summaryrefslogtreecommitdiff
path: root/www
AgeCommit message (Collapse)AuthorFilesLines
2007-07-14Remove ap-iasp and iasp.kristerw1-3/+1
2007-07-14DIST_SUBDIR=. break PKG_RESUME_TRANSFERS, sufficient just define as empty.obache2-7/+7
Fixes PR 35494.
2007-07-13update to 2.18.3drochner2-7/+6
changes: fix localisation issues
2007-07-13update to 2.18.3drochner3-8/+16
changes: -name UA sent firefox compatible -minor UI fixes -bugfixes -translation updates
2007-07-12Remove www/ap-iasp and www/iasp, which are no longer available orjlam15-1625/+0
distributed.
2007-07-09Add a missing directory to INSTALLATION_DIRS.minskim1-2/+2
Suggested by Ondrej Tuma in PR 36369.
2007-07-07The package supports installation to DESTDIR.heinz1-1/+4
No compiler needed.
2007-07-04Make it easier to build and install packages "unprivileged", wherejlam19-36/+64
the owner of all installed files is a non-root user. This change affects most packages that require special users or groups by making them use the specified unprivileged user and group instead. (1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to unprivileged.mk. These two variables are lists of other bmake variables that define package-specific users and groups. Packages that have user-settable variables for users and groups, e.g. apache and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP}, etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER} and ${UNPRIVILEGED_GROUP}. (2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
2007-07-03Update to 7.16.3:wiz2-6/+6
Version 7.16.3 (25 June 2007) Daniel S (23 June 2007) - As reported by "Tro" in http://curl.haxx.se/mail/lib-2007-06/0161.html and http://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do no-body requests on FTP files on re-used connections properly, or at least it didn't provide the info back in the header callback properly in the subsequent requests. Daniel S (21 June 2007) - Gerrit Bruchhäuser pointed out a warning that the Intel(R) Thread Checker tool reports and it was indeed a legitimate one and it is one fixed. It was a use of a share without doing the proper locking first. Daniel S (20 June 2007) - Adam Piggott filed bug report #1740263 (http://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when getting a large amount of URLs with curl, they were fetched slower and slower... which turned out to be because the --libcurl data collecting which wrongly always was enabled, but no longer is... Daniel S (18 June 2007) - Robson Braga Araujo filed bug report #1739100 (http://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl could not actually list the contents of the root directory of a given FTP server if the login directory isn't root. I fixed the problem and added three test cases (one is disabled for now since I identified KNOWN_BUGS #44, we cannot use --ftp-method nocwd and list ftp directories). Daniel S (14 June 2007) - Shmulik Regev: I've encountered (and hopefully fixed) a problem involving proxy CONNECT requests and easy handles state management. The problem isn't simple to reproduce since it depends on socket state. It only manifests itself when working with non-blocking sockets. Here is the scenario: 1. in multi_runsingle the easy handle is in the CURLM_STATE_WAITCONNECT and calls Curl_protocol_connect 2. in Curl_proxyCONNECT, line 1247, if the socket isn't ready the function returns and conn->bits.tunnel_connecting is TRUE 3. when the call to Curl_protocol_connect returns the protocol_connect flag is false and the easy state is changed to CURLM_STATE_PROTOCONNECT which isn't correct if a proxy is used. Rather CURLM_STATE_WAITPROXYCONNECT should be used. I discovered this while performing an HTTPS request through a proxy (squid) on my local network. The problem caused openssl to fail as it read the proxy response to the CONNECT call ('HTTP/1.0 Established') rather than the SSL handshake (the exact openssl error was 'wrong ssl version' but this isn't very important) - Dave Vasilevsky filed bug report #1736875 (http://curl.haxx.se/bug/view.cgi?id=1736875) almost simultanouesly as Dan Fandrich mentioned a related build problem on the libcurl mailing list: http://curl.haxx.se/mail/lib-2007-06/0131.html. Both problems had the same reason: the definitions of the POLL* defines and the pollfd struct in the libcurl code was depending on HAVE_POLL instead of HAVE_SYS_POLL_H. Daniel S (13 June 2007) - Tom Regner provided a patch and worked together with