| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changes since 2.001:
url_decode now interprets "+"s correctly, as encoded spaces.
url_encode ensures that all hex-encodings are padded correctly, to 2 digits (so
"%09" for a tab, not "%9"). The fake-encoding done on standard input when
testing at the command-line has been fixed equivalently.
url_encode also converts spaces to "+"s and emits hex characters in upper-case,
since this what web-browsers seem to do. Encoding is now performed on all but
known-safe characters, rather listing all the characters believed to be in need
of encoding.
The internal method _decode_url_encoded_data now uses url_decode, rather than
duplicating its content.
|
|
* A new very extended manual
* Better GNOME and KDE integration
* Much improved bookmarks
* Many performacne improvements
* New and improved highlighting pattern
* Better encoding detection
* Many minor bug-fixes
|
|
|
|
as suggested by Georg Schwarz in PR pkg/27203.
|
|
o 2005-01-17 04:29 (Minor Secuity issue) Sanity check usernames in squid_ldap_auth
o 2005-01-17 02:52 (Minor) FQDN names truncated on compressed DNS responses
o 2005-01-17 02:52 (Minor) Internal DNS memory leak on malformed responses
Bump package revision; squid-2.5.7nb7.
|
|
Bump PKGREVISION.
|
|
|
|
|
|
The crawl utility starts a depth-first traversal of the web at the specified
URLs. It stores all JPEG images that match the configured constraints.
Crawl is fairly fast and allows for graceful termination. After terminating
crawl, it is possible to restart it at exactly the same spot where it was
terminated. Crawl keeps a persistent database that allows multiple crawls
without revisiting sites.
The main features of crawl are:
* Saves encountered images or other media types
* Media selection based on regular expressions and size contraints
* Resume previous crawl after graceful termination
* Persistent database of visited URLs
* Very small and efficient code
* Asynchronous DNS lookups
* Supports robots.txt
|
|
* A new User interface based on wxWidgets
* Amaya provides now a panel of tools on the left which can be hidden or shown
* All Amaya versions use now F2 key. A message is displayed when the Esc key is used
* Default GTK fonts are now expressed in point sizes
* WX version: when a 2nd Amaya instance is launched, the argument of the 2nd
instance is sent to the first instance and the 2nd one stops
|
|
Changes:
New features/improvements:
- Added the geoip_isp_maxmind and geoip_org_maxmind plugin.
- Details firefox versions.
Fixes:
- The geoip_city_maxmind plugin was sometimes bind and towns with
space in names are reported correctly.
- Removed an unknown security hole.
- Removed an other unknown security hole (found by iDEFENSE).
- Restart of apache works correctly on debian.
Other/Documentation:
- Updated documentation
- Updated language files
|
|
changes:
-documentation improvements
-resize terminals when running ELinks in an X window
-bugfixes
|
|
|
|
|
|
- Fix bug with pear-Log DEPENDS statement
|
|
framework written in PHP. It provides an extensive array of classes that are
targeted at the common problems and tasks involved in developing modern web
applications.
This is the 3.x branch of the framework.
|
|
Now squid's user and group are handled by bsd.pkg.install.mk properly.
Thanks much to Volker Wiegand at t-online dot de noted this problem
by private mail.
Bump PKGREVISION.
|
|
bump PKGREVISION
|
|
|
|
Instiki is a wiki clone with a strong focus on simplicity of
installation and running. Instiki lowers the barriers of interest for
when you might consider using a wiki. It is so simple to get running
that you'll find yourself using it for anything -- taking notes,
brainstorming, organizing a gathering, etc.
|
|
It includes the correct buildlink3.mk file from either Linux-PAM
(security/PAM) or OpenPAM (security/openpam) and eventually will
support solaris-pam. pam.buildlink3.mk will:
* set PAMBASE to the base directory of the PAM files;
* set PAM_TYPE to the PAM implementation used.
There are two variables that can be used to tweak the selection of
the PAM implementation:
PAM_DEFAULT is a user-settable variable whose value is the default
PAM implementation to use.
PAM_ACCEPTED is a package-settable list of PAM implementations
that may be used by the package.
