Log message:
www/curl: Bump PKGREVISON for libcurl.pc change for NetBSD

Log message:
www/curl: Disable gssapi option for NetBSD

With gssapi option, libcurl.pc includes heimdal-gssapi in
Requires.private. And it is not supplied by heimdal in NetBSD base.
Then consumers of www/curl do not build.
Disable gssapi option by default for NetBSD as workaround.

Log message:
curl: remove patch-configure

didn't apply any longer

Log message:
curl: update to 8.11.1.

This release includes the following bugfixes:

 o build: fix ECH to always enable HTTPS RR [35]
 o build: fix MSVC UWP builds [32]
 o build: omit certain deps from `libcurl.pc` unless found via `pkg-config` [27]
 o build: use `_fseeki64()` on Windows, drop detections [41]
 o cmake: do not echo most inherited `LDFLAGS` to config files [55]
 o cmake: drop cmake args list from `buildinfo.txt` [8]
 o cmake: include `wolfssl/options.h` first [53]
 o cmake: remove legacy unused IMMEDIATE keyword [21]
 o cmake: restore cmake args list in `buildinfo.txt` [26]
 o cmake: set `CURL_STATICLIB` for static lib when `SHARE_LIB_OBJECT=OFF` [64]
 o cmake: sync GSS config code with other deps [28]
 o cmake: typo in comment
 o cmake: work around `ios.toolchain.cmake` breaking feature-detections [37]
 o cmakelint: fix to check root `CMakeLists.txt` [36]
 o cmdline/ech.md: formatting cleanups [13]
 o configure: add FIXMEs for disabled pkg-config references
 o configure: do not echo most inherited `LDFLAGS` to config files [31]
 o configure: replace `$#` shell syntax [25]
 o cookie: treat cookie name case sensitively [4]
 o curl-rustls.m4: keep existing `CPPFLAGS`/`LDFLAGS` when detected [40]
 o curl.h: mark two error codes as obsolete [19]
 o curl: --continue-at is mutually exclusive with --no-clobber [51]
 o curl: --continue-at is mutually exclusive with --range [61]
 o curl: --continue-at is mutually exclusive with --remove-on-error [50]
 o curl: --test-duphandle in debug builds runs "duphandled" [6]
 o curl: do more command line parsing in sub functions [71]
 o curl: rename struct var to fix AIX build [24]
 o curl: use realtime in trace timestamps [52]
 o curl_multi_socket_all.md: soften the deprecation warning [56]
 o CURLOPT_PREREQFUNCTION.md: add result code on failure [23]
 o digest: produce a shorter cnonce in Digest headers [70]
 o DISTROS: update Alt Linux links
 o dmaketgz: use --no-cache when building docker image [66]
 o docs: bring back ALTSVC.md and HSTS.md [76]
 o docs: document default `User-Agent` [57]
 o docs: suggest --ssl-reqd instead of --ftp-ssl [62]
 o duphandle: also init netrc [3]
 o ECH: enable support for the AWS-LC backend [5]
 o hostip: don't use the resolver for FQDN localhost [45]
 o http_negotiate: allow for a one byte larger channel binding buffer [63]
 o http_proxy: move dynhds_add_custom here from http.c [18]
 o KNOWN_BUGS: setting a disabled option should return CURLE_NOT_BUILT_IN [74]
 o krb5: fix socket/sockindex confusion, MSVC compiler warnings [22]
 o lib: fixes for wolfSSL OPENSSL_COEXIST [73]
 o libssh: use libssh sftp_aio to upload file [47]
 o libssh: when using IPv6 numerical address, add brackets [43]
 o macos: disable gcc `availability` workaround as needed [7]
 o mbedtls: call psa_crypt_init() in global init [2]
 o mime: fix reader stall on small read lengths [65]
 o mk-ca-bundle: remove CKA_NSS_SERVER_DISTRUST_AFTER conditions [39]
 o mprintf: fix the integer overflow checks [44]
 o multi: add clarifying comment for wakeup_write() [9]
 o multi: fix callback for `CURLMOPT_TIMERFUNCTION` not being called again \ 
when... [48]
 o netrc: address several netrc parser flaws [17]
 o netrc: support large file, longer lines, longer tokens [14]
 o nghttp2: use custom memory functions [1]
 o OpenSSL: improvde error message on expired certificate [59]
 o openssl: remove three "Useless Assignments" [72]
 o openssl: stop using SSL_CTX_ function prefix for our functions [20]
 o os400: Fix IBMi builds [33]
 o os400: Fix IBMi EBCDIC conversion of arguments [34]
 o pytest: add test for use of CURLMOPT_MAX_HOST_CONNECTIONS [60]
 o rtsp: check EOS in the RTSP receive and return an error code [49]
 o schannel: remove TLS 1.3 ciphersuite-list support [54]
 o setopt: fix CURLOPT_HTTP_CONTENT_DECODING [15]
 o setopt: fix missing options for builds without HTTP & MQTT [10]
 o show-headers.md: clarify the headers are saved with the data [58]
 o socket: handle binding to "host!<ip>" [16]
 o socketpair: fix enabling `USE_EVENTFD` [30]
 o strtok: use namespaced `strtok_r` macro instead of redefining it [29]
 o tests: add the ending time stamp in testcurl.pl
 o tests: re-enable 2086, and 472, 1299, 1613 for Windows [38]
 o TODO: consider OCSP stapling by default [11]
 o tool_formparse: remove use of sscanf() [68]
 o tool_getparam: parse --localport without using sscanf [67]
 o tool_getpass: fix UWP `-Wnull-dereference` [46]
 o tool_getpass: replace `getch()` call with `_getch()` on Windows [42]
 o tool_urlglob: parse character globbing range without sscanf [69]
 o vtls: fix compile warning when ALPN is not available [12]

