# HG changeset patch # User Yiteng Zhang # Date 1428709824 25200 # Node ID 0a3f0d2f2c86bf057ba8ce6407782209d3d61b8a # Parent 02730b605ff47d85813e316a0d39889f5d9f48e1 20419429 Upgrade curl to version 7.40.0 diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/Makefile --- a/components/curl/Makefile Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/Makefile Fri Apr 10 16:50:24 2015 -0700 @@ -23,16 +23,16 @@ include ../../make-rules/shared-macros.mk COMPONENT_NAME = curl -COMPONENT_VERSION= 7.21.2 +COMPONENT_VERSION= 7.40.0 COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION) COMPONENT_PROJECT_URL= http://curl.haxx.se/ COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz COMPONENT_ARCHIVE_HASH= \ - sha256:d8e0ce964b75b99efa2e6c58e6523027fe2fa56305cc180ecacda6ced636e2bf + sha256:c2e0705a13e53f8f924d1eaeb2ab94f59a9e162007c489b9ab0c96238bddf84b COMPONENT_ARCHIVE_URL= $(COMPONENT_PROJECT_URL)download/$(COMPONENT_ARCHIVE) COMPONENT_BUGDB= library/curl -TPNO= 8339 +TPNO= 21343 include $(WS_MAKE_RULES)/prep.mk include $(WS_MAKE_RULES)/configure.mk @@ -49,7 +49,7 @@ CPPFLAGS += `pkg-config --cflags libidn` CONFIGURE_ENV += CFLAGS="$(CFLAGS)" -CONFIGURE_ENV += CPPFLAGS="$(CPPFLAGS)" +CONFIGURE_ENV += CPPFLAGS="$(CPPFLAGS) -I/usr/include/openldap" CONFIGURE_ENV += PKG_CONFIG_PATH="$(PKG_CONFIG_PATH)" CONFIGURE_OPTIONS += --localstatedir=/var --enable-shared --disable-static @@ -65,18 +65,42 @@ CONFIGURE_OPTIONS += --enable-cookies --disable-hidden-symbols CONFIGURE_OPTIONS += --disable-soname-bump CONFIGURE_OPTIONS += --enable-ldap --with-random=/dev/urandom -CONFIGURE_OPTIONS += --with-ssl --with-ldap-lib=ldap -CONFIGURE_OPTIONS += --with-lber-lib=sldap +CONFIGURE_OPTIONS += --with-ssl --with-ldap-lib=ldap_r-2.4 +CONFIGURE_OPTIONS += --with-lber-lib=lber-2.4 CONFIGURE_OPTIONS += --with-gssapi-includes=/usr/include/gssapi CONFIGURE_OPTIONS += --with-gssapi-libs=$(GSSAPI_LIBDIR_$(BITS)) CONFIGURE_OPTIONS += --with-gssapi=/usr --without-ca-bundle CONFIGURE_OPTIONS += --with-ca-path=/etc/openssl/certs CONFIGURE_OPTIONS += --with-zlib=/usr --with-libidn=/usr CONFIGURE_OPTIONS += --with-pic +CONFIGURE_OPTIONS += --without-libssh2 CONFIGURE_OPTIONS += "curl_disallow_getifaddrs=yes" LINT_FLAGS += -I$(SOURCE_DIR)/include +# The additional curl specific set of transforms to be applied to the +# test results to try to normalize them. +COMPONENT_TEST_TRANSFORMS += \ + '-e "s|\(^$(CC)\).*|\\$$(CC)|" ' \ + '-e "s|\(^/bin/bash ../../libtool\).*|\1|" ' \ + '-e "s|\(^libtool: compile:\).*|\1|" ' \ + '-e "s|\(^libtool: link:\).*|\1|" ' \ + '-e "s|remaining: ..:..|remaining: xx:xx|" ' \ + '-e "s|\(^TESTDONE: 964 tests were considered during\).*|\1|" ' \ + '-e "s|\(^\* curl $(COMPONENT_VERSION)\).*|\1|" ' \ + '-e "s|\(^\* Host:\).*|\1|" ' \ + '-e "s|\(^\* System: SunOS\).*|\1|" ' \ + '-e "s|\(^Connection from 127.0.0.1 port\).*|\1|" ' \ + '-e "s|\(^Failed none for\).*|\1|" ' \ + '-e "s|\(^Found matching DSA key:\).*|\1|" ' \ + '-e "s|\(^Failed publickey for\).*|\1|" ' \ + '-e "/^debug.:/d" ' \ + '-e "/^monitor debug.:/d" ' + +ASLR_MODE = $(ASLR_ENABLE) + +configure: $(CONFIGURE_32_and_64) + build: $(BUILD_32_and_64) install: $(INSTALL_32_and_64) @@ -84,8 +108,9 @@ test: $(TEST_32_and_64) - REQUIRED_PACKAGES += library/libidn +REQUIRED_PACKAGES += library/libssh2 +REQUIRED_PACKAGES += library/openldap REQUIRED_PACKAGES += library/security/openssl REQUIRED_PACKAGES += library/zlib REQUIRED_PACKAGES += shell/ksh93 diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/Solaris/curl-config --- a/components/curl/Solaris/curl-config Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/Solaris/curl-config Fri Apr 10 16:50:24 2015 -0700 @@ -135,7 +135,7 @@ --libs) CURLLIBDIR="-L/usr/lib " - echo ${CURLLIBDIR} -R/usr/lib -lcurl -lgss -lidn -lssl -lcrypto -lsldap -lldap -lgss -lssl -lcrypto -lsocket -lnsl -lc -lz + echo ${CURLLIBDIR} -R/usr/lib -lcurl -lgss -lidn -lssl -lcrypto -llber-2.4 -lldap_r-2.4 -lgss -lssl -lcrypto -lsocket -lnsl -lc -lz ;; --static-libs) @@ -143,7 +143,7 @@ ;; --configure) - echo " '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--enable-shared' '--disable-static' '--enable-http' '--enable-ftp' '--enable-file' '--enable-dict' '--enable-manual' '--disable-libgcc' '--enable-rtsp' '--enable-proxy' '--enable-telnet' '--enable-tftp' '--enable-pop3' '--enable-imap' '--enable-smtp' '--enable-ipv6' '--enable-nonblocking' '--enable-thread' '--enable-verbose' '--disable-sspi' '--enable-crypto-auth' '--enable-cookies' '--disable-hidden-symbols' '--disable-soname-bump' '--enable-ldap' '--with-random=/dev/urandom' '--with-ssl' '--with-ldap-lib=ldap' '--with-lber-lib=sldap' '--with-gssapi-includes=/usr/include/gssapi' '--with-gssapi-libs=/usr/lib' '--with-gssapi=/usr' '--with-ca-bundle=/etc/certs/CA' '--with-zlib=/usr' '--with-libidn=/usr' '--with-pic' 'curl_disallow_getifaddrs=yes'" + echo " '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--enable-shared' '--disable-static' '--enable-http' '--enable-ftp' '--enable-file' '--enable-dict' '--enable-manual' '--disable-libgcc' '--enable-rtsp' '--enable-proxy' '--enable-telnet' '--enable-tftp' '--enable-pop3' '--enable-imap' '--enable-smtp' '--enable-ipv6' '--enable-nonblocking' '--enable-thread' '--enable-verbose' '--disable-sspi' '--enable-crypto-auth' '--enable-cookies' '--disable-hidden-symbols' '--disable-soname-bump' '--enable-ldap' '--with-random=/dev/urandom' '--with-ssl' '--with-ldap-lib=ldap_r-2.4' '--with-lber-lib=lber-2.4' '--with-gssapi-includes=/usr/include/gssapi' '--with-gssapi-libs=/usr/lib' '--with-gssapi=/usr' '--with-ca-bundle=/etc/certs/CA' '--with-zlib=/usr' '--with-libidn=/usr' '--with-pic' 'curl_disallow_getifaddrs=yes'" ;; *) diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/Solaris/curl-config-64 --- a/components/curl/Solaris/curl-config-64 Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/Solaris/curl-config-64 Fri Apr 10 16:50:24 2015 -0700 @@ -137,7 +137,7 @@ --libs) CURLLIBDIR="-L/usr/lib/MACH64 " - echo ${CURLLIBDIR} -R/usr/lib/MACH64 -lcurl -lgss -lidn -lssl -lcrypto -lsldap -lldap -lgss -lssl -lcrypto -lsocket -lnsl -lc -lz + echo ${CURLLIBDIR} -R/usr/lib/MACH64 -lcurl -lgss -lidn -lssl -lcrypto -llber-2.4 -lldap_r-2.4 -lgss -lssl -lcrypto -lsocket -lnsl -lc -lz ;; --static-libs) @@ -145,7 +145,7 @@ ;; --configure) - echo " '--prefix=/usr' '--bindir=/usr/bin/MACH64' '--sbindir=/usr/sbin/MACH64' '--libdir=/usr/lib/MACH64' '--libexecdir=/usr/libexec/MACH64' '--localstatedir=/var' '--enable-shared' '--disable-static' '--enable-http' '--enable-ftp' '--enable-file' '--enable-dict' '--enable-manual' '--disable-libgcc' '--enable-rtsp' '--enable-proxy' '--enable-telnet' '--enable-tftp' '--enable-pop3' '--enable-imap' '--enable-smtp' '--enable-ipv6' '--enable-nonblocking' '--enable-thread' '--enable-verbose' '--disable-sspi' '--enable-crypto-auth' '--enable-cookies' '--disable-hidden-symbols' '--disable-soname-bump' '--enable-ldap' '--with-random=/dev/urandom' '--with-ssl' '--with-ldap-lib=ldap' '--with-lber-lib=sldap' '--with-gssapi-includes=/usr/include/gssapi' '--with-gssapi-libs=/usr/lib/MACH64' '--with-gssapi=/usr' '--with-ca-bundle=/etc/certs/CA' '--with-zlib=/usr' '--with-libidn=/usr' '--with-pic' 'curl_disallow_getifaddrs=yes'" + echo " '--prefix=/usr' '--bindir=/usr/bin/MACH64' '--sbindir=/usr/sbin/MACH64' '--libdir=/usr/lib/MACH64' '--libexecdir=/usr/libexec/MACH64' '--localstatedir=/var' '--enable-shared' '--disable-static' '--enable-http' '--enable-ftp' '--enable-file' '--enable-dict' '--enable-manual' '--disable-libgcc' '--enable-rtsp' '--enable-proxy' '--enable-telnet' '--enable-tftp' '--enable-pop3' '--enable-imap' '--enable-smtp' '--enable-ipv6' '--enable-nonblocking' '--enable-thread' '--enable-verbose' '--disable-sspi' '--enable-crypto-auth' '--enable-cookies' '--disable-hidden-symbols' '--disable-soname-bump' '--enable-ldap' '--with-random=/dev/urandom' '--with-ssl' '--with-ldap-lib=ldap_r-2.4' '--with-lber-lib=lber-2.4' '--with-gssapi-includes=/usr/include/gssapi' '--with-gssapi-libs=/usr/lib/MACH64' '--with-gssapi=/usr' '--with-ca-bundle=/etc/certs/CA' '--with-zlib=/usr' '--with-libidn=/usr' '--with-pic' 'curl_disallow_getifaddrs=yes'" ;; *) diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/curl.license --- a/components/curl/curl.license Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/curl.license Fri Apr 10 16:50:24 2015 -0700 @@ -1,6 +1,6 @@ COPYRIGHT AND PERMISSION NOTICE -Copyright (c) 1996 - 2010, Daniel Stenberg, . +Copyright (c) 1996 - 2014, Daniel Stenberg, . All rights reserved. diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/curl.p5m --- a/components/curl/curl.p5m Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/curl.p5m Fri Apr 10 16:50:24 2015 -0700 @@ -22,9 +22,9 @@ # default mangler.man.stability uncommitted> \ - set action.hash curl-7.21.2/docs/%<\1> > + set action.hash curl-$(COMPONENT_VERSION)/docs/%<\1> > \ - set action.hash curl-7.21.2/docs/libcurl/%<\1> > + set action.hash curl-$(COMPONENT_VERSION)/docs/libcurl/%<\1> > set name=pkg.fmri value=pkg:/web/curl@$(IPS_COMPONENT_VERSION),$(BUILD_VERSION) set name=pkg.summary value="The CURL Network Utility and Library" set name=pkg.description \ @@ -36,18 +36,13 @@ value=org.opensolaris.category.2008:System/Libraries set name=info.source-url value=$(COMPONENT_ARCHIVE_URL) set name=info.upstream-url value=$(COMPONENT_PROJECT_URL) -set name=org.opensolaris.arc-caseid value=PSARC/2007/165 +set name=org.opensolaris.arc-caseid value=PSARC/2007/165 value=PSARC/2012/252 \ + value=PSARC/2013/303 value=PSARC/2014/332 set name=org.opensolaris.consolidation value=$(CONSOLIDATION) -# -dir path=usr -dir path=usr/bin -dir path=usr/bin/$(MACH64) +file path=usr/bin/$(MACH64)/curl file path=usr/bin/$(MACH64)/curl-config -# -file path=usr/bin/curl +file usr/bin/$(MACH64)/curl path=usr/bin/curl file path=usr/bin/curl-config -dir path=usr/include -dir path=usr/include/curl file path=usr/include/curl/curl.h file path=usr/include/curl/curlbuild.h file path=usr/include/curl/curlrules.h @@ -57,39 +52,38 @@ file path=usr/include/curl/multi.h file path=usr/include/curl/stdcheaders.h file path=usr/include/curl/typecheck-gcc.h -file path=usr/include/curl/types.h -dir path=usr/lib -dir path=usr/lib/$(MACH64) -link path=usr/lib/$(MACH64)/libcurl.so target=libcurl.so.3.0.0 -link path=usr/lib/$(MACH64)/libcurl.so.3 target=libcurl.so.3.0.0 -file path=usr/lib/$(MACH64)/libcurl.so.3.0.0 +link path=usr/lib/$(MACH64)/libcurl.so target=libcurl.so.4.3.0 +link path=usr/lib/$(MACH64)/libcurl.so.3 target=libcurl.so.4.3.0 +link path=usr/lib/$(MACH64)/libcurl.so.4 target=libcurl.so.4.3.0 +# Leave old link in place until CR #19623514 is integrated. +link path=usr/lib/$(MACH64)/libcurl.so.4.2.0 target=libcurl.so.4.3.0 +file path=usr/lib/$(MACH64)/libcurl.so.4.3.0 file path=usr/lib/$(MACH64)/llib-lcurl.ln -dir path=usr/lib/$(MACH64)/pkgconfig file path=usr/lib/$(MACH64)/pkgconfig/libcurl.pc -link path=usr/lib/libcurl.so target=libcurl.so.3.0.0 -# -link path=usr/lib/libcurl.so.3 target=libcurl.so.3.0.0 -file path=usr/lib/libcurl.so.3.0.0 +link path=usr/lib/libcurl.so target=libcurl.so.4.3.0 +link path=usr/lib/libcurl.so.3 target=libcurl.so.4.3.0 +link path=usr/lib/libcurl.so.4 target=libcurl.so.4.3.0 +# Leave old link in place until CR #19623514 is integrated. +link path=usr/lib/libcurl.so.4.2.0 target=libcurl.so.4.3.0 +file path=usr/lib/libcurl.so.4.3.0 file path=usr/lib/llib-lcurl file path=usr/lib/llib-lcurl.ln -dir path=usr/lib/pkgconfig file path=usr/lib/pkgconfig/libcurl.pc -dir path=usr/share -dir path=usr/share/doc -dir path=usr/share/doc/curl -dir path=usr/share/doc/curl/html +file path=usr/share/aclocal/libcurl.m4 file path=usr/share/doc/curl/html/curl-config.html file path=usr/share/doc/curl/html/curl.html file path=usr/share/doc/curl/html/index.html -dir path=usr/share/doc/libcurl -dir path=usr/share/doc/libcurl/html +file path=usr/share/doc/curl/html/mk-ca-bundle.html file path=usr/share/doc/libcurl/html/curl_easy_cleanup.html file path=usr/share/doc/libcurl/html/curl_easy_duphandle.html file path=usr/share/doc/libcurl/html/curl_easy_escape.html file path=usr/share/doc/libcurl/html/curl_easy_getinfo.html file path=usr/share/doc/libcurl/html/curl_easy_init.html +file path=usr/share/doc/libcurl/html/curl_easy_pause.html file path=usr/share/doc/libcurl/html/curl_easy_perform.html +file path=usr/share/doc/libcurl/html/curl_easy_recv.html file path=usr/share/doc/libcurl/html/curl_easy_reset.html +file path=usr/share/doc/libcurl/html/curl_easy_send.html file path=usr/share/doc/libcurl/html/curl_easy_setopt.html file path=usr/share/doc/libcurl/html/curl_easy_strerror.html file path=usr/share/doc/libcurl/html/curl_easy_unescape.html @@ -114,8 +108,10 @@ file path=usr/share/doc/libcurl/html/curl_multi_remove_handle.html file path=usr/share/doc/libcurl/html/curl_multi_setopt.html file path=usr/share/doc/libcurl/html/curl_multi_socket.html +file path=usr/share/doc/libcurl/html/curl_multi_socket_action.html file path=usr/share/doc/libcurl/html/curl_multi_strerror.html file path=usr/share/doc/libcurl/html/curl_multi_timeout.html +file path=usr/share/doc/libcurl/html/curl_multi_wait.html file path=usr/share/doc/libcurl/html/curl_share_cleanup.html file path=usr/share/doc/libcurl/html/curl_share_init.html file path=usr/share/doc/libcurl/html/curl_share_setopt.html @@ -133,18 +129,466 @@ file path=usr/share/doc/libcurl/html/libcurl-share.html file path=usr/share/doc/libcurl/html/libcurl-tutorial.html file path=usr/share/doc/libcurl/html/libcurl.html -dir path=usr/share/man -dir path=usr/share/man/man1 +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_MAXCONNECTS.