Subject: CVS commit: pkgsrc/www
From: Thomas Klausner
Date: 2024-11-06 09:19:26
Message id: 20241106081926.C6A57FC7E@cvs.NetBSD.org

Log Message:
*curl*: update to 8.11.0

This release includes the following changes:

 o curl: --create-dirs works for --dump-header as well [4]
 o gtls: Add P12 format support [9]
 o ipfs: add options to disable [8]
 o TLS: TLSv1.3 earlydata support for curl [140]
 o WebSockets: make support official (non-experimental) [106]

This release includes the following bugfixes:

 o alt-svc: honor data->state.httpwant [19]
 o altsvc: avoid using local buffer and memcpy [124]
 o asyn-ares: remove typecast, fix expire [113]
 o autotools: add support for 'unity' builds, enable in CI [15]
 o bearssl: avoid strpcy() when generating TLS version log message [120]
 o bearssl: improved session handling, test exceptions [233]
 o bufq: unwrite fix [121]
 o build: add `ldap` to `libcurl.pc` `Requires:` [139]
 o build: add pytest targets [71]
 o build: clarify CA embed is for curl tool, mark default, improve summary [72]
 o build: detect and use `_setmode()` with Cygwin/MSYS, also use on Windows [136]
 o build: disable warning `-Wunreachable-code-break` [195]
 o build: fix clang-cl builds, add CI job [254]
 o build: fix cross-compile check for poll with bionic [70]
 o build: fix possible `-Wformat-overflow` in lib557 [85]
 o build: limit arc4random detection to no-SSL configs [43]
 o build: show if CA bundle to embed was found [83]
 o build: tidy up and improve versioned-symbols options [5]
 o build: tidy up deprecation suppression, enable warnings for clang [12]
 o certs: add missing `-CAcreateserial` option for LibreSSL [247]
 o checksrc: add check for spaces around logical AND operators [220]
 o checksrc: Added checks for colon operator in ternary expressions [77]
 o checksrc: check for spaces around '?', '>' and '<' [46]
 o ci: dump `curl_config.h` to log in all jobs [199]
 o CI: run with standard mod_http2 [214]
 o cmake, Makefile.mk: use -isystem for headers, silence BearSSL issues [37]
 o cmake/FindCares: fix version detection for c-ares 1.34.1 [209]
 o cmake/FindNGTCP2: use library path as hint for finding crypto module [40]
 o cmake: add missed variable to comment
 o cmake: add native `pkg-config` detection for mbedTLS, MSH3, Quiche, Rustls, \ 
wolfSSL [149]
 o cmake: allow building tests in unity mode [31]
 o cmake: apply `WIN32_LEAN_AND_MEAN` to all feature checks
 o cmake: avoid setting `BUILD_TESTING` [179]
 o cmake: clear package version after `pkg-config` detection [207]
 o cmake: delete unused NEED_LBER_H, HAVE_LDAP_H [38]
 o cmake: detect `HAVE_NETINET_IN6_H`, `HAVE_CLOSESOCKET_CAMEL`, \ 
`HAVE_PROTO_BSDSOCKET_H` [132]
 o cmake: detect GNU GSS [127]
 o cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled [44]
 o cmake: do not propagate unused `HAVE_GSSAPI_GSSAPI_KRB5_H` to C [131]
 o cmake: document `-D` and env build options [208]
 o cmake: drop obsolete items from `TODO` and `INSTALL-CMAKE` [228]
 o cmake: drop redundant assignments [49]
 o cmake: drop redundant zlib var, rename function (internals) [50]
 o cmake: expand CURL_USE_PKGCONFIG to non-cross MINGW [13]
 o cmake: fix broken dependency chain for cmdline-opts, tidy-ups [11]
 o cmake: fix compile warnings for clang-cl [218]
 o cmake: fix missing spacing in log message [205]
 o cmake: limit `CURL_STATIC_CRT` to MSVC [217]
 o cmake: make `test-ci` target skip building dependencies [88]
 o cmake: mark as advanced some internal Find* variables [212]
 o cmake: readd `generate-curl.1` dependency for `src` just in case [86]
 o cmake: rename LDAP dependency config variables to match Find modules [144]
 o cmake: replace `check_include_file_concat()` for LDAP and GSS detection [143]
 o cmake: replace `CURL_*_DIR` with `{PROJECT,CMAKE_CURRENT}_*_DIR` [211]
 o cmake: require quictls (or fork) when using msh3 on non-Windows [14]
 o cmake: separate target for examples, optimize CI, fix fallouts [16]
 o cmake: set version for `project()` and add CPack support [123]
