./www/gnurl, Client that groks URLs (micro fork of curl)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 7.66.0, Package name: gnurl-7.66.0, Maintainer: ng0

libgnurl is a fork of libcurl. The goal for libgnurl is to support
only HTTP and HTTPS (and only HTTP 1.x) with a single crypto backend
(GnuTLS) to ensure a small footprint and uniform experience for
developers regardless of how libcurl was compiled.
This software is mainly used by GNUnet. The modifications to curl
are kept to the bare minimum, intended to track upstream closely.
gnurl is not a replacement for curl, so different paths are used.


Required to run:
[security/gnutls] [devel/libidn2]

Required to build:
[pkgtools/cwrappers]

Package options: inet6

Master sites: (Expand)

SHA1: 94b939e318bb74651dc4a35a90ca39948386d8df
RMD160: 850f2efb7b06bc1e338034d5b7477e4d174b5d05
Filesize: 6048.605 KB

Version history: (Expand)


CVS history: (Expand)


   2019-09-13 17:48:50 by ng0 | Files touched by this commit (3) | Package updated
Log message:
www/gnurl: Update to 7.66.0

Changelog:

CHANGELOG
---------

Changes, gnurl specific:

* Almost none, mostly a merge as usual. After a chat
  with bfix on IRC, the gnurl homepage has been extended
  to explain how to build it.

The usual curl Changelog applies, consult https://curl.haxx.se for the
ChangeLog.
curl Changelog:
 Changes:

    CURLINFO_RETRY_AFTER: parse the Retry-After header value
    HTTP3: initial (experimental still not working) support
    curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
    curl: support parallel transfers with -Z
    curl_multi_poll: a sister to curl_multi_wait() that waits more
    sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID

 Bugfixes:

    CVE-2019-5481: FTP-KRB double-free
    CVE-2019-5482: TFTP small blocksize heap buffer overflow
    CI: remove duplicate configure flag for LGTM.com
    CMake: remove needless newlines at end of gss variables
    CMake: use platform dependent name for dlopen() library
    CURLINFO docs: mention that in redirects times are added
    CURLOPT_ALTSVC.3: use a "" file name to not load from a file
    CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
    CURLOPT_HEADERFUNCTION.3: clarify
    CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
    CURLOPT_READFUNCTION.3: provide inline example
    CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
    Curl_addr2string: take an addrlen argument too
    Curl_fillreadbuffer: avoid double-free trailer buf on error
    HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
    alt-svc: add protocol version selection masking
    alt-svc: fix removal of expired cache entry
    alt-svc: make it use h3-22 with ngtcp2 as well
    alt-svc: more liberal ALPN name parsing
    alt-svc: send Alt-Used: in redirected requests
    alt-svc: with quiche, use the quiche h3 alpn string
    appveyor: pass on -k to make
    asyn-thread: create a socketpair to wait on
    build-openssl: fix build with Visual Studio 2019
    cleanup: move functions out of url.c and make them static
    cleanup: remove the 'numsocks' argument used in many places