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_MAX_HOST_CONNECTIONS.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_MAX_PIPELINE_LENGTH.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_PIPELINING.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_PIPELINING_SERVER_BL.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_PIPELINING_SITE_BL.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_SOCKETDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_SOCKETFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_TIMERDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLMOPT_TIMERFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_ACCEPTTIMEOUT_MS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_ACCEPT_ENCODING.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_ADDRESS_SCOPE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_APPEND.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_AUTOREFERER.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_BUFFERSIZE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CAINFO.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CAPATH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CERTINFO.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CHUNK_BGN_FUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CHUNK_DATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CHUNK_END_FUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CLOSESOCKETDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CLOSESOCKETFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONNECTTIMEOUT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONNECTTIMEOUT_MS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONNECT_ONLY.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIEFILE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIEJAR.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIELIST.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIESESSION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_COPYPOSTFIELDS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CRLF.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CRLFILE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_CUSTOMREQUEST.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DEBUGDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DEBUGFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DIRLISTONLY.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_CACHE_TIMEOUT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_INTERFACE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_LOCAL_IP4.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_LOCAL_IP6.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_SERVERS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_EGDSOCKET.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_ERRORBUFFER.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FAILONERROR.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FILETIME.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FNMATCH_DATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FNMATCH_FUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FOLLOWLOCATION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FORBID_REUSE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FRESH_CONNECT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTPPORT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTPSSLAUTH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_ACCOUNT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_FILEMETHOD.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_SKIP_PASV_IP.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_SSL_CCC.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_USE_EPRT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_USE_EPSV.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_USE_PRET.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_GSSAPI_DELEGATION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HEADER.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HEADERDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HEADERFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HEADEROPT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTP200ALIASES.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPAUTH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPGET.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPHEADER.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPPOST.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPPROXYTUNNEL.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTP_CONTENT_DECODING.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTP_TRANSFER_DECODING.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTP_VERSION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_IGNORE_CONTENT_LENGTH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_INFILESIZE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_INFILESIZE_LARGE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_INTERFACE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_INTERLEAVEDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_INTERLEAVEFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_IOCTLDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_IOCTLFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_IPRESOLVE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_ISSUERCERT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_KEYPASSWD.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_KRBLEVEL.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOCALPORT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOCALPORTRANGE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOGIN_OPTIONS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOW_SPEED_LIMIT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOW_SPEED_TIME.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAIL_AUTH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAIL_FROM.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAIL_RCPT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAXCONNECTS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAXFILESIZE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAXFILESIZE_LARGE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAXREDIRS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAX_RECV_SPEED_LARGE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAX_SEND_SPEED_LARGE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_NETRC.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_NETRC_FILE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_NEW_DIRECTORY_PERMS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_NEW_FILE_PERMS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_NOBODY.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_NOPROGRESS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_NOPROXY.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_NOSIGNAL.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_OPENSOCKETDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_OPENSOCKETFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PASSWORD.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PORT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_POST.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTFIELDS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTFIELDSIZE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTFIELDSIZE_LARGE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTQUOTE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTREDIR.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PREQUOTE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PRIVATE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROGRESSDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROGRESSFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROTOCOLS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXY.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYAUTH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYHEADER.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYPASSWORD.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYPORT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYTYPE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYUSERNAME.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYUSERPWD.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXY_TRANSFER_MODE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_PUT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_QUOTE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RANDOM_FILE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RANGE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_READDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_READFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_REDIR_PROTOCOLS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_REFERER.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RESOLVE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RESUME_FROM.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RESUME_FROM_LARGE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_CLIENT_CSEQ.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_REQUEST.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_SERVER_CSEQ.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_SESSION_ID.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_STREAM_URI.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_TRANSPORT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SASL_IR.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SEEKDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SEEKFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SHARE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SOCKOPTDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SOCKOPTFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SOCKS5_GSSAPI_NEC.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_AUTH_TYPES.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_KEYDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_KEYFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_KNOWNHOSTS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_PRIVATE_KEYFILE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_PUBLIC_KEYFILE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLCERT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLCERTTYPE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLENGINE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLENGINE_DEFAULT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLKEY.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLKEYTYPE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLVERSION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_CIPHER_LIST.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_CTX_DATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_CTX_FUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_ENABLE_ALPN.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_ENABLE_NPN.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_OPTIONS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_SESSIONID_CACHE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_VERIFYHOST.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_VERIFYPEER.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_STDERR.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TCP_KEEPALIVE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TCP_KEEPIDLE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TCP_KEEPINTVL.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TCP_NODELAY.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TELNETOPTIONS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TFTP_BLKSIZE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TIMECONDITION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TIMEOUT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TIMEOUT_MS.