Log message:
*: recursive bump for icu 76 shlib major version bump

Log message:
curl: do not add gssapi and ldap to Requires.private:

curl-8.11.0 started to add gssapi and ldap to Requires.private because they are
required for static linking.

However, both security/heimdal-gssapi and databases/openldap-client
builtin.mk-s do not provide any logic to generate fake .pc files in
case builtin does not provide any (like it is the case in NetBSD).

Revert that part like it was in curl<8.11.0 to avoid generating an unusable
libcurl.pc files on such platforms.

Add big FIXME comments because strictly speaking this is not correct
and we should instead provide logic to generate fake .pc in
heimdal-gssapi and openldap-client.

PKGREVISION++

Log message:
*curl*: update to 8.11.0

This release includes the following changes:

 o curl: --create-dirs works for --dump-header as well [4]
 o gtls: Add P12 format support [9]
 o ipfs: add options to disable [8]
 o TLS: TLSv1.3 earlydata support for curl [140]
 o WebSockets: make support official (non-experimental) [106]

This release includes the following bugfixes:

 o alt-svc: honor data->state.httpwant [19]
 o altsvc: avoid using local buffer and memcpy [124]
 o asyn-ares: remove typecast, fix expire [113]
 o autotools: add support for 'unity' builds, enable in CI [15]
 o bearssl: avoid strpcy() when generating TLS version log message [120]
 o bearssl: improved session handling, test exceptions [233]
 o bufq: unwrite fix [121]
 o build: add `ldap` to `libcurl.pc` `Requires:` [139]
 o build: add pytest targets [71]
 o build: clarify CA embed is for curl tool, mark default, improve summary [72]
 o build: detect and use `_setmode()` with Cygwin/MSYS, also use on Windows [136]
 o build: disable warning `-Wunreachable-code-break` [195]
 o build: fix clang-cl builds, add CI job [254]
 o build: fix cross-compile check for poll with bionic [70]
 o build: fix possible `-Wformat-overflow` in lib557 [85]
 o build: limit arc4random detection to no-SSL configs [43]
 o build: show if CA bundle to embed was found [83]
 o build: tidy up and improve versioned-symbols options [5]
 o build: tidy up deprecation suppression, enable warnings for clang [12]
 o certs: add missing `-CAcreateserial` option for LibreSSL [247]
 o checksrc: add check for spaces around logical AND operators [220]
 o checksrc: Added checks for colon operator in ternary expressions [77]
 o checksrc: check for spaces around '?', '>' and '<' [46]
 o ci: dump `curl_config.h` to log in all jobs [199]
 o CI: run with standard mod_http2 [214]
 o cmake, Makefile.mk: use -isystem for headers, silence BearSSL issues [37]
 o cmake/FindCares: fix version detection for c-ares 1.34.1 [209]
 o cmake/FindNGTCP2: use library path as hint for finding crypto module [40]
 o cmake: add missed variable to comment
 o cmake: add native `pkg-config` detection for mbedTLS, MSH3, Quiche, Rustls, \ 
wolfSSL [149]
 o cmake: allow building tests in unity mode [31]
 o cmake: apply `WIN32_LEAN_AND_MEAN` to all feature checks
 o cmake: avoid setting `BUILD_TESTING` [179]
 o cmake: clear package version after `pkg-config` detection [207]
 o cmake: delete unused NEED_LBER_H, HAVE_LDAP_H [38]
 o cmake: detect `HAVE_NETINET_IN6_H`, `HAVE_CLOSESOCKET_CAMEL`, \ 
`HAVE_PROTO_BSDSOCKET_H` [132]