 o cmake: stop adding dependency headers to global `CMAKE_REQUIRED_INCLUDES` [146]
 o cmake: sync torture test parallelism with autotools [35]
 o cmake: tidy up `CURL_DISABLE_FORM_API` initialization [225]
 o cmake: tidy up and shorten symbol hiding initialization [213]
 o cmake: tidy up line order
 o cmake: tidy up picky warning initialization [215]
 o cmake: tidy-ups and rebase fixups [191]
 o cmake: tweaks around debug mode and hidden symbols [194]
 o cmake: untangle feature detection interdependencies [198]
 o cmake: use `list(APPEND)` on `CURL_INCLUDES` [223]
 o cmake: use OpenSSL for LDAP detection only if available [102]
 o cmake: use the `BSD` variable [210]
 o config: rename the OS define to CURL_OS to reduce collision risk [256]
 o configure: add GSS to `libcurl.pc` `Depends:` [126]
 o configure: catch Apple in more target triplets [6]
 o configure: drop duplicate feature checks for `poll()`, `if_nametoindex()` [135]
 o configure: drop unused bare `socket.h` detection [133]
 o configure: improve help string for some options [78]
 o conncache: find bundle again in case it is removed [129]
 o conncache: more efficient implementation of cpool_remove_bundle [176]
 o cookie: overhaul and cleanup [142]
 o curl-rustls.m4: set linker flags to allow rustls build on macos [186]
 o curl.h: remove the struct pointer for CURL/CURLSH/CURLM typedefs [174]
 o curl: add build options for safe/no CA bundle search (Windows) [26]
 o curl: detect ECH support dynamically, not at build time [230]
 o curl_addrinfo: support operating systems with only getaddrinfo(3) [239]
 o curl_multi_perform.md: fix typo [224]
 o curl_trc: fix build with verbose messages disabled [79]
 o curl_url_set.md: document HOST handling when URL is parsed [2]
 o curl_ws_recv.md: the 'meta' pointer is only returned on success [221]
 o curl_ws_recv: return recv 0 and point meta to NULL on all errors [222]
 o CURLMOPT_PIPELINING.md: clarify that CURLPIPE_NOTHING is not default [54]
 o CURLOPT_APPEND.md: goes for SFTP as well [128]
 o CURLOPT_HEADERFUNCTION.md: do not modify the passed in buffer [107]
 o DISABLED: disable test 1060 with hyper [154]
 o DISTROS: avoid use of "very"
 o Dockerfile: update Docker digest to d830561 [226]
 o docs/cmdline-opts: GnuTLS supports PKCS#11 URI in --cert option [101]
 o docs: clarify FTP over HTTP proxy functionality somewhat [203]
 o docs: fix a typo in some cipher options
 o ech: spelling, whitespace, say `--ech` default config [137]
 o ftp: fix 0-length last write on upload from stdin [76]
 o ftp: move listen handling to socket filter [183]
 o GHA: optimize test prereq steps [188]
 o gnutls: use session cache for QUIC [196]
 o hsts: avoid the local buffer and memcpy on lookup [125]
 o hsts: improve subdomain handling [158]
 o hsts: support "implied LWS" properly around max-age [229]
 o http2: auto reset stream on server eos [147]
 o http_aws_sigv4: avoid local buffer and strcpy [92]
 o INSTALL-CMAKE.md: mention focus on shared libraries [73]
 o INSTALL-CMAKE: fix punctuation and a typo
 o INSTALL.md: fix a typo that slipped in to RISC OS
 o json.md: cli-option `--json` is an alias of `--data-binary` [89]
 o lib, src, tests: added space around ternary expressions [56]
 o lib/cw-out: initialize 'flush_all' directly [62]
 o lib/src: white space edits to comply better with code style [47]
 o lib: avoid assigning 'result' temporarily [97]
 o lib: fix disabled-verbose-strings + enable-debug build warnings
 o lib: fix unity builds with BearSSL, MSH3, Quiche, OmniOS [32]
 o lib: move curl_path.[ch] into vssh/ [182]
 o lib: msnprintf tidy-ups [245]
 o lib: remove Curl_ prefix from static functions [202]
 o lib: remove function pointer typecasts for hmac/sha256/md5 [175]
 o lib: use bool/TRUE/FALSE properly [48]
 o libcurl/opts: improve phrasing for connection cap related options [145]
 o libssh.c: handle EGAINS during proto-connect correctly [23]
 o libssh2: delete duplicate `break` [190]
 o libssh2: put the readdir buffers into struct [170]
 o libssh2: use the Curl_* memory functions to avoid memdebug [22]