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TIMEVALUE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TLSAUTH_PASSWORD.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TLSAUTH_TYPE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TLSAUTH_USERNAME.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TRANSFERTEXT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_TRANSFER_ENCODING.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_UNIX_SOCKET_PATH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_UNRESTRICTED_AUTH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_UPLOAD.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_URL.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_USERAGENT.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_USERNAME.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_USERPWD.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_USE_SSL.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_VERBOSE.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_WILDCARDMATCH.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_WRITEDATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_WRITEFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_XFERINFODATA.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_XFERINFOFUNCTION.html +file path=usr/share/doc/libcurl/html/opts/CURLOPT_XOAUTH2_BEARER.html file path=usr/share/man/man1/curl-config.1 file path=usr/share/man/man1/curl.1 -dir path=usr/share/man/man3 +file path=usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3 +file path=usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3 +file path=usr/share/man/man3/CURLMOPT_MAXCONNECTS.3 +file path=usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3 +file path=usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3 +file path=usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3 +file path=usr/share/man/man3/CURLMOPT_PIPELINING.3 +file path=usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3 +file path=usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3 +file path=usr/share/man/man3/CURLMOPT_SOCKETDATA.3 +file path=usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3 +file path=usr/share/man/man3/CURLMOPT_TIMERDATA.3 +file path=usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3 +file path=usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3 +file path=usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3 +file path=usr/share/man/man3/CURLOPT_APPEND.3 +file path=usr/share/man/man3/CURLOPT_AUTOREFERER.3 +file path=usr/share/man/man3/CURLOPT_BUFFERSIZE.3 +file path=usr/share/man/man3/CURLOPT_CAINFO.3 +file path=usr/share/man/man3/CURLOPT_CAPATH.3 +file path=usr/share/man/man3/CURLOPT_CERTINFO.3 +file path=usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3 +file path=usr/share/man/man3/CURLOPT_CHUNK_DATA.3 +file path=usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3 +file path=usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3 +file path=usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3 +file path=usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3 +file path=usr/share/man/man3/CURLOPT_CONNECT_ONLY.3 +file path=usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3 +file path=usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3 +file path=usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3 +file path=usr/share/man/man3/CURLOPT_COOKIE.3 +file path=usr/share/man/man3/CURLOPT_COOKIEFILE.3 +file path=usr/share/man/man3/CURLOPT_COOKIEJAR.3 +file path=usr/share/man/man3/CURLOPT_COOKIELIST.3 +file path=usr/share/man/man3/CURLOPT_COOKIESESSION.3 +file path=usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3 +file path=usr/share/man/man3/CURLOPT_CRLF.3 +file path=usr/share/man/man3/CURLOPT_CRLFILE.3 +file path=usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3 +file path=usr/share/man/man3/CURLOPT_DEBUGDATA.3 +file path=usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_DIRLISTONLY.3 +file path=usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3 +file path=usr/share/man/man3/CURLOPT_DNS_INTERFACE.3 +file path=usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3 +file path=usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3 +file path=usr/share/man/man3/CURLOPT_DNS_SERVERS.3 +file path=usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3 +file path=usr/share/man/man3/CURLOPT_EGDSOCKET.3 +file path=usr/share/man/man3/CURLOPT_ERRORBUFFER.3 +file path=usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3 +file path=usr/share/man/man3/CURLOPT_FAILONERROR.3 +file path=usr/share/man/man3/CURLOPT_FILETIME.3 +file path=usr/share/man/man3/CURLOPT_FNMATCH_DATA.3 +file path=usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3 +file path=usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3 +file path=usr/share/man/man3/CURLOPT_FORBID_REUSE.3 +file path=usr/share/man/man3/CURLOPT_FRESH_CONNECT.3 +file path=usr/share/man/man3/CURLOPT_FTPPORT.3 +file path=usr/share/man/man3/CURLOPT_FTPSSLAUTH.3 +file path=usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3 +file path=usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3 +file path=usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3 +file path=usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3 +file path=usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3 +file path=usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3 +file path=usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3 +file path=usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3 +file path=usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3 +file path=usr/share/man/man3/CURLOPT_FTP_USE_PRET.3 +file path=usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3 +file path=usr/share/man/man3/CURLOPT_HEADER.3 +file path=usr/share/man/man3/CURLOPT_HEADERDATA.3 +file path=usr/share/man/man3/CURLOPT_HEADERFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_HEADEROPT.3 +file path=usr/share/man/man3/CURLOPT_HTTP200ALIASES.3 +file path=usr/share/man/man3/CURLOPT_HTTPAUTH.3 +file path=usr/share/man/man3/CURLOPT_HTTPGET.3 +file path=usr/share/man/man3/CURLOPT_HTTPHEADER.3 +file path=usr/share/man/man3/CURLOPT_HTTPPOST.3 +file path=usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3 +file path=usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3 +file path=usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3 +file path=usr/share/man/man3/CURLOPT_HTTP_VERSION.3 +file path=usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3 +file path=usr/share/man/man3/CURLOPT_INFILESIZE.3 +file path=usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3 +file path=usr/share/man/man3/CURLOPT_INTERFACE.3 +file path=usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3 +file path=usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_IOCTLDATA.3 +file path=usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_IPRESOLVE.3 +file path=usr/share/man/man3/CURLOPT_ISSUERCERT.3 +file path=usr/share/man/man3/CURLOPT_KEYPASSWD.3 +file path=usr/share/man/man3/CURLOPT_KRBLEVEL.3 +file path=usr/share/man/man3/CURLOPT_LOCALPORT.3 +file path=usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3 +file path=usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3 +file path=usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3 +file path=usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3 +file path=usr/share/man/man3/CURLOPT_MAIL_AUTH.3 +file path=usr/share/man/man3/CURLOPT_MAIL_FROM.3 +file path=usr/share/man/man3/CURLOPT_MAIL_RCPT.3 +file path=usr/share/man/man3/CURLOPT_MAXCONNECTS.3 +file path=usr/share/man/man3/CURLOPT_MAXFILESIZE.3 +file path=usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3 +file path=usr/share/man/man3/CURLOPT_MAXREDIRS.3 +file path=usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3 +file path=usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3 +file path=usr/share/man/man3/CURLOPT_NETRC.3 +file path=usr/share/man/man3/CURLOPT_NETRC_FILE.3 +file path=usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3 +file path=usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3 +file path=usr/share/man/man3/CURLOPT_NOBODY.3 +file path=usr/share/man/man3/CURLOPT_NOPROGRESS.3 +file path=usr/share/man/man3/CURLOPT_NOPROXY.3 +file path=usr/share/man/man3/CURLOPT_NOSIGNAL.3 +file path=usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3 +file path=usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_PASSWORD.3 +file path=usr/share/man/man3/CURLOPT_PORT.3 +file path=usr/share/man/man3/CURLOPT_POST.3 +file path=usr/share/man/man3/CURLOPT_POSTFIELDS.3 +file path=usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3 +file path=usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3 +file path=usr/share/man/man3/CURLOPT_POSTQUOTE.3 +file path=usr/share/man/man3/CURLOPT_POSTREDIR.3 +file path=usr/share/man/man3/CURLOPT_PREQUOTE.3 +file path=usr/share/man/man3/CURLOPT_PRIVATE.3 +file path=usr/share/man/man3/CURLOPT_PROGRESSDATA.3 +file path=usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_PROTOCOLS.3 +file path=usr/share/man/man3/CURLOPT_PROXY.3 +file path=usr/share/man/man3/CURLOPT_PROXYAUTH.3 +file path=usr/share/man/man3/CURLOPT_PROXYHEADER.3 +file path=usr/share/man/man3/CURLOPT_PROXYPASSWORD.3 +file path=usr/share/man/man3/CURLOPT_PROXYPORT.3 +file path=usr/share/man/man3/CURLOPT_PROXYTYPE.3 +file path=usr/share/man/man3/CURLOPT_PROXYUSERNAME.3 +file path=usr/share/man/man3/CURLOPT_PROXYUSERPWD.3 +file path=usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3 +file path=usr/share/man/man3/CURLOPT_PUT.3 +file path=usr/share/man/man3/CURLOPT_QUOTE.3 +file path=usr/share/man/man3/CURLOPT_RANDOM_FILE.3 +file path=usr/share/man/man3/CURLOPT_RANGE.3 +file path=usr/share/man/man3/CURLOPT_READDATA.3 +file path=usr/share/man/man3/CURLOPT_READFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3 +file path=usr/share/man/man3/CURLOPT_REFERER.3 +file path=usr/share/man/man3/CURLOPT_RESOLVE.3 +file path=usr/share/man/man3/CURLOPT_RESUME_FROM.3 +file path=usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3 +file path=usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3 +file path=usr/share/man/man3/CURLOPT_RTSP_REQUEST.3 +file path=usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3 +file path=usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3 +file path=usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3 +file path=usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3 +file path=usr/share/man/man3/CURLOPT_SASL_IR.3 +file path=usr/share/man/man3/CURLOPT_SEEKDATA.3 +file path=usr/share/man/man3/CURLOPT_SEEKFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_SHARE.3 +file path=usr/share/man/man3/CURLOPT_SOCKOPTDATA.3 +file path=usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3 +file path=usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 +file path=usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3 +file path=usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3 +file path=usr/share/man/man3/CURLOPT_SSH_KEYDATA.3 +file path=usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3 +file path=usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3 +file path=usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3 +file path=usr/share/man/man3/CURLOPT_SSLCERT.3 +file path=usr/share/man/man3/CURLOPT_SSLCERTTYPE.3 +file path=usr/share/man/man3/CURLOPT_SSLENGINE.3 +file path=usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3 +file path=usr/share/man/man3/CURLOPT_SSLKEY.3 +file path=usr/share/man/man3/CURLOPT_SSLKEYTYPE.3 +file path=usr/share/man/man3/CURLOPT_SSLVERSION.3 +file path=usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3 +file path=usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3 +file path=usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3 +file path=usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3 +file path=usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3 +file path=usr/share/man/man3/CURLOPT_SSL_OPTIONS.3 +file path=usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3 +file path=usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3 +file path=usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3 +file path=usr/share/man/man3/CURLOPT_STDERR.3 +file path=usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3 +file path=usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3 +file path=usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3 +file path=usr/share/man/man3/CURLOPT_TCP_NODELAY.3 +file