From cae5edd6b9ba4b4b36397519385e1c5f67ca6400 Mon Sep 17 00:00:00 2001 From: tron Date: Wed, 9 Sep 2015 20:28:44 +0000 Subject: Pullup ticket #4812 - requested by he www/curl: security update Revisions pulled up: - www/curl/Makefile 1.153-1.154 - www/curl/PLIST 1.52-1.53 - www/curl/distinfo 1.108-1.109 - www/curl/patches/patch-aa 1.33-1.34 - www/curl/patches/patch-curl-config.in 1.7 - www/curl/patches/patch-lib_hostcheck.c 1.4 - www/curl/patches/patch-lib_http2.c deleted --- Module Name: pkgsrc Committed By: spz Date: Sat Aug 8 02:44:16 UTC 2015 Modified Files: pkgsrc/www/curl: Makefile PLIST distinfo pkgsrc/www/curl/patches: patch-aa patch-curl-config.in patch-lib_hostcheck.c Added Files: pkgsrc/www/curl/patches: patch-lib_multi.c patch-lib_transfer.c Removed Files: pkgsrc/www/curl/patches: patch-lib_http2.c Log Message: reanimate curl-7.43.0 and add the upstream fix for http://curl.haxx.se/mail/lib-2015-06/0122.html found in https://github.com/bagder/curl/commit/903b6e05565bf826b4194447864288642214b094 --- Module Name: pkgsrc Committed By: wiz Date: Mon Aug 17 15:43:27 UTC 2015 Modified Files: pkgsrc/www/curl: Makefile PLIST distinfo pkgsrc/www/curl/patches: patch-aa Removed Files: pkgsrc/www/curl/patches: patch-lib_multi.c patch-lib_transfer.c Log Message: Update to 7.44.0: Curl and libcurl 7.44.0 Public curl releases: 148 Command line options: 176 curl_easy_setopt() options: 219 Public functions in libcurl: 58 Contributors: 1291 This release includes the following changes: o http2: added CURLMOPT_PUSHFUNCTION and CURLMOPT_PUSHDATA [6] o examples: added http2-serverpush.c [7] o http2: added curl_pushheader_byname() and curl_pushheader_bynum() o docs: added CODE_OF_CONDUCT.md [8] o curl: Add --ssl-no-revoke to disable certificate revocation checks [5] o libcurl: New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS [9] o makefile: Added support for VC14 o build: Added Visual Studio 2015 (VC14) project files o build: Added wolfSSL configurations to VC10+ project files [18] This release includes the following bugfixes: o FTP: fix HTTP CONNECT logic regression [1] o openssl: Fix build with openssl < ~ 0.9.8f o openssl: fix build with BoringSSL o curl_easy_setopt.3: option order doesn't matter o openssl: fix use of uninitialized buffer [2] o RTSP: removed dead code o Makefile.m32: add support for CURL_LDFLAG_EXTRAS o curl: always provide negotiate/kerberos options o cookie: Fix bug in export if any-domain cookie is present o curl_easy_setopt.3: mention CURLOPT_PIPEWAIT o INSTALL: Advise use of non-native SSL for Windows <= XP o tool_help: fix --tlsv1 help text to use >= for TLSv1 o HTTP: POSTFIELDSIZE set after added to multi handle [3] o SSL-PROBLEMS: mention WinSSL problems in WinXP o setup-vms.h: Symbol case fixups o SSL: Pinned public key hash support o libtest: call PR_Cleanup() on exit if NSPR is used o ntlm_wb: Fix theoretical memory leak o runtests: Allow for spaces in curl custom path o http2: add stream != NULL checks for reliability o schannel: Replace deprecated GetVersion with VerifyVersionInfo o http2: verify success of strchr() in http2_send() o configure: add --disable-rt option o openssl: work around MSVC warning o HTTP: ignore "Content-Encoding: compress" o configure: check if OpenSSL linking wants -ldl o build-openssl.bat: Show syntax if required args are missing o test1902: attempt to make the test more reliable o libcurl-thread.3: