./www/curl, Client that groks URLs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 7.40.0, Package name: curl-7.40.0, Maintainer: pkgsrc-users

Curl is a command line tool for transferring files with URL syntax, supporting
FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. Curl supports
HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,
proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,
kerberos...), file transfer resume, proxy tunneling and a busload of other
useful tricks.


Required to run:
[devel/libidn]


Package options: gssapi, inet6, libidn

Master sites: (Expand)

SHA1: 1446603f4df89b6d1cafc4d6a8617c892651b3ff
RMD160: 5ca0220dc5e866271e3757b21eee14477690e259
Filesize: 3190.375 KB

Version history: (Expand)


CVS history: (Expand)


   2015-01-08 20:23:53 by Thomas Klausner | Files touched by this commit (3)
Log message:
Fix build with GSSAPI on NetBSD. Enable gssapi again.
   2015-01-08 18:23:07 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
Update to 7.40.0. Disable gssapi by default on NetBSD, since it doesn't
compile any longer, see
https://sourceforge.net/p/curl/bugs/1469/

Changes:

Curl and libcurl 7.40.0

 Public curl releases:         143
 Command line options:         162
 curl_easy_setopt() options:   208
 Public functions in libcurl:  58
 Contributors:                 1219

This release includes the following changes:

 o http_digest: Added support for Windows SSPI based authentication
 o version info: Added Kerberos V5 to the supported features
 o Makefile: Added VC targets for WinIDN
 o config-win32: Introduce build targets for VS2012+
 o SSL: Add PEM format support for public key pinning
 o smtp: Added support for the conversion of Unix newlines during mail send [8]
 o smb: Added initial support for the SMB/CIFS protocol
 o Added support for HTTP over unix domain sockets, via
   CURLOPT_UNIX_SOCKET_PATH and --unix-socket
 o sasl: Added support for GSS-API based Kerberos V5 authentication

This release includes the following bugfixes:

