Automatic conversion of the NetBSD pkgsrc CVS module, use with care
5f731a4196
Version 7.41.0 (25 Feb 2015) Daniel Stenberg (25 Feb 2015) - THANKS: added contributors from the 7.41.0 RELEASE-NOTES - RELEASE-NOTES: sync with ffc2aeec6e (7.41.0 release time!) Marc Hoersken (25 Feb 2015) - Revert "telnet.c: fix handling of 0 being returned from custom read function" This reverts commit 03fa576833643c67579ae216c4e7350fa9b5f2fe. - telnet.c: fix invalid use of custom read function if not being set obj_count can be 1 if the custom read function is set or the stdin handle is a reference to a pipe. Since the pipe should be handled using the PeekNamedPipe-check below, the custom read function should only be used if it is actually enabled. - telnet.c: fix handling of 0 being returned from custom read function According to [1]: "Returning 0 will signal end-of-file to the library and cause it to stop the current transfer." This change makes the Windows telnet code handle this case accordingly. [1] http://curl.haxx.se/libcurl/c/CURLOPT_READFUNCTION.html Daniel Stenberg (24 Feb 2015) - sws: stop logging about TPC_NODELAY nonsense - lib530: make it less timing sensible ... by making sure the first request is completed before doing the remainder. Kamil Dudka (23 Feb 2015) - connect: wait for IPv4 connection attempts ... even if the last IPv6 connection attempt has failed. Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4 - connect: avoid skipping an IPv4 address ... in case the protocol versions are mixed in a DNS response (IPv6 -> IPv4 -> IPv6). Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3 Daniel Stenberg (23 Feb 2015) - RELEASE-NOTES: synced with 5e4395eab839d - ROADMAP: curl_easy_setopt.3 has already been split up Remove cmake as marked for removal. It is in much better state now. - ROADMAP: extend the HTTP/2 stuff, remove SPDY - [Julian Ospald brought this change] configure: allow both --with-ca-bundle and --with-ca-path SSL_CTX_load_verify_locations by default (and if given non-Null parameters) searches the CAfile first and falls back to CApath. This allows for CAfile to be a basis (e.g. installed by the package manager) and CApath to be a user configured directory. This wasn't reflected by the previous configure constraint which this patch fixes. Bug: https://github.com/bagder/curl/pull/139 - [Ben Boeckel brought this change] cmake: install the dll file to the correct directory - [Alessandro Ghedini brought this change] nss: fix NPN/ALPN protocol negotiation Correctly check for memcmp() return value (it returns 0 if the strings match). This is not really important, since curl is going to use http/1.1 anyway, but it's still a bug I guess. - [Alessandro Ghedini brought this change] polarssl: fix ALPN protocol negotiation Correctly check for strncmp() return value (it returns 0 if the strings match). - [Sergei Nikulov brought this change] CMake: Fix generation of tool_hugehelp.c on windows Use "cmake -E echo" instead of "echo". Reviewed-by: Brad King <brad.king@kitware.com> - [Sergei Nikulov brought this change] CMake: fix winsock2 detection on windows Set CMAKE_REQUIRED_DEFINITIONS to include definitions needed to get the winsock2 API from windows.h. Simplify the order of checks to avoid extra conditions. Use check_include_file instead of check_include_file_concat to look for OpenSSL headers. They do not need to participate in a sequence of dependent system headers. Also they may cause winsock.h to be included before ws2tcpip.h, causing the latter to not be detected in the sequence. Reviewed-by: Brad King <brad.king@kitware.com> - [Alessandro Ghedini brought this change] gtls: fix build with HTTP2 Steve Holme (16 Feb 2015) - Makefile.vc6: Corrected typos in rename of darwinssl.obj Nick Zitzmann (15 Feb 2015) - By request, change the name of "curl_darwinssl.[ch]" to "darwinssl.[ch]" Steve Holme (14 Feb 2015) - RELEASE-NOTES: Synced with 6f89f86c3d - tests/README: Updated to reflect email test ranges - [Alessandro Ghedini brought this change] curl.1: --cert-status is also supported by OpenSSL now - build: Removed Visual Studio SuppressStartupBanner directive for VC8+ Visual Studio 2005 and above defaults to disabling the startup banner for the Compiler, Linker and MIDL tools (with /NOLOGO). As such there is no need to explicitly set the SuppressStartupBanner directive, as this is a leftover from the VC7 and VC7.1 projects being upgraded to VC8 and above. Kamil Dudka (12 Feb 2015) - openssl: fix a compile-time warning lib/vtls/openssl.c:1450:7: warning: extra tokens at end of #endif