./www/curl, Client that groks URLs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 7.65.1nb1, Package name: curl-7.65.1nb1, Maintainer: leot

Curl is a command line tool for transferring files with URL syntax, supporting
HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,
proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,
kerberos...), file transfer resume, proxy tunneling and a busload of other
useful tricks.

Required to run:

Required to build:

Package options: gssapi, idn, inet6

Master sites:

SHA1: 26edd5197564178575c92c41e03acf2131b7643e
RMD160: bbd3437e70b34bd577b6cb09020ca667d3723e18
Filesize: 2336.594 KB

Version history: (Expand)

CVS history: (Expand)

   2019-07-01 06:08:55 by Ryo ONODERA | Files touched by this commit (669)
Log message:
Recursive revbump from boost-1.70.0
   2019-06-05 20:10:54 by Leonardo Taccari | Files touched by this commit (2) | Package updated
Log message:
curl: Update to 7.65.1

This release includes the following bugfixes:

 o CURLOPT_LOW_SPEED_* repaired
 o NTLM: reset proxy "multipass" state when CONNECT request is done
 o PolarSSL: deprecate support step 1. Removed from configure
 o appveyor: add Visual Studio solution build
 o cmake: check for if_nametoindex()
 o cmake: support CMAKE_OSX_ARCHITECTURES when detecting SIZEOF variables
 o config-win32: add support for if_nametoindex and getsockname
 o conncache: Remove the DEBUGASSERT on length check
 o conncache: make "bundles" per host name when doing proxy tunnels
 o curl-win32.h: Enable Unix Domain Sockets based on the Windows SDK version
 o curl_share_setopt.3: improve wording
 o dump-header.d: spell out that no headers == empty file
 o example/http2-download: fix format specifier
 o examples: cleanups and compiler warning fixes
 o http2: Stop drain from being permanently set
 o http: don't parse body-related headers in bodyless responses
 o md4: build correctly with openssl without MD4
 o md4: include the mbedtls config.h to get the MD4 info
 o multi: track users of a socket better
 o nss: allow to specify TLS 1.3 ciphers if supported by NSS
 o parse_proxy: make sure portptr is initialized
 o parse_proxy: use the IPv6 zone id if given
 o sectransp: handle errSSLPeerAuthCompleted from SSLRead()
 o singlesocket: use separate variable for inner loop
 o ssl: Update outdated "openssl-only" comments for supported backends
 o tests: add HAProxy keywords
 o tests: add support to test against OpenSSH for Windows
 o tests: make test 1420 and 1406 work with rtsp-disabled libcurl
 o tls13-docs: mention it is only for OpenSSL >= 1.1.1
 o tool_parse_cfg: Avoid 2 fopen() for WIN32
 o tool_setopt: for builds with disabled-proxy, skip all proxy setopts()
 o url: Load if_nametoindex() dynamically from iphlpapi.dll on Windows
 o url: fix bad feature-disable #ifdef
 o url: use correct port in ConnectionExists()
 o winbuild: Use two space indentation
   2019-05-22 11:00:48 by Leonardo Taccari | Files touched by this commit (2) | Package updated
Log message:
curl: Update patch-configure comment to reflect current status

(Should be part of previous commit, sorry.)
   2019-05-22 10:57:58 by Leonardo Taccari | Files touched by this commit (4) | Package updated
Log message:
curl: Update to 7.65.0

pkgsrc changes:
 - Remove patch-configure test(1) `==' -> `=' hunk applied upstream

This release includes the following changes:

 o CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse
 o pipelining: removed

This release includes the following bugfixes:

