Update to 7.38.0:

 Changes:

    supports HTTP/2 draft-14
    CURLE_HTTP2 is a new error code
    CURLAUTH_NEGOTIATE is a new auth define
    CURL_VERSION_GSSAPI is a new capability bit
    no longer use fbopenssl for anything
    schannel: use CryptGenRandom for random numbers
    axtls: define curlssl_random using axTLS's PRNG
    cyassl: use RNG_GenerateBlock to generate a good random number
    findprotocol: show unsupported protocol within quotes
    version: detect and show LibreSSL
    version: detect and show BoringSSL
    imap/pop3/smtp: Kerberos (SASL GSSAPI) authentication via Windows SSPI
    http2: requires nghttp2 0.6.0 or later

Bugfixes:

    SECURITY ADVISORY: cookie leak with IP address as domain
    SECURITY ADVISORY: cookie leak for TLDs
    fix a build failure on Debian when NSS support is enabled
    HTTP/2: fixed compiler warnings when built disabled
    cyassl: return the correct error code on no CA cert
    http: Deprecate GSS-Negotiate macros due to bad naming
    http: Fixed Negotiate: authentication
    multi: Improve proxy CONNECT performance (regression)
    ntlm_wb: Avoid invoking ntlm_auth helper with empty username
    ntlm_wb: Fix hard-coded limit on NTLM auth packet size
    url.c: use the preferred symbol name: *READDATA
    smtp: fixed a segfault during test 1320 torture test
    cyassl: made it compile with version 2.0.6 again
    nss: do not check the version of NSS at run time
    c-ares: fix build without IPv6 support
    HTTP/2: use base64url encoding
    SSPI Negotiate: Fix 3 memory leaks
    libtest: fixed duplicated line in Makefile
    conncache: fix compiler warning
    openssl: make ossl_send return CURLE_OK better
    HTTP/2: Support expect: 100-continue
    HTTP/2: Fix infinite loop in readwrite_data()
    parsedate: fix the return code for an overflow edge condition
    darwinssl: don't use strtok()
    http_negotiate_sspi: Fixed specific username and password not working
    openssl: replace call to OPENSSL_config
    http2: show the received header for better debugging
    HTTP/2: Move :authority before non-pseudo header fields
    HTTP/2: Reset promised stream, not its associated stream
    HTTP/2: added some more logging for debugging stream problems
    ntlm: Added support for SSPI package info query
    ntlm: Fixed hard coded buffer for SSPI based auth packet generation
    sasl_sspi: Fixed memory leak with not releasing Package Info struct
    sasl_sspi: Fixed SPN not being converted to wchar under Unicode builds
    sasl: Use a dynamic buffer for DIGEST-MD5 SPN generation
    http_negotiate_sspi: Use a dynamic buffer for SPN generation
    sasl_sspi: Fixed missing free of challenge buffer on SPN failure
    sasl_sspi: Fixed hard coded buffer for response generation
    Curl_poll + Curl_wait_ms: fix timeout return value
    docs/SSLCERTS: update the section about NSS database
    create_conn: prune dead connections
    openssl: fix version report for the 0.9.8 branch
    mk-ca-bundle.pl: switched to using hg.mozilla.org
    http: fix the Content-Range: parser
    Curl_disconnect: don't free the URL
    win32: Fixed WinSock 2 #if
    NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth
    curl.1: clarify --limit-rate's effect on both directions
    disconnect: don't touch easy-related state on disconnects
    Cmake: big cleanup and numerous fixes
    HTTP/2: supports draft-14 - moved :headers before the non-psuedo headers
    HTTP/2: Reset promised stream, not its associated stream
    configure.ac: Add support for recent GSS-API implementations for HP-UX
    CONNECT: close proxy connections that fail
    CURLOPT_NOBODY.3: clarify this option is for downloads
    darwinssl: fix CA certificate checking using PEM format
    resolve: cache lookup for async resolvers
    low-speed-limit: avoid timeout flood
    polarssl: implement CURLOPT_SSLVERSION
    multi: convert CURLM_STATE_CONNECT_PEND handling to a list
    curl_multi_cleanup: remove superfluous NULL assigns
    polarssl: support CURLOPT_CAPATH / --capath
    progress: size_dl/size_ul are always >= 0, and clear "KNOWN" properly

3 files changed, 13 insertions, 35 deletions

diff --git a/www/curl/Makefile b/www/curl/Makefile
index eec60901ba7..06c86fac85b 100644
--- a/www/curl/Makefile
+++ b/www/curl/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.140 2014/07/22 11:38:26 wiz Exp $
+# $NetBSD: Makefile,v 1.141 2014/09/14 16:43:44 wiz Exp $
 