 o darwinssl: fix session ID keys to only reuse identical sessions [18]
 o url-parsing: reject CRLFs within URLs [19]
 o OS400: Adjust specific support to last release
 o THANKS: Remove duplicate names
 o url.c: Fixed compilation warning
 o ssh: Fixed build on platforms where R_OK is not defined [1]
 o tool_strdup.c: include the tool strdup.h
 o build: Fixed Visual Studio project file generation of strdup.[c|h]
 o curl_easy_setopt.3: add CURLOPT_PINNEDPUBLICKEY [2]
 o curl.1: show zone index use in a URL
 o mk-ca-bundle.vbs: switch to new certdata.txt url
 o Makefile.dist: Added some missing SSPI configurations
 o build: Fixed no NTLM support for email when CURL_DISABLE_HTTP is defined
 o SSH: use the port number as well for known_known checks [3]
 o libssh2: detect features based on version, not configure checks
 o http2: Deal with HTTP/2 data inside Upgrade response header buffer [4]
 o multi: removed Curl_multi_set_easy_connection
 o symbol-scan.pl: do not require autotools
 o cmake: add ENABLE_THREADED_RESOLVER, rename ARES
 o cmake: build libhostname for test suite
 o cmake: fix HAVE_GETHOSTNAME definition
 o tests: fix libhostname visibility
 o tests: fix memleak in server/resolve.c
 o vtls.h: Fixed compiler warning when compiled without SSL
 o CMake: Restore order-dependent header checks
 o CMake: Restore order-dependent library checks
 o tool: Removed krb4 from the supported features
 o http2: Don't send Upgrade headers when we already do HTTP/2
 o examples: Don't call select() to sleep on windows [6]
 o win32: Updated some legacy APIs to use the newer extended versions [5]
 o easy.c: Fixed compilation warning when no verbose string support
 o connect.c: Fixed compilation warning when no verbose string support
 o build: in Makefile.m32 pass -F flag to windres
 o build: in Makefile.m32 add -m32 flag for 32bit
 o multi: when leaving for timeout, close accordingly
 o CMake: Simplify if() conditions on check result variables
 o build: in Makefile.m32 try to detect 64bit target
 o multi: inform about closed sockets before they are closed
 o multi-uv.c: close the file handle after download
 o examples: Wait recommended 100ms when no file descriptors are ready
 o ntlm: Split the SSPI based messaging code from the native messaging code
 o cmake: fix NTLM detection when CURL_DISABLE_HTTP defined
 o cmake: add Kerberos to the supported feature
 o CURLOPT_POSTFIELDS.3: mention the COPYPOSTFIELDS option
 o http: Disable pipelining for HTTP/2 and upgraded connections
 o ntlm: Fixed static'ness of local decode function
 o sasl: Reduced the need for two sets of NTLM messaging functions
 o multi.c: Fixed compilation warnings when no verbose string support
 o select.c: fix compilation for VxWorks [7]
 o multi-single.c: switch to use curl_multi_wait
 o curl_multi_wait.3: clarify numfds being used if not NULL
 o http.c: Fixed compilation warnings from features being disabled
 o NSS: enable the CAPATH option [9]
 o docs: Fix FAILONERROR typos
 o HTTP: don't abort connections with pending Negotiate authentication
 o HTTP: Free (proxy)userpwd for NTLM/Negotiate after sending a request
 o http_perhapsrewind: don't abort CONNECT requests
 o build: updated dependencies in makefiles
 o multi.c: Fixed compilation warning
 o ftp.c: Fixed compilation warnings when proxy support disabled
 o get_url_file_name: Fixed crash on OOM on debug build
 o cookie.c: Refactored cleanup code to simplify
 o OS400: enable NTLM authentication
 o ntlm: Use Windows Crypt API
 o http2: avoid logging neg "failure" if h2 was not requested
 o schannel_recv: return the correct code [10]
 o VC build: added sspi define for winssl-zlib builds
 o Curl_client_write(): chop long data, convert data only once
 o openldap: do not ignore Curl_client_write() return code
 o ldap: check Curl_client_write() return codes
 o parsedate.c: Fixed compilation warning
 o url.c: Fixed compilation warning when USE_NTLM is not defined
 o ntlm_wb_response: fix "statement not reached" [11]
 o telnet: fix "cast increases required alignment of target type"
 o smtp: Fixed dot stuffing when EOL characters at end of input buffers [12]
 o ntlm: Allow NTLM2Session messages when USE_NTRESPONSES manually defined
 o ntlm: Disable NTLM v2 when 64-bit integers are not supported
 o ntlm: Use short integer when decoding 16-bit values
 o ftp.c: Fixed compilation warning when no verbose string support
 o synctime.c: fixed timeserver URLs
 o mk-ca-bundle.pl: restored forced run again
 o ntlm: Fixed return code for bad type-2 Target Info
 o curl_schannel.c: Data may be available before connection shutdown
 o curl_schannel: Improvements to memory re-allocation strategy [13]
 o darwinssl: aprintf() to allocate the session key
 o tool_util.c: Use GetTickCount64 if it is available
 o lib: Fixed multiple code analysis warnings if SAL are available
 o tool_binmode.c: Explicitly ignore the return code of setmode
 o tool_urlglob.c: Silence warning C6293: Ill-defined for-loop
 o opts: Warn CURLOPT_TIMEOUT overrides when set after CURLOPT_TIMEOUT_MS
 o SFTP: work-around servers that return zero size on STAT [14]
 o connect: singleipconnect(): properly try other address families after failure
 o IPV6: address scope != scope id [15]
 o parseurlandfillconn(): fix improper non-numeric scope_id stripping [16]
 o secureserver.pl: make OpenSSL CApath and cert absolute path values
 o secureserver.pl: update Windows detection and fix path conversion
 o secureserver.pl: clean up formatting of config and fix verbose output
 o tests: Added Windows support using Cygwin-based OpenSSH
 o sockfilt.c: use non-Ex functions that are available before WinXP
 o VMS: Updates for 0740-0D1220
 o openssl: warn for SRP set if SSLv3 is used, not for TLS version
 o openssl: make it compile against openssl 1.1.0-DEV master branch
 o openssl: fix SSL/TLS versions in verbose output
 o curl: show size of inhibited data when using -v
 o build: Removed WIN32 definition from the Visual Studio projects
 o build: Removed WIN64 definition from the libcurl Visual Studio projects
 o vtls: Use bool for Curl_ssl_getsessionid() return type
 o sockfilt.c: Replace 100ms sleep with thread throttle
 o sockfilt.c: Reduce the number of individual memory allocations
 o vtls: Don't set cert info count until memory allocation is successful
 o nss: Don't ignore Curl_ssl_init_certinfo() OOM failure
 o nss: Don't ignore Curl_extract_certinfo() OOM failure
 o vtls: Fixed compilation warning and an ignored return code
 o sockfilt.c: Fixed compilation warnings
 o darwinssl: Fixed compilation warning
 o vtls: Use '(void) arg' for unused parameters
 o sepheaders.c: Fixed resource leak on failure
 o lib1900.c: Fixed cppcheck error [17]
 o ldap: Fixed Unicode connection details in Win32 initialsation / bind calls
 o ldap: Fixed Unicode DN, attributes and filter in Win32 search calls
   2014-11-07 15:10:16 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes 7.39.0:
* SSLv3 is disabled by default
* CURLOPT_COOKIELIST: Added "RELOAD" command [5]
* build: Added WinIDN build configuration options to Visual Studio projects
* ssh: improve key file search
* SSL: public key pinning. Use CURLOPT_PINNEDPUBLICKEY and --pinnedpubkey
* vtls: remove QsoSSL support, use gskit!
* mk-ca-bundle: added SHA-384 signature algorithm
* docs: added many examples for libcurl opts and other doc improvements
* build: Added VC ssh2 target to main Makefile
* MinGW: Added support to build with nghttp2
* NetWare: Added support to build with nghttp2
* build: added Watcom support to build with WinSSL
* build: Added optional specific version generation of VC project files

