Subject: CVS commit: pkgsrc/www/curl
From: Thomas Klausner
Date: 2022-12-21 08:52:06
Message id: 20221221075206.5F2CFFA90@cvs.NetBSD.org

Log Message:
curl: update to 7.87.0.

Security fix release.

curl and libcurl 7.87.0

 Public curl releases:         212
 Command line options:         249
 curl_easy_setopt() options:   302
 Public functions in libcurl:  91
 Contributors:                 2771

This release includes the following changes:

 o curl: add --url-query [52]
 o CURLOPT_QUICK_EXIT: don't wait for DNS thread on exit [75]
 o lib: add CURL_WRITEFUNC_ERROR to signal write callback error [47]
 o openssl: reduce CA certificate bundle reparsing by caching [11]
 o version: add a feature names array to curl_version_info_data [67]

This release includes the following bugfixes:

 o altsvc: fix rejection of negative port numbers [144]
 o aws_sigv4: consult x-%s-content-sha256 for payload hash [102]
 o aws_sigv4: fix typos in aws_sigv4.c [101]
 o base64: better alloc size [124]
 o base64: encode without using snprintf [123]
 o base64: faster base64 decoding [120]
 o build: assume assert.h is always available [111]
 o build: assume errno.h is always available [110]
 o c-hyper: CONNECT respones are not server responses [137]
 o c-hyper: fix multi-request mechanism [115]
 o CI: Change FreeBSD image from 12.3 to 12.4 [108]
 o CI: LGTM.com will be shut down in December 2022 [112]
 o ci: Remove zuul fuzzing job as it's superseded by CIFuzz
 o cmake: check for cross-compile, not for toolchain [54]
 o CMake: fix build with `CURL_USE_GSSAPI` [78]
 o cmake: really enable warnings with clang [25]
 o cmake: set the soname on the shared library [140]
 o cmdline-opts/gen.pl: fix the linkifier [64]
 o cmdline-opts/page-footer: remove long option nroff formatting
 o config-mac: define HAVE_SYS_IOCTL_H [107]
 o config-mac: fix typo: size_T -> size_t [125]
 o config-mac: remove HAVE_SYS_SELECT_H [116]
 o config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW [41]
 o configure: require fork for NTLM-WB [36]
 o contributors.sh: actually use $CURLWWW instead of just setting it [129]
 o cookie: compare cookie prefixes case insensitively [14]
 o cookie: expire cookies at once when max-age is negative [45]
 o cookie: open cookie jar as a binary file [89]
 o curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS [90]
 o curl-rustls.m4: on macOS, rustls also needs the Security framework [44]
 o curl.h: include <sys/select.h> on SerenityOS [104]
 o curl.h: name all public function parameters [118]
 o curl.h: reword comment to not use deprecated option [132]
 o curl: override the numeric locale and set "C" by force [60]
 o curl: timeout in the read callback [15]
 o curl_endian: remove Curl_write64_le from header [81]
 o curl_get_line: allow last line without newline char [88]
 o curl_path: do not add '/' if homedir ends with one [4]
 o curl_url_get.3: remove spurious backtick [127]
 o curl_url_set.3: document CURLU_DISALLOW_USER [139]
 o curl_url_set.3: fix typo [148]
 o CURLMOPT_SOCKETFUNCTION.3: clarify CURL_POLL_REMOVE [1]
 o CURLOPT_COOKIEFILE.3: advice => advise [131]
 o CURLOPT_DEBUGFUNCTION.3: do not assume nul-termination in example [31]
 o CURLOPT_DEBUGFUNCTION.3: emphasize that incoming data is "raw" [130]
 o CURLOPT_POST.3: Explain setting to 0 changes request type [61]
 o docs/curl_ws_send: Fixed typo in websocket docs [114]
 o docs/EARLY-RELEASE.md: how to determine an early release [37]
 o docs/examples: spell correction ('Retrieve') [119]
 o docs/INSTALL.md: expand on static builds [62]
 o docs/WEBSOCKET.md: explain the URL use [71]
 o docs: add missing parameters for --retry flag [2]
 o docs: add more "SEE ALSO" links to CA related pages [82]
 o docs: explain the noproxy CIDR notation support [17]
 o docs: extend the dump-header documentation [150]
 o docs: remove performance note in CURLOPT_SSL_VERIFYPEER [13]
 o examples/10-at-a-time: fix possible skipped final transfers [85]
 o examples: update descriptions [83]
 o ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH [96]
 o gen.pl: do not generate CURLHELP bitmask lines > 79 characters [10]
 o GHA: clarify workflows permissions, set least possible privilege [79]
 o GHA: NSS use clang instead of clang-9 [103]
 o gnutls: use common gnutls init and verify code for ngtcp2 [98]
 o headers: add endif comments [51]
 o HTTP-COOKIES.md: mention that http://localhost is a secure context [76]
 o HTTP-COOKIES.md: update the 6265bis link to draft-11 [70]
 o http: do not send PROXY more than once [46]
 o http: fix the ::1 comparison for IPv6 localhost for cookies [155]
 o http: set 'this_is_a_follow' in the Location: logic [40]
 o http: use the IDN decoded name in HSTS checks [154]
 o hyper: classify headers as CONNECT and 1XX [56]
 o hyper: fix handling of hyper_task's when reusing the same address [33]