Consolidate thread safety info o maketgz: Fixed some VC makefiles missing from the release tarball o libcurl-multi.3: mention curl_multi_wait [10] o ABI doc: use secure URL o http: move HTTP/2 cleanup code off http_disconnect() [11] o libcurl-thread.3: Warn memory functions must be thread safe [12] o curl_global_init_mem.3: Warn threaded resolver needs thread safe funcs [13] o docs: formpost needs the full size at start of upload [14] o curl_gssapi: remove 'const' to fix compiler warnings o SSH: three state machine fixups [15] o libcurl.3: fix a single typo [16] o generate.bat: Only clean prerequisite files when in ALL mode o curl_slist_append.3: add error checking to the example o buildconf.bat: Added support for file clean-up via -clean o generate.bat: Use buildconf.bat for prerequisite file clean-up o NTLM: handle auth for only a single request [17] o curl_multi_remove_handle.3: fix formatting [19] o checksrc.bat: Fixed error when [directory] isn't a curl source directory o checksrc.bat: Fixed error when missing *.c and *.h files o CURLOPT_RESOLVE.3: Note removal support was added in 7.42 [20] o test46: update cookie expire time o SFTP: fix range request off-by-one in size check [21] o CMake: fix GSSAPI builds [22] o build: refer to fixed libidn versions [4] o http2: discard frames with no SessionHandle [23] o curl_easy_recv.3: fix formatting o libcurl-tutorial.3: fix formatting [24] o curl_formget.3: correct return code [25] --- www/curl/Makefile | 5 ++-- www/curl/PLIST | 8 +++++- www/curl/distinfo | 15 ++++++------ www/curl/patches/patch-aa | 45 +++++++++++++++++----------------- www/curl/patches/patch-curl-config.in | 4 +-- www/curl/patches/patch-lib_hostcheck.c | 6 ++--- www/curl/patches/patch-lib_http2.c | 18 -------------- 7 files changed, 44 insertions(+), 57 deletions(-) delete mode 100644 www/curl/patches/patch-lib_http2.c diff --git a/www/curl/Makefile b/www/curl/Makefile index 08c2dd1567e..b092cdcd1a0 100644 --- a/www/curl/Makefile +++ b/www/curl/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.150 2015/06/12 10:51:49 wiz Exp $ +# $NetBSD: Makefile,v 1.150.2.1 2015/09/09 20:28:44 tron Exp $ -DISTNAME= curl-7.42.1 -PKGREVISION= 2 +DISTNAME= curl-7.44.0 CATEGORIES= www MASTER_SITES= http://curl.haxx.se/download/ \ ftp://ftp.sunet.se/pub/www/utilities/curl/ diff --git a/www/curl/PLIST b/www/curl/PLIST index f4b389604b1..6263059bf9c 100644 --- a/www/curl/PLIST +++ b/www/curl/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.49 2015/05/03 10:11:55 wiz Exp $ +@comment $NetBSD: PLIST,v 1.49.2.1 2015/09/09 20:28:44 tron Exp $ bin/curl bin/curl-config include/curl/curl.h @@ -23,6 +23,8 @@ man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 man/man3/CURLMOPT_PIPELINING.3 man/man3/CURLMOPT_PIPELINING_SERVER_BL.3 man/man3/CURLMOPT_PIPELINING_SITE_BL.3 +man/man3/CURLMOPT_PUSHDATA.3 +man/man3/CURLMOPT_PUSHFUNCTION.3 man/man3/CURLMOPT_SOCKETDATA.3 man/man3/CURLMOPT_SOCKETFUNCTION.3 man/man3/CURLMOPT_TIMERDATA.3 @@ -140,6 +142,7 @@ man/man3/CURLOPT_OPENSOCKETFUNCTION.3 man/man3/CURLOPT_PASSWORD.3 man/man3/CURLOPT_PATH_AS_IS.3 man/man3/CURLOPT_PINNEDPUBLICKEY.3 +man/man3/CURLOPT_PIPEWAIT.3 man/man3/CURLOPT_PORT.3 man/man3/CURLOPT_POST.3 man/man3/CURLOPT_POSTFIELDS.3 @@ -160,6 +163,7 @@ man/man3/CURLOPT_PROXYPORT.3 man/man3/CURLOPT_PROXYTYPE.3 man/man3/CURLOPT_PROXYUSERNAME.3 man/man3/CURLOPT_PROXYUSERPWD.3 +man/man3/CURLOPT_PROXY_SERVICE_NAME.3 