Modify most packages that include PAM/buildlink3.mk to include
pam.buildlink3.mk instead.
|
|
o 2005-01-12 17:21 (Security issue) Denial of service with forged WCCP messages
o 2005-01-12 17:19 (Security issue) buffer overflow bug in gopherToHTML()
o 2005-01-08 03:13 (Medium) fakeauth_auth memory leak and NULL pointer access
Bump package revision.
|
|
Bump PKGREVISION due to the tcl dependency change.
|
|
include db2 since this package requires exactly databases/db and nothing
else will do. Also remove USE_DB185 setting this htdig doesn't use the
db-1.85 interface.
* Honor ${VARBASE} in locating the htdig database directory.
* Use ${LOCALBASE}/bin/acroread as the path the the PDF reader instead of
/usr/local/bin/acroread.
* Add missing dependency on zlib. This package was just picking up and
using the system zlib before.
Bump the PKGREVISION to 1.
|
|
|
|
|
|
http://secunia.com/advisories/13760/
|
|
|
|
build under NetBSD 1.6.2/i386 as shown in latest kristerw@'s bulk build.
|
|
|
|
This module is a namespace placeholder for a future high level perl-oriented
interface to libcurl. Currently, you need to use the direct libcurl 'easy'
interface, by using the 'WWW::Curl::easy' module.
The perl module WWW::Curl::easy provides an interface to the cURL library
"libcurl".
See http://curl.haxx.se/ for more information on cURL and libcurl.
|
|
Drop apparently unneeded dependency on databases/p5-MLDBM.
Dependency on www/p5-libapreq is only required if HTML-Mason is
intended to be used with mod_perl and apache: add 'modperl' as a
bsd.options.mk framework option and include dependency on www/p5-libapreq
as needed. Also support apache13 or apache2.
The 'modperl' option is the default.
XXX ap2-perl install Apache::Filter perl module version 0.01 and
this module wants at least version 1.021. So I do not know if the
apache2/ap2-perl setup is really supported.
Bump PKGREVISION.
|
|
errors on NetBSD 1.6.
PKGREVISION++.
PR#28859 by Gilles Gravier.
|
|
|
|
|
|
Closes PR pkg/28854 by Alexander Becher.
|
|
XXX: Something weird is going on with mozilla include files (just look
at the CPPFLAGS modifications in this package). Maybe someone more
clueful (taya@ ?) could look at this?
|
|
- add $NetBSD$ to patch-ah
thanks to adrianp, wiz, kambe san.
|
|
- Many more ad pattern updates.
- Add a "-l logfile" option.
|
|
Changes
* Abort gestures when unmapping the window [#160228]
Updated translations
* Pablo Saratxaga (wa)
|
|
Changes
* Use stock icon for "Open In New Tab" in History Window and
Bookmarks Editor
* Don't offer to resume if there are open windows [#160345]
* Deactivate the context menu on window close [#156812]
* Fix build in !MOZILLA_HAVE_PSM case
* Make the extensions modules resident [#160945]
* Disable Print and Print Preview while still loading the page
[#116344]
* Correct language code for Afrikaans
* Adapt to changed mozilla APIs
* Wrap the label in the Confirm Overwrite dialogue [#161771]
Translation updates
* Ercin Eker (tr)
|
|
|
|
|
|
|
|
Version 7.12.3 (20 December 2004)
Daniel (19 December 2004)
- I investigated our PKCS12 build problem on Solaris 2.7 with OpenSSL 0.9.7e,
and it turned out to be the fault of the zlib 1.1.4 headers doing a typedef
named 'free_func' and the OpenSSL headers have a prototype that uses
'free_func' in one of its arguments. This is why the compile errors out.
In other words, we need to include the openssl/pkcs12.h header before the
zlib.h header and it builds fine. The configure script now checks for this
file and it then gets included early in lib/urldata.h.
Daniel (18 December 2004)
- Samuel Listopad added support for PKCS12 formatted certificates.
- Samuel Listopad fixed -E to support "C:/path" (with forward slash) as well.
Daniel (16 December 2004)
- Gisle found and fixed a problem in the directory re-use for FTP.
I added test case 215 and 216 to better verify the functionality.
- Dinar in bug report #1086121, found a file handle leak when a multipart
formpost (including a file upload part) was aborted before the whole file
was sent.