James Housley, so now CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP ones. - Rich Rauenzahn filed bug report #1733119 (http://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the fix. The problem is that for 64bit HPUX builds, several socket-related functions would still assume int (32 bit) arguments and not socklen_t (64 bit) ones. Daniel S (12 June 2007) - James Housley brought his revamped SSH code that is state-machine driven to really take advantage of the now totally non-blocking libssh2 (in CVS). Dan F (8 June 2007) - Incorporated Daniel Black's test706 and test707 SOCKS test cases. - Fixed a few problems when starting the SOCKS server. - Reverted some recent changes to runtests.pl that weren't compatible with perl 5.0. - Fixed the test harness so that it actually kills the ssh being used as the SOCKS server. Daniel S (6 June 2007) - -s/--silent can now be used to toggle off the silence again if used a second time. Daniel S (5 June 2007) - Added Daniel Black's work that adds the first few SOCKS test cases. I also fixed two minor SOCKS problems to make the test cases run fine. Daniel S (31 May 2007) - Feng Tu made (lib)curl support "upload" resuming work for file:// URLs. Daniel S (30 May 2007) - I modified the 10-at-a-time.c example to transfer 500 downloads in parallel with a c-ares enabled build only to find that it crashed miserably, and this was due to some select()isms left in the code. This was due to API restrictions in c-ares 1.3.x, but with the upcoming c-ares 1.4.0 this is no longer the case so now libcurl runs much better with c-ares and the multi interface with > 1024 file descriptors in use. Extra note: starting now we require c-ares 1.4.0 for asynchronous name resolves. - Added CURLMOPT_MAXCONNECTS which is a curl_multi_setopt() option for setting the maximum size of the connection cache maximum size of the multi handle. Daniel S (27 May 2007) - When working with a problem Stefan Becker had, I found an off-by-one buffer overwrite in Curl_select(). While fixing it, I also improved its performance somewhat by changing calloc to malloc and breaking out of a loop earlier (when possible). Daniel S (25 May 2007) - Rob Crittenden fixed bug #1705802 (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel Black identifying several FTP-SSL test cases fail when we build libcurl with NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS. Daniel S (24 May 2007) - Song Ma filed bug report #1724016 (http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading glob-ranges for TFTP was broken in CVS. Fixed now. - 'mytx' in bug report #1723194 (http://curl.haxx.se/bug/view.cgi?id=1723194) pointed out that the warnf() function in the curl tool didn't properly deal with the cases when excessively long words were used in the string to chop up. Daniel S (22 May 2007) - Andre Guibert de Bruet fixed a memory leak in the function that verifies the peer's name in the SSL certificate when built for OpenSSL. The leak happens for libcurls with CURL_DOES_CONVERSIONS enabled that fail to convert the CN name from UTF8. He also fixed a leak when PKCS #12 parsing failed. Daniel S (18 May 2007) - Feng Tu reported that curl -w did wrong on TFTP transfers in bug report #1715394 (http://curl.haxx.se/bug/view.cgi?id=1715394), and the transfer-related info "variables" were indeed overwritten with zeroes wrongly and have now been adjusted. The upload size still isn't accurate. Daniel S (17 May 2007) - Feng Tu pointed out a division by zero error in the TFTP connect timeout code for timeouts less than five seconds, and also provided a fix for it. Bug report #1715392 (http://curl.haxx.se/bug/view.cgi?id=1715392) Dan F (16 May 2007) - Added support for compiling under Minix 3.1.3 using ACK. Dan F (14 May 2007) - Added SFTP directory listing test case 613. - Added support for quote commands before a transfer using SFTP and test case 614. - Changed the post-quote commands to occur after the transferred file is closed. - Allow SFTP quote commands chmod, chown, chgrp to set a value of 0. Dan F (9 May 2007) - Kristian Gunstone fixed a problem where overwriting an uploaded file with sftp didn't truncate it first, which would corrupt the file if the new file was shorter than the old. Dan F (8 May 2007) - Added FTPS test cases 406 and 407 Daniel S (8 May 2007) - CURLE_FTP_COULDNT_STOR_FILE is now known as CURLE_UPLOAD_FAILED. This is because I just made SCP uploads return this value