 o cmake: detect GNU GSS [127]
 o cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled [44]
 o cmake: do not propagate unused `HAVE_GSSAPI_GSSAPI_KRB5_H` to C [131]
 o cmake: document `-D` and env build options [208]
 o cmake: drop obsolete items from `TODO` and `INSTALL-CMAKE` [228]
 o cmake: drop redundant assignments [49]
 o cmake: drop redundant zlib var, rename function (internals) [50]
 o cmake: expand CURL_USE_PKGCONFIG to non-cross MINGW [13]
 o cmake: fix broken dependency chain for cmdline-opts, tidy-ups [11]
 o cmake: fix compile warnings for clang-cl [218]
 o cmake: fix missing spacing in log message [205]
 o cmake: limit `CURL_STATIC_CRT` to MSVC [217]
 o cmake: make `test-ci` target skip building dependencies [88]
 o cmake: mark as advanced some internal Find* variables [212]
 o cmake: readd `generate-curl.1` dependency for `src` just in case [86]
 o cmake: rename LDAP dependency config variables to match Find modules [144]
 o cmake: replace `check_include_file_concat()` for LDAP and GSS detection [143]
 o cmake: replace `CURL_*_DIR` with `{PROJECT,CMAKE_CURRENT}_*_DIR` [211]
 o cmake: require quictls (or fork) when using msh3 on non-Windows [14]
 o cmake: separate target for examples, optimize CI, fix fallouts [16]
 o cmake: set version for `project()` and add CPack support [123]
 o cmake: stop adding dependency headers to global `CMAKE_REQUIRED_INCLUDES` [146]
 o cmake: sync torture test parallelism with autotools [35]
 o cmake: tidy up `CURL_DISABLE_FORM_API` initialization [225]
 o cmake: tidy up and shorten symbol hiding initialization [213]
 o cmake: tidy up line order
 o cmake: tidy up picky warning initialization [215]
 o cmake: tidy-ups and rebase fixups [191]
 o cmake: tweaks around debug mode and hidden symbols [194]
 o cmake: untangle feature detection interdependencies [198]
 o cmake: use `list(APPEND)` on `CURL_INCLUDES` [223]
 o cmake: use OpenSSL for LDAP detection only if available [102]
 o cmake: use the `BSD` variable [210]
 o config: rename the OS define to CURL_OS to reduce collision risk [256]
 o configure: add GSS to `libcurl.pc` `Depends:` [126]
 o configure: catch Apple in more target triplets [6]
 o configure: drop duplicate feature checks for `poll()`, `if_nametoindex()` [135]
 o configure: drop unused bare `socket.h` detection [133]
 o configure: improve help string for some options [78]
 o conncache: find bundle again in case it is removed [129]
 o conncache: more efficient implementation of cpool_remove_bundle [176]
 o cookie: overhaul and cleanup [142]
 o curl-rustls.m4: set linker flags to allow rustls build on macos [186]
 o curl.h: remove the struct pointer for CURL/CURLSH/CURLM typedefs [174]
 o curl: add build options for safe/no CA bundle search (Windows) [26]
 o curl: detect ECH support dynamically, not at build time [230]
 o curl_addrinfo: support operating systems with only getaddrinfo(3) [239]
 o curl_multi_perform.md: fix typo [224]
 o curl_trc: fix build with verbose messages disabled [79]
 o curl_url_set.md: document HOST handling when URL is parsed [2]
 o curl_ws_recv.md: the 'meta' pointer is only returned on success [221]
 o curl_ws_recv: return recv 0 and point meta to NULL on all errors [222]
 o CURLMOPT_PIPELINING.md: clarify that CURLPIPE_NOTHING is not default [54]