Bugfixes:
* curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds [9]
* openssl: build fix for versions < 0.9.8e [1]
* newlines: fix mixed newlines to LF-only [2]
* ntlm: Fixed HTTP proxy authentication when using Windows SSPI [3]
* sasl_sspi: Fixed Unicode build [4]
* file: reject paths using embedded %00
* threaded-resolver: revert Curl_expire_latest() switch [6]
* configure: allow --with-ca-path with PolarSSL too
* HTTP/2: Fix busy loop when EOF is encountered
* CURLOPT_CAPATH: return failure if set without backend support
* nss: do not fail if a CRL is already cached
* smtp: Fixed intermittent "SSL3_WRITE_PENDING: bad write retry" error
* fixed 20+ nits/memory leaks identified by Coverity scans
* curl_schannel.c: Fixed possible memory or handle leak
* multi-uv.c: call curl_multi_info_read() better
* Cmake: Check for OpenSSL before OpenLDAP
* Cmake: Fix library list provided to cURL tests
* Cmake: Avoid cycle directory dependencies
* Cmake: Build with GSS-API libraries (MIT or Heimdal)
* vtls: provide backend defines for internal source code
* nss: fix a connection failure when FTPS handle is reused
* tests/http_pipe.py: Python 3 support
* cmake: build tool_hugehelp (ENABLE_MANUAL)
* cmake: enable IPv6 by default if available
* tests: move TESTCASES to Makefile.inc, add show for cmake
* ntlm: Avoid unnecessary buffer allocation for SSPI based type-2 token
* ntlm: Fixed empty/bad base-64 decoded buffer return codes
* ntlm: Fixed empty type-2 decoded message info text
* cmake: add CMake/Macros.cmake to the release tarball
* cmake: add SUPPORT_FEATURES and SUPPORT_PROTOCOLS
* cmake: use LIBCURL_VERSION from curlver.h
* cmake: generate pkg-config and curl-config
* fixed several superfluous variable assignements identified by cppcheck
* cleanup of 'CURLcode result' return code
* pipelining: only output "is not blacklisted" in debug builds
* SSL: Remove SSLv3 from SSL default due to POODLE attack
* gskit.c: remove SSLv3 from SSL default
* darwinssl: detect possible future removal of SSLv3 from the framework
* ntlm: Only define ntlm data structure when USE_NTLM is defined
* ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash()
* ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash()
* sspi: Only call CompleteAuthToken() when complete is needed
* http_negotiate: Fixed missing check for USE_SPNEGO
* HTTP: return larger than 3 digit response codes too [7]
* openssl: Check for NPN / ALPN via OpenSSL version number
* openssl: enable NPN separately from ALPN
* sasl_sspi: Allow DIGEST-MD5 to use current windows credentials
* sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failure
* resume: consider a resume from [content-length] to be OK [8]
* sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
* build-openssl.bat: Fix x64 release build
* cmake: drop _BSD_SOURCE macro usage
* cmake: fix gethostby{addr,name}_r in CurlTests
* cmake: clean OtherTests, fixing -Werror
* cmake: fix struct sockaddr_storage check
* Curl_single_getsock: fix hold/pause sock handling
* SSL: PolarSSL default min SSL version TLS 1.0
* cmake: fix ZLIB_INCLUDE_DIRS use [10]
* buildconf: stop checking for libtool
   2014-10-09 16:07:17 by Thomas Klausner | Files touched by this commit (1163)
Log message:
Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles.
   2014-09-14 18:43:44 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Update to 7.38.0:

 Changes:

    supports HTTP/2 draft-14
    CURLE_HTTP2 is a new error code
    CURLAUTH_NEGOTIATE is a new auth define
    CURL_VERSION_GSSAPI is a new capability bit
    no longer use fbopenssl for anything
    schannel: use CryptGenRandom for random numbers
    axtls: define curlssl_random using axTLS's PRNG
    cyassl: use RNG_GenerateBlock to generate a good random number
    findprotocol: show unsupported protocol within quotes
    version: detect and show LibreSSL
    version: detect and show BoringSSL
    imap/pop3/smtp: Kerberos (SASL GSSAPI) authentication via Windows SSPI
    http2: requires nghttp2 0.6.0 or later

Bugfixes:

    SECURITY ADVISORY: cookie leak with IP address as domain
    SECURITY ADVISORY: cookie leak for TLDs
    fix a build failure on Debian when NSS support is enabled
    HTTP/2: fixed compiler warnings when built disabled
    cyassl: return the correct error code on no CA cert
    http: Deprecate GSS-Negotiate macros due to bad naming
    http: Fixed Negotiate: authentication
    multi: Improve proxy CONNECT performance (regression)
    ntlm_wb: Avoid invoking ntlm_auth helper with empty username
    ntlm_wb: Fix hard-coded limit on NTLM auth packet size
    url.c: use the preferred symbol name: *READDATA
    smtp: fixed a segfault during test 1320 torture test
    cyassl: made it compile with version 2.0.6 again
    nss: do not check the version of NSS at run time
    c-ares: fix build without IPv6 support
    HTTP/2: use base64url encoding
    SSPI Negotiate: Fix 3 memory leaks
    libtest: fixed duplicated line in Makefile
    conncache: fix compiler warning
    openssl: make ossl_send return CURLE_OK better
    HTTP/2: Support expect: 100-continue
    HTTP/2: Fix infinite loop in readwrite_data()
    parsedate: fix the return code for an overflow edge condition
    darwinssl: don't use strtok()
    http_negotiate_sspi: Fixed specific username and password not working
    openssl: replace call to OPENSSL_config
    http2: show the received header for better debugging
    HTTP/2: Move :authority before non-pseudo header fields
    HTTP/2: Reset promised stream, not its associated stream
    HTTP/2: added some more logging for debugging stream problems
    ntlm: Added support for SSPI package info query
    ntlm: Fixed hard coded buffer for SSPI based auth packet generation
    sasl_sspi: Fixed memory leak with not releasing Package Info struct
    sasl_sspi: Fixed SPN not being converted to wchar under Unicode builds
    sasl: Use a dynamic buffer for DIGEST-MD5 SPN generation
    http_negotiate_sspi: Use a dynamic buffer for SPN generation
    sasl_sspi: Fixed missing free of challenge buffer on SPN failure
    sasl_sspi: Fixed hard coded buffer for response generation
    Curl_poll + Curl_wait_ms: fix timeout return value
    docs/SSLCERTS: update the section about NSS database
    create_conn: prune dead connections
    openssl: fix version report for the 0.9.8 branch
    mk-ca-bundle.pl: switched to using hg.mozilla.org
    http: fix the Content-Range: parser
    Curl_disconnect: don't free the URL
    win32: Fixed WinSock 2 #if
    NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth
    curl.1: clarify --limit-rate's effect on both directions
    disconnect: don't touch easy-related state on disconnects
    Cmake: big cleanup and numerous fixes
    HTTP/2: supports draft-14 - moved :headers before the non-psuedo headers
    HTTP/2: Reset promised stream, not its associated stream
    configure.ac: Add support for recent GSS-API implementations for HP-UX
    CONNECT: close proxy connections that fail
    CURLOPT_NOBODY.3: clarify this option is for downloads
    darwinssl: fix CA certificate checking using PEM format
    resolve: cache lookup for async resolvers
    low-speed-limit: avoid timeout flood
    polarssl: implement CURLOPT_SSLVERSION
    multi: convert CURLM_STATE_CONNECT_PEND handling to a list
    curl_multi_cleanup: remove superfluous NULL assigns
    polarssl: support CURLOPT_CAPATH / --capath
    progress: size_dl/size_ul are always >= 0, and clear "KNOWN" \ 
properly
   2014-07-22 13:38:26 by Thomas Klausner | Files touched by this commit (5) | Package updated
Log message:
Update to 7.37.1:

 Changes:

    bits.close: introduce connection close tracking
    darwinssl: Add support for --cacert
    polarssl: add ALPN support
    docs: Added new option man pages

Bugfixes:

    build: Fixed incorrect reference to curl_setup.h in Visual Studio files
    build: Use $(TargetDir) and $(TargetName) macros for .pdb and .lib output
    curl.1: clarify that -u can't specify a user with colon
    openssl: Fix uninitialized variable use in NPN callback
    curl_easy_reset: reset the URL
    curl_version_info.3: returns a pointer to a static struct
    url-parser: only use if_nametoindex if detected by configure
    select: with winsock, avoid passing unsupported arguments to select()
    gnutls: don't use deprecated type names anymore
    gnutls: allow building with nghttp2 but without ALPN support
    tests: Fix portability issue with the tftpd server
    curl_sasl_sspi: Fixed corrupt hostname in DIGEST-MD5 SPN
    curl_sasl: extended native DIGEST-MD5 cnonce to be a 32-byte hex string
    random: use Curl_rand() for proper random data
    Curl_ossl_init: call OPENSSL_config for initing engines
    config-win32.h: Updated for VC12
    winbuild: Don't USE_WINSSL when WITH_SSL is being used
    getinfo: HTTP CONNECT code not reset between transfers
    Curl_rand: Use a fake entropy for debug builds when CURL_ENTROPY set
    http2: avoid segfault when using the plain-text http2
    conncache: move the connection counter to the cache struct
    http2: better return code error checking
    curlbuild: fix GCC build on SPARC systems without configure script
    tool_metalink: Support polarssl as digest provider
    curl.h: reverse the enum/define setup for old symbols
    curl.h: moved two really old deprecated symbols
    curl.h: renamed CURLOPT_DEPRECATEDx to CURLOPT_OBSOLETEx
    buildconf: do not search tools in current directory.
    OS400: make it compilable again. Make RPG binding up to date
    nss: do not abort on connection failure (failing tests 305 and 404)
    nss: make the fallback to SSLv3 work again
    tool: prevent valgrind from reporting possibly lost memory (nss only)
    progress callback: skip last callback update on errors
    nss: fix a memory leak when CURLOPT_CRLFILE is used
    compiler warnings: potentially uninitialized variables
    url.c: Fixed memory leak on OOM
    gnutls: ignore invalid certificate dates with VERIFYPEER disabled
    gnutls: fix SRP support with versions of GnuTLS from 2.99.0
    gnutls: fixed a couple of uninitialized variable references
    gnutls: fixed compilation against versions < 2.12.0
    build: Fixed overridden compiler PDB settings in VC7 to VC12
    ntlm_wb: Fixed buffer size not being large enough for NTLMv2 sessions
    netrc: don't abort if home dir cannot be found
    netrc: fixed thread safety problem by using getpwuid_r if available
    cookie: avoid mutex deadlock
    configure: respect host tool prefix for krb5-config
    gnutls: handle IP address in cert name check
   2014-07-18 11:04:43 by Ryo ONODERA | Files touched by this commit (2)
Log message:
Fix build under SCO OpenServer 5.0.7/3.2.
   2014-05-30 01:38:20 by Thomas Klausner | Files touched by this commit (3049)
Log message:
Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.