path=usr/share/man/man3/CURLOPT_TELNETOPTIONS.3 +file path=usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3 +file path=usr/share/man/man3/CURLOPT_TIMECONDITION.3 +file path=usr/share/man/man3/CURLOPT_TIMEOUT.3 +file path=usr/share/man/man3/CURLOPT_TIMEOUT_MS.3 +file path=usr/share/man/man3/CURLOPT_TIMEVALUE.3 +file path=usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3 +file path=usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3 +file path=usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3 +file path=usr/share/man/man3/CURLOPT_TRANSFERTEXT.3 +file path=usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3 +file path=usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3 +file path=usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3 +file path=usr/share/man/man3/CURLOPT_UPLOAD.3 +file path=usr/share/man/man3/CURLOPT_URL.3 +file path=usr/share/man/man3/CURLOPT_USERAGENT.3 +file path=usr/share/man/man3/CURLOPT_USERNAME.3 +file path=usr/share/man/man3/CURLOPT_USERPWD.3 +file path=usr/share/man/man3/CURLOPT_USE_SSL.3 +file path=usr/share/man/man3/CURLOPT_VERBOSE.3 +file path=usr/share/man/man3/CURLOPT_WILDCARDMATCH.3 +file path=usr/share/man/man3/CURLOPT_WRITEDATA.3 +file path=usr/share/man/man3/CURLOPT_WRITEFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_XFERINFODATA.3 +file path=usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3 +file path=usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3 file path=usr/share/man/man3/curl_easy_cleanup.3 file path=usr/share/man/man3/curl_easy_duphandle.3 file path=usr/share/man/man3/curl_easy_escape.3 file path=usr/share/man/man3/curl_easy_getinfo.3 file path=usr/share/man/man3/curl_easy_init.3 +file path=usr/share/man/man3/curl_easy_pause.3 file path=usr/share/man/man3/curl_easy_perform.3 +file path=usr/share/man/man3/curl_easy_recv.3 file path=usr/share/man/man3/curl_easy_reset.3 +file path=usr/share/man/man3/curl_easy_send.3 file path=usr/share/man/man3/curl_easy_setopt.3 file path=usr/share/man/man3/curl_easy_strerror.3 file path=usr/share/man/man3/curl_easy_unescape.3 @@ -169,8 +613,10 @@ file path=usr/share/man/man3/curl_multi_remove_handle.3 file path=usr/share/man/man3/curl_multi_setopt.3 file path=usr/share/man/man3/curl_multi_socket.3 +file path=usr/share/man/man3/curl_multi_socket_action.3 file path=usr/share/man/man3/curl_multi_strerror.3 file path=usr/share/man/man3/curl_multi_timeout.3 +file path=usr/share/man/man3/curl_multi_wait.3 file path=usr/share/man/man3/curl_share_cleanup.3 file path=usr/share/man/man3/curl_share_init.3 file path=usr/share/man/man3/curl_share_setopt.3 @@ -187,5 +633,4 @@ file path=usr/share/man/man3/libcurl-share.3 file path=usr/share/man/man3/libcurl-tutorial.3 file path=usr/share/man/man3/libcurl.3 -# license curl.license license=CURL diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/000-configure.patch --- a/components/curl/patches/000-configure.patch Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/patches/000-configure.patch Fri Apr 10 16:50:24 2015 -0700 @@ -1,131 +1,21 @@ ---- configure 2010-10-01 13:49:17.000000000 -0700 -+++ configure 2010-10-18 08:18:56.838791104 -0700 -@@ -1,4 +1,4 @@ --#! /bin/sh -+#! /bin/ksh93 - # Guess values for system-dependent variables and create Makefiles. - # Generated by GNU Autoconf 2.67 for curl -. - # -@@ -274,7 +274,7 @@ - fi - fi - fi --SHELL=${CONFIG_SHELL-/bin/sh} -+SHELL=${CONFIG_SHELL-/bin/ksh93} - export SHELL - # Unset more variables known to interfere with behavior of common tools. - CLICOLOR_FORCE= GREP_OPTIONS= -@@ -565,7 +565,7 @@ - - - # Check that we are running under the correct shell. --SHELL=${CONFIG_SHELL-/bin/sh} -+SHELL=${CONFIG_SHELL-/bin/ksh93} - - case X$lt_ECHO in - X*--fallback-echo) -@@ -649,7 +649,7 @@ - elif { test -f /bin/ksh || test -f /bin/ksh$ac_exeext; } && - test "X$CONFIG_SHELL" != X/bin/ksh; then - # If we have ksh, try running configure again with it. -- ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh} -+ ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/ksh93} - export ORIGINAL_CONFIG_SHELL - CONFIG_SHELL=/bin/ksh - export CONFIG_SHELL -@@ -691,7 +691,7 @@ - if test "$prev" != 'sed 50q "$0"'; then - echo_test_string=`eval $prev` - export echo_test_string -- exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "$0" ${1+"$@"} -+ exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/ksh93}} "$0" ${1+"$@"} - else - # Oops. We lost completely, so just stick with echo. - ECHO=echo -@@ -2001,6 +2001,13 @@ - cat confdefs.h - <<_ACEOF >conftest.$ac_ext - /* end confdefs.h. */ - $4 -+#include -+#include -+#include -+#include -+#include -+#include -+#include - int main (void) - { - static int test_array [1 - 2 * !(($2) >= 0)]; -@@ -2041,6 +2048,13 @@ - cat confdefs.h - <<_ACEOF >conftest.$ac_ext - /* end confdefs.h. */ - $4 -+#include -+#include -+#include -+#include -+#include -+#include -+#include - int main (void) - { - static int test_array [1 - 2 * !(($2) < 0)]; -@@ -2056,6 +2070,13 @@ - cat confdefs.h - <<_ACEOF >conftest.$ac_ext - /* end confdefs.h. */ - $4 -+#include -+#include -+#include -+#include -+#include -+#include -+#include - int main (void) - { - static int test_array [1 - 2 * !(($2) >= $ac_mid)]; -@@ -2089,6 +2110,13 @@ - cat confdefs.h - <<_ACEOF >conftest.$ac_ext - /* end confdefs.h. */ - $4 -+#include -+#include -+#include -+#include -+#include -+#include -+#include - int main (void) - { - static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -@@ -2113,10 +2141,15 @@ - cat confdefs.h - <<_ACEOF >conftest.$ac_ext - /* end confdefs.h. */ - $4 --static long int longval () { return $2; } --static unsigned long int ulongval () { return $2; } - #include - #include -+#include -+#include -+#include -+#include -+#include -+static long int longval () { return $2; } -+static unsigned long int ulongval () { return $2; } - int main (void) - { - -@@ -2797,7 +2830,7 @@ +Solaris specific changes needed for how we configure curl. + +These changes need to be sent upstream, but before that can be done, +they need to be reworked. They also need to apply to configure.ac, +not configure. + +--- configure.orig 2014-09-10 11:57:00.611789155 -0700 ++++ configure 2014-09-10 13:24:14.999402937 -0700 +@@ -2975,7 +2975,7 @@ --ac_config_headers="$ac_config_headers lib/curl_config.h src/curl_config.h include/curl/curlbuild.h" -+ac_config_headers="$ac_config_headers lib/curl_config.h src/curl_config.h" +-ac_config_headers="$ac_config_headers lib/curl_config.h include/curl/curlbuild.h" ++ac_config_headers="$ac_config_headers lib/curl_config.h" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 - $as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } -@@ -3263,12 +3296,6 @@ + + +@@ -3501,12 +3501,6 @@ fi @@ -135,76 +25,28 @@ - rm -f ${srcdir}/include/curl/curlbuild.h -fi - - VERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' ${srcdir}/include/curl/curlver.h` - am__api_version="1.9" - ac_aux_dir= -@@ -3538,7 +3565,7 @@ - $as_echo_n "(cached) " >&6 - else - cat >conftest.make <<\_ACEOF --SHELL = /bin/sh -+SHELL = /bin/ksh93 - all: - @echo '@@@%%%=$(MAKE)=@@@%%%' - _ACEOF -@@ -4734,7 +4761,7 @@ - for i in 1 2 3 4 5 6; do - echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with -- # Solaris 8's {/usr,}/bin/sh. -+ # Solaris 8's {/usr,}/bin/ksh93. - touch sub/conftst$i.h - done - echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf -@@ -8029,7 +8056,7 @@ - for i in 1 2 3 4 5 6 7 8 ; do - teststring=$teststring$teststring - done -- SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} -+ SHELL=${SHELL-${CONFIG_SHELL-/bin/ksh93}} - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. -@@ -9261,8 +9288,8 @@ - case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; - *) -- if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then -- LD="${LD-ld} -64" -+ if ${LD-ld} -r -o conftest2.o conftest.o >/dev/null 2>&1; then -+ LD="${LD-ld}" - fi - ;; - esac -@@ -13653,7 +13680,7 @@ - $as_echo_n "(cached) " >&6 - else - cat >conftest.make <<\_ACEOF --SHELL = /bin/sh -+SHELL = /bin/ksh93 - all: - @echo '@@@%%%=$(MAKE)=@@@%%%' - _ACEOF -@@ -19176,15 +19203,15 @@ - LIBS="$LIBS $gss_libs" - elif test "$GSSAPI_ROOT" != "yes"; then - LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff" -- LIBS="$LIBS -lgssapi" -+ LIBS="$LIBS -lgss" - else -- LIBS="$LIBS -lgssapi" -+ LIBS="$LIBS -lgss" - fi + CURLVERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' ${srcdir}/include/curl/curlver.h` + + xc_prog_cc_prev_IFS=$IFS +@@ -21192,7 +21186,7 @@ + gss_libname="gss" + ;; + *) +- gss_libname="gssapi" ++ gss_libname="gss" + ;; + esac + +@@ -21212,7 +21206,7 @@ + LIBS="-lgss $LIBS" + ;; + *) +- LIBS="-lgssapi $LIBS" ++ LIBS="-lgss $LIBS" ;; esac - else - LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR" -- LIBS="$LIBS -lgssapi" -+ LIBS="$LIBS -lgss" fi - else - CPPFLAGS="$save_CPPFLAGS" -@@ -19210,7 +19237,7 @@ +@@ -21311,7 +21305,7 @@ if test x$cross_compiling != xyes; then PKGTEST="yes" fi @@ -213,7 +55,7 @@ LIB_OPENSSL="$PREFIX_OPENSSL/lib$libsuff" ;; off) -@@ -22731,20 +22758,13 @@ +@@ -26982,21 +26976,14 @@ @@ -229,6 +71,7 @@ # + # { $as_echo "$as_me:${as_lineno-$LINENO}: checking for curl_socklen_t data type" >&5 $as_echo_n "checking for curl_socklen_t data type... " >&6; } - curl_typeof_curl_socklen_t="unknown" @@ -236,10 +79,10 @@ for arg1 in int SOCKET; do for arg2 in 'struct sockaddr' void; do for t in socklen_t int size_t 'unsigned int' long 'unsigned long' void; do -@@ -35751,7 +35771,6 @@ +@@ -40418,7 +40405,6 @@ + do case $ac_config_target in "lib/curl_config.h") CONFIG_HEADERS="$CONFIG_HEADERS lib/curl_config.h" ;; - "src/curl_config.h") CONFIG_HEADERS="$CONFIG_HEADERS src/curl_config.h" ;; - "include/curl/curlbuild.h") CONFIG_HEADERS="$CONFIG_HEADERS include/curl/curlbuild.h" ;; "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;; diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/001-Makefile.in.patch --- a/components/curl/patches/001-Makefile.in.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ ---- lib/Makefile.in 2010-10-01 13:49:18.000000000 -0700 -+++ lib/Makefile.in 2010-10-18 08:05:00.803406622 -0700 -@@ -364,7 +364,7 @@ - @USE_EMBEDDED_ARES_TRUE@ -I$(top_builddir)/ares \ - @USE_EMBEDDED_ARES_TRUE@ -I$(top_srcdir)/ares - --@SONAME_BUMP_FALSE@VERSIONINFO = -version-info 6:0:2 -+@SONAME_BUMP_FALSE@VERSIONINFO = -version-info 3:0:0 - - # - # Bumping of SONAME conditionally may seem like a weird thing to do, and yeah -@@ -375,7 +375,7 @@ - # - # This conditional soname bump SHOULD be removed at next "proper" bump. - # --@SONAME_BUMP_TRUE@VERSIONINFO = -version-info 7:0:2 -+@SONAME_BUMP_TRUE@VERSIONINFO = -version-info 3:0:0 - - # This flag accepts an argument of the form current[:revision[:age]]. So, - # passing -version-info 3:12:1 sets current to 3, revision to 12, and age to diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/002-curlbuild.h.patch --- a/components/curl/patches/002-curlbuild.h.patch Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/patches/002-curlbuild.h.patch Fri Apr 10 16:50:24 2015 -0700 @@ -1,10 +1,14 @@ ---- include/curl/curlbuild.h 2010-10-12 15:04:32.000000000 -0700 -+++ include/curl/curlbuild.h 2010-12-02 10:18:42.364070201 -0800 +Various curl build definitions for Solaris for both Studio and Gnu compilers. + +These changes need to be sent upsteam. + +--- include/curl/curlbuild.h.orig 2014-09-10 12:10:14.624818524 -0700 ++++ include/curl/curlbuild.h 2014-09-10 12:10:08.344835020 -0700 @@ -496,6 +496,45 @@ # define CURL_SIZEOF_CURL_SOCKLEN_T 4 /* ===================================== */ -+/* Sun Studio Compilers */ ++/* Sun Studio Compilers */ +/* ===================================== */ + +#elif defined(__SUNPRO_C) || defined(__SUNPRO_CC) @@ -84,10 +88,10 @@ +# endif +# endif +# else /* !