directive Steve Holme (11 Feb 2015) - openssl: Use OPENSSL_IS_BORINGSSL for BoringSSL detection For consistency with other conditionally compiled code in openssl.c, use OPENSSL_IS_BORINGSSL rather than HAVE_BORINGSSL and try to use HAVE_BORINGSSL outside of openssl.c when the OpenSSL header files are not included. Patrick Monnerat (11 Feb 2015) - ftp: accept all 2xx responses to the PORT command Steve Holme (9 Feb 2015) - openssl: Disable OCSP in old versions of OpenSSL Versions of OpenSSL prior to v0.9.8h do not support the necessary functions for OCSP stapling. Daniel Stenberg (9 Feb 2015) - [Tatsuhiro Tsujikawa brought this change] http2: Fix bug that associated stream canceled on PUSH_PROMISE Previously we don't ignore PUSH_PROMISE header fields in on_header callback. It makes header values mixed with following HEADERS, resulting protocol error. - [Jay Satiro brought this change] polarssl: Fix exclusive SSL protocol version options Prior to this change the options for exclusive SSL protocol versions did not actually set the protocol exclusive. http://curl.haxx.se/mail/lib-2015-01/0002.html Reported-by: Dan Fandrich - [Jay Satiro brought this change] gskit: Fix exclusive SSLv3 option - curl.1: clarify that -X is used for all requests Reported-by: Jon Seymour - curl.1: add warning when using -H and redirects Steve Holme (7 Feb 2015) - schannel: Removed curl_ prefix from source files Removed the curl_ prefix from the schannel source files as discussed with Marc and Daniel at FOSDEM. Daniel Stenberg (6 Feb 2015) - md5: use axTLS's own MD5 functions when available - MD(4|5): make the MD4_* and MD5_* functions static - axtls: fix conversion from size_t to int warning Steve Holme (5 Feb 2015) - ftp: Use 'CURLcode result' for curl result codes Daniel Stenberg (5 Feb 2015) - openssl: SSL_SESSION->ssl_version no longer exist The struct went private in 1.0.2 so we cannot read the version number from there anymore. Use SSL_version() instead! Reported-by: Gisle Vanem Bug: http://curl.haxx.se/mail/lib-2015-02/0034.html Dan Fandrich (4 Feb 2015) - unit1600: Fix compilation when NTLM is disabled Daniel Stenberg (4 Feb 2015) - MD5: fix compiler warnings and code style nits - MD5: replace implementation The previous one was "encumbered" by RSA Inc - to avoid the licensing restrictions it has being replaced. This is the initial import, inserting the md5.c and md5.h files from http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5 Code-by: Alexander Peslyak - MD4: fix compiler warnings and code style nits - MD4: replace implementation The previous one was "encumbered" by RSA Inc - to avoid the licensing restrictions it has being replaced. This is the initial import, inserting the md4.c and md4.h files from http://openwall.info/wiki/people/solar/software/public-domain-source-code/md4 Code-by: Alexander Peslyak Steve Holme (4 Feb 2015) - telnet: Prefer 'CURLcode result' for curl result codes - hostasyn: Prefer 'CURLcode result' for curl result codes - schannel: Prefer 'CURLcode result' for curl result codes Daniel Stenberg (3 Feb 2015) - unit1601: MD5 unit tests - unit1600: unit test for Curl_ntlm_core_mk_nt_hash - unit1600: NTLM unit test - tests/README: add a new range, clean up some language - [Jay Satiro brought this change] opts: CURLOPT_CAINFO availability depends on SSL engine - getpass: protect include with proper #ifdef Reported-by: Tamir - getpass_r: read from stdin, not stdout! The file number used was wrong. This bug was introduced over 10 years ago, proving this function isn't used much... Bug: http://curl.haxx.se/bug/view.cgi?id=1476 Reported-by: Tamir - test1135: verify the CURL_EXTERN order in header files - Makefile.am: fix 'make distcheck' ... by removing generated files from the *_DIST variable [*] and instead generate them with a .dist suffix, since that is then handled and put into the release archive by our generic dist-hook. [*] = 'make distcheck' fails with non-existing files listed there Steve Holme (2 Feb 2015) - curl_sasl.c: More code policing Better use of 80 character line limit, comment corrections and line spacing preferences. Daniel Stenberg (2 Feb 2015) - libcurl-symbols: first basic shot for autogenerated docs - FAQ: minor edit of 3.22 Steve Holme (2 Feb 2015) - build: Added removal of Visual Studio project files Added the removal of the locally generated project files so one may revert to a clean repository. - build: Renamed top level Visual Studio solution files In preparation for adding the test suite and examples projects renamed the top level "all" solution files to better describe what they are. This will also enable us to use "curl" rather than "curlsrc" for the command line tool solution and project files, which will simplify some of the configuration. - build: Enabled DEBUGBUILD in Visual Studio debug builds Defined the DEBUGBUILD pre-processor variable to allow extra logging, which is particularly useful in debug builds, as we use this and Visual Studio typically uses _DEBUG. We could define DEBUBBUILD, in curl_setup.h, when _MSC_VER and _DEBUG is defined but that would also affect the makefile based builds which we probably don't want to do. - build: Removed unused Visual Studio bscmake settings Daniel Stenberg (2 Feb 2015) - CURLOPT_HTTP_VERSION.3: CURL_HTTP_VERSION_2_0 added in 7.33.0 And modify the text to refer to HTTP 2 as it isn't called "2.0". Reported-By: Michael Wallner Marc Hoersken (31 Jan 2015) - TODO: moved WinSSL/SChannel todo items into docs Daniel Stenberg (29 Jan 2015) - [Michael Kaufmann brought this change] CURLOPT_SEEKFUNCTION.3: also when server closes a connection Steve Holme (29 Jan 2015) - curl_sasl.c: Fixed compilation warning when cryptography is disabled curl_sasl.c:1506: warning: unused variable 'chlg' - curl_sasl.c: Fixed compilation warning when verbose debug output disabled curl_sasl.c:1317: warning: unused parameter 'conn' - ntlm_core: Use own odd parity function when crypto engine doesn't have one - ntlm_core: Prefer sizeof(key) rather than hard coded sizes - ntlm_core: Added consistent comments to DES functions - des: Added Curl_des_set_odd_parity() Added Curl_des_set_odd_parity() for use when cryptography engines don't include this functionality. - tests: Grouped SMTP SASL EXTERNAL tests with other SMTP tests - tests: Grouped POP3 SASL EXTERNAL tests with other POP3 tests - tests: Grouped IMAP SASL EXTERNAL tests with other IMAP tests - sasl: Minor code policing and grammar corrections Daniel Stenberg (28 Jan 2015) - [Gisle Vanem brought this change] ldap: build with BoringSSL - security: avoid compiler warning Possible access to uninitialised memory '&nread' at line 140 of lib/security.c in function 'ftp_send_command'. Reported-by: Rich Burridge - runtests: identify BoringSSL and libressl Patrick Monnerat (27 Jan 2015) - docs: cite SASL external authentication. - sasl: remove XOAUTH2 from default enabled authentication mechanism. - test: add test cases for sasl external authentication (imap/pop3/smtp). - imap: remove automatic password setting: it breaks external sasl authentication - sasl: implement EXTERNAL authentication mechanism. Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and by not setting the password. Steve Holme (27 Jan 2015) - openssl: Fixed Curl_ossl_cert_status_request() not returning FALSE Modified the Curl_ossl_cert_status_request() function to return FALSE when built with BoringSSL or when OpenSSL is missing the necessary TLS extensions. - openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext' Fixed the build of openssl.c when OpenSSL is built without the necessary TLS extensions for OCSP stapling. Reported-by: John E. Malmberg - [Brad Spencer brought this change] curl_setup: Disable SMB/CIFS support when HTTP only - RELEASE-NOTES: Synced with 37824498a3 Daniel Stenberg (22 Jan 2015) - configure: remove detection of the old yassl emulation API ... as that is ancient history and not used. - OCSP stapling: disabled when build with BoringSSL - [Alessandro Ghedini brought this change] openssl: add support for the Certificate Status Request TLS extension Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. Thanks-to: Joe Mason - for the work-around for the OpenSSL bug. - BoringSSL: fix build for non-configure builds HAVE_BORINGSSL gets defined now by configure and should be defined by other build systems in case a BoringSSL build is desired. - configure: fix BoringSSL detection and detect libresssl Steve Holme (22 Jan 2015) - curl_sasl: Reinstate the sasl_ prefix for locally scoped functions Commit 7a8b2885e2 made some functions static and removed the public Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which is the naming convention we use in this source file. - curl_sasl: Minor code policing following recent commits Daniel Stenberg (22 Jan 2015) - [John Malmberg brought this change] openvms: Handle openssl/0.8.9zb version parsing packages/vms/gnv_link_curl.com was assuming only a single letter suffix in the openssl version. That assumption has been fixed for 7.40. - BoringSSL: detected by configure, switches off NTLM - BoringSSL: no PKCS12 support