if the file size of the upload file isn't given with CURLOPT_INFILESIZE*. Docs updated to reflect this news, and a define for the old name was added to the public header file. Daniel S (7 May 2007) - James Bursa fixed a bug in the multi handle code that made the connection cache grow a bit too much, beyond the normal 4 * easy_handles. Daniel S (2 May 2007) - Anders Gustafsson remarked that requiring CURLOPT_HTTP_VERSION set to 1.0 when CURLOPT_HTTP200ALIASES is used to avoid the problem mentioned below is not very nice if the client wants to be able to use _either_ a HTTP 1.1 server or one within the aliases list... so starting now, libcurl will simply consider 200-alias matches the to be HTTP 1.0 compliant. - Tobias Rundström reported a problem they experienced with xmms2 and recent libcurls, which turned out to be the 25-nov-2006 change which treats HTTP responses without Content-Length or chunked encoding as without bodies. We now added the conditional that the above mentioned response is only without body if the response is HTTP 1.1. - Jeff Pohlmeyer improved the hiperfifo.c example to use the CURLMOPT_TIMERFUNCTION callback option. - Set the timeout for easy handles to expire really soon after addition or when CURLM_CALL_MULTI_PERFORM is returned from curl_multi_socket*/perform, to make applications using only curl_multi_socket() to properly function when adding easy handles "on the fly". Bug report and test app provided by Michael Wallner. Dan F (30 April 2007) - Improved the test harness to allow running test servers on other than the default port numbers, allowing more than one test suite to run simultaneously on the same host. Daniel S (28 April 2007) - Peter O'Gorman fixed libcurl to not init GnuTLS as early as we did before, since it then inits libgcrypt and libgcrypt is being evil and EXITS the application if it fails to get a fine random seed. That's really not a nice thing to do by a library. - Frank Hempel fixed a curl_easy_duphandle() crash on a handle that had been removed from a multi handle, and then fixed another flaw that prevented curl_easy_duphandle() to work even after the first fix - the handle was still marked as using the multi interface. Daniel S (26 April 2007) - Peter O'Gorman found a problem with SCP downloads when the downloaded file was 16385 bytes (16K+1) and it turned out we didn't properly always "suck out" all data from libssh2. The effect being that libcurl would hang on the socket waiting for data when libssh2 had in fact already read it all... Dan F (25 April 2007) - Added support in runtests.pl for "!n" test numbers to disable individual tests. Changed -t to only keep log files around when -k is specified, to have the same behaviour as without -t. Daniel S (25 April 2007) - Sonia Subramanian brought our attention to a problem that happens if you set the CURLOPT_RESUME_FROM or CURLOPT_RANGE options and an existing connection in the connection cache is closed to make room for the new one when you call curl_easy_perform(). It would then wrongly free range-related data in the connection close funtion. Yang Tse (25 April 2007) - Steve Little fixed compilation on VMS 64-bit mode Daniel S (24 April 2007) - Robert Iakobashvili made the 'master_buffer' get allocated first once it is can/will be used as it then makes the common cases save 16KB of data for each easy handle that isn't used for pipelining. Dan F (23 April 2007) - Added <postcheck> support to the test harness. - Added tests 610-612 to test more SFTP post-quote commands. Daniel S (22 April 2007) - Song Ma's warning if -r/--range is given with a "bad" range, also noted in the man page now. - Daniel Black filed bug #1705177 (http://curl.haxx.se/bug/view.cgi?id=1705177) where --without-ssl --with-gnutl outputs a warning about SSL not being enabled even though GnuTLS was found and used. Daniel S (21 April 2007) - Daniel Black filed bug #1704675 (http://curl.haxx.se/bug/view.cgi?id=1704675) identifying a double-free problem in the SSL-dealing layer, telling GnuTLS to free NULL credentials on closedown after a failure and a bad #ifdef for NSS when closing down SSL. Yang Tse (20 April 2007) - Save one call to curlx_tvnow(), which calls gettimeofday(), in each of Curl_socket_ready(), Curl_poll() and Curl_select() when these are called with a zero timeout or a timeout value indicating a blocking call should be performed. Daniel S (18 April 2007) - James Housley made SFTP uploads use