_NODELAY.3: fix typo [48]
 o SMB: fix numeric constant suffix and variable types [49]
 o ftp-wildcard: fix matching an empty string with "*[^a]" [50]
 o curl_fnmatch: only allow 5 '*' sections in a single pattern
 o openssl: fix potential memory leak in SSLKEYLOGFILE logic
 o SSH: Fix state machine for ssh-agent authentication [51]
 o examples/url2file.c: add missing curl_global_cleanup() call [52]
 o http2: don't close connection when single transfer is stopped [53]
 o libcurl-env.3: first version
 o curl: progress bar refresh, get width using ioctl() [54]
 o CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support [56]
   2018-01-01 22:18:57 by Adam Ciarcinski | Files touched by this commit (629) | Package updated
Log message:
Revbump after boost update
   2017-11-29 14:56:28 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
curl: update to 7.57.0.

Curl and libcurl 7.57.0

 o auth: add support for RFC7616 - HTTP Digest access authentication [12]
 o share: add support for sharing the connection cache [31]
 o HTTP: implement Brotli content encoding [28]

This release includes the following bugfixes:

 o CVE-2017-8816: NTLM buffer overflow via integer overflow [47]
 o CVE-2017-8817: FTP wildcard out of bounds read [48]
 o CVE-2017-8818: SSL out of buffer access [49]
 o curl_mime_filedata.3: fix typos [1]
 o libtest: Add required test libraries for lib1552 and lib1553 [2]
 o fix time diffs for systems using unsigned time_t [3]
 o ftplistparser: memory leak fix: free temporary memory always [4]
 o multi: allow table handle sizes to be overridden [5]
 o wildcards: don't use with non-supported protocols [6]
 o curl_fnmatch: return error on illegal wildcard pattern [7]
 o transfer: Fix chunked-encoding upload too early exit [8]
 o curl_setup: Improve detection of CURL_WINDOWS_APP [9]
 o resolvers: only include anything if needed [10]
 o setopt: fix CURLOPT_SSH_AUTH_TYPES option read
 o appveyor: add a win32 build
 o Curl_timeleft: change return type to timediff_t [11]
 o cmake: Export libcurl and curl targets to use by other cmake projects [13]
 o curl: in -F option arg, comma is a delimiter for files only [14]
 o curl: improved ";type=" handling in -F option arguments
 o timeval: use mach_absolute_time() on MacOS [15]
 o curlx: the timeval functions are no longer provided as curlx_* [16]
 o mkhelp.pl: do not generate comment with current date [17]
 o memdebug: use send/recv signature for curl_dosend/curl_dorecv [18]
 o cookie: avoid NULL dereference [19]
 o url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1 [20]
 o include: remove conncache.h inclusion from where its not needed
 o CURLOPT_MAXREDIRS: allow -1 as a value [21]
 o tests: Fixed torture tests on tests 556 and 650
 o http2: Fixed OOM handling in upgrade request
 o url: fix CURLOPT_DNS_CACHE_TIMEOUT arg value check to allow -1
 o CURLOPT_INFILESIZE: accept -1 [22]
 o curl: pass through [] in URLs instead of calling globbing error [23]
 o curl: speed up handling of many URLs [24]
 o ntlm: avoid malloc(0) for zero length passwords [25]
 o url: remove faulty arg value check from CURLOPT_SSH_AUTH_TYPES [26]
 o HTTP: support multiple Content-Encodings [27]
 o travis: add a job with brotli enabled
 o url: remove unncessary NULL-check
 o fnmatch: remove dead code
 o connect: store IPv6 connection status after valid connection [29]
 o imap: deal with commands case insensitively [30]
 o --interface: add support for Linux VRF [32]
 o content_encoding: fix inflate_stream for no bytes available [33]
 o cmake: Correctly include curl.rc in Windows builds [34]
 o cmake: Add missing setmode check [35]
 o connect.c: remove executable bit on file [36]
 o SMB: fix uninitialized local variable
 o zlib/brotli: only include header files in modules needing them [37]
 o URL: return error on malformed URLs with junk after IPv6 bracket [38]
 o openssl: fix too broad use of HAVE_OPAQUE_EVP_PKEY [39]
 o macOS: Fix missing connectx function with Xcode version older than 9.0 [40]
 o --resolve: allow IP address within [] brackets [41]
 o examples/curlx: Fix code style [42]
 o ntlm: remove unnecessary NULL-check to please scan-build [43]
 o Curl_llist_remove: fix potential NULL pointer deref [43]
 o mime: fix "Value stored to 'sz' is never read" scan-build error [43]
 o openssl: fix "Value stored to 'rc' is never read" scan-build error [43]
 o http2: fix "Value stored to 'hdbuf' is never read" scan-build error [43]
 o http2: fix "Value stored to 'end' is never read" scan-build error [43]
 o Curl_open: fix OOM return error correctly [43]
 o url: reject ASCII control characters and space in host names [44]
 o examples/rtsp: clear RANGE again after use [45]
 o connect: improve the bind error message [46]
 o make: fix "make distclean" [50]
 o connect: add support for new TCP Fast Open API on Linux [51]
 o metalink: fix memory-leak and NULL pointer dereference [52]
 o URL: update "file:" URL handling [53]
 o ssh: remove check for a NULL pointer [54]
 o global_init: ignore CURL_GLOBAL_SSL's absense [55]
   2017-11-03 10:40:37 by Jonathan Perkin | Files touched by this commit (2)
Log message:
curl: Don't strip out user-supplied debug flags.
   2017-10-23 08:59:36 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
curl: update to 7.56.1