 o idn: remove Curl_win32_ascii_to_idn [153]
 o INSTALL: update operating systems and CPU archs [91]
 o KNOWN_BUGS: remove eight entries [50]
 o lib1560: add some basic IDN host name tests [151]
 o lib: connection filters (cfilter) addition to curl: [43]
 o lib: feature deprecation warnings in gcc >= 4.3 [58]
 o lib: fix some type mismatches and remove unneeded typecasts [12]
 o lib: parse numbers with fixed known base 10 [77]
 o lib: remove bad set.opt_no_body assignments [42]
 o lib: rewind BEFORE request instead of AFTER previous [65]
 o lib: sync guard for Curl_getaddrinfo_ex() definition and use [6]
 o lib: use size_t or int etc instead of longs [145]
 o libcurl-errors.3: remove duplicate word [3]
 o libssh2: return error when ssh_hostkeyfunc returns error [121]
 o limit-rate.d: see also --rate
 o log2changes.pl: wrap long lines at 80 columns [59]
 o Makefile.mk: address minor issues [87]
 o Makefile.mk: improve a GNU Make hack [122]
 o Makefile.mk: portable Makefile.m32 [86]
 o maketgz: set the right version in lib/libcurl.plist [53]
 o mime: relax easy/mime structures binding [94]
 o misc: Fix incorrect spelling [113]
 o misc: remove duplicated include files [28]
 o misc: typo and grammar fixes [23]
 o negtelnetserver.py: have it call its close() method [68]
 o netrc.d: provide mutext info [63]
 o netware: remove leftover traces [80]
 o noproxy: also match with adjacent comma [19]
 o noproxy: guard against empty hostnames in noproxy check [136]
 o noproxy: tailmatch like in 7.85.0 and earlier [35]
 o nroff-scan.pl: detect double highlights
 o ntlm: improve comment for encrypt_des [55]
 o ntlm: silence ubsan warning about copying from null target_info pointer [69]
 o openssl/mbedtls: use %d for outputing port with failf (int) [72]
 o openssl: prefix errors with '[lib]/[version]: ' [105]
 o os400: use platform socklen_t in Curl_getnameinfo_a [18]
 o page-header: grammar improvement (display transfer rate) [126]
 o proxy: refactor haproxy protocol handling as connection filter [57]
 o README.md: remove badges and xmas-tree garnish [9]
 o rtsp: fix RTSP auth [49]
 o runtests: --no-debuginfod now disables DEBUGINFOD_URLS [100]
 o runtests: do CRLF replacements per section only [97]
 o scripts/checksrc.pl: detect duplicated include files [29]
 o sendf: change Curl_read_plain to wrap Curl_recv_plain [48]
 o sendf: remove unnecessary if condition [26]
 o setup: do not require __MRC__ defined for Mac OS 9 builds [117]
 o smb/telnet: do not free the protocol struct in *_done() [152]
 o socks: fix username max size is 255 (0xFF) [146]
 o spellcheck.words: remove 'github' as an accepted word [22]
 o ssl-reqd.d: clarify that this is for upgrading connections only [138]
 o strcase: use curl_str(n)equal for case insensitive matches [8]
 o styled-output.d: this option does not work on Windows [93]
 o system.h: fix socklen_t, curl_off_t, long long for Classic Mac OS [133]
 o system.h: support 64-bit curl_off_t for NonStop 32-bit [21]
 o test1421: fix typo [109]
 o test3026: reduce runtime in legacy mingw builds [73]
 o tests/sshserver.pl: re-enable ssh-rsa while using openssh 8.8+
 o tests: add authorityInfoAccess to generated certs [99]
 o tests: add HTTP/3 test case, custom location for proper nghttpx [106]
 o tls: backends use connection filters for IO, enabling HTTPS-proxy [92]
 o tool: determine the correct fopen option for -D [95]
 o tool_cfgable: free the ssl_ec_curves on exit [142]
 o tool_cfgable: make socks5_gssapi_nec a boolean [128]
 o tool_formparse: avoid clobbering on function params [135]
 o tool_getparam: make --no-get work as the opposite of --get [39]
 o tool_operate: provide better errmsg for -G with bad URL [16]
 o tool_operate: when aborting, make sure there is a non-NULL error buffer [20]
 o tool_paramhlp: free the proto strings on exit [141]
 o url: move back the IDN conversion of proxy names [74]
 o urlapi: reject more bad letters from the host name: &+() [143]
 o urldata: change port num storage to int and unsigned short [66]
 o vms: remove SIZEOF_SHORT [134]
 o vtls: fix build without proxy support [38]
 o vtls: localization of state data in filters [84]
 o WEBSOCKET.md: fix broken link [30]
 o Websocket: fixes for partial frames and buffer updates [7]
 o websockets: fix handling of partial frames [32]
 o windows: fail early with a missing windres in autotools [5]
 o windows: fix linking .rc to shared curl with autotools [24]
 o winidn: drop WANT_IDN_PROTOTYPES [27]
 o ws: if no connection is around, return error [149]
 o ws: return CURLE_NOT_BUILT_IN when websockets not built in [34]
 o x509asn1: avoid freeing unallocated pointers [147]

Files:
RevisionActionfile
1.264modifypkgsrc/www/curl/Makefile
1.93modifypkgsrc/www/curl/PLIST
1.187modifypkgsrc/www/curl/distinfo