libssh2's non-blocking API - Prevent the internal progress meter from updating more frequently than once per second. Dan F (17 April 2007) - Added test cases 296, 297 and 298 to test --ftp-method handling Daniel S (16 April 2007) - Robert Iakobashvil added curl_multi_socket_action() to libcurl, which is a function that deprecates the curl_multi_socket() function. Using the new function the application tell libcurl what action that was found in the socket that it passes in. This gives a significant performance boost as it allows libcurl to avoid a call to poll()/select() for every call to curl_multi_socket*(). I added a define in the public curl/multi.h header file that will make your existing application automatically use curl_multi_socket_action() instead of curl_multi_socket() when you recompile. But of course you'll get better performance if you adjust your code manually and actually pass in the correct action bitmask to this function. Daniel S (14 April 2007) - Jay Austin added "DH PARAMETERS" to the stunnel.pem certificate for the test suite to make stunnel run better in some (most?) environments. Dan F (13 April 2007) - Added test cases 294 and 295 to test --ftp-account handling - Improved handling of out of memory in ftp. Yang Tse (13 April 2007) - Fix test case 534 which started to fail 2007-04-13 due to the existance of a new host on the net with the same silly domain the test was using for a host which was supposed not to exist. Daniel S (12 April 2007) - Song Ma found a memory leak in the if2ip code if you pass in an interface name longer than the name field of the ifreq struct (typically 6 bytes), as then it wouldn't close the used dummy socket. Bug #1698974 (http://curl.haxx.se/bug/view.cgi?id=1698974)
2007-07-02Don't set FILESDIR, but specify the directory for the RC scriptjoerg1-3/+3
directly. This avoids a file without CVS ID in +BUILD_VERSION.
2007-07-01The package supports installation to DESTDIR.heinz1-1/+2
2007-07-01Update to version 1.30 by maintainer Dieter Roelants.heinz2-6/+6
Changes since version 1.24 ========================== 1.30 Thu May 24 21:31:10 CDT 2007 ======================================== [DOCUMENTATION] * Minor doc fixes. Thanks David Steinbrunner. 1.29_01 Tue May 22 14:02:55 CDT 2007 ======================================== Kevin Falcone and I ask for your assistance in figuring out how to handle the warnings thrown by the tests, other than hiding them. [FIXES] * Overhauled how tainting was done. Stole code directly from Test::Taint. * Have LWP only handle decoding of Content-Encoding, not charset. [DOCUMENTATION] * Fixed the docs for $mech->submit_form()'s with_fields arg. Thanks, Peteris Krumins. 1.26 Wed May 16 14:21:29 CDT 2007 ======================================== [FIXES] * Re-reversed the content decoding. This is critical for reading from sites with gzip on the fly, like Wikipedia. * Content is now properly tainted. [ENHANCEMENTS] * mech-dump can now pass --agent and --agent-alias flags so you can fetch from sites like Wikipedia that block LWP user agents. [INSTALLATION] * The mech-dump program is now always installed. It no longer is presented as an option.
2007-06-30Disable Apache 2.2 support until the APR detection and linkage is fixed.joerg1-2/+2
2007-06-30Change naming of Apache 2.2 modules to use ap22 prefix.joerg17-39/+40
Allow apache22 in some more case and add a hack to devel/subversion to determine the module by the state of the apache22 option. This comes from www/ap2-subversion and should be fixed to properly use build options or so. OK agc@
2007-06-30Use versioned prefix and fix build with Apache 2.joerg4-10/+61
2007-06-30Do *not* accept apache22.joerg1-2/+2
2007-06-30Fix an issue that bothered me ever since I started working on thejoerg1-3/+2
bulk build code. emacs-w3m uses EMACS_FLAVOR and EMACS_VERSION_MAJOR to conditionally add a build time dependency on Mule-UCS. The latter variable is not set when no emacs package is installed though and therefore a dependency got added between scan phase and build phase, possibly resulting in multiple builds of Mule-UCS in older (non-pbulk) bulk builds. Fix this by switching to EMACS_TYPE for the logic.
2007-06-30Reorder to put more specific dependency first.joerg1-3/+2
2007-06-29If APR_XtOffsetOf is not defined, fallback to APR_OFFSETOF.joerg2-9/+28
The compat macro was removed with APR 1.x. Also include unistd.h if crypt.h does not exist, that's the place in DragonFly.