 o CVE-2019-5435: Integer overflows in curl_url_set
 o CVE-2019-5436: tftp: use the current blksize for recvfrom()
 o --config: clarify that initial : and = might need quoting
 o AppVeyor: enable testing for WinSSL build
 o CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk
 o CURLOPT_ADDRESS_SCOPE: fix range check and more
 o CURLOPT_CAINFO.3: with Schannel, you want Windows 8 or later
 o CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value
 o CURL_MAX_INPUT_LENGTH: largest acceptable string input size
 o Curl_disconnect: treat all CONNECT_ONLY connections as "dead"
 o INTERNALS: Add code highlighting
 o OS400/ccsidcurl: replace use of Curl_vsetopt
 o OpenSSL: Report -fips in version if OpenSSL is built with FIPS
 o README.md: fix no-consecutive-blank-lines Codacy warning
 o VC15 project: remove MinimalRebuild
 o VS projects: use Unicode for VC10+
 o WRITEFUNCTION: add missing set_in_callback around callback
 o altsvc: Fix building with cookies disabled
 o auth: Rename the various authentication clean up functions
 o base64: build conditionally if there are users
 o build-openssl.bat: Fixed support for OpenSSL v1.1.0+
 o build: fix "clarify calculation precedence" warnings
 o checksrc.bat: ignore snprintf warnings in docs/examples
 o cirrus: Customize the disabled tests per FreeBSD version
 o cleanup: remove FIXME and TODO comments
 o cmake: avoid linking executable for some tests with cmake 3.6+
 o cmake: clear CMAKE_REQUIRED_LIBRARIES after each use
 o cmake: set SSL_BACKENDS
 o configure: avoid unportable `==' test(1) operator
 o configure: error out if OpenSSL wasn't detected when asked for
 o configure: fix default location for fish completions
 o cookie: Guard against possible NULL ptr deref
 o curl: make code work with protocol-disabled libcurl
 o curl: report error for "--no-" on non-boolean options
 o curl_easy_getinfo.3: fix minor formatting mistake
 o curlver.h: use parenthesis in CURL_VERSION_BITS macro
 o docs/BUG-BOUNTY: bug bounty time
 o docs/INSTALL: fix broken link
 o docs/RELEASE-PROCEDURE: link to live iCalendar
 o documentation: Fix several typos
 o doh: acknowledge CURL_DISABLE_DOH
 o doh: disable DOH for the cases it doesn't work
 o examples: remove unused variables
 o ftplistparser: fix LGTM alert "Empty block without comment"
 o hostip: acknowledge CURL_DISABLE_SHUFFLE_DNS
 o http: Ignore HTTP/2 prior knowledge setting for HTTP proxies
 o http: acknowledge CURL_DISABLE_HTTP_AUTH
 o http: mark bundle as not for multiuse on < HTTP/2 response
 o http_digest: Don't expose functions when HTTP and Crypto Auth are disabled
 o http_negotiate: do not treat failure of gss_init_sec_context() as fatal
 o http_ntlm: Corrected the name of the include guard
 o http_ntlm_wb: Handle auth for only a single request
 o http_ntlm_wb: Return the correct error on receiving an empty auth message
 o lib509: add missing include for strdup
 o lib557: initialize variables
 o makedebug: Fix ERRORLEVEL detection after running where.exe
 o mbedtls: enable use of EC keys
 o mime: acknowledge CURL_DISABLE_MIME
 o multi: improved HTTP_1_1_REQUIRED handling
 o netrc: acknowledge CURL_DISABLE_NETRC
 o nss: allow fifos and character devices for certificates
 o nss: provide more specific error messages on failed init
 o ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup
 o ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4
 o openssl: mark connection for close on TLS close_notify
 o openvms: Remove pre-processor for SecureTransport
 o openvms: Remove pre-processors for Windows
 o parse_proxy: use the URL parser API
 o parsedate: disabled on CURL_DISABLE_PARSEDATE
 o pingpong: disable more when no pingpong protocols are enabled
 o polarssl_threadlock: remove conditionally unused code
 o progress: acknowledge CURL_DISABLE_PROGRESS_METER
 o proxy: acknowledge DISABLE_PROXY more
 o resolve: apply Happy Eyeballs philosophy to parallel c-ares queries
 o revert "multi: support verbose conncache closure handle"
 o sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616
 o sasl: only enable if there's a protocol enabled using it
 o scripts: fix typos
 o singleipconnect: show port in the verbose "Trying ..." message
 o smtp: fix compiler warning
 o socks5: user name and passwords must be shorter than 256
 o socks: fix error message
 o socksd: new SOCKS 4+5 server for tests
 o spnego_gssapi: fix return code on gss_init_sec_context() failure
 o ssh-libssh: remove unused variable
 o ssh: define USE_SSH if SSH is enabled (any backend)
 o ssh: move variable declaration to where it's used
 o test1002: correct the name
 o test2100: Fix typos in test description
 o tests/server/util: fix Windows Unicode build
 o tests: Run global cleanup at end of tests
 o tests: make Impacket (SMB server) Python 3 compatible
 o tool_cb_wrt: fix bad-function-cast warning
 o tool_formparse: remove redundant assignment
 o tool_help: Warn if curl and libcurl versions do not match
 o tool_help: include <strings.h> for strcasecmp
 o transfer: fix LGTM alert "Comparison is always true"
 o travis: add an osx http-only build
 o travis: allow builds on branches named "ci"
 o travis: install dependencies only when needed
 o travis: update some builds do Xenial
 o travis: updated mesalink builds
 o url: always clone the CUROPT_CURLU handle
 o url: convert the zone id from a IPv6 URL to correct scope id
 o urlapi: add CURLUPART_ZONEID to set and get
 o urlapi: increase supported scheme length to 40 bytes
 o urlapi: require a non-zero host name length when parsing URL
 o urlapi: stricter CURLUPART_PORT parsing
 o urlapi: strip off zone id from numerical IPv6 addresses
 o urlapi: urlencode characters above 0x7f correctly
 o vauth/cleartext: update the PLAIN login to match RFC 4616
 o vauth/oauth2: Fix OAUTHBEARER token generation
 o vauth: Fix incorrect function description for Curl_auth_user_contains_domain
 o vtls: fix potential ssl_buffer stack overflow
 o wildcard: disable from build when FTP isn't present
 o winbuild: Support MultiSSL builds
 o xattr: skip unittest on unsupported platforms
   2019-05-22 10:56:25 by Leonardo Taccari | Files touched by this commit (1)
Log message:
curl: adjust indentation (NFC)
   2019-03-31 22:41:29 by Leonardo Taccari | Files touched by this commit (5) | Package updated
Log message:
curl: Update to 7.64.1