    configure: avoid undefined check_for_ca_bundle
    curl.h: add CURL_HTTP_VERSION_3 to the version enum
    curl.h: fix outdated comment
    curl: cap the maximum allowed values for retry time arguments
    curl: handle a libcurl build without netrc support
    curl: make use of CURLINFO_RETRY_AFTER when retrying
    curl: remove outdated comment
    curl: use .curlrc (with a dot) on Windows
    curl: use CURLINFO_PROTOCOL to check for HTTP(s)
    curl_global_init_mem.3: mention it was added in 7.12.0
    curl_version: bump string buffer size to 250
    curl_version_info.3: mentioned ALTSVC and HTTP3
    curl_version_info: offer quic (and h3) library info
    curl_version_info: provide nghttp2 details
    defines: avoid underscore-prefixed defines
    docs/ALTSVC: remove what works and the experimental explanation
    docs/EXPERIMENTAL: explain what it means and what's experimental now
    docs/MANUAL.md: converted to markdown from plain text
    docs/examples/curlx: fix errors
    docs: s/curl_debug/curl_dbg_debug in comments and docs
    easy: resize receive buffer on easy handle reset
    examples: Avoid reserved names in hiperfifo examples
    examples: add http3.c, altsvc.c and http3-present.c
    getenv: support up to 4K environment variable contents on windows
    http09: disable HTTP/0.9 by default in both tool and library
    http2: when marked for closure and wanted to close == OK
    http2_recv: trigger another read when the last data is returned
    http: fix use of credentials from URL when using HTTP proxy
    http_negotiate: improve handling of gss_init_sec_context() failures
    md4: Use our own MD4 when no crypto libraries are available
    multi: call detach_connection before Curl_disconnect
    netrc: make the code try ".netrc" on Windows
    nss: use TLSv1.3 as default if supported
    openssl: build warning free with boringssl
    openssl: use SSL_CTX_set__proto_version() when available
    plan9: add support for running on Plan 9
    progress: reset download/uploaded counter between transfers
    readwrite_data: repair setting the TIMER_STARTTRANSFER stamp
    scp: fix directory name length used in memcpy
    smb: init *msg to NULL in smb_send_and_recv()
    smtp: check for and bail out on too short EHLO response
    source: remove names from source comments
    spnego_sspi: add typecast to fix build warning
    src/makefile: fix uncompressed hugehelp.c generation
    ssh-libssh: do not specify O_APPEND when not in append mode
    ssh: move code into vssh for SSH backends
    sspi: fix memory leaks
    tests: Replace outdated test case numbering documentation
    tftp: return error when packet is too small for options
    timediff: make it 64 bit (if possible) even with 32 bit time_t
    travis: reduce number of torture tests in 'coverage'
    url: make use of new HTTP version if alt-svc has one
    urlapi: verify the IPv6 numerical address
    urldata: avoid 'generic', use dedicated pointers
    vauth: Use CURLE_AUTH_ERROR for auth function errors
   2019-08-15 19:19:09 by ng0 | Files touched by this commit (3) | Package updated
Log message:
www/gnurl: Update to 7.65.3