Curl and libcurl 7.56.1

This release includes the following bugfixes:

 o imap: if a FETCH response has no size, don't call write callback
 o ftp: UBsan fixup 'pointer index expression overflowed
 o failf: skip the sprintf() if there are no consumers
 o fuzzer: move to using external curl-fuzzer
 o lib/Makefile.m32: allow customizing dll suffixes
 o docs: fix typo in curl_mime_data_cb man page
 o darwinssl: add support for TLSv1.3
 o build: fix --disable-crypto-auth
 o lib/config-win32.h: let SMB/SMBS be enabled with OpenSSL/NSS
 o openssl: fix build without HAVE_OPAQUE_EVP_PKEY
 o strtoofft: Remove extraneous null check
 o multi_cleanup: call DONE on handles that never got that
 o tests: added flaky keyword to tests 587 and 644
 o pingpong: return error when trying to send without connection
 o remove_handle: call multi_done() first, then clear dns cache pointer
 o mime: be tolerant about setting twice the same header list in a part.
 o mime: improve unbinding top multipart from easy handle.
 o mime: avoid resetting a part's encoder when part's contents change.
 o mime: refuse to add subparts to one of their own descendants
 o RTSP: avoid integer overflow on funny RTSP responses
 o curl: don't pass semicolons when parsing Content-Disposition
 o openssl: enable PKCS12 support for !BoringSSL
 o FAQ: s/CURLOPT_PROGRESSFUNCTION/CURLOPT_XFERINFOFUNCTION
 o CURLOPT_NOPROGRESS.3: also refer to xferinfofunction
 o CURLOPT_XFERINFODATA.3: fix duplicate see also
 o test298: verify --ftp-method nowcwd with URL encoded path
 o FTP: URL decode path for dir listing in nocwd mode
 o smtp_done: fix memory leak on send failure
 o ftpserver: support case insensitive commands
 o test950; verify SMTP with custom request
 o openssl: don't use old BORINGSSL_YYYYMM macros
 o setopt: update current connection SSL verify params
 o winbuild/BUILD.WINDOWS.txt: mention WITH_NGHTTP2
 o curl: reimplement stdin buffering in -F option
 o mime: keep "text/plain" content type if user-specified
 o mime: fix the content reader to handle >16K data properly
 o configure: remove the C++ compiler check
 o memdebug: trace send, recv and socket
 o runtests: use valgrind for torture as well
 o ldap: silence clang warning
 o makefile.m32: allow to override gcc, ar and ranlib
 o setopt: avoid integer overflows when setting millsecond values
 o setopt: range check most long options
 o ftp: reject illegal IP/port in PASV 227 response
 o mime: do not reuse previously computed multipart size
 o vtls: change struct Curl_ssl `close' field name to `close_one'
 o os400: add missing symbols in config file
 o mime: limit bas64-encoded lines length to 76 characters
 o mk-ca-bundle: Remove URL for aurora
 o mk-ca-bundle: Fix URL for NSS
   2017-10-04 08:32:58 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
curl: update to 7.56.0.

Curl and libcurl 7.56.0

This release includes the following changes:

 o curl: enable compression for SCP/SFTP with --compressed-ssh  [11]
 o libcurl: enable compression for SCP/SFTP with CURLOPT_SSH_COMPRESSION [11]
 o vtls: added dynamic changing SSL backend with curl_global_sslset() [28]
 o new MIME API, curl_mime_init() and friends [32]
 o openssl: initial SSLKEYLOGFILE implementation [36]