pkgsrc changes:
 - No longer install MANUAL, it is no longer available
 - Remove patch-lib_hostcheck.c, <netinet/in.h> is already included few
   lines before

This release includes the following changes:

 o alt-svc: experiemental support added [74]
 o configure: add --with-amissl [84]

This release includes the following bugfixes:

 o AppVeyor: add MinGW-w64 and classic Mingw builds [55]
 o AppVeyor: switch VS 2015 builds to VS 2017 image [49]
 o CURLU: fix NULL dereference when used over proxy [73]
 o Curl_easy: remove req.maxfd - never used! [58]
 o Curl_now: figure out windows version in win32_init: [11]
 o Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning [20]
 o DoH: inherit some SSL options from user's easy handle [80]
 o Secure Transport: no more "darwinssl" [56]
 o Secure Transport: tvOS 11 is required for ALPN support [94]
 o cirrus: Added FreeBSD builds using Cirrus CI
 o cleanup: make local functions static [5]
 o cli tool: do not use mime.h private structures [27]
 o cmdline-opts/proxytunnel.d: the option tunnnels all protocols [83]
 o configure: add additional libraries to check for LDAP support [45]
 o configure: remove the unused fdopen macro [40]
 o configure: show features as well in the final summary [15]
 o conncache: use conn->data to know if a transfer owns it [95]
 o connection: never reuse CONNECT_ONLY connections [35]
 o connection_check: restore original conn->data after the check [14]
 o connection_check: set ->data to the transfer doing the check [3]
 o cookie: Add support for cookie prefixes [29]
 o cookies: dotless names can set cookies again [81]
 o cookies: fix NULL dereference if flushing cookies with no CookieInfo set [47]
 o curl.1: --user and --proxy-user are hidden from ps output [86]
 o curl.1: mark the argument to --cookie as <data|filename> [87]
 o curl.h: use __has_declspec_attribute for shared builds [52]
 o curl: display --version features sorted alphabetically [51]
 o curl: fix FreeBSD compiler warning in the --xattr code [2]
 o curl: remove MANUAL from -M output [38]
 o curl_easy_duphandle.3: clarify that a duped handle has no shares [64]
 o curl_multi_remove_handle.3: use at any time, just not from within callbacks
 o curl_url.3: this API is not experimental anymore
 o dns: release sharelock as soon as possible [1]
 o docs: update max-redirs.d phrasing [59]
 o easy: fix win32 init to work without CURL_GLOBAL_WIN32 [30]
 o examples/10-at-a-time.c: improve readability and simplify
 o examples/cacertinmem.c: use multiple certificates for loading CA-chain [54]
 o examples/crawler: Fix the Accept-Encoding setting
 o examples/ephiperfifo.c: various fixes [63]
 o examples/externalsocket: add missing close socket calls [78]
 o examples/http2-download: cleaned up
 o examples/http2-serverpush: add some sensible error checks [31]
 o examples/http2-upload: cleaned up
 o examples/httpcustomheader: Value stored to 'res' is never read
 o examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory'
 o examples/sftpuploadresume: Value stored to 'result' is never read
 o examples: only include <curl/curl.h> [70]
 o examples: remove recursive calls to curl_multi_socket_action [42]
 o examples: remove superfluous null-pointer checks
 o file: fix "Checking if unsigned variable 'readcount' is less than \ 
zero." [90]
 o fnmatch: disable if FTP is disabled [25]
 o gnutls: remove call to deprecated gnutls_compression_get_name [66]
 o gopher: remove check for path == NULL [69]
 o gssapi: fix deprecated header warnings [16]
 o hostip: make create_hostcache_id avoid alloc + free [4]