nor ERR_remove_state - [Leith Bade brought this change] BoringSSL: fix build Steve Holme (20 Jan 2015) - curl_sasl.c: chlglen is not used when cryptography is disabled - curl_sasl.c: Fixed compilation warning when cyptography is disabled curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local variable - curl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI defined curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier This error could also happen for non-SSPI builds when cryptography is disabled (CURL_DISABLE_CRYPTO_AUTH is defined). Patrick Monnerat (20 Jan 2015) - SASL: make some procedures local-scoped - SASL: common state engine for imap/pop3/smtp - SASL: common URL option and auth capabilities decoders for all protocols - IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters. Daniel Stenberg (20 Jan 2015) - ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6 Reported-by: Chris Young - [Chris Young brought this change] timeval: typecast for better type (on Amiga) There is an issue with conflicting "struct timeval" definitions with certain AmigaOS releases and C libraries, depending on what gets included when. It's a minor difference - the OS one is unsigned, whereas the common structure has signed elements. If the OS one ends up getting defined, this causes a timing calculation error in curl. It's easy enough to resolve this at the curl end, by casting the potentially errorneous calculation to a signed long. - openssl: do public key pinning check independently ... of the other cert verification checks so that you can set verifyhost and verifypeer to FALSE and still check the public key. Bug: http://curl.haxx.se/bug/view.cgi?id=1471 Reported-by: Kyle J. McKay Patrick Monnerat (19 Jan 2015) - OS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too. Steve Holme (18 Jan 2015) - ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP For consistency with other USE_WIN32_ defines as well as the USE_OPENLDAP define. - http_negotiate: Use dynamic buffer for SPN generation Use a dynamicly allocated buffer for the temporary SPN variable similar to how the SASL GSS-API code does, rather than using a fixed buffer of 2048 characters. - sasl_gssapi: Make Curl_sasl_build_gssapi_spn() public - sasl_gssapi: Fixed memory leak with local SPN variable Daniel Stenberg (17 Jan 2015) - http_negotiate.c: unused variable 'ret' Steve Holme (17 Jan 2015) - gskit.h: Code policing of function pointer arguments - vtls: Removed unimplemented overrides of curlssl_close_all() Carrying on from commit 037cd0d991, removed the following unimplemented instances of curlssl_close_all(): Curl_axtls_close_all() Curl_darwinssl_close_all() Curl_cyassl_close_all() Curl_gskit_close_all() Curl_gtls_close_all() Curl_nss_close_all() Curl_polarssl_close_all() - vtls: Separate the SSL backend definition from the API setup Slight code cleanup as the SSL backend #define is mixed up with the API function setup. - vtls: Fixed compilation errors when SSL not used Fixed the following warning and error from commit 3af90a6e19 when SSL is not being used: url.c:2004: warning C4013: 'Curl_ssl_cert_status_request' undefined; assuming extern returning int error LNK2019: unresolved external symbol Curl_ssl_cert_status_request referenced in function Curl_setopt - http_negotiate: Added empty decoded challenge message info text - http_negotiate: Return CURLcode in Curl_input_negotiate() instead of int - http_negotiate_sspi: Prefer use of 'attrs' for context attributes Use the same variable name as other areas of SSPI code. - http_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo() Use the SECURITY_STATUS typedef rather than a unsigned long for the QuerySecurityPackageInfo() return and rename the variable as per other areas of SSPI code. - http_negotiate_sspi: Use 'CURLcode result' for CURL result code - curl_endian: Fixed build when 64-bit integers are not supported (Part 2) Missed Curl_read64_be() in commit bb12d44471 :( Daniel Stenberg (16 Jan 2015) - CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0 - curlver.h: next release is 7.41.0 due to the changes - RELEASE-NOTES: mention the new OCSP stapling options, bump version - opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile - help: add --cert-status to --help output - copyright years: after OCSP stapling changes - [Alessandro Ghedini brought this change] curl: add --cert-status option This enables the CURLOPT_SSL_VERIFYSTATUS functionality. - [Alessandro Ghedini brought this change] nss: add support for the Certificate Status Request TLS