./www/curl, Client that groks URLs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 7.68.0nb2, Package name: curl-7.68.0nb2, Maintainer: leot

Curl is a command line tool for transferring files with URL syntax, supporting
HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload,
proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate,
kerberos...), file transfer resume, proxy tunneling and a busload of other
useful tricks.

Required to run:
[www/nghttp2] [devel/libidn2]

Required to build:

Package options: gssapi, http2, idn, inet6

Master sites:

SHA1: 9a7c6aca20065581315fd1327b938185297d05a4
RMD160: e6c7e2cfbabca69cd36be4025ab3fa0c209bd28e
Filesize: 2385.535 KB

Version history: (Expand)

CVS history: (Expand)

   2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)
Log message:
*: Recursive revision bump for openssl 1.1.1.
   2020-01-12 21:20:50 by Ryo ONODERA | Files touched by this commit (574)
Log message:
*: Recursive revbump from devel/boost-libs
   2020-01-08 12:59:18 by Leonardo Taccari | Files touched by this commit (4) | Package updated
Log message:
curl: Update to 7.68.0

pkgsrc changes:
 - Removes patch-configure hunks applied upstream

This release includes the following changes:

 o TLS: add BearSSL vtls implementation
 o curl: add --etag-compare and --etag-save
 o curl: add --parallel-immediate
 o multi: add curl_multi_wakeup()
 o openssl: CURLSSLOPT_NO_PARTIALCHAIN can disable partial cert chains

This release includes the following bugfixes:

 o CVE-2019-15601: file: on Windows, refuse paths that start with \\
 o Azure Pipelines: add several builds
 o CMake: add support for building with the NSS vtls backend
 o CURL-DISABLE: initial docs for the CURL_DISABLE_* defines
 o CURLOPT_HEADERFUNCTION.3: Document that size is always 1
 o CURLOPT_QUOTE.3: fix typos
 o CURLOPT_READFUNCTION.3: fix the example
 o CURLOPT_URL.3: "curl supports SMB version 1 (only)"
 o HISTORY: added cmake, HTTP/3 and parallel downloads with curl
 o HISTORY: the SMB(S) support landed in 2014
 o INSTALL.md: provide Android build instructions
 o KNOWN_BUGS: Connection information when using TCP Fast Open
 o KNOWN_BUGS: LDAP on Windows doesn't work correctly
 o KNOWN_BUGS: TLS session cache doesn't work with TFO
 o OPENSOCKETFUNCTION.3: correct the purpose description
 o TrackMemory tests: always remove CR before LF
 o altsvc: bump to h3-24
 o altsvc: make the save function ignore NULL filenames
 o build: Disable Visual Studio warning "conditional expression is \ 
 o build: fix for CURL_DISABLE_DOH
 o checksrc.bat: Add a check for vquic and vssh directories
 o checksrc: repair the copyrightyear check
 o cirrus-ci: enable clang sanitizers on freebsd 13
 o cirrus: Drop the FreeBSD 10.4 build
 o config-win32: cpu-machine-OS for Windows on ARM
 o configure: avoid unportable `==' test(1) operator
 o configure: enable IPv6 support without `getaddrinfo`
 o configure: fix typo in help text
 o conncache: CONNECT_ONLY connections assumed always in-use
 o conncache: fix multi-thread use of shared connection cache
 o copyrights: fix copyright year range
 o create_conn: prefer multiplexing to using new connections
 o curl -w: handle a blank input file correctly
 o curl.h: add two missing defines for "pre ISO C" compilers
 o curl/parseconfig: fix mem-leak
 o curl/parseconfig: use curl_free() to free memory allocated by libcurl
 o curl: cleanup multi handle on failure
 o curl: fix --upload-file . hangs if delay in STDIN
 o curl: fix -T globbing
 o curl: improved cleanup in upload error path
 o curl: make a few char pointers point to const char instead
 o curl: properly free mimepost data
 o curl: show better error message when no homedir is found
 o curl: show error for --http3 if libcurl lacks support
 o curl_setup_once: consistently use WHILE_FALSE in macros
 o define: remove HAVE_ENGINE_LOAD_BUILTIN_ENGINES, not used anymore
 o docs: Change 'experiemental' to 'experimental'
 o docs: TLS SRP doesn't work with TLS 1.3
 o docs: fix several typos
 o docs: mention CURL_MAX_INPUT_LENGTH restrictions
 o doh: improved both encoding and decoding
 o doh: make it behave when built without proxy support
 o examples/postinmemory.c: Call curl_global_cleanup always
 o examples/url2file.c: corrected erroneous comment
 o examples: add multi-poll.c
 o global_init: undo the "intialized" bump in case of failure
 o hostip: suppress compiler warning
 o http_ntlm: Remove duplicate NSS initialisation
 o lib: Move lib/ssh.h -> lib/vssh/ssh.h
 o lib: fix compiler warnings with `CURL_DISABLE_VERBOSE_STRINGS`
 o lib: fix warnings found when porting to NuttX
 o lib: remove ASSIGNWITHINCONDITION exceptions, use our code style
 o lib: remove erroneous +x file permission on some c files
 o libssh2: add support for ECDSA and ed25519 knownhost keys
 o multi.h: remove INITIAL_MAX_CONCURRENT_STREAMS from public header
 o multi: free sockhash on OOM
 o multi_poll: avoid busy-loop when called without easy handles attached
 o ngtcp2: Support the latest update key callback type
 o ngtcp2: fix thread-safety bug in error-handling
 o ngtcp2: free used resources on disconnect
 o ngtcp2: handle key updates as ngtcp2 master branch tells us
 o ngtcp2: increase QUIC window size when data is consumed
 o ngtcp2: use overflow buffer for extra HTTP/3 data
 o ntlm: USE_WIN32_CRYPTO check removed to get USE_NTLM2SESSION set
 o ntlm_wb: fix double-free in OOM
 o openssl: Revert to less sensitivity for SYSCALL errors
 o openssl: improve error message for SYSCALL during connect
 o openssl: prevent recursive function calls from ctx callbacks
 o openssl: retrieve reported LibreSSL version at runtime
 o openssl: set X509_V_FLAG_PARTIAL_CHAIN by default
 o parsedate: offer a getdate_capped() alternative
 o pause: avoid updating socket if done was already called
 o projects: Fix Visual Studio projects SSH builds
 o projects: Fix Visual Studio wolfSSL configurations
 o quiche: reject HTTP/3 headers in the wrong order
 o remove_handle: clear expire timers after multi_done()
 o runtests: --repeat=[num] to repeat tests
 o runtests: introduce --shallow to reduce huge torture tests
 o schannel: fix --tls-max for when min is --tlsv1 or default
 o setopt: Fix ALPN / NPN user option when built without HTTP2
 o strerror: Add Curl_winapi_strerror for Win API specific errors
 o strerror: Fix an error looking up some Windows error strings
 o strerror: Fix compiler warning "empty expression"
 o system.h: fix for MCST lcc compiler
 o test/sws: search for "Testno:" header unconditionally if no testno
 o test1175: verify symbols-in-versions and libcurl-errors.3 in sync
 o test1270: a basic -w redirect_url test
 o test1456: remove the use of a fixed local port number
 o test1558: use double slash after file:
 o test1560: require IPv6 for IPv6 aware URL parsing
 o tests/lib1557: fix mem-leak in OOM
 o tests/lib1559: fix mem-leak in OOM
 o tests/lib1591: free memory properly on OOM, in the trailers callback
 o tests/unit1607: fix mem-leak in OOM
 o tests/unit1609: fix mem-leak in OOM
 o tests/unit1620: fix bad free in OOM
 o tests: Change NTLM tests to require SSL
 o tests: Fix bounce requests with truncated writes
 o tests: fix build with `CURL_DISABLE_DOH`
 o tests: fix permissions of ssh keys in WSL
 o tests: make it possible to set executable extensions
 o tests: make sure checksrc runs on header files too
 o tests: set LC_ALL=en_US.UTF-8 instead of blank in several tests
 o tests: use DoH feature for DoH tests
 o tests: use \r\n for log messages in WSL
 o tool_operate: fix mem leak when failed config parse
 o travis: Fix error detection
 o travis: abandon coveralls, it is not reliable
 o travis: build ngtcp2 with --enable-lib-only
 o travis: export the CC/CXX variables when set
 o vtls: make BearSSL possible to set with CURL_SSL_BACKEND
 o winbuild: Define CARES_STATICLIB when WITH_CARES=static
 o winbuild: Document CURL_STATICLIB requirement for static libcurl