 o libssh2: use the filename buffer when getting the homedir [169]
 o libtests: generate the lib1521 atomically [148]
 o mbedTLS: fix handling of TLSv1.3 sessions [184]
 o mbedtls: handle session as blobs [234]
 o mbedtls: remove failf() use from mbedtls_random [255]
 o mk-lib1521: fix the long return code check [204]
 o mprintf: do not ignore length modifiers of `%o`, `%x`, `%X` [164]
 o mprintf: treat `%o` as unsigned, add tests for `%o`, `%x`, `%X` [162]
 o mqtt: fix mqtt.md wording and add clearer explanation [172]
 o multi.c: make stronger check for paused transfer before asserting [24]
 o multi.c: warn/assert on stall only without timer [80]
 o multi: avoid reading whole struct pointer from pointer [10]
 o multi: convert Curl_follow to static multi_follow [141]
 o multi: make curl_multi_cleanup invalidate magic latter [159]
 o multi: make multi_handle_timeout use the connect timeout [98]
 o multi: split multi_runsingle into sub functions [200]
 o negotiate: conditional check around GSS & SSL specific code [1]
 o netrc: cache the netrc file in memory [138]
 o ngtcp2: do not loop on recv [251]
 o ngtcp2: set max window size to 10x of initial (128KB) [232]
 o openssl quic: populate x509 store before handshake [117]
 o openssl: convert a memcpy to dynbuf use [57]
 o openssl: extend the OpenSSL error messages [238]
 o openssl: improve retries on shutdown [151]
 o openssl: remove two strcpy() calls [64]
 o OS400: don't delete source files when building with debug [235]
 o packages/OS400/curlmain: remove the strncpy calls [155]
 o processhelp.pm: improve taskkill calls (Windows) [52]
 o pytest: fix run against multissl curl [236]
 o pytest: improve pytest_07_42a reliability [118]
 o pytest: include `buildinfo.txt` in the output [189]
 o pytest: include curl version string and python platform in log [242]
 o pytest: show curl features and protocols [150]
 o quic: use send/recvmmsg when available [93]
 o quic: use the session cache with wolfSSL as well [231]
 o request: on shutdown send, proceed normally on timeout [18]
 o runtests.md: suggest a value for -j for torture tests
 o runtests: add comment for handle64 pathsep requirement
 o runtests: drop unused code for old/classic-mingw support [87]
 o runtests: pass single backslashes with Windows Perl [243]
 o runtests: use deterministic sort for `TESTINFO` lines [201]
 o schannel: fix TLS cert verification by IP SAN [253]
 o schannel: ignore error on recv beyond close notify [167]
 o schannel: reclassify extra-verbose schannel_recv messages [153]
 o select: use poll() if existing, avoid poll() with no sockets [75]
 o sendf: add condition to max-filesize check [3]
 o server/mqttd: fix two memory leaks [178]
 o setopt: avoid superfluous length checks before strcmp() [105]
 o setopt: return error for bad input to CURLOPT_RTSP_REQUEST [240]
 o setopt_cptr: make overflow check only done when needed [241]
 o singleuse: make `git grep` faster, add Apple `nm` support [109]
 o smb: do not redefine `getpid` on Windows [187]
 o smb: replace use of strcpy() with snprintf() [122]
 o socks_gssapi: switch to dynbuf from buffer with strcpy [42]
 o source: avoid use of 'very' in comments
 o src/lib: remove redundant ternary operators [244]
 o src: guard for double declaration of `curl_ca_embed` in unity builds [166]
 o sws: fix unused static function with `TCP_NODELAY` undefined [134]
 o telnet: avoid two strcpy() by pointing to the strings instead [99]
 o test1035: convert host name back to utf8 as should be [63]
 o test1515: add tracing and more debug info [119]
 o test1540: add debug logging [58]
 o test190: replace %FTPTIME2 with a fixed value [34]
 o test1915: add tracing and connect timeout [114]
 o test1915: remove wrong comment
 o test2502: add libtest debug tracing [60]
 o test504: fix handling on pending connect [59]
 o testrun: explicitly set proper IP address for stunnel listen/connect [61]
 o tests/http: fix ubuntu GnuTLS CI failures [161]
 o tests/scorecard: allow remote server test [171]