((sun) || (__sun) || (__sun__)) */ - # if defined(__i386__) || defined(__ppc__) + # if defined(__ILP32__) || \ + defined(__i386__) || defined(__ppc__) || defined(__arm__) || defined(__sparc__) # define CURL_SIZEOF_LONG 4 - # define CURL_TYPEOF_CURL_OFF_T long long -@@ -550,6 +623,7 @@ +@@ -552,6 +625,7 @@ # define CURL_SIZEOF_CURL_SOCKLEN_T 4 # define CURL_PULL_SYS_TYPES_H 1 # define CURL_PULL_SYS_SOCKET_H 1 diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/003-Makefile.in.patch --- a/components/curl/patches/003-Makefile.in.patch Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/patches/003-Makefile.in.patch Fri Apr 10 16:50:24 2015 -0700 @@ -1,11 +1,19 @@ ---- tests/server/Makefile.in 2010-10-01 13:49:21.000000000 -0700 -+++ tests/server/Makefile.in 2010-10-18 08:05:49.792499927 -0700 -@@ -209,7 +209,7 @@ - LDFLAGS = @LDFLAGS@ - LIBCURL_LIBS = @LIBCURL_LIBS@ +Adjusted to include all the libraries needed to successfully link on Solaris. + +Note that on S11, the LIBS line will need to be: +LIBS = $(BLANK_AT_MAKETIME) -lsocket -lresolv -lnsl -lgen +as -lsocket and -lnsl have not yet been subsumed into libc. + +This patch needs to be sent upstream, but needs to be reworked first. + +--- tests/server/Makefile.in.orig 2014-09-10 12:16:40.748828978 -0700 ++++ tests/server/Makefile.in 2014-09-10 12:17:11.065886554 -0700 +@@ -377,7 +377,7 @@ LIBOBJS = @LIBOBJS@ --LIBS = @LIBS@ -+LIBS = @LIBS@ -lsocket -lresolv -lnsl -lgen + + # Prevent LIBS from being used for all link targets +-LIBS = $(BLANK_AT_MAKETIME) ++LIBS = $(BLANK_AT_MAKETIME) -lresolv -lgen LIBTOOL = @LIBTOOL@ LIPO = @LIPO@ LN_S = @LN_S@ diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/004-Makefile.in.patch --- a/components/curl/patches/004-Makefile.in.patch Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/patches/004-Makefile.in.patch Fri Apr 10 16:50:24 2015 -0700 @@ -1,22 +1,20 @@ ---- include/curl/Makefile.in 2010-10-01 13:49:18.000000000 -0700 -+++ include/curl/Makefile.in 2011-03-31 11:29:48.945604347 -0700 -@@ -306,18 +306,8 @@ - $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +Adjust how the stamp-h2: Makefile target works. + +I'm not sure why this is here. It comes from the previous curl maintainer. +It needs to be further investigated and either removed or reworked into +something that can be passed upstream. + +--- include/curl/Makefile.in.orig 2014-09-10 12:19:40.843896341 -0700 ++++ include/curl/Makefile.in 2014-09-10 12:20:56.618505665 -0700 +@@ -441,9 +441,9 @@ + @test -f $@ || rm -f stamp-h2 + @test -f $@ || $(MAKE) $(AM_MAKEFLAGS) stamp-h2 --curlbuild.h: stamp-h3 -- @if test ! -f $@; then \ -- rm -f stamp-h3; \ -- $(MAKE) stamp-h3; \ -- else :; fi -- --stamp-h3: $(srcdir)/curlbuild.h.in $(top_builddir)/config.status -+stamp-h3: - @rm -f stamp-h3 +-stamp-h2: $(srcdir)/curlbuild.h.in $(top_builddir)/config.status ++stamp-h2: + @rm -f stamp-h2 - cd $(top_builddir) && $(SHELL) ./config.status include/curl/curlbuild.h --$(srcdir)/curlbuild.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) -- cd $(top_srcdir) && $(AUTOHEADER) -- rm -f stamp-h3 - touch $@ ++ touch $@ distclean-hdr: + -rm -f curlbuild.h stamp-h2 diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/005-libcurl.pc.in.patch --- a/components/curl/patches/005-libcurl.pc.in.patch Fri Apr 10 18:00:20 2015 -0400 +++ b/components/curl/patches/005-libcurl.pc.in.patch Fri Apr 10 16:50:24 2015 -0700 @@ -1,5 +1,10 @@ ---- libcurl.pc.in 2010-09-18 14:00:22.000000000 -0700 -+++ libcurl.pc.in 2011-03-31 15:39:42.953234906 -0700 +Provide the correct Solaris curl include directory. + +This patch should be send upstream, but needs to be reworked into something +that they will accept. + +--- libcurl.pc.in.orig 2014-09-10 12:23:52.455848654 -0700 ++++ libcurl.pc.in 2014-09-10 12:24:13.252589181 -0700 @@ -26,7 +26,7 @@ prefix=@prefix@ exec_prefix=@exec_prefix@ diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/006-curl-gssapi-delegation.patch --- a/components/curl/patches/006-curl-gssapi-delegation.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,11 +0,0 @@ ---- lib/http_negotiate.c 2010-09-18 14:00:21.000000000 -0700 -+++ lib/http_negotiate.c 2011-07-05 08:16:14.333605202 -0700 -@@ -242,7 +242,7 @@ - &neg_ctx->context, - neg_ctx->server_name, - GSS_C_NO_OID, -- GSS_C_DELEG_FLAG, -+ 0, - 0, - GSS_C_NO_CHANNEL_BINDINGS, - &input_token, diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/007-curl-dont-insert-empty-fragments.patch --- a/components/curl/patches/007-curl-dont-insert-empty-fragments.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,42 +0,0 @@ ---- lib/ssluse.c 2010-09-18 14:00:21.000000000 -0700 -+++ lib/ssluse.c 2012-01-24 07:43:28.989624080 -0800 -@@ -1428,6 +1428,7 @@ - X509_LOOKUP *lookup=NULL; - curl_socket_t sockfd = conn->sock[sockindex]; - struct ssl_connect_data *connssl = &conn->ssl[sockindex]; -+ long ctx_options; - #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME - bool sni; - #ifdef ENABLE_IPV6 -@@ -1507,16 +1508,27 @@ - If someone writes an application with libcurl and openssl who wants to - enable the feature, one can do this in the SSL callback. - -+ OpenSSL added a work-around for a SSL 3.0/TLS 1.0 CBC vulnerability -+ (http://www.openssl.org/~bodo/tls-cbc.txt). In 0.9.6e they added a bit to -+ SSL_OP_ALL that _disables_ that work-around despite the fact that -+ SSL_OP_ALL is documented to do "rather harmless" workarounds. In order to -+ keep the secure work-around, the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS bit -+ must not be set. -+ - */ -+ -+ ctx_options = SSL_OP_ALL; -+ - #ifdef SSL_OP_NO_TICKET - /* expect older openssl releases to not have this define so only use it if - present */ --#define CURL_CTX_OPTIONS SSL_OP_ALL|SSL_OP_NO_TICKET --#else --#define CURL_CTX_OPTIONS SSL_OP_ALL -+ ctx_options |= SSL_OP_NO_TICKET; -+#endif -+#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS -+ ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; - #endif - -- SSL_CTX_set_options(connssl->ctx, CURL_CTX_OPTIONS); -+ SSL_CTX_set_options(connssl->ctx, ctx_options); - - /* disable SSLv2 in the default case (i.e. allow SSLv3 and TLSv1) */ - if(data->set.ssl.version == CURL_SSLVERSION_DEFAULT) diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/008-curl-url-sanitize.patch --- a/components/curl/patches/008-curl-url-sanitize.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,199 +0,0 @@ ---- lib/escape.c 2010-10-01 13:48:39.000000000 -0700 -+++ lib/escape.c 2012-01-26 10:54:22.962290288 -0800 -@@ -88,7 +88,7 @@ - char *testing_ptr = NULL; - unsigned char in; /* we need to treat the characters unsigned */ - size_t newlen = alloc; -- int strindex=0; -+ size_t strindex=0; - size_t length; - - #ifndef CURL_DOES_CONVERSIONS -@@ -143,26 +143,25 @@ - } - - /* -- * Unescapes the given URL escaped string of given length. Returns a -- * pointer to a malloced string with length given in *olen. -- * If length == 0, the length is assumed to be strlen(string). -- * If olen == NULL, no output length is stored. -+ * Curl_urldecode() URL decodes the given string. -+ * -+ * Optionally detects control characters (byte codes lower than 32) in the -+ * *olen. If length == 0, the length is assumed to be strlen(string). - */ --char *curl_easy_unescape(CURL *handle, const char *string, int length, -- int *olen) -+CURLcode Curl_urldecode(struct SessionHandle *data, -+ const char *string, size_t length, -+ char **ostring, size_t *olen, -+ bool reject_ctrl) - { -- int alloc = (length?length:(int)strlen(string))+1; -+ size_t alloc = (length?length:strlen(string))+1; - char *ns = malloc(alloc); - unsigned char in; -- int strindex=0; -+ size_t strindex=0; - unsigned long hex; -+ CURLcode res; - --#ifndef CURL_DOES_CONVERSIONS -- /* avoid compiler warnings */ -- (void)handle; --#endif - if( !ns ) -- return NULL; -+ return CURLE_OUT_OF_MEMORY; - - while(--alloc > 0) { - in = *string; -@@ -180,17 +179,21 @@ - - #ifdef CURL_DOES_CONVERSIONS - /* escape sequences are always in ASCII so convert them on non-ASCII hosts */ -- if(!handle || -- (Curl_convert_from_network(handle, &in, 1) != CURLE_OK)) { -+ res = Curl_convert_from_network(data, &in, 1); -+ if(res) { - /* Curl_convert_from_network calls failf if unsuccessful */ - free(ns); -- return NULL; -+ return res; - } - #endif /* CURL_DOES_CONVERSIONS */ - - string+=2; - alloc-=2; - } -+ if(reject_ctrl && (in < 0x20)) { -+ free(ns); -+ return CURLE_URL_MALFORMAT; -+ } - - ns[strindex++] = in; - string++; -@@ -200,7 +203,34 @@ - if(olen) - /* store output size */ - *olen = strindex; -- return ns; -+ -+ if(ostring) -+ /* store output string */ -+ *ostring = ns; -+ -+ return CURLE_OK; -+} -+ -+ -+/* -+ * Unescapes the given URL escaped string of given length. Returns a -+ * pointer to a malloced string with length given in *olen. -+ * If length == 0, the length is assumed to be strlen(string). -+ * If olen == NULL, no output length is stored. -+ */ -+char *curl_easy_unescape(CURL *handle, const char *string, int length, -+ int *olen) -+{ -+ char *str = NULL; -+ size_t inputlen = length; -+ size_t outputlen; -+ CURLcode res = Curl_urldecode(handle, string, inputlen, &str, &outputlen, -+ FALSE); -+ if(res) -+ return NULL; -+ if(olen) -+ *olen = curlx_uztosi(outputlen); -+ return str; - } - - /* For operating systems/environments that use different malloc/free ---- lib/escape.h 2010-09-18 14:00:21.000000000 -0700 -+++ lib/escape.h 2012-01-26 09:42:20.936213952 -0800 -@@ -1,5 +1,5 @@ --#ifndef __ESCAPE_H --#define __ESCAPE_H -+#ifndef HEADER_CURL_ESCAPE_H -+#define HEADER_CURL_ESCAPE_H - - /*************************************************************************** - * _ _ ____ _ -@@ -8,7 +8,7 @@ - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * -- * Copyright (C) 1998 - 2006, Daniel Stenberg, , et al. -+ * Copyright (C) 1998 - 2011, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms -@@ -25,5 +25,9 @@ - /* Escape and unescape URL encoding in strings. The functions return a new - * allocated string or NULL if an error occurred. */ - -+CURLcode Curl_urldecode(struct SessionHandle *data, -+ const char *string, size_t length, -+ char **ostring, size_t *olen, -+ bool reject_crlf); - - #endif ---- lib/imap.c 2010-09-18 14:00:21.000000000 -0700 -+++ lib/imap.c 2012-01-26 09:35:07.180464878 -0800 -@@ -906,17 +906,12 @@ - struct imap_conn *imapc = &conn->proto.imapc; - struct SessionHandle *data = conn->data; - const char *path = data->state.path; -- int len; - - if(!*path) - path = "INBOX"; - - /* url decode the path and use this mailbox */ -- imapc->mailbox = curl_easy_unescape(data, path, 0, &len); -- if(!imapc->mailbox) -- return CURLE_OUT_OF_MEMORY; -- -- return CURLE_OK; -+ return Curl_urldecode(data, path, 0, &imapc->mailbox, NULL, TRUE); - } - - /* call this when the DO phase has completed */ ---- lib/pop3.c 2010-09-18 14:00:21.000000000 -0700 -+++ lib/pop3.c 2012-01-26 09:35:47.059691860 -0800 -@@ -852,11 +852,7 @@ - const char *path = data->state.path; - - /* url decode the path and use this mailbox */ -- pop3c->mailbox = curl_easy_unescape(data, path, 0, NULL); -- if (!pop3c->mailbox) -- return CURLE_OUT_OF_MEMORY; -- -- return CURLE_OK; -+ return Curl_urldecode(data, path, 0, &pop3c->mailbox, NULL, TRUE); - } - - /* call this when the DO phase has completed */ ---- lib/smtp.c 2010-10-12 13:56:21.000000000 -0700 -+++ lib/smtp.c 2012-01-26 09:38:03.856720962 -0800 -@@ -1045,7 +1045,6 @@ - struct SessionHandle *data=conn->data; - struct pingpong *pp=&smtpc->pp; - const char *path = conn->data->state.path; -- int len; - char localhost[1024 + 1]; - - *done = FALSE; /* default to not done yet */ -@@ -1119,9 +1118,9 @@ - } - - /* url decode the path and use it as domain with EHLO */ -- smtpc->domain = curl_easy_unescape(conn->data, path, 0, &len); -- if(!smtpc->domain) -- return CURLE_OUT_OF_MEMORY; -+ result = Curl_urldecode(conn->data, path, 0, &smtpc->domain, NULL, TRUE); -+ if(result) -+ return result; - - /* When we connect, we start in the state where we await the server greeting - */ diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/009-CVE-2013-2174.patch --- a/components/curl/patches/009-CVE-2013-2174.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,33 +0,0 @@ -CVE-2013-2174: Heap-based buffer overflow in the curl_easy_unescape function -in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote -attackers to cause a denial of service (application crash) or possibly -execute arbitrary code via a crafted string ending in a "%" (percent) -character. - -CVE webpage for this problem: -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174 - -Relevant upstream patch at: -https://github.com/bagder/curl/commit/192c4f788d48f82c03e9cef40013f34370e90737 - ---- lib/escape.c.orig 2013-08-27 05:41:07.197713748 -0700 -+++ lib/escape.c 2013-08-27 05:42:54.003927843 -0700 -@@ -5,7 +5,7 @@ - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * -- * Copyright (C) 1998 - 2010, Daniel Stenberg, , et al. -+ * Copyright (C) 1998 - 2013, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms -@@ -165,7 +165,8 @@ - - while(--alloc > 0) { - in = *string; -- if(('%' == in) && ISXDIGIT(string[1]) && ISXDIGIT(string[2])) { -+ if(('%' == in) && (alloc > 2) && -+ ISXDIGIT(string[1]) && ISXDIGIT(string[2])) { - /* this is two hexadecimal digits following a '%' */ - char hexstr[3]; - char *ptr; diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/009-runtests.pl.