Daniel (15 December 2004)
- Tom Lee found out that globbing of strings with backslashes didn't work as
you'd expect. Backslashes are such a central part of windows file names that
forcing backslashes to have to be escaped with backslashes is a bit too
awkward to users. Starting now, you only need to escape globbing characters
such as the five letters: "[]{},". Added test case 214 to verify this.
Daniel (14 December 2004)
- Harshal Pradhan patched a HTTP persistent connection flaw: if the user name
and/or password were modified between two requests on a persistent
connection, the second request were still made with the first setup!
I added test case 519 to verify the fix.
Daniel (13 December 2004)
- Gisle added CURLINFO_SSL_ENGINES to curl_easy_getinfo() to allow an app
to list all available crypto ENGINES.
- Gisle fixed bug report #1083542, which pointed out a problem with resuming
large file (>4GB) file:// transfers on windows.
Daniel (11 December 2004)
- Made the test suite HTTP server (sws) capable of using IPv6, and then
extended the test environment to support that and also added three test
cases (240, 241, 242) that run tests using IPv6. Test 242 uses a URL that
didn't work before the 10 dec fix by Kai Sommerfeld.
- Made a failed file:// resume output an error message
- Corrected the CURLE_BAD_DOWNLOAD_RESUME error message in lib/strerror.c
- Dan Fandrich:
simplified and consolidated the SSL checks in configure and the usage of the
defines in lib/setup.h
provided a first libcurl.pc.in file for pkg-config (but the result is not
installed anywhere at this point)
extended the cross compile section in the docs/INSTALL file
Daniel (10 December 2004)
- When providing user name in the URL and a IPv6-style IP-address (like in
"ftp://user@[::1]/tmp"), the URL parser didn't get the host extracted
properly. Reported and fixed by Kai Sommerfeld.
Daniel (9 December 2004)
- Ton Voon provided a configure fix that should fix the notorious (mostly
reported on Solaris) problem where the size_t check fails due to the SSL
libs being found in a dir not searched through by the run-time linker.
patch-tracker entry #1081707.
- Bryan Henderson pointed out in bug report #1081788 that the curl-config
--vernum output wasn't zero prefixed properly (as claimed in documentation).
This is fixed in maketgz now.
Daniel (8 December 2004)
- Matt Veenstra updated the mach-O framework files for Mac OS X.
- Rene Bernhardt found and fixed a buffer overrun in the NTLM code, where
libcurl always and unconditionally overwrote a stack-based array with 3 zero
bytes. This is not an exploitable buffer overflow. No need to get alarmed.
Daniel (7 December 2004)
- Fixed so that the final error message is sent to the verbose info "stream"
even if no errorbuffer is set.
Daniel (6 December 2004)
- Dan Fandrich added the --disable-cookies option to configure to build
libcurl without cookie support. This is mainly useful if you want to build a
minimalistic libcurl with no cookies support at all. Like for embedded
systems or similar.
- Richard Atterer fixed libcurl's way of dealing with the EPSV
response. Previously, libcurl would re-resolve the host name with the new
port number and attempt to connect to that, while it should use the IP from
the control channel. This bug made it hard to EPSV from an FTP server with
multiple IP addresses!
Daniel (3 December 2004)
- Bug report #1078066: when a chunked transfer was pre-maturely closed exactly
at a chunk boundary it was not considered an error and thus went unnoticed.
Fixed by Maurice Barnum.
Added test case 207 to verify.
Daniel (2 December 2004)
- Fixed the CONNECT loop to default timeout to 3600 seconds.
Added test case 206 that makes CONNECT with Digest.
Fixed a flaw that prepended "(nil)" to the initial CONNECT rqeuest's user-
agent field.
Daniel (30 November 2004)
- Dan Fandrich's fix for libz 1.1 and "extra field" usage in a gzip stream
- Dan also helped me with input data to create three more test cases for the
--compressed option.
Daniel (29 November 2004)
- I improved the test suite to enable binary contents in the tests (by proving
it base64 encoded), like for testing decompress etc. Added test 220 and 221
for this purpose. Tests can now also depend on libz to run.
- As reported by Reinout van Schouwen in Mandrake's bug tracker bug 12285
(http://qa.mandrakesoft.com/show_bug.cgi?id=12285), when connecting to an
IPv6 host with FTP, --disable-epsv (or --disable-eprt) effectively disables
the ability to transfer a file. Now, when connected to an FTP server with
IPv6, these FTP commands can't be disabled even if asked to with the
available libcurl options.