 o tests/server/util.c: remove use of strncpy [156]
 o tests/valgrind.pm: fix warnings with no valgrind report to show [25]
 o tests/valgrind.supp: remove a travis suppression, add a Debian [116]
 o tests: add and use `%PERL` variable to refer to the Perl binary [82]
 o tests: add codeset-utf8 as a feature [66]
 o tests: add file: tests with existing files [45]
 o tests: allow pytests to run in out-of-tree builds [192]
 o tests: capture stdin to get the vsftpd version number [165]
 o tests: change Python code style to pass ruff checks
 o tests: check http/2 and http/3 server responsiveness [28]
 o tests: delete duplicate macro check [53]
 o tests: enable additional ruff Python lint options
 o tests: fix `%POSIX_PWD` on native Windows Perl [111]
 o tests: fix callback signatures to please UndefinedBehaviorSanitizer [173]
 o tests: Fix FILEFORMAT <file name=""> directive [206]
 o tests: fix keyword for test1411
 o tests: fix shell quoting on native Windows Perl [110]
 o tests: fix some Python typing issues
 o tests: fixup `checkcmd` `PATH` on non-unixy platforms [108]
 o tests: improve mqtt server handling [27]
 o tests: introduce %CLIENT6IP-NB [67]
 o tests: let openssl generate random cert serials [91]
 o tests: libtests and unit tests need explicit #include memdebug [7]
 o tests: make precheck for HTTP on 127.0.0.1 into a feature [68]
 o tests: Only log warnings or worse by default in smbserver [33]
 o tests: postcheck is now in verify [69]
 o tests: remove all valgrind disable instructions [21]
 o tests: remove debug requirement on 38 tests [100]
 o tests: remove the %FTPTIME3 variable [41]
 o tests: replace `%PWD` with `%FILE_PWD` for `file://` [84]
 o tests: replace `%PWD` with `%SSH_PWD` in SCP/SFTP tests [112]
 o tests: replace hard-coded `/dev/null` with variable [81]
 o tests: simplify `pathhelp.pm`, avoid using external tools [95]
 o tests: speed up builds with single-binary test bundles [29]
 o tests: testrunner fairness [39]
 o tests: testrunner reliability improvements [55]
 o tests: use '-4' where needed [17]
 o tests: use a set for several of the curl_props [249]
 o tftp: avoid two memcpy/strcpy [94]
 o tidy-up: rename CURL_WINDOWS_APP to CURL_WINDOWS_UWP [36]
 o tls: avoid abusing CURLE_SSL_ENGINE_INITFAILED [246]
 o tool: support --show-headers AND --remote-header-name [103]
 o tool_doswin: simplify; remove unused options and strncpy calls [65]
 o tool_getparam: drop unused time() call [177]
 o tool_getparam: replace two uses of strncpy(), ban strncpy [157]
 o tool_operate: make --skip-existing work for --parallel [180]
 o tool_operate: reuse the schannel backend check [130]
 o tool_xattr: create the user.creator xattr attribute [197]
 o unit1307: tidy up Apple OS detection [252]
 o unit1660: fix unreachable code warning in no-SSL builds [30]
 o url: connection reuse on h3 connections [20]
 o url: use same credentials on redirect [181]
 o urlapi: drop unused header [51]
 o urlapi: normalize the IPv6 address [115]
 o version: minor cleanups [152]
 o version: say quictls in MSH3 builds [219]
 o vquic: fix compiler warning with gcc + MUSL [168]
 o vquic: recv_mmsg, use fewer, but larger buffers [250]
 o vtls: convert Curl_pin_peer_pubkey to use dynbuf [74]
 o vtls: convert pubkey_pem_to_der to use dynbuf [90]
 o warnless: remove curlx_sktosi and curlx_sitosk [104]
 o winbuild/README: consolidate command prompt section [193]
 o winbuild/README: document how to clean a build [163]
 o winbuild: add initial wolfSSL support [227]
 o winbuild: drop `gen_resp_file.bat` [248]
 o wolfssl: convert malloc + memcpys to dynbuf for cipher string [96]
 o wolfSSL: fix handling of TLSv1.3 sessions [185]
 o wolfssl: no more use of the OpenSSL API [216]
 o wolfssl: use old version API without openssl extra [160]

Files:
RevisionActionfile
1.287modifypkgsrc/www/curl/Makefile
1.18modifypkgsrc/www/curl/Makefile.common
1.102modifypkgsrc/www/curl/PLIST
1.209modifypkgsrc/www/curl/distinfo
1.13modifypkgsrc/www/curl/patches/patch-curl-config.in
1.12modifypkgsrc/www/libcurl-gnutls/Makefile