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/curl/patches/009-runtests.pl.patch Fri Apr 10 16:50:24 2015 -0700 @@ -0,0 +1,24 @@ +The various curl NTLM tests try to LD_PRELOAD a test library +called .../tests/libtest/.libs/libhostname.so that's been +created as a pre-requisite to running the numerous Perl tests. + +This patch adjusts LD_PRELOAD to be LD_PRELOAD_32 or LD_PRELOAD_64 +depending upong whether we are running the 32 or 64 bit tests. + +As this is Solaris specific, this patch will not be pushed upstream. + +--- tests/runtests.pl.orig 2014-09-10 12:26:52.624143266 -0700 ++++ tests/runtests.pl 2014-09-10 16:51:13.663390869 -0700 +@@ -3060,6 +3060,12 @@ + # print "Skipping LD_PRELOAD due to no release shared build\n"; + next; + } ++ # make this LD_PRELOAD_{bits} ++ open(FP, "/bin/file $content |"); ++ my $bits = ; ++ if ($bits =~ /^.+ELF\s(\d\d)-bit.+$/) { ++ $var .= '_'.$1; ++ } + } + $ENV{$var} = "$content"; + } diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/010-CVE-2013-4545.patch --- a/components/curl/patches/010-CVE-2013-4545.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -CVE-2013-4545: Setting only CURLOPT_SSL_VERIFYHOST without -CURLOPT_SSL_VERIFYPEER set should still verify that the host -name fields in the server certificate is fine or return failure. - -Bug: http://curl.haxx.se/mail/lib-2013-10/0002.html -Reported-by: Ishan SinghLevett - -Relevant upstream patch at: -https://github.com/bagder/curl/commit/3c3622b6 - ---- lib/ssluse.c.orig 2013-11-18 06:59:53.408117483 -0800 -+++ lib/ssluse.c 2013-11-18 07:00:26.212993187 -0800 -@@ -2357,7 +2357,7 @@ - * operations. - */ - -- if(!data->set.ssl.verifypeer) -+ if(!data->set.ssl.verifypeer && !data->set.ssl.verifyhost) - (void)servercert(conn, connssl, FALSE); - else - retcode = servercert(conn, connssl, TRUE); diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/010-fix-tests.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/curl/patches/010-fix-tests.patch Fri Apr 10 16:50:24 2015 -0700 @@ -0,0 +1,41 @@ +Adjust the Python http_pipe.py script to work with our default version of +Python. + +This change will be sent back up stream for consideration. + +--- tests/http_pipe.py.orig 2014-09-10 15:59:26.498743943 -0700 ++++ tests/http_pipe.py 2014-09-10 15:58:59.502589711 -0700 +@@ -435,7 +435,7 @@ + if args.pidfile: + pid = os.getpid() + f = open(args.pidfile, 'w') +- f.write('{}'.format(pid)) ++ f.write('{0}'.format(pid)) + f.close() + + server = PipelineServer(('0.0.0.0', args.port), PipelineRequestHandler) + + +# ---------------------------------------------------------------------------- +Tests #530 and #584 fail with curl version 7.40.0. This is discussed at: + + http://curl.haxx.se/mail/lib-2014-08/0161.html + +with the patch at: + +http://curl.haxx.se/mail/lib-2014-06/att-0139/0001-Delay-Curl_addHandleToPipeline-by-a-milisecond.patch + +addressing the problem. + +Upstream is already aware of this issue. + +--- lib/url.c.orig 2015-01-26 13:49:21.041657976 -0800 ++++ lib//url.c 2015-01-26 13:50:45.391515086 -0800 +@@ -2748,6 +2748,7 @@ + { + if(!Curl_llist_insert_next(pipeline, pipeline->tail, data)) + return CURLE_OUT_OF_MEMORY; ++ Curl_wait_ms(1); + return CURLE_OK; + } + diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/011-runtests.pl.patch --- a/components/curl/patches/011-runtests.pl.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,37 +0,0 @@ -The various curl NTLM tests try to LD_PRELOAD a test library -called .../tests/libtest/.libs/libhostname.so that's been -created as a pre-requisite to running the numerous Perl tests. - -This patch adjusts LD_PRELOAD to be LD_PRELOAD_32 or LD_PRELOAD_64 -depending upon whether we are running the 32 or 64 bit tests. - -As this is Solaris specific, this patch will not be pushed upstream. - ---- tests/runtests.pl.orig 2013-11-18 07:12:48.748872794 -0800 -+++ tests/runtests.pl 2013-11-18 07:15:32.604982653 -0800 -@@ -2405,10 +2405,21 @@ - delete $ENV{$var} if($ENV{$var}); - } - else { -- if(($var =~ /^LD_PRELOAD/) && -- ($debug_build || ($has_shared ne "yes"))) { -- # print "Skipping LD_PRELOAD due to no release shared build\n"; -- next; -+ if($var =~ /^LD_PRELOAD/) { -+ if(exe_ext() && (exe_ext() eq '.exe')) { -+ # print "Skipping LD_PRELOAD due to lack of OS support\n"; -+ next; -+ } -+ if($debug_build || ($has_shared ne "yes")) { -+ # print "Skipping LD_PRELOAD due to no release shared build\n"; -+ next; -+ } -+ # make this LD_PRELOAD_{bits} -+ open(FP, "/bin/file $content |"); -+ my $bits = ; -+ if ($bits =~ /^.+ELF\s(\d\d)-bit.+$/) { -+ $var .= '_'.$1; -+ } - } - $ENV{$var} = "$content"; - } diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/012-CVE-2013-1944.patch --- a/components/curl/patches/012-CVE-2013-1944.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,49 +0,0 @@ -From 3604fde3d3c9b0d0e389e079aecf470d123ba180 Mon Sep 17 00:00:00 2001 -From: YAMADA Yasuharu -Date: Thu, 11 Apr 2013 00:17:15 +0200 -Subject: [PATCH] cookie: fix tailmatching to prevent cross-domain leakage - -Cookies set for 'example.com' could accidentaly also be sent by libcurl -to the 'bexample.com' (ie with a prefix to the first domain name). - -This is a security vulnerabilty, CVE-2013-1944. - -Bug: http://curl.haxx.se/docs/adv_20130412.html - ---- lib/cookie.c.orig 2013-11-18 14:05:59.517749330 -0800 -+++ lib/cookie.c 2013-11-18 14:08:09.852442022 -0800 -@@ -122,15 +122,29 @@ - free(co); - } - --static bool tailmatch(const char *little, const char *bigone) -+static bool tailmatch(const char *cooke_domain, const char *hostname) - { -- size_t littlelen = strlen(little); -- size_t biglen = strlen(bigone); -+ size_t cookie_domain_len = strlen(cooke_domain); -+ size_t hostname_len = strlen(hostname); - -- if(littlelen > biglen) -+ if(hostname_len < cookie_domain_len) - return FALSE; - -- return (bool)Curl_raw_equal(little, bigone+biglen-littlelen); -+ if(!Curl_raw_equal(cooke_domain, hostname+hostname_len-cookie_domain_len)) -+ return FALSE; -+ -+ /* A lead char of cookie_domain is not '.'. -+ RFC6265 4.1.2.3. The Domain Attribute says: -+ For example, if the value of the Domain attribute is -+ "example.com", the user agent will include the cookie in the Cookie -+ header when making HTTP requests to example.com, www.example.com, and -+ www.corp.example.com. -+ */ -+ if(hostname_len == cookie_domain_len) -+ return TRUE; -+ if('.' == *(hostname + hostname_len - cookie_domain_len - 1)) -+ return TRUE; -+ return FALSE; - } - - /* diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/013-CVE-2014-0015.patch --- a/components/curl/patches/013-CVE-2014-0015.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ -CVE-2014-0015: libcurl can in some circumstances re-use the wrong -connection when asked to do an NTLM-authenticated HTTP or HTTPS request. - -More information at: -http://curl.haxx.se/docs/adv_20140129.html - -Closest relevant upstream patch at: -http://curl.haxx.se/CVE-2014-0015-7-27.patch - ---- lib/url.c.orig 2014-02-04 12:41:29.827372361 -0800 -+++ lib/url.c 2014-02-04 12:56:44.394433387 -0800 -@@ -2998,7 +2998,7 @@ - } - if((needle->protocol & PROT_FTP) || - ((needle->protocol & PROT_HTTP) && -- (data->state.authhost.want==CURLAUTH_NTLM))) { -+ (data->state.authhost.want & CURLAUTH_NTLM))) { - /* This is FTP or HTTP+NTLM, verify that we're using the same name - and password as well */ - if(!strequal(needle->user, check->user) || diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/013-curl_sasl_gssapi.c.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/curl/patches/013-curl_sasl_gssapi.c.patch Fri Apr 10 16:50:24 2015 -0700 @@ -0,0 +1,20 @@ +From: https://www.mail-archive.com/curl-library@cool.haxx.se/msg21757.html +Quanah Gibson-Mount Thu, 15 Jan 2015 12:27:13 -0800 +Unfortunately, it appears that curl is still not tested against Heimdal +Kerberos. + +This problem has been reported upstream. + +--- lib/curl_sasl_gssapi.c.orig 2015-01-26 08:22:32.369117065 -0800 ++++ lib/curl_sasl_gssapi.c 2015-01-26 08:36:35.452740440 -0800 +@@ -31,6 +31,10 @@ + #define NCOMPAT 1 + #endif + ++#ifdef HAVE_GSSHEIMDAL ++#define gss_nt_service_name GSS_C_NT_HOSTBASED_SERVICE ++#endif ++ + #define GSSAUTH_P_NONE 1 + #define GSSAUTH_P_INTEGRITY 2 + #define GSSAUTH_P_PRIVACY 4 diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/014-OpenSSL-deselect-weak-ciphers-by-default.patch --- a/components/curl/patches/014-OpenSSL-deselect-weak-ciphers-by-default.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,67 +0,0 @@ -From 30e24c74774ef642f6d34638bb2b701877c7ce93 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Sat, 11 Jan 2014 00:05:19 +0100 -Subject: [PATCH] OpenSSL: deselect weak ciphers by default - -By default even recent versions of OpenSSL supports and accepts both -"export strength" ciphers, small-bitsize ciphers as well as downright -deprecated ones. - -This change sets a default cipher selection that tries to avoid the -worst ones, and subsequently it makes https://www.howsmyssl.com/a/check -no longer grade curl/OpenSSL connects as 'Bad'. - -Bug: http://curl.haxx.se/bug/view.cgi?id=1323 -Reported-by: Jeff Hodges - -(Note that we have an older version of curl, and the required changes need -to be made to .../lib/ssluse.[c,h] not .../lib/vtls/openssl.[c,h].) - ---- lib/ssluse.c.orig 2014-07-08 07:13:52.002064381 -0700 -+++ lib/ssluse.c 2014-07-08 07:18:11.256793811 -0700 -@@ -1422,6 +1422,7 @@ - { - CURLcode retcode = CURLE_OK; - -+ char *ciphers; - struct SessionHandle *data = conn->data; - SSL_METHOD_QUAL SSL_METHOD *req_method=NULL; - void *ssl_sessionid=NULL; -@@ -1556,12 +1557,12 @@ - } - } - -- if(data->set.str[STRING_SSL_CIPHER_LIST]) { -- if(!SSL_CTX_set_cipher_list(connssl->ctx, -- data->set.str[STRING_SSL_CIPHER_LIST])) { -- failf(data, "failed setting cipher list"); -- return CURLE_SSL_CIPHER; -- } -+ ciphers = data->set.str[STRING_SSL_CIPHER_LIST]; -+ if(!ciphers) -+ ciphers = (char *)DEFAULT_CIPHER_SELECTION; -+ if(!SSL_CTX_set_cipher_list(connssl->ctx, ciphers)) { -+ failf(data, "failed setting cipher list: %s", ciphers); -+ return CURLE_SSL_CIPHER; - } - - if(data->set.str[STRING_SSL_CAFILE] || data->set.str[STRING_SSL_CAPATH]) { ---- lib/ssluse.h.orig 2014-07-08 07:13:58.481773165 -0700 -+++ lib/ssluse.h 2014-07-08 07:16:39.119426762 -0700 -@@ -7,7 +7,7 @@ - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * -- * Copyright (C) 1998 - 2010, Daniel Stenberg, , et al. -+ * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms -@@ -80,5 +80,7 @@ - #define curlssl_check_cxn Curl_ossl_check_cxn - #define curlssl_data_pending(x,y) Curl_ossl_data_pending(x,y) - -+#define DEFAULT_CIPHER_SELECTION "ALL!EXPORT!EXPORT40!EXPORT56!aNULL!LOW!RC4" -+ - #endif /* USE_SSLEAY */ - #endif /* __SSLUSE_H */ diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/015-CVE-2014-3613-part1.patch --- a/components/curl/patches/015-CVE-2014-3613-part1.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,261 +0,0 @@ -From eac573ea9c368f5e3c07de4d5ec5c5d0f84a021a Mon Sep 17 00:00:00 2001 -From: Tim Ruehsen -Date: Tue, 19 Aug 2014 21:01:28 +0200 -Subject: [PATCH 1/2] cookies: only use full host matches for hosts used as IP - address - -By not detecting and rejecting domain names for partial literal IP -addresses properly when parsing received HTTP cookies, libcurl can be -fooled to both send cookies to wrong sites and to allow arbitrary sites -to set cookies for others. - -Bug: http://curl.haxx.se/docs/adv_20140910.html ---- - lib/cookie.c | 50 ++++++++++++++++++++++++++++++++++++++---------- - tests/data/test1105 | 3 +-- - tests/data/test31 | 55 +++++++++++++++++++++++++++-------------------------- - tests/data/test8 | 3 ++- - 4 files changed, 71 insertions(+), 40 deletions(-) - -This problem has been fixed upstream in curl version 7.38.0 - ---- lib/cookie.c.orig 2014-09-04 10:25:26.404578422 -0700 -+++ lib/cookie.c 2014-09-04 10:40:04.769726955 -0700 -@@ -97,6 +97,7 @@ - #include "strtoofft.h" - #include "rawstr.h" - #include "curl_memrchr.h" -+#include "inet_pton.h" - - /* The last #include file should be: */ - #include "memdebug.h" -@@ -181,6 +182,27 @@ - *str = strdup(newstr); - } - -+/* -+ * Return true if the given string is an IP(v4|v6) address. -+ */ -+static bool isip(const char *domain) -+{ -+ struct in_addr addr; -+#ifdef ENABLE_IPV6 -+ struct in6_addr addr6; -+#endif -+ -+ if(Curl_inet_pton(AF_INET, domain, &addr) -+#ifdef ENABLE_IPV6 -+ || Curl_inet_pton(AF_INET6, domain, &addr6) -+#endif -+ ) { -+ /* domain name given as IP address */ -+ return TRUE; -+ } -+ -+ return FALSE; -+} - - /**************************************************************************** - * -@@ -280,6 +302,8 @@ - } - } - else if(Curl_raw_equal("domain", name)) { -+ bool is_ip; -+ - /* note that this name may or may not have a preceeding dot, but - we don't care about that, we treat the names the same anyway */ - -@@ -321,18 +345,19 @@ - if('.' == whatptr[0]) - whatptr++; /* ignore preceeding dot */ - -- if(!domain || tailmatch(whatptr, domain)) { -- const char *tailptr=whatptr; -- if(tailptr[0] == '.') -- tailptr++; -- strstore(&co->domain, tailptr); /* don't prefix w/dots -- internally */ -+ is_ip = isip(domain ? domain : whatptr); -+ -+ if(!domain -+ || (is_ip && !strcmp(whatptr, domain)) -+ || (!is_ip && tailmatch(whatptr, domain))) { -+ strstore(&co->domain, whatptr); - if(!co->domain) { - badcookie = TRUE; - break; - } -- co->tailmatch=TRUE; /* we always do that if the domain name was -- given */ -+ if(!is_ip) -+ co->tailmatch=TRUE; /* we always do that if the domain name -+ was given */ - } - else { - /* we did not get a tailmatch and then the attempted set domain -@@ -821,10 +846,14 @@ - time_t now = time(NULL); - struct Cookie *mainco=NULL; - size_t matches = 0; -+ bool is_ip; - - if(!c || !c->cookies) - return NULL; /* no cookie struct or no cookies in the struct */ - -+ /* check if host is an IP(v4|v6) address */ -+ is_ip = isip(host); -+ - co = c->cookies; - - while(co) { -@@ -836,8 +865,8 @@ - - /* now check if the domain is correct */ - if(!co->domain || -- (co->tailmatch && tailmatch(co->domain, host)) || -- (!co->tailmatch && Curl_raw_equal(host, co->domain)) ) { -+ (co->tailmatch && !is_ip && tailmatch(co->domain, host)) || -+ ((!co->tailmatch || is_ip) && Curl_raw_equal(host, co->domain)) ) { - /* the right part of the host matches the domain stuff in the - cookie data */ - ---- tests/data/test1105.orig 2014-09-04 10:27:20.052223915 -0700 -+++ tests/data/test1105 2014-09-04 10:41:18.310085197 -0700 -@@ -56,8 +56,7 @@ - # This file was generated by libcurl! Edit at your own risk. - - 127.0.0.1 FALSE /we/want/ FALSE 0 foobar name --.127.0.0.1 TRUE "/silly/" FALSE 0 mismatch this --.0.0.1 TRUE / FALSE 0 partmatch present -+127.0.0.1 FALSE "/silly/" FALSE 0 mismatch this - - - ---- tests/data/test31.orig 2014-09-04 10:27:10.395450839 -0700 -+++ tests/data/test31 2014-09-04 11:27:38.685969246 -0700 -@@ -18,6 +18,30 @@ - Funny-head: yesyes - Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure - Set-Cookie:ismatch=this ; domain=127.0.0.1; path=/silly/ -+Set-Cookie: overwrite=this ; domain=127.0.0.1; path=/overwrite/ -+Set-Cookie: overwrite=this2 ; domain=127.0.0.1; path=/overwrite -+Set-Cookie: sec1value=secure1 ; domain=127.0.0.1; path=/secure1/ ; secure -+Set-Cookie: sec2value=secure2 ; domain=127.0.0.1; path=/secure2/ ; secure= -+Set-Cookie: sec3value=secure3 ; domain=127.0.0.1; path=/secure3/ ; secure= -+Set-Cookie: sec4value=secure4 ; secure=; domain=127.0.0.1; path=/secure4/ ; -+Set-Cookie: sec5value=secure5 ; secure; domain=127.0.0.1; path=/secure5/ ; -+Set-Cookie: sec6value=secure6 ; secure ; domain=127.0.0.1; path=/secure6/ ; -+Set-Cookie: sec7value=secure7 ; secure ; domain=127.0.0.1; path=/secure7/ ; -+Set-Cookie: sec8value=secure8 ; secure= ; domain=127.0.0.1; path=/secure8/ ; -+Set-Cookie: secure=very1 ; secure=; domain=127.0.0.1; path=/secure9/; -+Set-Cookie: httpo1=value1 ; domain=127.0.0.1; path=/p1/; httponly -+Set-Cookie: httpo2=value2 ; domain=127.0.0.1; path=/p2/; httponly= -+Set-Cookie: httpo3=value3 ; httponly; domain=127.0.0.1; path=/p3/; -+Set-Cookie: httpo4=value4 ; httponly=; domain=127.0.0.1; path=/p4/; -+Set-Cookie: httponly=myvalue1 ; domain=127.0.0.1; path=/p4/; httponly -+Set-Cookie: httpandsec=myvalue2 ; domain=127.0.0.1; path=/p4/; httponly; secure -+Set-Cookie: httpandsec2=myvalue3; domain=127.0.0.1; path=/p4/; httponly=; secure -+Set-Cookie: httpandsec3=myvalue4 ; domain=127.0.0.1; path=/p4/; httponly; secure= -+Set-Cookie: httpandsec4=myvalue5 ; domain=127.0.0.1; path=/p4/; httponly=; secure= -+Set-Cookie: httpandsec5=myvalue6 ; domain=127.0.0.1; path=/p4/; secure; httponly= -+Set-Cookie: httpandsec6=myvalue7 ; domain=127.0.0.1; path=/p4/; secure=; httponly= -+Set-Cookie: httpandsec7=myvalue8 ; domain=127.0.0.1; path=/p4/; secure; httponly -+Set-Cookie: httpandsec8=myvalue9; domain=127.0.0.1; path=/p4/; secure=; httponly - Set-Cookie: partmatch=present; domain=127.0.0.1 ; path=/; - Set-Cookie:eat=this; domain=moo.foo.moo; - Set-Cookie: eat=this-too; domain=.foo.moo; -@@ -27,7 +51,8 @@ - Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2030 - Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2030 - Set-Cookie: magic=yessir; path=/silly/; HttpOnly --Set-Cookie: blexp=yesyes; domain=.0.0.1; domain=.0.0.1; expiry=totally bad; -+Set-Cookie: blexp=yesyes; domain=127.0.0.1; domain=127.0.0.1; expiry=totally bad; -+Set-Cookie: partialip=nono; domain=.0.0.1; - - boo - -@@ -50,6 +75,9 @@ - - http://%HOSTIP:%HTTPPORT/we/want/31 -b none -c log/jar31.txt - -+ -+perl -e 'if ("%HOSTIP" !~ /127\.0\.0\.1$/) {print "Test only works for HOSTIP 127.0.0.1"; exit(1)}' -+ - - - # Verify data after the test has been "shot" -@@ -68,11 +96,35 @@ - # http://curl.haxx.se/rfc/cookie_spec.html - # This file was generated by libcurl! Edit at your own risk. - --.127.0.0.1 TRUE /silly/ FALSE 0 ismatch this --.127.0.0.1 TRUE / FALSE 0 partmatch present -+127.0.0.1 FALSE /silly/ FALSE 0 ismatch this -+127.0.0.1 FALSE /overwrite/ FALSE 0 overwrite this -+127.0.0.1 FALSE /overwrite FALSE 0 overwrite this2 -+127.0.0.1 FALSE /secure1/ TRUE 0 sec1value secure1 -+127.0.0.1 FALSE /secure2/ FALSE 0 sec2value secure2 -+127.0.0.1 FALSE /secure3/ FALSE 0 sec3value secure3 -+127.0.0.1 FALSE /secure4/ FALSE 0 sec4value secure4 -+127.0.0.1 FALSE /secure5/ TRUE 0 sec5value secure5 -+127.0.0.1 FALSE /secure6/ FALSE 0 sec6value secure6 -+127.0.0.1 FALSE /secure7/ FALSE 0 sec7value secure7 -+127.0.0.1 FALSE /secure8/ FALSE 0 sec8value secure8 -+127.0.0.1 FALSE /secure9/ FALSE 0 secure very1 -+#HttpOnly_127.0.0.1 FALSE /p1/ FALSE 0 httpo1 value1 -+127.0.0.1 FALSE /p2/ FALSE 0 httpo2 value2 -+#HttpOnly_127.0.0.1 FALSE /p3/ FALSE 0 httpo3 value3 -+127.0.0.1 FALSE /p4/ FALSE 0 httpo4 value4 -+#HttpOnly_127.0.0.1 FALSE /p4/ FALSE 0 httponly myvalue1 -+#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec myvalue2 -+127.0.0.1 FALSE /p4/ TRUE 0 httpandsec2 myvalue3 -+#HttpOnly_127.0.0.1 FALSE /p4/ FALSE 0 httpandsec3 myvalue4 -+127.0.0.1 FALSE /p4/ FALSE 0 httpandsec4 myvalue5 -+127.0.0.1 FALSE /p4/ TRUE 0 httpandsec5 myvalue6 -+127.0.0.1 FALSE /p4/ FALSE 0 httpandsec6 myvalue7 -+#HttpOnly_127.0.0.1 FALSE /p4/ TRUE 0 httpandsec7 myvalue8 -+#HttpOnly_127.0.0.1 FALSE /p4/ FALSE 0 httpandsec8 myvalue9 -+127.0.0.1 FALSE / FALSE 0 partmatch present - 127.0.0.1 FALSE /we/want/ FALSE 2054030187 nodomain value - #HttpOnly_127.0.0.1 FALSE /silly/ FALSE 0 magic yessir --.0.0.1 TRUE /we/want/ FALSE 0 blexp yesyes -+127.0.0.1 FALSE /we/want/ FALSE 0 blexp yesyes - - - ---- tests/data/test8.orig 2014-09-04 10:27:04.885231628 -0700 -+++ tests/data/test8 2014-09-04 10:41:44.133914601 -0700 -@@ -35,16 +35,20 @@ - Server: test-server/fake - Content-Type: text/html - Funny-head: yesyes --Set-Cookie: foobar=name; domain=127.0.0.1; path=/; --Set-Cookie: mismatch=this; domain=127.0.0.1; path="/silly/"; -+Set-Cookie: foobar=name; domain=%HOSTIP; path=/; -+Set-Cookie: mismatch=this; domain=%HOSTIP; path="/silly/"; - Set-Cookie: partmatch=present; domain=.0.0.1; path=/w; - Set-Cookie: duplicate=test; domain=.0.0.1; domain=.0.0.1; path=/donkey; - Set-Cookie: cookie=yes; path=/we; - Set-Cookie: cookie=perhaps; path=/we/want; - Set-Cookie: nocookie=yes; path=/WE; --Set-Cookie: blexp=yesyes; domain=.0.0.1; domain=.0.0.1; expiry=totally bad; -+Set-Cookie: blexp=yesyes; domain=%HOSTIP; domain=%HOSTIP; expiry=totally bad; -+Set-Cookie: partialip=nono; domain=.0.0.1; - - -+ -+perl -e 'if ("%HOSTIP" !~ /\.0\.0\.1$/) {print "Test only works for HOSTIPs ending with .0.0.1"; exit(1)}' -+ - - - # Verify data after the test has been "shot" -@@ -56,7 +60,7 @@ - GET /we/want/8 HTTP/1.1 - Host: %HOSTIP:%HTTPPORT - Accept: */* --Cookie: cookie=perhaps; cookie=yes; partmatch=present; foobar=name; blexp=yesyes -+Cookie: cookie=perhaps; cookie=yes; foobar=name; blexp=yesyes - - - diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/015-CVE-2014-3613-part2.patch --- a/components/curl/patches/015-CVE-2014-3613-part2.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,48 +0,0 @@ -From ceab2ea8f0c0fc4c4be219240ccf99ddc2de7b22 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Tue, 19 Aug 2014 21:11:20 +0200 -Subject: [PATCH 2/2] cookies: reject incoming cookies set for TLDs - -Test 61 was modified to verify this. - -Reported-by: Tim Ruehsen ---- - lib/cookie.c | 6 ++++++ - tests/data/test61 | 1 + - 2 files changed, 7 insertions(+) - -This problem has been fixed upstream in curl version 7.38.0 - ---- lib/cookie.c.orig 2014-09-04 10:48:44.170722741 -0700 -+++ lib/cookie.c 2014-09-04 10:44:28.980086252 -0700 -@@ -303,6 +303,7 @@ - } - else if(Curl_raw_equal("domain", name)) { - bool is_ip; -+ const char *dotp; - - /* note that this name may or may not have a preceeding dot, but - we don't care about that, we treat the names the same anyway */ -@@ -347,6 +348,11 @@ - - is_ip = isip(domain ? domain : whatptr); - -+ /* check for more dots */ -+ dotp = strchr(whatptr, '.'); -+ if(!dotp) -+ domain=":"; -+ - if(!domain - || (is_ip && !strcmp(whatptr, domain)) - || (!is_ip && tailmatch(whatptr, domain))) { ---- tests/data/test61.orig 2014-09-04 10:50:40.756783312 -0700 -+++ tests/data/test61 2014-09-04 10:53:06.461671210 -0700 -@@ -22,6 +22,8 @@ - Set-Cookie: test3=maybe; domain=foo.com; path=/moo; secure - Set-Cookie: test4=no; domain=nope.foo.com; path=/moo; secure - Set-Cookie: test5=name; domain=anything.com; path=/ ; secure -+Set-Cookie: fake=fooledyou; domain=..com; path=/; -+Set-Cookie: supercookie=fooledyou; domain=.com; path=/; - Content-Length: 4 - - boo diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/016-curl-disable-sslv3.patch --- a/components/curl/patches/016-curl-disable-sslv3.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,75 +0,0 @@ -Remove SSLv3 from SSL default due to the POODLE attack. - -Based on the following curl changeset: - -commit ec783dc142129d3860e542b443caaa78a6172d56 -Author: Jay Satiro -Date: Fri Oct 24 13:41:56 2014 +0200 - - - Remove SSLv3 from the SSL default effectively making the default TLS 1.x. - - Update curl_easy_setopt doc. - ---- ./docs/libcurl/curl_easy_setopt.3.orig 2014-11-11 12:03:20.659217117 -0800 -+++ ./docs/libcurl/curl_easy_setopt.3 2014-11-11 12:06:57.274210401 -0800 -@@ -1819,8 +1819,7 @@ - .RS - .IP CURL_SSLVERSION_DEFAULT - The default action. This will attempt to figure out the remote SSL protocol --version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled --by default with 7.18.1). -+version. SSLv2 and SSLv3 are disabled by default. - .IP CURL_SSLVERSION_TLSv1 - Force TLSv1 - .IP CURL_SSLVERSION_SSLv2 ---- ./lib/nss.c.orig 2014-11-11 12:08:37.152918397 -0800 -+++ ./lib/nss.c 2014-11-11 12:11:02.819141917 -0800 -@@ -1177,12 +1177,6 @@ - switch (data->set.ssl.version) { - default: - case CURL_SSLVERSION_DEFAULT: -- ssl3 = PR_TRUE; -- if (data->state.ssl_connect_retry) -- infof(data, "TLS disabled due to previous handshake failure\n"); -- else -- tlsv1 = PR_TRUE; -- break; - case CURL_SSLVERSION_TLSv1: - tlsv1 = PR_TRUE; - break; ---- ./lib/qssl.c.orig 2014-11-11 12:08:44.037832982 -0800 -+++ ./lib/qssl.c 2014-11-11 12:12:10.802950719 -0800 -@@ -192,9 +192,6 @@ - - default: - case CURL_SSLVERSION_DEFAULT: -- h->protocol = SSL_VERSION_CURRENT; /* TLSV1 compat. SSLV[23]. */ -- break; -- - case CURL_SSLVERSION_TLSv1: - h->protocol = TLS_VERSION_1; - break; ---- ./lib/ssluse.c.orig 2014-11-11 12:08:52.156569428 -0800 -+++ ./lib/ssluse.c 2014-11-11 12:21:38.593664424 -0800 -@@ -1448,10 +1448,6 @@ - switch(data->set.ssl.version) { - default: - case CURL_SSLVERSION_DEFAULT: -- /* we try to figure out version */ -- req_method = SSLv23_client_method(); -- use_sni(TRUE); -- break; - case CURL_SSLVERSION_TLSv1: - req_method = TLSv1_client_method(); - use_sni(TRUE); -@@ -1531,9 +1527,9 @@ - - SSL_CTX_set_options(connssl->ctx, ctx_options); - -- /* disable SSLv2 in the default case (i.e. allow SSLv3 and TLSv1) */ -+ /* disable SSLv2 and SSLv3 in the default case (i.e. allow TLSv1) */ - if(data->set.ssl.version == CURL_SSLVERSION_DEFAULT) -- SSL_CTX_set_options(connssl->ctx, SSL_OP_NO_SSLv2); -+ SSL_CTX_set_options(connssl->ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); - - #if 0 - /* diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/017-CVE-2014-3707.patch --- a/components/curl/patches/017-CVE-2014-3707.