This release includes the following known bugs:

 o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html)
   2019-11-06 10:17:29 by Leonardo Taccari | Files touched by this commit (4) | Package updated
Log message:
curl: Update to 7.67.0

This release includes the following changes:

 o curl: added --no-progress-meter
 o urlapi: CURLU_NO_AUTHORITY allows empty authority/host part

This release includes the following bugfixes:

 o BINDINGS: five new bindings addded
 o CURLOPT_TIMEOUT.3: Clarify transfer timeout time includes queue time
 o CURLOPT_TIMEOUT.3: remove the mention of "minutes"
 o ESNI: initial build/setup support
 o FTP: FTPFILE_NOCWD: avoid redundant CWDs
 o FTP: allow "rubbish" prepended to the SIZE response
 o FTP: remove trailing slash from path for LIST/MLSD
 o FTP: skip CWD to entry dir when target is absolute
 o FTP: url-decode path before evaluation
 o HTTP3.md: move -p for mkdir, remove -j for make
 o HTTP3: fix invalid use of sendto for connected UDP socket
 o HTTP3: fix ngtcp2 Windows build
 o HTTP3: fix prefix parameter for ngtcp2 build
 o HTTP3: fix typo somehere1 > somewhere1
 o HTTP3: show an --alt-svc using example too
 o INSTALL: add missing space for configure commands
 o INSTALL: add vcpkg installation instructions
 o README: minor grammar fix
 o altsvc: accept quoted ma and persist values
 o altsvc: both backends run h3-23 now
 o appveyor: Add MSVC ARM64 build
 o appveyor: Use two parallel compilation on appveyor with CMake
 o appveyor: add --disable-proxy autotools build
 o appveyor: add 32-bit MinGW-w64 build
 o appveyor: add a winbuild
 o appveyor: add a winbuild that uses VS2017
 o appveyor: make winbuilds with DEBUG=no/yes and VS 2015/2017
 o appveyor: publish artifacts on appveyor
 o appveyor: upgrade VS2017 to VS2019
 o asyn-thread: make use of Curl_socketpair() where available
 o asyn-thread: s/AF_LOCAL/AF_UNIX for Solaris
 o build: Remove unused HAVE_LIBSSL and HAVE_LIBCRYPTO defines
 o checksrc: fix uninitialized variable warning
 o chunked-encoding: stop hiding the CURLE_BAD_CONTENT_ENCODING error
 o cirrus: Increase the git clone depth
 o cirrus: Switch the FreeBSD 11.x build to 11.3 and add a 13.0 build
 o cirrus: switch off blackhole status on the freebsd CI machines
 o cleanups: 21 various PVS-Studio warnings
 o configure: only say ipv6 enabled when the variable is set
 o configure: remove all cyassl references
 o conn-reuse: requests wanting NTLM can reuse non-NTLM connections
 o connect: return CURLE_OPERATION_TIMEDOUT for errno == ETIMEDOUT
 o connect: silence sign-compare warning
 o cookie: avoid harmless use after free
 o cookie: pass in the correct cookie amount to qsort()
 o cookies: change argument type for Curl_flush_cookies
 o cookies: using a share with cookies shouldn't enable the cookie engine
 o copyrights: update copyright notices to 2019
 o curl: create easy handles on-demand and not ahead of time
 o curl: ensure HTTP 429 triggers --retry
 o curl: exit the create_transfers loop on errors
 o curl: fix memory leaked by parse_metalink()
 o curl: load large files with -d @ much faster
 o docs/HTTP3: fix `--with-ssl` ngtcp2 configure flag
 o docs: added multi-event.c example
 o docs: disambiguate CURLUPART_HOST is for host name (ie no port)
 o docs: note on failed handles not being counted by curl_multi_perform
 o doh: allow only http and https in debug mode
 o doh: avoid truncating DNS QTYPE to lower octet
 o doh: clean up dangling DOH memory on easy close
 o doh: fix (harmless) buffer overrun
 o doh: fix undefined behaviour and open up for gcc and clang optimization