 o http2: multi_connchanged() moved from multi.c, only used for h2 [21]
 o http2: verify :athority in push promise requests [37]
 o http: make adding a blank header thread-safe [33]
 o http: send payload when (proxy) authentication is done [89]
 o http: set state.infilesize when sending multipart formposts [57]
 o makefile: make checksrc and hugefile commands "silent" [85]
 o mbedtls: make it build even if MBEDTLS_VERSION_C isn't set [24]
 o mbedtls: release sessionid resources on error [28]
 o memdebug: log pointer before freeing its data [91]
 o memdebug: make debug-specific functions use curl_dbg_ prefix [82]
 o mime: put the boundary buffer into the curl_mime struct [18]
 o multi: call multi_done on connect timeouts, fixes CURLINFO_TOTAL_TIME [43]
 o multi: remove verbose "Expire in" ... messages [23]
 o multi: removed unused code for request retries [79]
 o multi: support verbose conncache closure handle [72]
 o negotiate: fix for HTTP POST with Negotiate [88]
 o openssl: add support for TLS ASYNC state [46]
 o openssl: if cert type is ENG and no key specified, key is ENG too [93]
 o pretransfer: don't strlen() POSTFIELDS set for GET requests [22]
 o rand: Fix a mismatch between comments in source and header [32]
 o runtests: detect "schannel" as an alias for "winssl" [50]
 o schannel: be quiet - remove verbose output [19]
 o schannel: close TLS before removing conn from cache [10]
 o schannel: support CALG_ECDH_EPHEM algorithm [44]
 o scripts/completion.pl: also generate fish completion file [67]
 o singlesocket: fix the 'sincebefore' placement [36]
 o source: fix two 'nread' may be used uninitialized warnings [68]
 o ssh: fix Condition '!status' is always true [60]
 o ssh: loop the state machine if not done and not blocking [71]
 o strerror: make the strerror function use local buffers [48]
 o system_win32: move win32_init here from easy.c [65]
 o test578: make it read data from the correct test
 o tests: Fixed XML validation errors in some test files
 o tests: add stderr comparison to the test suite [26]
 o tests: fix multiple may be used uninitialized warnings
 o threaded-resolver: shutdown the resolver thread without error message [61]
 o tool_cb_wrt: fix writing to Windows null device NUL [96]
 o tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr [84]
 o tool_operate: build on AmigaOS [84]
 o tool_operate: fix typecheck warning [9]
 o transfer.c: do not compute length of undefined hex buffer
 o travis: add build using gnutls [75]
 o travis: add scan-build [13]
 o travis: bump the used wolfSSL version to 4.0.0 [92]
 o travis: enable valgrind for the iconv tests [12]
 o travis: use updated compiler versions: clang 7 and gcc 8 [77]
 o unit1307: require FTP support [17]
 o unit1651: survive curl_easy_init() fails
 o url/idnconvert: remove scan for <= 32 ascii values [6]
 o url: change conn shutdown order to ensure SOCKETFUNCTION callbacks [39]
 o urlapi: reduce variable scope, remove unreachable 'break' [7]
 o urldata: convert bools to bitfields and move to end [53]
 o urldata: simplify bytecounters [62]
 o urlglob: Argument with 'nonnull' attribute passed null
 o version.c: silent scan-build even when librtmp is not enabled
 o vtls: rename some of the SSL functions [84]
 o wolfssl: stop custom-adding curves [41]
 o x509asn1: "Dereference of null pointer"
 o x509asn1: cleanup and unify code layout [34]
 o zsh.pl: escape ':' character [8]
 o zsh.pl: update regex to better match curl -h output [8]
   2019-02-06 09:02:48 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
curl: updated to 7.64.0