 o CURLOPT_APPEND.md: goes for SFTP as well [128]
 o CURLOPT_HEADERFUNCTION.md: do not modify the passed in buffer [107]
 o DISABLED: disable test 1060 with hyper [154]
 o DISTROS: avoid use of "very"
 o Dockerfile: update Docker digest to d830561 [226]
 o docs/cmdline-opts: GnuTLS supports PKCS#11 URI in --cert option [101]
 o docs: clarify FTP over HTTP proxy functionality somewhat [203]
 o docs: fix a typo in some cipher options
 o ech: spelling, whitespace, say `--ech` default config [137]
 o ftp: fix 0-length last write on upload from stdin [76]
 o ftp: move listen handling to socket filter [183]
 o GHA: optimize test prereq steps [188]
 o gnutls: use session cache for QUIC [196]
 o hsts: avoid the local buffer and memcpy on lookup [125]
 o hsts: improve subdomain handling [158]
 o hsts: support "implied LWS" properly around max-age [229]
 o http2: auto reset stream on server eos [147]
 o http_aws_sigv4: avoid local buffer and strcpy [92]
 o INSTALL-CMAKE.md: mention focus on shared libraries [73]
 o INSTALL-CMAKE: fix punctuation and a typo
 o INSTALL.md: fix a typo that slipped in to RISC OS
 o json.md: cli-option `--json` is an alias of `--data-binary` [89]
 o lib, src, tests: added space around ternary expressions [56]
 o lib/cw-out: initialize 'flush_all' directly [62]
 o lib/src: white space edits to comply better with code style [47]
 o lib: avoid assigning 'result' temporarily [97]
 o lib: fix disabled-verbose-strings + enable-debug build warnings
 o lib: fix unity builds with BearSSL, MSH3, Quiche, OmniOS [32]
 o lib: move curl_path.[ch] into vssh/ [182]
 o lib: msnprintf tidy-ups [245]
 o lib: remove Curl_ prefix from static functions [202]
 o lib: remove function pointer typecasts for hmac/sha256/md5 [175]
 o lib: use bool/TRUE/FALSE properly [48]
 o libcurl/opts: improve phrasing for connection cap related options [145]
 o libssh.c: handle EGAINS during proto-connect correctly [23]
 o libssh2: delete duplicate `break` [190]
 o libssh2: put the readdir buffers into struct [170]
 o libssh2: use the Curl_* memory functions to avoid memdebug [22]
 o libssh2: use the filename buffer when getting the homedir [169]
 o libtests: generate the lib1521 atomically [148]
 o mbedTLS: fix handling of TLSv1.3 sessions [184]
 o mbedtls: handle session as blobs [234]
 o mbedtls: remove failf() use from mbedtls_random [255]
 o mk-lib1521: fix the long return code check [204]
 o mprintf: do not ignore length modifiers of `%o`, `%x`, `%X` [164]
 o mprintf: treat `%o` as unsigned, add tests for `%o`, `%x`, `%X` [162]
 o mqtt: fix mqtt.md wording and add clearer explanation [172]
 o multi.c: make stronger check for paused transfer before asserting [24]
 o multi.c: warn/assert on stall only without timer [80]
 o multi: avoid reading whole struct pointer from pointer [10]
 o multi: convert Curl_follow to static multi_follow [141]
 o multi: make curl_multi_cleanup invalidate magic latter [159]
 o multi: make multi_handle_timeout use the connect timeout [98]
 o multi: split multi_runsingle into sub functions [200]
 o negotiate: conditional check around GSS & SSL specific code [1]
 o netrc: cache the netrc file in memory [138]
 o ngtcp2: do not loop on recv [251]
 o ngtcp2: set max window size to 10x of initial (128KB) [232]
 o openssl quic: populate x509 store before handshake [117]