This release includes the following bugfixes:

 o FTP: zero terminate the entry path even on bad input [67]
 o examples/ftpuploadresume.c: use portable code
 o runtests: match keywords case insensitively
 o travis: build the examples too [1]
 o strtoofft: reduce integer overflow risks globally [2]
 o zsh.pl: produce a working completion script again [3]
 o cmake: remove dead code for CURL_DISABLE_RTMP [4]
 o progress: Track total times following redirects [5]
 o configure: fix --disable-threaded-resolver [6]
 o cmake: remove dead code for DISABLED_THREADSAFE [7]
 o configure: fix clang version detection
 o darwinssi: fix error: variable length array used
 o travis: add metalink to some osx builds [8]
 o configure: check for __builtin_available() availability [9]
 o http_proxy: fix build error for CURL_DOES_CONVERSIONS [10]
 o examples/ftpuploadresume: checksrc compliance
 o ftp: fix CWD when doing multicwd then nocwd on same connection [12]
 o system.h: remove all CURL_SIZEOF_* defines [13]
 o http: Don't wait on CONNECT when there is no proxy [14]
 o system.h: check for __ppc__ as well [15]
 o http2_recv: return error better on fatal h2 errors [16]
 o scripts/contri*sh: use "git log --use-mailmap"
 o tftp: fix memory leak on too long filename [17]
 o system.h: fix build for hppa [18]
 o cmake: enable picky compiler options with clang and gcc [19]
 o makefile.m32: add support for libidn2 [20]
 o curl: turn off MinGW CRT's globbing [21]
 o request-target.d: mention added in 7.55.0
 o curl: shorten and clean up CA cert verification error message [22]
 o imap: support PREAUTH [23]
 o CURLOPT_USERPWD.3: see also CURLOPT_PROXYUSERPWD
 o examples/threaded-ssl: mention that this is for openssl before 1.1
 o winbuild: fix embedded manifest option [24]
 o tests: Make sure libtests & unittests call curl_global_cleanup()
 o system.h: include sys/poll.h for AIX [25]
 o darwinssl: handle long strings in TLS certs [26]
 o strtooff: fix build for systems with long long but no strtoll [27]
 o asyn-thread: Improved cleanup after OOM situations
 o HELP-US.md: "How to get started helping out in the curl project" [29]
 o curl.h: CURLSSLBACKEND_WOLFSSL used wrong value [30]
 o unit1301: fix error message on first test
 o ossfuzz: moving towards the ideal integration [31]
 o http: fix a memory leakage in checkrtspprefix()
 o examples/post-callback: stop returning one byte at a time
 o schannel: return CURLE_SSL_CACERT on failed verification [33]
 o MAIL-ETIQUETTE: added "1.9 Your emails are public"
 o http-proxy: treat all 2xx as CONNECT success [34]
 o openssl: use OpenSSL's default ciphers by default [35]
 o runtests.pl: support attribute "nonewline" in part verify/upload
 o configure: remove --enable-soname-bump and SONAME_BUMP [37]
 o travis: add c-ares enabled builds linux + osx [38]
 o vtls: fix WolfSSL 3.12 build problems [39]
 o http-proxy: when not doing CONNECT, that phase is done immediately [40]
 o configure: fix curl_off_t check's include order [41]
 o configure: use -Wno-varargs on clang 3.9[.X] debug builds
 o rtsp: do not call fwrite() with NULL pointer FILE * [42]
 o mbedtls: enable CA path processing [43]
 o travis: add build without HTTP/SMTP/IMAP
 o checksrc: verify more code style rules [44]
 o HTTP proxy: on connection re-use, still use the new remote port [45]
 o tests: add initial gssapi test using stub implementation [46]
 o rtsp: Segfault when using WRITEDATA [47]
 o docs: clarify the CURLOPT_INTERLEAVE* options behavior
 o non-ascii: use iconv() with 'char **' argument [48]
 o server/getpart: provide dummy function to build conversion enabled
 o conversions: fix several compiler warnings
 o openssl: add missing includes [49]
 o schannel: Support partial send for when data is too large [50]
 o socks: fix incorrect port number in SOCKS4 error message [51]
 o curl: fix integer overflow in timeout options [52]
 o travis: on mac, don't install openssl or libidn [53]
 o cookies: reject oversized cookies instead of truncating [54]
 o cookies: use lock when using CURLINFO_COOKIELIST [55]
 o curl: check fseek() return code and bail on error
 o examples/post-callback: use long for CURLOPT_POSTFIELDSIZE
 o openssl: only verify RSA private key if supported [56]
 o tests: make the imap server not verify user+password [57]
 o imap: quote atoms properly when escaping characters [58]
 o tests: fix a compiler warning in test 643
 o file_range: avoid integer overflow when figuring out byte range [59]
 o curl.h: include <sys/select.h> on cygwin too [60]
 o reuse_conn: don't copy flags that are known to be equal [61]
 o http: fix adding custom empty headers to repeated requests [62]
 o docs: clarify the use of environment variables for proxy [63]
 o docs: link CURLOPT_CONNECTTIMEOUT and CURLOPT_CONNECTTIMEOUT_MS [64]
 o connect: fix race condition with happy eyeballs timeout [65]
 o cookie: fix memory leak if path was set twice in header [66]
 o vtls: compare and clone ssl configs properly [68]
 o proxy: read the "no_proxy" variable only if necessary [69]
   2017-08-29 09:08:32 by Thomas Klausner | Files touched by this commit (1) | Package updated
Log message:
Remove superfluous automake dependency (after update).

Fixes PR 52513 by David H. Gutteridge.