curl and libcurl 7.64.0

This release includes the following changes:
* cookies: leave secure cookies alone
* hostip: support wildcard hosts
* http: Implement trailing headers for chunked transfers
* http: added options for allowing HTTP/0.9 responses
* timeval: Use high resolution timestamps on Windows

This release includes the following bugfixes:
* CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
* CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
* CVE-2019-3823: SMTP end-of-response out-of-bounds read
* FAQ: remove mention of sourceforge for github
* OS400: handle memory error in list conversion
* OS400: upgrade ILE/RPG binding.
* README: add codacy code quality badge
* Revert http_negotiate: do not close connection
* THANKS: added several missing names from year <= 2000
* build: make 'tidy' target work for metalink builds
* cmake: added checks for variadic macros
* cmake: updated check for HAVE_POLL_FINE to match autotools
* cmake: use lowercase for function name like the rest of the code
* configure: detect xlclang separately from clang
* configure: fix recv/send/select detection on Android
* configure: rewrite --enable-code-coverage
* conncache_unlock: avoid indirection by changing input argument type
* cookie: fix comment typo
* cookies: allow secure override when done over HTTPS
* cookies: extend domain checks to non psl builds
* cookies: skip custom cookies when redirecting cross-site
* curl --xattr: strip credentials from any URL that is stored
* curl -J: refuse to append to the destination file
* curl/urlapi.h: include "curl.h" first
* curl_multi_remove_handle() don't block terminating c-ares requests
* darwinssl: accept setting max-tls with default min-tls
* disconnect: separate connections and easy handles better
* disconnect: set conn->data for protocol disconnect
* docs/version.d: mention MultiSSL
* docs: fix the --tls-max description
* docs: use $(INSTALL_DATA) to install man page
* docs: use meaningless port number in CURLOPT_LOCALPORT example
* gopher: always include the entire gopher-path in request
* http2: clear pause stream id if it gets closed
* if2ip: remove unused function Curl_if_is_interface_name
* libssh: do not let libssh create socket
* libssh: free sftp_canonicalize_path() data correctly
* libtest/stub_gssapi: use "real" snprintf
* mbedtls: use VERIFYHOST
* multi: multiplexing improvements
* multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
* ntlm: fix NTMLv2 compliance
* ntlm_sspi: add support for channel binding
* openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
* openssl: fix the SSL_get_tlsext_status_ocsp_resp call
* openvms: fix OpenSSL discovery on VAX
* openvms: fix typos in documentation
* os400: add a missing closing bracket
* os400: fix extra parameter syntax error
* pingpong: change default response timeout to 120 seconds
* pingpong: ignore regular timeout in disconnect phase
* printf: fix format specifiers
* runtests.pl: Fix perl call to include srcdir
* schannel: fix compiler warning
* schannel: preserve original certificate path parameter
* schannel: stop calling it "winssl"
* sigpipe: if mbedTLS is used, ignore SIGPIPE
* smb: fix incorrect path in request if connection reused
* ssh: log the libssh2 error message when ssh session startup fails
* test1558: verify CURLINFO_PROTOCOL on file:// transfer
* test1561: improve test name
* test1653: make it survive torture tests
* tests: allow tests to pass by 2037-02-12
* tests: move objnames-* from lib into tests
* timediff: fix math for unsigned time_t
* timeval: Disable MSVC Analyzer GetTickCount warning
* tool_cb_prg: avoid integer overflow
* travis: added cmake build for osx
* urlapi: Fix port parsing of eol colon
* urlapi: distinguish possibly empty query
* urlapi: fix parsing ipv6 with zone index
* urldata: rename easy_conn to just conn
* winbuild: conditionally use /DZLIB_WINAPI
* wolfssl: fix memory-leak in threaded use
* spnego_sspi: add support for channel binding
   2019-02-01 19:10:21 by Greg Troxel | Files touched by this commit (1)
Log message:
curl: Drop redundant comment