 o openssl: convert a memcpy to dynbuf use [57]
 o openssl: extend the OpenSSL error messages [238]
 o openssl: improve retries on shutdown [151]
 o openssl: remove two strcpy() calls [64]
 o OS400: don't delete source files when building with debug [235]
 o packages/OS400/curlmain: remove the strncpy calls [155]
 o processhelp.pm: improve taskkill calls (Windows) [52]
 o pytest: fix run against multissl curl [236]
 o pytest: improve pytest_07_42a reliability [118]
 o pytest: include `buildinfo.txt` in the output [189]
 o pytest: include curl version string and python platform in log [242]
 o pytest: show curl features and protocols [150]
 o quic: use send/recvmmsg when available [93]
 o quic: use the session cache with wolfSSL as well [231]
 o request: on shutdown send, proceed normally on timeout [18]
 o runtests.md: suggest a value for -j for torture tests
 o runtests: add comment for handle64 pathsep requirement
 o runtests: drop unused code for old/classic-mingw support [87]
 o runtests: pass single backslashes with Windows Perl [243]
 o runtests: use deterministic sort for `TESTINFO` lines [201]
 o schannel: fix TLS cert verification by IP SAN [253]
 o schannel: ignore error on recv beyond close notify [167]
 o schannel: reclassify extra-verbose schannel_recv messages [153]
 o select: use poll() if existing, avoid poll() with no sockets [75]
 o sendf: add condition to max-filesize check [3]
 o server/mqttd: fix two memory leaks [178]
 o setopt: avoid superfluous length checks before strcmp() [105]
 o setopt: return error for bad input to CURLOPT_RTSP_REQUEST [240]
 o setopt_cptr: make overflow check only done when needed [241]
 o singleuse: make `git grep` faster, add Apple `nm` support [109]
 o smb: do not redefine `getpid` on Windows [187]
 o smb: replace use of strcpy() with snprintf() [122]
 o socks_gssapi: switch to dynbuf from buffer with strcpy [42]
 o source: avoid use of 'very' in comments
 o src/lib: remove redundant ternary operators [244]
 o src: guard for double declaration of `curl_ca_embed` in unity builds [166]
 o sws: fix unused static function with `TCP_NODELAY` undefined [134]
 o telnet: avoid two strcpy() by pointing to the strings instead [99]
 o test1035: convert host name back to utf8 as should be [63]
 o test1515: add tracing and more debug info [119]
 o test1540: add debug logging [58]
 o test190: replace %FTPTIME2 with a fixed value [34]
 o test1915: add tracing and connect timeout [114]
 o test1915: remove wrong comment
 o test2502: add libtest debug tracing [60]
 o test504: fix handling on pending connect [59]
 o testrun: explicitly set proper IP address for stunnel listen/connect [61]
 o tests/http: fix ubuntu GnuTLS CI failures [161]
 o tests/scorecard: allow remote server test [171]
 o tests/server/util.c: remove use of strncpy [156]
 o tests/valgrind.pm: fix warnings with no valgrind report to show [25]
 o tests/valgrind.supp: remove a travis suppression, add a Debian [116]
 o tests: add and use `%PERL` variable to refer to the Perl binary [82]
 o tests: add codeset-utf8 as a feature [66]
 o tests: add file: tests with existing files [45]
 o tests: allow pytests to run in out-of-tree builds [192]
 o tests: capture stdin to get the vsftpd version number [165]
 o tests: change Python code style to pass ruff checks