Daniel (26 November 2004)
- As reported in Mandrake's bug tracker bug 12289
(http://qa.mandrakesoft.com/show_bug.cgi?id=12289), curl would print a
newline to "finish" the progress meter after each redirect and not only
after a completed transfer.
Daniel (25 November 2004)
- FTP improvements:
If EPSV, EPRT or LPRT is tried and doesn't work, it will not be retried on
the same server again even if a following request is made using a persistent
connection.
If a second request is made to a server, requesting a file from the same
directory as the previous request operated on, libcurl will no longer make
that long series of CWD commands just to end up on the same spot. Note that
this is only for *exactly* the same dir. There is still room for improvements
to optimize the CWD-sending when the dirs are only slightly different.
Added test 210, 211 and 212 to verify these changes. Had to improve the
test script too and added a new primitive to the test file format.
Daniel (24 November 2004)
- Andrés García fixed the configure script to detect select properly when run
with Msys/Mingw on Windows.
Daniel (22 November 2004)
- Made HTTP PUT and POST requests no longer use HEAD when doing multi-pass
auth negotiation (NTLM, Digest and Negotiate), but instead use the request
keyword "properly". Details in lib/README.httpauth. This also introduces
CURLOPT_IOCTLFUNCTION and CURLOPT_IOCTLDATA, to be used by apps that use the
"any" auth alternative as then libcurl may need to send the PUT/POST data
more than once and thus may need to ask the app to "rewind" the read data
stream to start.
See also the new example using this: docs/examples/anyauthput.c
- David Phillips enhanced test 518. I made it depend on a "feature" so that
systems without getrlimit() won't attempt to test 518. configure now checks
for getrlimit() and setrlimit() for this test case.
Daniel (18 November 2004)
- David Phillips fixed libcurl to not crash anymore when more than FD_SETSIZE
file descriptors are in use. Test case 518 added to verify.
Daniel (15 November 2004)
- To test my fix for the CURLINFO_REDIRECT_TIME bug, I added time_redirect and
num_redirects support to the -w writeout option for the command line tool.
- Wojciech Zwiefka found out that CURLINFO_REDIRECT_TIME didn't work as
documented.
Daniel (12 November 2004)
- Gisle Vanem modigied the MSVC and Netware makefiles to build without
libcurl.def
- Dan Fandrich added the --disable-crypto-auth option to configure to allow
libcurl to build without Digest support. (I figure it should also explicitly
disable Negotiate and NTLM.)
- *** Modified Behaviour Alert ***
Setting CURLOPT_POSTFIELDS to NULL will no longer do a GET.
Setting CURLOPT_POSTFIELDS to "" will send a zero byte POST and setting
CURLOPT_POSTFIELDS to NULL and CURLOPT_POSTFIELDSIZE to zero will also make
a zero byte POST. Added test case 515 to verify this.
Setting CURLOPT_HTTPPOST to NULL makes a zero byte post. Added test case 516
to verify this.
CURLOPT_POSTFIELDSIZE must now be set to -1 to signal "we don't know".
Setting it to zero simply says this is a zero byte POST.
When providing POST data with a read callback, setting the size up front
is now made with CURLOPT_POSTFIELDSIZE and not with CURLOPT_INFILESIZE.
Daniel (11 November 2004)
- Dan Fandrich added --disable-verbose to the configure script to allow builds
without verbose strings in the code, to save some 12KB space. Makes sense
only for systems with very little memory resources.
- Jeff Phillips found out that a date string with a year beyond 2038 could
crash the new date parser on systems with 32bit time_t. We now check for
this case and deal with it.
Daniel (10 November 2004)
- I installed Heimdal on my Debian box (using the debian package) and noticed
that configure --with-gssapi failed to create a nice build. Fixed now.
Daniel (9 November 2004)
- Gisle Vanem marked all external function calls with CURL_EXTERN so that now
the Windows, Netware and other builds no longer need libcurl.def or similar
files.
Daniel (8 November 2004)
- Made the configure script check for tld.h if libidn was detected, since
libidn 0.3.X didn't have such a header and we don't work with anything
before libidn 0.4.1 anyway! Suse 9.1 apparently ships with a 0.3.X version
of libidn which makes the curl 7.12.2 build fail. Jean-Philippe
Barrette-LaPierre helped pointing this out.