 o doh: return early if there is no time left
 o examples/sslbackend: fix -Wchar-subscripts warning
 o examples: remove the "this exact code has not been verified"
 o git: add tests/server/disabled to .gitignore
 o gnutls: make gnutls_bye() not wait for response on shutdown
 o http2: expire a timeout at end of stream
 o http2: prevent dup'ed handles to send dummy PRIORITY frames
 o http2: relax verification of :authority in push promise requests
 o http2_recv: a closed stream trumps pause state
 o http: lowercase headernames for HTTP/2 and HTTP/3
 o ldap: Stop using wide char version of ldapp_err2string
 o ldap: fix OOM error on missing query string
 o mbedtls: add error message for cert validity starting in the future
 o mime: when disabled, avoid C99 macro
 o ngtcp2: adapt to API change
 o ngtcp2: compile with latest ngtcp2 + nghttp3 draft-23
 o ngtcp2: remove fprintf() calls
 o openssl: close_notify on the FTP data connection doesn't mean closure
 o openssl: fix compiler warning with LibreSSL
 o openssl: use strerror on SSL_ERROR_SYSCALL
 o os400: getpeername() and getsockname() return ebcdic AF_UNIX sockaddr
 o parsedate: fix date parsing disabled builds
 o quiche: don't close connection at end of stream
 o quiche: persist connection details (fixes -I with --http3)
 o quiche: set 'drain' when returning without having drained the queues
 o quiche: update HTTP/3 config creation to new API
 o redirect: handle redirects to absolute URLs containing spaces
 o runtests: get textaware info from curl instead of perl
 o schannel: reverse the order of certinfo insertions
 o schannel_verify: Fix concurrent openings of CA file
 o security: silence conversion warning
 o setopt: handle ALTSVC set to NULL
 o setopt: make it easier to add new enum values
 o setopt: store CURLOPT_RTSP_SERVER_CSEQ correctly
 o smb: check for full size message before reading message details
 o smbserver: fix Python 3 compatibility
 o socks: Fix destination host shown on SOCKS5 error
 o test1162: disable MSYS2's POSIX path conversion
 o test1591: fix spelling of http feature
 o tests: add `connect to non-listen` keywords
 o tests: fix narrowing conversion warnings
 o tests: fix the test 3001 cert failures
 o tests: makes tests succeed when using --disable-proxy
 o tests: use %FILE_PWD for file:// URLs
 o tests: use port 2 instead of 60000 for a safer non-listening port
 o tool_operate: Fix retry sleep time shown to user when Retry-After
 o travis: Add an ARM64 build
 o url: Curl_free_request_state() should also free doh handles
 o url: don't set appconnect time for non-ssl/non-ssh connections
 o url: fix the NULL hostname compiler warning
 o url: normalize CURLINFO_EFFECTIVE_URL
 o url: only reuse TLS connections with matching pinning
 o urlapi: avoid index underflow for short ipv6 hostnames
 o urlapi: fix URL encoding when setting a full URL
 o urlapi: fix unused variable warning
 o urlapi: question mark within fragment is still fragment
 o urldata: use 'bool' for the bit type on MSVC compilers
 o vtls: Fix comment typo about macosx-version-min compiler flag
 o vtls: fix narrowing conversion warnings
 o winbuild/MakefileBuild.vc: Add vssh
 o winbuild/MakefileBuild.vc: Fix line endings
 o winbuild: Add manifest to curl.exe for proper OS version detection
 o winbuild: add ENABLE_UNICODE option
   2019-09-18 09:21:08 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
curl: http2 is now a suggested option; bump revision
   2019-09-11 10:32:03 by Leonardo Taccari | Files touched by this commit (3) | Package updated
Log message:
curl: Update to 7.66.0