-DISTNAME=	curl-7.37.1
+DISTNAME=	curl-7.38.0
 CATEGORIES=	www
 MASTER_SITES=	http://curl.haxx.se/download/ \
 		ftp://ftp.sunet.se/pub/www/utilities/curl/
diff --git a/www/curl/distinfo b/www/curl/distinfo
index ac495bc4644..3d33f58b05e 100644
--- a/www/curl/distinfo
+++ b/www/curl/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.97 2014/07/22 11:38:26 wiz Exp $
+$NetBSD: distinfo,v 1.98 2014/09/14 16:43:44 wiz Exp $
 
-SHA1 (curl-7.37.1.tar.bz2) = 612081014c8393fa4747f28706d72542514a14aa
-RMD160 (curl-7.37.1.tar.bz2) = f5c9f72c9e87ae246df410921c01889ffd221b6d
-Size (curl-7.37.1.tar.bz2) = 3151531 bytes
-SHA1 (patch-aa) = f6a461da2fe2bbc33ce3fb3c961a088fc9f2f1b7
+SHA1 (curl-7.38.0.tar.bz2) = 59c027807fdb33ebf248cb3cc006e7cbe2d655ea
+RMD160 (curl-7.38.0.tar.bz2) = 3095b4132b9b75e8146c34dab207a4e91ba10431
+Size (curl-7.38.0.tar.bz2) = 3159331 bytes
+SHA1 (patch-aa) = 54c9f5b1a22743e2714883ae5a2b20366b839e7e
 SHA1 (patch-curl-config.in) = fd87c97b601a6b9269f67fbc066604ee7e22570e
 SHA1 (patch-lib_hostcheck.c) = 9faf94f44703c7d37377fd3af319ca5c27df34c2
diff --git a/www/curl/patches/patch-aa b/www/curl/patches/patch-aa
index fefc3369d90..7f2ef2b6922 100644
--- a/www/curl/patches/patch-aa
+++ b/www/curl/patches/patch-aa
@@ -1,11 +1,11 @@
-$NetBSD: patch-aa,v 1.27 2014/07/22 11:38:26 wiz Exp $
+$NetBSD: patch-aa,v 1.28 2014/09/14 16:43:44 wiz Exp $
 
 builtin krb5-config in platforms such as solaris do not support
 the gssapi option, and need an explicit -lgss
 
---- configure.orig	2014-07-14 18:50:03.000000000 +0000
+--- configure.orig	2014-09-04 20:42:23.000000000 +0000
 +++ configure
-@@ -3641,6 +3641,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar
+@@ -3640,6 +3640,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar
          ;;
      esac
    done
@@ -13,7 +13,7 @@ the gssapi option, and need an explicit -lgss
    if test $xc_bad_var_cflags = yes; then
      { $as_echo "$as_me:${as_lineno-$LINENO}: using CFLAGS: $CFLAGS" >&5
  $as_echo "$as_me: using CFLAGS: $CFLAGS" >&6;}
-@@ -16620,7 +16621,7 @@ squeeze() {
+@@ -16618,7 +16619,7 @@ squeeze() {
  
  
        #
@@ -22,7 +22,7 @@ the gssapi option, and need an explicit -lgss
      #
      if test "$compiler_id" = "GNU_C" ||
        test "$compiler_id" = "CLANG"; then
-@@ -21081,7 +21082,12 @@ $as_echo "yes" >&6; }
+@@ -21039,7 +21040,12 @@ $as_echo "yes" >&6; }
       if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
          GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
       elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
@@ -36,29 +36,7 @@ the gssapi option, and need an explicit -lgss
       elif test "$GSSAPI_ROOT" != "yes"; then
          GSSAPI_INCS="-I$GSSAPI_ROOT/include"
       fi
-@@ -21232,13 +21238,18 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
-                                  gss_libs=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --libs gssapi`
-            LIBS="$gss_libs $LIBS"
-         elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then
--                                 gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
-+		if $GSSAPI_ROOT/bin/krb5-config --libs gssapi 2>&1 | \
-+			grep "Unknown option" > /dev/null ; then
-+			gss_libs="`$GSSAPI_ROOT/bin/krb5-config --libs` -lgss"
-+		else
-+			gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
-+		fi
-            LIBS="$gss_libs $LIBS"
-         elif test "$GSSAPI_ROOT" != "yes"; then
-            LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
--           LIBS="-lgssapi $LIBS"
-+           LIBS="-lgssapi -lkrb5 $LIBS"
-         else
--           LIBS="-lgssapi $LIBS"
-+           LIBS="-lgssapi -lkrb5 $LIBS"
-         fi
-         ;;
-      esac
-@@ -21249,7 +21260,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
+@@ -21212,7 +21218,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
          LIBS="-lgss $LIBS"
          ;;
       *)