2007-06-29Fix pthread linkage for aprutil-0 link test and pthread_setspecific.joerg2-1/+41
2007-06-28Fixes for security issues and PKGREVISION bump;lkundrak4-3/+136
CVE-2006-5752 XSS in mod_status with ExtendedStatus on CVE-2007-1863 remote crash when mod_cache enabled
2007-06-28Description for one patch referred to incorrect issue, the other patchlkundrak3-8/+8
lacked ending semicolons.
2007-06-28Fixes for security issues, PKGREVISION bump.lkundrak10-7/+266
CVE-2007-3304 Denial of Service. CVE-2006-5752 XSS in mod_status with ExtendedStatus on. CVE-2007-1863 remote crash when mod_cache enabled.
2007-06-28Add some descriptions to security patches.lkundrak3-5/+9
2007-06-28Fixing two possible security vulnerabilities:lkundrak4-3/+93
CVE-2006-5752 XSS in mod_status with ExtendedStatus on CVE-2007-3304 Remote DoS if MPM and mod_cache enabled bumping PKGREVISION
2007-06-25fix PLIST and WRKSRC for the sparc versiondmcmahill2-9/+15
2007-06-21Move elinks's own special locale, locale.alias, and charset.aliasjlam5-41/+127
files into its own directory under ${PREFIX}/share/elinks/locale. This avoids any potential conflicts between these specially hacked files installed for elinks and the system-wide ones owned by gettext-lib and libiconv. This fixes the installation conflict noted in the latest bulk build. Bump PKGREVISION to 1.
2007-06-19Override config.{guess,sub}.joerg1-1/+6
2007-06-18Fix the broken test for when to enable Xft. Addresses the remainder ofdmcmahill2-5/+4
PR/31481.
2007-06-17Reorder slightly so that the more restrictive dependency fromjoerg1-2/+2
apache.mk comes first.
2007-06-17Fix thinko in Xft handling to unbreak gtk1 version.joerg1-3/+3
2007-06-17Don't or X11_TYPE and MOZILLA_USE_XFT, but the exists() condition.joerg1-2/+2
2007-06-16Use a package option to control the --enable-single-profile option fordmcmahill3-5/+11
mozilla browsers. This is now useful again to those of use who require multiple profiles.
2007-06-15Fix my own commit to include a missing backslash.joerg1-2/+2
2007-06-15update to 1.2.16bdrochner3-9/+11
changes: -fixes and optimizations to reduce CPU usage -translation updates -Increased security: disallowing clicking on file:// links -other fixes
2007-06-15Fix Xft for !native case.joerg1-2/+3
2007-06-15Fix Xinerama for !native case.joerg1-3/+5
2007-06-15Activate Xinerama for non-native case.joerg1-3/+3
2007-06-15Assume that libXft provides Xft support for non-native X11.joerg1-2/+2
2007-06-14MAKE_JOBS_SAFE=no, reported in PR 36441.obache1-1/+3
2007-06-12Precreate directory.joerg1-1/+3
2007-06-11Activated p5-LWPx-ParanoidAgent.heinz1-1/+2
2007-06-11Initial import of p5-LWPx-ParanoidAgent 1.03.heinz4-0/+37
The Perl module LWPx::ParanoidAgent is a subclass of LWP::UserAgent, but paranoid against attackers. It's to be used when you're fetching a remote resource on behalf of a possibly malicious user. This class can do whatever LWP::UserAgent can (callbacks, uploads from files, etc), except proxy support is explicitly removed, because in that case you should do your paranoia at your proxy. Only "http:" and "https:" URL schemes are supported.
2007-06-11The package supports installation to DESTDIR.heinz1-9/+16
2007-06-11Add erubis.minskim1-1/+2
2007-06-11Correct a package name (hi abs!).minskim1-2/+2
2007-06-11Import Erubis.minskim4-0/+50
Erubis is a fast, secure, and very extensible implementation of eRuby.
2007-06-10+p5-HTML-Template-Stash-EscapeHTMLabs1-1/+2
2007-06-10Added p5-Template-Stash-EscapeHTML version 0.01abs4-0/+25
This module is a sub class of Template::Stash, automatically escape all HTML strings and avoid XSS vulnerability.
2007-06-10Reorder Apache depedency to get the most specific one first.joerg1-4/+3