This release includes the following changes:

 o CURLINFO_RETRY_AFTER: parse the Retry-After header value
 o HTTP3: initial (experimental still not working) support
 o curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
 o curl: support parallel transfers with -Z
 o curl_multi_poll: a sister to curl_multi_wait() that waits more
 o sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID

This release includes the following bugfixes:

 o CVE-2019-5481: FTP-KRB double-free
 o CVE-2019-5482: TFTP small blocksize heap buffer overflow
 o CI: remove duplicate configure flag for LGTM.com
 o CMake: remove needless newlines at end of gss variables
 o CMake: use platform dependent name for dlopen() library
 o CURLINFO docs: mention that in redirects times are added
 o CURLOPT_ALTSVC.3: use a "" file name to not load from a file
 o CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
 o CURLOPT_READFUNCTION.3: provide inline example
 o CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
 o Curl_addr2string: take an addrlen argument too
 o Curl_fillreadbuffer: avoid double-free trailer buf on error
 o HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
 o alt-svc: add protocol version selection masking
 o alt-svc: fix removal of expired cache entry
 o alt-svc: make it use h3-22 with ngtcp2 as well
 o alt-svc: more liberal ALPN name parsing
 o alt-svc: send Alt-Used: in redirected requests
 o alt-svc: with quiche, use the quiche h3 alpn string
 o appveyor: pass on -k to make
 o asyn-thread: create a socketpair to wait on
 o build-openssl: fix build with Visual Studio 2019
 o cleanup: move functions out of url.c and make them static
 o cleanup: remove the 'numsocks' argument used in many places
 o configure: avoid undefined check_for_ca_bundle
 o curl.h: add CURL_HTTP_VERSION_3 to the version enum
 o curl.h: fix outdated comment
 o curl: cap the maximum allowed values for retry time arguments
 o curl: handle a libcurl build without netrc support
 o curl: make use of CURLINFO_RETRY_AFTER when retrying
 o curl: remove outdated comment
 o curl: use .curlrc (with a dot) on Windows
 o curl: use CURLINFO_PROTOCOL to check for HTTP(s)
 o curl_global_init_mem.3: mention it was added in 7.12.0
 o curl_version: bump string buffer size to 250
 o curl_version_info.3: mentioned ALTSVC and HTTP3
 o curl_version_info: offer quic (and h3) library info
 o curl_version_info: provide nghttp2 details
 o defines: avoid underscore-prefixed defines
 o docs/ALTSVC: remove what works and the experimental explanation
 o docs/EXPERIMENTAL: explain what it means and what's experimental now
 o docs/MANUAL.md: converted to markdown from plain text
 o docs/examples/curlx: fix errors
 o docs: s/curl_debug/curl_dbg_debug in comments and docs
 o easy: resize receive buffer on easy handle reset
 o examples: Avoid reserved names in hiperfifo examples
 o examples: add http3.c, altsvc.c and http3-present.c
 o getenv: support up to 4K environment variable contents on windows
 o http09: disable HTTP/0.9 by default in both tool and library
 o http2: when marked for closure and wanted to close == OK
 o http2_recv: trigger another read when the last data is returned
 o http: fix use of credentials from URL when using HTTP proxy
 o http_negotiate: improve handling of gss_init_sec_context() failures
 o md4: Use our own MD4 when no crypto libraries are available
 o multi: call detach_connection before Curl_disconnect
 o netrc: make the code try ".netrc" on Windows
 o nss: use TLSv1.3 as default if supported
 o openssl: build warning free with boringssl
 o openssl: use SSL_CTX_set_<min|max>_proto_version() when available
 o plan9: add support for running on Plan 9
 o progress: reset download/uploaded counter between transfers
 o readwrite_data: repair setting the TIMER_STARTTRANSFER stamp
 o scp: fix directory name length used in memcpy
 o smb: init *msg to NULL in smb_send_and_recv()
 o smtp: check for and bail out on too short EHLO response
 o source: remove names from source comments
 o spnego_sspi: add typecast to fix build warning
 o src/makefile: fix uncompressed hugehelp.c generation
 o ssh-libssh: do not specify O_APPEND when not in append mode
 o ssh: move code into vssh for SSH backends
 o sspi: fix memory leaks
 o tests: Replace outdated test case numbering documentation
 o tftp: return error when packet is too small for options
 o timediff: make it 64 bit (if possible) even with 32 bit time_t
 o travis: reduce number of torture tests in 'coverage'
 o url: make use of new HTTP version if alt-svc has one
 o urlapi: verify the IPv6 numerical address
 o urldata: avoid 'generic', use dedicated pointers
 o vauth: Use CURLE_AUTH_ERROR for auth function errors
   2019-08-22 14:23:56 by Ryo ONODERA | Files touched by this commit (678)
Log message:
Recursive revbump from boost-1.71.0
   2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557) | Package updated
Log message:
Bump PKGREVISIONs for perl 5.30.0