Changelog:

* make the warning in buildconf more clear, month
  after noting that the hardfailure was not necessary.
* comment nroff parts of configure script, build +
  check + release without groff tested succesfully on NetBSD 9.99.4
* Dependencies: python-3 is now supported (should be in curl
  as well) for the tests. If python is required at all for
  the tests needs to be looked at more closely. groff/nroff dropped.

The usual curl Changelog applies, consult https://curl.haxx.se for the
ChangeLog.
   2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557) | Package updated
Log message:
Bump PKGREVISIONs for perl 5.30.0
   2019-07-21 00:46:59 by Thomas Klausner | Files touched by this commit (595)
Log message:
*: recursive bump for nettle 3.5.1
   2019-03-05 01:40:37 by Greg Troxel | Files touched by this commit (3) | Package updated
Log message:
www/gnurl: updated to 7.64.0 (from ng0@ in wip)

* upstream (curl) ChangeLog:

This release includes the following changes:
* cookies: leave secure cookies alone
* hostip: support wildcard hosts
* http: Implement trailing headers for chunked transfers
* http: added options for allowing HTTP/0.9 responses
* timeval: Use high resolution timestamps on Windows

This release includes the following bugfixes:
* CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
* CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
* CVE-2019-3823: SMTP end-of-response out-of-bounds read
* FAQ: remove mention of sourceforge for github
* OS400: handle memory error in list conversion
* OS400: upgrade ILE/RPG binding.
* README: add codacy code quality badge
* Revert http_negotiate: do not close connection
* THANKS: added several missing names from year <= 2000
* build: make 'tidy' target work for metalink builds
* cmake: added checks for variadic macros
* cmake: updated check for HAVE_POLL_FINE to match autotools
* cmake: use lowercase for function name like the rest of the code
* configure: detect xlclang separately from clang
* configure: fix recv/send/select detection on Android
* configure: rewrite --enable-code-coverage
* conncache_unlock: avoid indirection by changing input argument type
* cookie: fix comment typo
* cookies: allow secure override when done over HTTPS
* cookies: extend domain checks to non psl builds
* cookies: skip custom cookies when redirecting cross-site
* curl --xattr: strip credentials from any URL that is stored
* curl -J: refuse to append to the destination file
* curl/urlapi.h: include "curl.h" first
* curl_multi_remove_handle() don't block terminating c-ares requests
* darwinssl: accept setting max-tls with default min-tls
* disconnect: separate connections and easy handles better
* disconnect: set conn->data for protocol disconnect
* docs/version.d: mention MultiSSL
* docs: fix the --tls-max description
* docs: use $(INSTALL_DATA) to install man page
* docs: use meaningless port number in CURLOPT_LOCALPORT example
* gopher: always include the entire gopher-path in request
* http2: clear pause stream id if it gets closed
* if2ip: remove unused function Curl_if_is_interface_name
* libssh: do not let libssh create socket
* libssh: enable CURLOPT_SSH_KNOWNHOSTS and CURLOPT_SSH_KEYFUNCTION for libssh
* libssh: free sftp_canonicalize_path() data correctly
* libtest/stub_gssapi: use "real" snprintf
* mbedtls: use VERIFYHOST
* multi: multiplexing improvements
* multi: set the EXPIRE_*TIMEOUT timers at TIMER_STARTSINGLE time
* ntlm: fix NTMLv2 compliance
* ntlm_sspi: add support for channel binding
* openssl: adapt to 3.0.0, OpenSSL_version_num() is deprecated
* openssl: fix the SSL_get_tlsext_status_ocsp_resp call
* openvms: fix OpenSSL discovery on VAX
* openvms: fix typos in documentation
* os400: add a missing closing bracket
* os400: fix extra parameter syntax error
* pingpong: change default response timeout to 120 seconds
* pingpong: ignore regular timeout in disconnect phase
* printf: fix format specifiers
* runtests.pl: Fix perl call to include srcdir
* schannel: fix compiler warning
* schannel: preserve original certificate path parameter
* schannel: stop calling it "winssl"
* sigpipe: if mbedTLS is used, ignore SIGPIPE
* smb: fix incorrect path in request if connection reused
* ssh: log the libssh2 error message when ssh session startup fails
* test1558: verify CURLINFO_PROTOCOL on file:// transfer
* test1561: improve test name
* test1653: make it survive torture tests
* tests: allow tests to pass by 2037-02-12
* tests: move objnames-* from lib into tests
* timediff: fix math for unsigned time_t
* timeval: Disable MSVC Analyzer GetTickCount warning
* tool_cb_prg: avoid integer overflow
* travis: added cmake build for osx
* urlapi: Fix port parsing of eol colon
* urlapi: distinguish possibly empty query
* urlapi: fix parsing ipv6 with zone index
* urldata: rename easy_conn to just conn
* winbuild: conditionally use /DZLIB_WINAPI
* wolfssl: fix memory-leak in threaded use
* spnego_sspi: add support for channel binding
   2019-02-02 10:00:56 by Leonardo Taccari | Files touched by this commit (1)
Log message:
gnurl: Include all needed bl3

(No PKGREVISION bump since there are no gnurl bl3 users at the moment.)
   2019-02-01 16:21:29 by Greg Troxel | Files touched by this commit (6)
Log message:
gnurl: Import from wip (packaged by ng0)

libgnurl is a fork of libcurl. The goal for libgnurl is to support
only HTTP and HTTPS (and only HTTP 1.x) with a single crypto backend
(GnuTLS) to ensure a small footprint and uniform experience for
developers regardless of how libcurl was compiled.
This software is mainly used by GNUnet. The modifications to curl
are kept to the bare minimum, intended to track upstream closely.
gnurl is not a replacement for curl, so different paths are used.