man/man3/CURLOPT_PROXY_TRANSFER_MODE.3 man/man3/CURLOPT_PUT.3 man/man3/CURLOPT_QUOTE.3 @@ -181,6 +185,7 @@ man/man3/CURLOPT_RTSP_TRANSPORT.3 man/man3/CURLOPT_SASL_IR.3 man/man3/CURLOPT_SEEKDATA.3 man/man3/CURLOPT_SEEKFUNCTION.3 +man/man3/CURLOPT_SERVICE_NAME.3 man/man3/CURLOPT_SHARE.3 man/man3/CURLOPT_SOCKOPTDATA.3 man/man3/CURLOPT_SOCKOPTFUNCTION.3 @@ -295,6 +300,7 @@ man/man3/libcurl-errors.3 man/man3/libcurl-multi.3 man/man3/libcurl-share.3 man/man3/libcurl-symbols.3 +man/man3/libcurl-thread.3 man/man3/libcurl-tutorial.3 man/man3/libcurl.3 share/aclocal/libcurl.m4 diff --git a/www/curl/distinfo b/www/curl/distinfo index acfb500f51e..5f07ab1d04c 100644 --- a/www/curl/distinfo +++ b/www/curl/distinfo @@ -1,9 +1,8 @@ -$NetBSD: distinfo,v 1.105 2015/06/03 12:00:06 fhajny Exp $ +$NetBSD: distinfo,v 1.105.2.1 2015/09/09 20:28:44 tron Exp $ -SHA1 (curl-7.42.1.tar.bz2) = f65708915875b8cb35edb51d8dd31440dc02fbd3 -RMD160 (curl-7.42.1.tar.bz2) = 76d5b23fae60356342e2bac2e4c706ed544d4adf -Size (curl-7.42.1.tar.bz2) = 3327304 bytes -SHA1 (patch-aa) = 59ec0be3ac90470fdc5935881da6a14dbab9d378 -SHA1 (patch-curl-config.in) = fd87c97b601a6b9269f67fbc066604ee7e22570e -SHA1 (patch-lib_hostcheck.c) = 9faf94f44703c7d37377fd3af319ca5c27df34c2 -SHA1 (patch-lib_http2.c) = 4ba0164ffdba714c620daccbf80eedd51562acf4 +SHA1 (curl-7.44.0.tar.bz2) = 879a186944e7b06e619a2eb07cef729b5702345c +RMD160 (curl-7.44.0.tar.bz2) = d7e4a2406c5fea9445c13e725dd421d7198389a6 +Size (curl-7.44.0.tar.bz2) = 3398814 bytes +SHA1 (patch-aa) = 793701d5ecc3343170fb437906c9adb74763cd13 +SHA1 (patch-curl-config.in) = d0cc7bb6a5bf0b9257f40dcffce7093cc0098eb7 +SHA1 (patch-lib_hostcheck.c) = 8e772d3f91cdafae17281cc19004269ece0cf308 diff --git a/www/curl/patches/patch-aa b/www/curl/patches/patch-aa index 01621daa59b..6f9ca0af1a7 100644 --- a/www/curl/patches/patch-aa +++ b/www/curl/patches/patch-aa @@ -1,11 +1,11 @@ -$NetBSD: patch-aa,v 1.30 2015/04/22 14:35:21 jperkin Exp $ +$NetBSD: patch-aa,v 1.30.2.1 2015/09/09 20:28:44 tron Exp $ builtin krb5-config in platforms such as solaris do not support the gssapi option, and need an explicit -lgss ---- configure.orig 2015-04-21 07:21:35.000000000 +0000 +--- configure.orig 2015-08-10 12:54:00.000000000 +0000 +++ configure -@@ -3703,6 +3703,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar +@@ -3737,6 +3737,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar ;; esac done @@ -13,7 +13,7 @@ the gssapi option, and need an explicit -lgss if test $xc_bad_var_cflags = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: using CFLAGS: $CFLAGS" >&5 $as_echo "$as_me: using CFLAGS: $CFLAGS" >&6;} -@@ -16682,7 +16683,7 @@ squeeze() { +@@ -16723,7 +16724,7 @@ squeeze() { # @@ -22,19 +22,29 @@ the gssapi option, and need an explicit -lgss # if test "$compiler_id" = "GNU_C" || test "$compiler_id" = "CLANG"; then -@@ -21131,6 +21132,11 @@ $as_echo "yes" >&6; } +@@ -19971,7 +19972,7 @@ done + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for monotonic clock_gettime" >&5 + $as_echo_n "checking for monotonic clock_gettime... " >&6; } + # +- if test "x$dontwant_rt" == "xno" ; then ++ if test "x$dontwant_rt" = "xno" ; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + +@@ -21174,7 +21175,11 @@ $as_echo "yes" >&6; } + if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi` - elif test -f "$GSSAPI_ROOT/bin/krb5-config"; then - GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi` -+ if $GSSAPI_ROOT/bin/krb5-config --cflags gssapi 2>&1 | grep "Unknown option" >/dev/null; then -+ GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags` + elif test -f "$KRB5CONFIG"; then +- GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi` ++ if `$KRB5CONFIG --cflags gssapi` 2>&1 | grep "Unknown option" >/dev/null; then ++ GSSAPI_INCS=`$KRB5CONFIG --cflags` + else -+ GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi` ++ GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi` + fi - elif test -f "$KRB5CONFIG"; then - GSSAPI_INCS=`$KRB5CONFIG --cflags gssapi` elif test "$GSSAPI_ROOT" != "yes"; then -@@ -21305,7 +21311,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd + GSSAPI_INCS="-I$GSSAPI_ROOT/include" + fi +@@ -21347,7 +21352,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd LIBS="-lgss $LIBS" ;; *) @@ -43,12 +53,3 @@ the gssapi option, and need an explicit -lgss ;; esac fi -@@ -24264,7 +24270,7 @@ _ACEOF - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $capath (capath)" >&5 - $as_echo "$capath (capath)" >&6; } - fi -- if test "x$ca" == "xno" && test "x$capath" == "xno"; then -+ if test "x$ca" = "xno" && test "x$capath" = "xno"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 - $as_echo "no" >&6; } - fi diff --git a/www/curl/patches/patch-curl-config.in b/www/curl/patches/patch-curl-config.in index ccf58619a08..82b20c2a539 100644 --- a/www/curl/patches/patch-curl-config.in +++ b/www/curl/patches/patch-curl-config.in @@ -1,8 +1,8 @@ -$NetBSD: patch-curl-config.in,v 1.4 2014/03/30 12:57:54 spz Exp $ +$NetBSD: patch-curl-config.in,v 1.4.12.1 2015/09/09 20:28:44 tron Exp $ - make "curl-config --libs" return proper ldflags for shared libraries ---- curl-config.in.orig 2014-01-05 22:07:54.000000000 +0000 +--- curl-config.in.orig 2015-06-03 07:38:20.000000000 +0000 +++ curl-config.in @@ -148,9 +148,9 @@ while test $# -gt 0; do CURLLIBDIR="" diff --git a/www/curl/patches/patch-lib_hostcheck.c b/www/curl/patches/patch-lib_hostcheck.c index 8a773dbd8ba..2a995f89397 100644 --- a/www/curl/patches/patch-lib_hostcheck.c +++ b/www/curl/patches/patch-lib_hostcheck.c @@ -1,11 +1,11 @@ -$NetBSD: patch-lib_hostcheck.c,v 1.1 2014/03/31 08:45:21 wiz Exp $ +$NetBSD: patch-lib_hostcheck.c,v 1.1.12.1 2015/09/09 20:28:44 tron Exp $ Add missing header for DragonflyBSD. PR 48691 by David Shao. ---- lib/hostcheck.c.orig 2014-03-25 22:01:37.000000000 +0000 +--- lib/hostcheck.c.orig 2015-06-03 07:38:20.000000000 +0000 +++ lib/hostcheck.c -@@ -31,6 +31,13 @@ +@@ -34,6 +34,13 @@ #include "inet_pton.h" #include "curl_memory.h" diff --git a/www/curl/patches/patch-lib_http2.c b/www/curl/patches/patch-lib_http2.c deleted file mode 100644 index 0f114326002..00000000000 --- a/www/curl/patches/patch-lib_http2.c +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-lib_http2.c,v 1.1 2015/06/03 12:00:06 fhajny Exp $ - -Update compatibility for nghttp2 1.0. This patch should become obsolete -with curl-7.43. - ---- lib/http2.c.orig 2015-04-29 06:06:52.000000000 +0000 -+++ lib/http2.c -@@ -1019,8 +1019,8 @@ CURLcode Curl_http2_switched(struct conn - - rv = (int) ((Curl_send*)httpc->send_underlying) - (conn, FIRSTSOCKET, -- NGHTTP2_CLIENT_CONNECTION_PREFACE, -- NGHTTP2_CLIENT_CONNECTION_PREFACE_LEN, -+ NGHTTP2_CLIENT_MAGIC, -+ NGHTTP2_CLIENT_MAGIC_LEN, - &result); - if(result) - /* TODO: This may get CURLE_AGAIN */ -- cgit v1.2.3