extension Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. This requires NSS 3.15 or higher. - [Alessandro Ghedini brought this change] gtls: add support for the Certificate Status Request TLS extension Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP response verfication to fail even on valid responses. - [Alessandro Ghedini brought this change] url: add CURLOPT_SSL_VERIFYSTATUS option This option can be used to enable/disable certificate status verification using the "Certificate Status Request" TLS extension defined in RFC6066 section 8. This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the certificate status verification fails, and the Curl_ssl_cert_status_request() function, used to check whether the SSL backend supports the status_request extension. - TheArtOfHttpScripting: skip the date at the top, we have git - TheArtOfHttpScripting: phrase it TLS lib agnostic Steve Holme (16 Jan 2015) - TODO: Added some SMB ideas - RELEASE-NOTES: Synced with 5f09947d28 - build-openssl.bat: Added check for Perl installation - checksrc.bat: Better detection of Perl installation - curl_endian: Fixed build when 64-bit integers are not supported Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html Reported-by: John E. Malmberg Daniel Stenberg (15 Jan 2015) - [Yun SangHo brought this change] curl.h: remove extra space - Curl_pretransfer: reset expected transfer sizes Reported-by: Mohammad AlSaleh Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html Marc Hoersken (12 Jan 2015) - curl_schannel.c: mark session as removed from cache if not freed If the session is still used by active SSL/TLS connections, it cannot be closed yet. Thus we mark the session as not being cached any longer so that the reference counting mechanism in Curl_schannel_shutdown is used to close and free the session. Reported-by: Jean-Francois Durand Steve Holme (9 Jan 2015) - RELEASE-NOTES: Synced with d21b66835f Guenter Knauf (9 Jan 2015) - Merge pull request #134 from vszakats/mingw-m64 add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS - Merge pull request #136 from vszakats/mingw-allow-custom-cflags mingw build: allow to pass custom CFLAGS Daniel Stenberg (9 Jan 2015) - NSS: fix compiler error when built http2-enabled Steve Holme (9 Jan 2015) - gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions Better code reuse and consistency in calls to gss_import_name(). Viktor Szakats (9 Jan 2015) - mingw build: allow to pass custom CFLAGS Daniel Stenberg (8 Jan 2015) - FTP: if EPSV fails on IPV6 connections, bail out ... instead of trying PASV, since PASV can't work with IPv6. Reported-by: Vojtěch Král - FTP: fix IPv6 host using link-local address ... and make sure we can connect the data connection to a host name that is longer than 48 bytes. Also simplifies the code somewhat by re-using the original host name more, as it is likely still in the DNS cache. Original-Patch-by: Vojtěch Král Bug: http://curl.haxx.se/bug/view.cgi?id=1468 Steve Holme (8 Jan 2015) - [Sam Schanken brought this change] winbuild: Added option to build with c-ares Added support for a WITH_CARES option to be used when invoking nmake via Makefile.vc. This option enables linking against both the DLL and static versions of the c-ares libraries, as well as the debug and release varients, depending on the value of DEBUG. The USE_ARES preprocessor symbol is also defined. Guenter Knauf (8 Jan 2015) - NetWare build: added TLS-SRP enabled build. Steve Holme (8 Jan 2015) - sasl_gssapi: Fixed build on NetBSD with built-in GSS-API Bug: http://curl.haxx.se/bug/view.cgi?id=1469 Reported-by: Thomas Klausner Viktor Szakats (8 Jan 2015) - add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS Daniel Stenberg (8 Jan 2015) - bump: start working towards 7.40.1 - THANKS: 14 new contributors from the 7.40.0 release notes |
||
---|---|---|
archivers | ||
audio | ||
benchmarks | ||
biology | ||
bootstrap | ||
cad | ||
chat | ||
comms | ||
converters | ||
cross | ||
databases | ||
devel | ||
distfiles | ||
doc | ||
editors | ||
emulators | ||
filesystems | ||
finance | ||
fonts | ||
games | ||
geography | ||
graphics | ||
ham | ||
inputmethod | ||
lang | ||
licenses | ||
math | ||
mbone | ||
meta-pkgs | ||
misc | ||
mk | ||
multimedia | ||
net | ||
news | ||
packages | ||
parallel | ||
pkgtools | ||
regress | ||
security | ||
shells | ||
sysutils | ||
templates | ||
textproc | ||
time | ||
wm | ||
www | ||
x11 | ||
Makefile | ||
pkglocate | ||
README |
$NetBSD: README,v 1.18 2005/05/07 22:18:28 wiz Exp $ Please see doc/pkgsrc.txt for information.