 o tests: check http/2 and http/3 server responsiveness [28]
 o tests: delete duplicate macro check [53]
 o tests: enable additional ruff Python lint options
 o tests: fix `%POSIX_PWD` on native Windows Perl [111]
 o tests: fix callback signatures to please UndefinedBehaviorSanitizer [173]
 o tests: Fix FILEFORMAT <file name=""> directive [206]
 o tests: fix keyword for test1411
 o tests: fix shell quoting on native Windows Perl [110]
 o tests: fix some Python typing issues
 o tests: fixup `checkcmd` `PATH` on non-unixy platforms [108]
 o tests: improve mqtt server handling [27]
 o tests: introduce %CLIENT6IP-NB [67]
 o tests: let openssl generate random cert serials [91]
 o tests: libtests and unit tests need explicit #include memdebug [7]
 o tests: make precheck for HTTP on 127.0.0.1 into a feature [68]
 o tests: Only log warnings or worse by default in smbserver [33]
 o tests: postcheck is now in verify [69]
 o tests: remove all valgrind disable instructions [21]
 o tests: remove debug requirement on 38 tests [100]
 o tests: remove the %FTPTIME3 variable [41]
 o tests: replace `%PWD` with `%FILE_PWD` for `file://` [84]
 o tests: replace `%PWD` with `%SSH_PWD` in SCP/SFTP tests [112]
 o tests: replace hard-coded `/dev/null` with variable [81]
 o tests: simplify `pathhelp.pm`, avoid using external tools [95]
 o tests: speed up builds with single-binary test bundles [29]
 o tests: testrunner fairness [39]
 o tests: testrunner reliability improvements [55]
 o tests: use '-4' where needed [17]
 o tests: use a set for several of the curl_props [249]
 o tftp: avoid two memcpy/strcpy [94]
 o tidy-up: rename CURL_WINDOWS_APP to CURL_WINDOWS_UWP [36]
 o tls: avoid abusing CURLE_SSL_ENGINE_INITFAILED [246]
 o tool: support --show-headers AND --remote-header-name [103]
 o tool_doswin: simplify; remove unused options and strncpy calls [65]
 o tool_getparam: drop unused time() call [177]
 o tool_getparam: replace two uses of strncpy(), ban strncpy [157]
 o tool_operate: make --skip-existing work for --parallel [180]
 o tool_operate: reuse the schannel backend check [130]
 o tool_xattr: create the user.creator xattr attribute [197]
 o unit1307: tidy up Apple OS detection [252]
 o unit1660: fix unreachable code warning in no-SSL builds [30]
 o url: connection reuse on h3 connections [20]
 o url: use same credentials on redirect [181]
 o urlapi: drop unused header [51]
 o urlapi: normalize the IPv6 address [115]
 o version: minor cleanups [152]
 o version: say quictls in MSH3 builds [219]
 o vquic: fix compiler warning with gcc + MUSL [168]
 o vquic: recv_mmsg, use fewer, but larger buffers [250]
 o vtls: convert Curl_pin_peer_pubkey to use dynbuf [74]
 o vtls: convert pubkey_pem_to_der to use dynbuf [90]
 o warnless: remove curlx_sktosi and curlx_sitosk [104]
 o winbuild/README: consolidate command prompt section [193]
 o winbuild/README: document how to clean a build [163]
 o winbuild: add initial wolfSSL support [227]
 o winbuild: drop `gen_resp_file.bat` [248]
 o wolfssl: convert malloc + memcpys to dynbuf for cipher string [96]
 o wolfSSL: fix handling of TLSv1.3 sessions [185]
 o wolfssl: no more use of the OpenSSL API [216]
 o wolfssl: use old version API without openssl extra [160]

Log message:
*: revbump for icu downgrade