- Ian Gulliver reported in debian bug report #278691: if curl is invoked in an
environment where stderr is closed the -v output will still be sent to file
descriptor 2 which then might be the network socket handle! Now we have a
weird hack instead that attempts to make sure that file descriptor 2 is
opened (with a call to pipe()) before libcurl is called to do the transfer.
configure now checks for pipe() and systems without pipe don't get the weird
hack done.
Daniel (5 November 2004)
- Tim Sneddon made libcurl send no more than 64K in a single first chunk when
doing a huge POST on VMS, as this is a system limitation. Default on general
systems is 100K.
Daniel (4 November 2004)
- Andres Garcia made it build on mingw againa, my --retry code broke the build.
Daniel (2 November 2004)
- Added --retry-max-time that allows a maximum time that may not have been
reached for a retry to be made. If not set there is no maximum time, only
the amount of retries set with --retry.
- Paul Nolan provided a patch to make libcurl build nicely on Windows CE.
Daniel (1 November 2004)
- When cross-compiling, the configure script no longer attempts to use
pkg-config on the build host in order to detect OpenSSL compiler options.
Daniel (27 October 2004)
- Dan Fandrich:
An improvement to the gzip handling of libcurl. There were two problems with
the old version: it was possible for a malicious gzip file to cause libcurl
to leak memory, as a buffer was malloced to hold the header and never freed
if the header ended with no file contents. The second problem is that the
64 KiB decompression buffer was allocated on the stack, which caused
unexpectedly high stack usage and overflowed the stack on some systems
(someone complained about that in the mailing list about a year ago).
Both problems are fixed by this patch. The first one is fixed when a recent
(1.2) version of zlib is used, as it takes care of gzip header parsing
itself. A check for the version number is done at run-time and libcurl uses
that feature if it's present. I've created a define OLD_ZLIB_SUPPORT that
can be commented out to save some code space if libcurl is guaranteed to be
using a 1.2 version of zlib.
The second problem is solved by dynamically allocating the memory buffer
instead of storing it on the stack. The allocation/free is done for every
incoming packet, which is suboptimal, but should be dwarfed by the actual
decompression computation.
I've also factored out some common code between deflate and gzip to reduce
the code footprint somewhat. I've tested the gzip code on a few test files
and I tried deflate using the freshmeat.net server, and it all looks OK. I
didn't try running it with valgrind, however.
- Added a --retry option to curl that takes a numerical option for the number
of times the operation should be retried. It is retried if a transient error
is detected or if a timeout occurred. By default, it will first wait one
second between the retries and then double the delay time between each retry
until the delay time is ten minutes which then will be the delay time
between all forthcoming retries. You can set a static delay time with
"--retry-delay [num]" where [num] is the number of seconds to wait between
each retry.
Daniel (25 October 2004)
- Tomas Pospisek filed bug report #1053287 that proved -C - and --fail on a
file that was already completely downloaded caused an error, while it
doesn't if you don't use --fail! I added test case 194 to verify the fix.
Grrr. CURLOPT_FAILONERROR is now added to the list stuff to remove in
libcurl v8 due to all the kludges needed to support it.
- Mohun Biswas found out that formposting a zero-byte file didn't work very
good. I fixed.
Daniel (19 October 2004)
- Alexander Krasnostavsky made it possible to make FTP 3rd party transfers
with both source and destination being the same host. It can be useful if
you want to move a file on a server or similar.
- Guillaume Arluison added CURLINFO_NUM_CONNECTS to allow an app to figure
out how many new connects a previous transfer required.
I added %{num_connects} to the curl tool and added test case 192 and 193
to verify the new code.
Daniel (18 October 2004)
- Peter Wullinger pointed out that curl should call setlocale() properly to
initiate the specific language operations, to make the IDN stuff work
better.
|
|
Patch provided by HIRAMATSU Yoshifumi in PR pkg/27567.
|
|
- patch po/Makefile.in.in (instead of non-existent Makefile.in)
- pull in atk/buildlink3.mk so that atk.pc gets found
|
|
Bump PKGREVISION becuase this patch will change the binary package.
|
|
Bump PKGREVISION.
|
|
were changed their size.
|