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,385 +0,0 @@ -(This is based on the curl patch at: - http://curl.haxx.se/CVE-2014-3707.patch - but adjusted for curl version 7.21.2). - -From 3696fc1ba79d9b34660c44150be5e93ecf87dd9e Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Fri, 17 Oct 2014 12:59:32 +0200 -Subject: [PATCH] curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of - bounds - -When duplicating a handle, the data to post was duplicated using -strdup() when it could be binary and contain zeroes and it was not even -zero terminated! This caused read out of bounds crashes/segfaults. - -Since the lib/strdup.c file no longer is easily shared with the curl -tool with this change, it now uses its own version instead. - -Bug: http://curl.haxx.se/docs/adv_20141105.html -CVE: CVE-2014-3707 -Reported-By: Symeon Paraschoudis ---- - lib/formdata.c | 52 +++++++++------------------------------------------- - lib/strdup.c | 32 +++++++++++++++++++++++++++----- - lib/strdup.h | 3 ++- - lib/url.c | 22 +++++++++++++++++----- - lib/urldata.h | 11 +++++++++-- - src/Makefile.inc | 4 ++-- - src/tool_setup.h | 5 ++--- - src/tool_strdup.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++ - src/tool_strdup.h | 30 ++++++++++++++++++++++++++++++ - 9 files changed, 145 insertions(+), 61 deletions(-) - create mode 100644 src/tool_strdup.c - create mode 100644 src/tool_strdup.h - ---- lib/formdata.c.orig 2014-11-18 03:29:06.861398190 -0800 -+++ lib/formdata.c 2014-11-18 03:33:25.634942129 -0800 -@@ -123,6 +123,7 @@ - #include "curl_rand.h" - #include "strequal.h" - #include "curl_memory.h" -+#include "strdup.h" - - #define _MPRINTF_REPLACE /* use our functions only */ - #include -@@ -302,46 +303,6 @@ - - /*************************************************************************** - * -- * memdup() -- * -- * Copies the 'source' data to a newly allocated buffer buffer (that is -- * returned). Uses buffer_length if not null, else uses strlen to determine -- * the length of the buffer to be copied -- * -- * Returns the new pointer or NULL on failure. -- * -- ***************************************************************************/ --static char *memdup(const char *src, size_t buffer_length) --{ -- size_t length; -- bool add = FALSE; -- char *buffer; -- -- if(buffer_length) -- length = buffer_length; -- else if(src) { -- length = strlen(src); -- add = TRUE; -- } -- else -- /* no length and a NULL src pointer! */ -- return strdup(""); -- -- buffer = malloc(length+add); -- if(!buffer) -- return NULL; /* fail */ -- -- memcpy(buffer, src, length); -- -- /* if length unknown do null termination */ -- if(add) -- buffer[length] = '\0'; -- -- return buffer; --} -- --/*************************************************************************** -- * - * FormAdd() - * - * Stores a formpost parameter and builds the appropriate linked list. -@@ -745,9 +706,12 @@ - (form == first_form) ) { - /* Note that there's small risk that form->name is NULL here if the - app passed in a bad combo, so we better check for that first. */ -- if(form->name) -+ if(form->name) { - /* copy name (without strdup; possibly contains null characters) */ -- form->name = memdup(form->name, form->namelength); -+ form->name = Curl_memdup(form->name, form->namelength? -+ form->namelength: -+ strlen(form->name)+1); -+ } - if(!form->name) { - return_value = CURL_FORMADD_MEMORY; - break; -@@ -758,7 +722,9 @@ - HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER | - HTTPPOST_CALLBACK)) ) { - /* copy value (without strdup; possibly contains null characters) */ -- form->value = memdup(form->value, form->contentslength); -+ form->value = Curl_memdup(form->value, form->contentslength? -+ form->contentslength: -+ strlen(form->value)+1); - if(!form->value) { - return_value = CURL_FORMADD_MEMORY; - break; ---- lib/strdup.c.orig 2014-11-18 03:34:47.615106130 -0800 -+++ lib/strdup.c 2014-11-18 03:36:24.540240128 -0800 -@@ -5,7 +5,7 @@ - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * -- * Copyright (C) 1998 - 2008, Daniel Stenberg, , et al. -+ * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms -@@ -22,6 +22,10 @@ - - #include "setup.h" - #include "strdup.h" -+#include "curl_memory.h" -+ -+/* The last #include file should be: */ -+#include "memdebug.h" - - #ifndef HAVE_STRDUP - char *curlx_strdup(const char *str) -@@ -47,3 +51,25 @@ - - } - #endif -+ -+/*************************************************************************** -+ * -+ * Curl_memdup(source, length) -+ * -+ * Copies the 'source' data to a newly allocated buffer (that is -+ * returned). Copies 'length' bytes. -+ * -+ * Returns the new pointer or NULL on failure. -+ * -+ ***************************************************************************/ -+char *Curl_memdup(const char *src, size_t length) -+{ -+ char *buffer = malloc(length); -+ if(!buffer) -+ return NULL; /* fail */ -+ -+ memcpy(buffer, src, length); -+ -+ /* if length unknown do null termination */ -+ return buffer; -+} ---- lib/strdup.h.orig 2014-11-18 03:37:29.169630451 -0800 -+++ lib/strdup.h 2014-11-18 03:37:58.420841595 -0800 -@@ -7,7 +7,7 @@ - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * -- * Copyright (C) 1998 - 2010, Daniel Stenberg, , et al. -+ * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms -@@ -26,5 +26,6 @@ - #ifndef HAVE_STRDUP - extern char *curlx_strdup(const char *str); - #endif -+char *Curl_memdup(const char *src, size_t buffer_length); - - #endif /* HEADER_CURL_STRDUP_H */ ---- lib/url.c.orig 2014-11-18 03:38:54.137970835 -0800 -+++ lib/url.c 2014-11-18 03:43:13.569265802 -0800 -@@ -139,6 +139,7 @@ - #include "rtsp.h" - #include "curl_rtmp.h" - #include "gopher.h" -+#include "strdup.h" - - #define _MPRINTF_REPLACE /* use our functions only */ - #include -@@ -284,8 +285,9 @@ - { - /* Free all dynamic strings stored in the data->set substructure. */ - enum dupstring i; -- for(i=(enum dupstring)0; i < STRING_LAST; i++) -+ for(i=(enum dupstring)0; i < STRING_LAST; i++) { - Curl_safefree(data->set.str[i]); -+ } - } - - static CURLcode setstropt(char **charp, char * s) -@@ -365,14 +367,24 @@ - memset(dst->set.str, 0, STRING_LAST * sizeof(char *)); - - /* duplicate all strings */ -- for(i=(enum dupstring)0; i< STRING_LAST; i++) { -+ for(i=(enum dupstring)0; i< STRING_LASTZEROTERMINATED; i++) { - r = setstropt(&dst->set.str[i], src->set.str[i]); - if(r != CURLE_OK) -- break; -+ return r; - } - -- /* If a failure occurred, freeing has to be performed externally. */ -- return r; -+ /* duplicate memory areas pointed to */ -+ i = STRING_COPYPOSTFIELDS; -+ if(src->set.postfieldsize && src->set.str[i]) { -+ /* postfieldsize is curl_off_t, Curl_memdup() takes a size_t ... */ -+ dst->set.str[i] = Curl_memdup(src->set.str[i], src->set.postfieldsize); -+ if(!dst->set.str[i]) -+ return CURLE_OUT_OF_MEMORY; -+ /* point to the new copy */ -+ dst->set.postfields = dst->set.str[i]; -+ } -+ -+ return CURLE_OK; - } - - #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES) ---- lib/urldata.h.orig 2014-11-18 03:44:28.965134703 -0800 -+++ lib/urldata.h 2014-11-18 03:46:24.706226763 -0800 -@@ -1216,7 +1216,6 @@ - STRING_KRB_LEVEL, /* krb security level */ - STRING_NETRC_FILE, /* if not NULL, use this instead of trying to find - $HOME/.netrc */ -- STRING_COPYPOSTFIELDS, /* if POST, set the fields' values here */ - STRING_PROXY, /* proxy to use */ - STRING_SET_RANGE, /* range, if used */ - STRING_SET_REFERER, /* custom string for the HTTP referer field */ -@@ -1249,7 +1248,15 @@ - #endif - STRING_MAIL_FROM, - -- /* -- end of strings -- */ -+ /* -- end of zero-terminated strings -- */ -+ -+ STRING_LASTZEROTERMINATED, -+ -+ /* -- below this are pointers to binary data that cannot be strdup'ed. -+ Each such pointer must be added manually to Curl_dupset() --- */ -+ -+ STRING_COPYPOSTFIELDS, /* if POST, set the fields' values here */ -+ - STRING_LAST /* not used, just an end-of-list marker */ - }; - ---- src/Makefile.inc.orig 2014-11-18 03:47:49.286734214 -0800 -+++ src/Makefile.inc 2014-11-18 03:52:27.133161024 -0800 -@@ -10,15 +10,16 @@ - # libcurl has sources that provide functions named curlx_* that aren't part of - # the official API, but we re-use the code here to avoid duplication. - CURLX_ONES = $(top_srcdir)/lib/strtoofft.c \ -- $(top_srcdir)/lib/strdup.c \ - $(top_srcdir)/lib/rawstr.c \ - $(top_srcdir)/lib/nonblock.c - - CURL_CFILES = main.c hugehelp.c urlglob.c writeout.c writeenv.c \ -- getpass.c homedir.c curlutil.c os-specific.c -+ getpass.c homedir.c curlutil.c os-specific.c \ -+ tool_strdup.c - - CURL_HFILES = hugehelp.h setup.h config-win32.h config-mac.h \ - config-riscos.h urlglob.h version.h os-specific.h \ -+ tool_strdup.h \ - writeout.h writeenv.h getpass.h homedir.h curlutil.h - - curl_SOURCES = $(CURL_CFILES) $(CURLX_ONES) $(CURL_HFILES) ---- src/setup.h.orig 2014-11-18 03:54:19.162704002 -0800 -+++ src/setup.h 2014-11-18 03:55:05.389517301 -0800 -@@ -7,7 +7,7 @@ - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * -- * Copyright (C) 1998 - 2010, Daniel Stenberg, , et al. -+ * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms -@@ -203,8 +203,7 @@ - #endif - - #ifndef HAVE_STRDUP --#include "strdup.h" --#define strdup(ptr) curlx_strdup(ptr) -+# include "tool_strdup.h" - #endif - - /* Define S_ISREG if not defined by system headers, f.e. MSVC */ ---- src/tool_strdup.c.orig 2014-11-18 03:56:00.122473188 -0800 -+++ src/tool_strdup.c 2014-11-18 03:57:10.023119420 -0800 -@@ -0,0 +1,47 @@ -+/*************************************************************************** -+ * _ _ ____ _ -+ * Project ___| | | | _ \| | -+ * / __| | | | |_) | | -+ * | (__| |_| | _ <| |___ -+ * \___|\___/|_| \_\_____| -+ * -+ * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. -+ * -+ * This software is licensed as described in the file COPYING, which -+ * you should have received as part of this distribution. The terms -+ * are also available at http://curl.haxx.se/docs/copyright.html. -+ * -+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell -+ * copies of the Software, and permit persons to whom the Software is -+ * furnished to do so, under the terms of the COPYING file. -+ * -+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -+ * KIND, either express or implied. -+ * -+ ***************************************************************************/ -+#include "strdup.h" -+ -+#ifndef HAVE_STRDUP -+char *strdup(const char *str) -+{ -+ size_t len; -+ char *newstr; -+ -+ if(!str) -+ return (char *)NULL; -+ -+ len = strlen(str); -+ -+ if(len >= ((size_t)-1) / sizeof(char)) -+ return (char *)NULL; -+ -+ newstr = malloc((len+1)*sizeof(char)); -+ if(!newstr) -+ return (char *)NULL; -+ -+ memcpy(newstr,str,(len+1)*sizeof(char)); -+ -+ return newstr; -+ -+} -+#endif ---- src/tool_strdup.h.orig 2014-11-18 03:57:45.315222626 -0800 -+++ src/tool_strdup.h 2014-11-18 03:58:13.983815925 -0800 -@@ -0,0 +1,30 @@ -+#ifndef HEADER_TOOL_STRDUP_H -+#define HEADER_TOOL_STRDUP_H -+/*************************************************************************** -+ * _ _ ____ _ -+ * Project ___| | | | _ \| | -+ * / __| | | | |_) | | -+ * | (__| |_| | _ <| |___ -+ * \___|\___/|_| \_\_____| -+ * -+ * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. -+ * -+ * This software is licensed as described in the file COPYING, which -+ * you should have received as part of this distribution. The terms -+ * are also available at http://curl.haxx.se/docs/copyright.html. -+ * -+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell -+ * copies of the Software, and permit persons to whom the Software is -+ * furnished to do so, under the terms of the COPYING file. -+ * -+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -+ * KIND, either express or implied. -+ * -+ ***************************************************************************/ -+#include "tool_setup.h" -+ -+#ifndef HAVE_STRDUP -+extern char *strdup(const char *str); -+#endif -+ -+#endif /* HEADER_TOOL_STRDUP_H */ diff -r 02730b605ff4 -r 0a3f0d2f2c86 components/curl/patches/018-CVE-2014-8150.patch --- a/components/curl/patches/018-CVE-2014-8150.patch Fri Apr 10 18:00:20 2015 -0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,29 +0,0 @@ -From 4e2ac2afa94f014a2a015c48c678e2367a63ae82 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Thu, 25 Dec 2014 23:55:03 +0100 -Subject: [PATCH] url-parsing: reject CRLFs within URLs - -Bug: http://curl.haxx.se/docs/adv_20150108B.html -Reported-by: Andrey Labunets ---- - lib/url.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -This fix is already available upstream in curl version 7.40.0 - ---- lib/url.c.orig 2015-01-05 17:12:46.302124082 -0800 -+++ lib/url.c 2015-01-05 17:13:15.299976184 -0800 -@@ -3545,6 +3545,13 @@ - - *prot_missing = FALSE; - -+ /* We might pass the entire URL into the request so we need to make sure -+ * there are no bad characters in there.*/ -+ if(strpbrk(data->change.url, "\r\n")) { -+ failf(data, "Illegal characters found in URL"); -+ return CURLE_URL_MALFORMAT; -+ } -+ - /************************************************************* - * Parse the URL. - *