20419429 Upgrade curl to version 7.40.0 s11-update
authorYiteng Zhang <yiteng.zhang@oracle.com>
Fri, 10 Apr 2015 16:50:24 -0700
branchs11-update
changeset 4103 0a3f0d2f2c86
parent 4102 02730b605ff4
child 4111 72fcefade79a
20419429 Upgrade curl to version 7.40.0
components/curl/Makefile
components/curl/Solaris/curl-config
components/curl/Solaris/curl-config-64
components/curl/curl.license
components/curl/curl.p5m
components/curl/patches/000-configure.patch
components/curl/patches/001-Makefile.in.patch
components/curl/patches/002-curlbuild.h.patch
components/curl/patches/003-Makefile.in.patch
components/curl/patches/004-Makefile.in.patch
components/curl/patches/005-libcurl.pc.in.patch
components/curl/patches/006-curl-gssapi-delegation.patch
components/curl/patches/007-curl-dont-insert-empty-fragments.patch
components/curl/patches/008-curl-url-sanitize.patch
components/curl/patches/009-CVE-2013-2174.patch
components/curl/patches/009-runtests.pl.patch
components/curl/patches/010-CVE-2013-4545.patch
components/curl/patches/010-fix-tests.patch
components/curl/patches/011-runtests.pl.patch
components/curl/patches/012-CVE-2013-1944.patch
components/curl/patches/013-CVE-2014-0015.patch
components/curl/patches/013-curl_sasl_gssapi.c.patch
components/curl/patches/014-OpenSSL-deselect-weak-ciphers-by-default.patch
components/curl/patches/015-CVE-2014-3613-part1.patch
components/curl/patches/015-CVE-2014-3613-part2.patch
components/curl/patches/016-curl-disable-sslv3.patch
components/curl/patches/017-CVE-2014-3707.patch
components/curl/patches/018-CVE-2014-8150.patch
--- a/components/curl/Makefile	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/Makefile	Fri Apr 10 16:50:24 2015 -0700
@@ -23,16 +23,16 @@
 include ../../make-rules/shared-macros.mk
 
 COMPONENT_NAME =        curl
-COMPONENT_VERSION=      7.21.2
+COMPONENT_VERSION=      7.40.0
 COMPONENT_SRC=          $(COMPONENT_NAME)-$(COMPONENT_VERSION)
 COMPONENT_PROJECT_URL=  http://curl.haxx.se/
 COMPONENT_ARCHIVE=      $(COMPONENT_SRC).tar.gz
 COMPONENT_ARCHIVE_HASH= \
-    sha256:d8e0ce964b75b99efa2e6c58e6523027fe2fa56305cc180ecacda6ced636e2bf
+    sha256:c2e0705a13e53f8f924d1eaeb2ab94f59a9e162007c489b9ab0c96238bddf84b
 COMPONENT_ARCHIVE_URL=  $(COMPONENT_PROJECT_URL)download/$(COMPONENT_ARCHIVE)
 COMPONENT_BUGDB=	library/curl
 
-TPNO=			8339
+TPNO=			21343
 
 include $(WS_MAKE_RULES)/prep.mk
 include $(WS_MAKE_RULES)/configure.mk
@@ -49,7 +49,7 @@
 CPPFLAGS += `pkg-config --cflags libidn`
 
 CONFIGURE_ENV += CFLAGS="$(CFLAGS)"
-CONFIGURE_ENV += CPPFLAGS="$(CPPFLAGS)"
+CONFIGURE_ENV += CPPFLAGS="$(CPPFLAGS) -I/usr/include/openldap"
 CONFIGURE_ENV += PKG_CONFIG_PATH="$(PKG_CONFIG_PATH)"
 
 CONFIGURE_OPTIONS += --localstatedir=/var --enable-shared --disable-static
@@ -65,18 +65,42 @@
 CONFIGURE_OPTIONS += --enable-cookies --disable-hidden-symbols
 CONFIGURE_OPTIONS += --disable-soname-bump
 CONFIGURE_OPTIONS += --enable-ldap --with-random=/dev/urandom
-CONFIGURE_OPTIONS += --with-ssl --with-ldap-lib=ldap
-CONFIGURE_OPTIONS += --with-lber-lib=sldap
+CONFIGURE_OPTIONS += --with-ssl --with-ldap-lib=ldap_r-2.4
+CONFIGURE_OPTIONS += --with-lber-lib=lber-2.4
 CONFIGURE_OPTIONS += --with-gssapi-includes=/usr/include/gssapi
 CONFIGURE_OPTIONS += --with-gssapi-libs=$(GSSAPI_LIBDIR_$(BITS))
 CONFIGURE_OPTIONS += --with-gssapi=/usr --without-ca-bundle
 CONFIGURE_OPTIONS += --with-ca-path=/etc/openssl/certs
 CONFIGURE_OPTIONS += --with-zlib=/usr --with-libidn=/usr
 CONFIGURE_OPTIONS += --with-pic
+CONFIGURE_OPTIONS += --without-libssh2
 CONFIGURE_OPTIONS += "curl_disallow_getifaddrs=yes"
 
 LINT_FLAGS += -I$(SOURCE_DIR)/include
 
+# The additional curl specific set of transforms to be applied to the
+# test results to try to normalize them.
+COMPONENT_TEST_TRANSFORMS += \
+    '-e "s|\(^$(CC)\).*|\\$$(CC)|" ' \
+	'-e "s|\(^/bin/bash ../../libtool\).*|\1|" ' \
+	'-e "s|\(^libtool: compile:\).*|\1|" ' \
+	'-e "s|\(^libtool: link:\).*|\1|" ' \
+	'-e "s|remaining: ..:..|remaining: xx:xx|" ' \
+	'-e "s|\(^TESTDONE: 964 tests were considered during\).*|\1|" ' \
+	'-e "s|\(^\* curl $(COMPONENT_VERSION)\).*|\1|" ' \
+	'-e "s|\(^\* Host:\).*|\1|" ' \
+	'-e "s|\(^\* System: SunOS\).*|\1|" ' \
+	'-e "s|\(^Connection from 127.0.0.1 port\).*|\1|" ' \
+	'-e "s|\(^Failed none for\).*|\1|" ' \
+	'-e "s|\(^Found matching DSA key:\).*|\1|" ' \
+	'-e "s|\(^Failed publickey for\).*|\1|" ' \
+	'-e "/^debug.:/d" ' \
+	'-e "/^monitor debug.:/d" '
+
+ASLR_MODE = $(ASLR_ENABLE)
+
+configure:	$(CONFIGURE_32_and_64)
+
 build: $(BUILD_32_and_64)
 
 install: $(INSTALL_32_and_64)
@@ -84,8 +108,9 @@
 test: $(TEST_32_and_64)
 
 
-
 REQUIRED_PACKAGES += library/libidn
+REQUIRED_PACKAGES += library/libssh2
+REQUIRED_PACKAGES += library/openldap
 REQUIRED_PACKAGES += library/security/openssl
 REQUIRED_PACKAGES += library/zlib
 REQUIRED_PACKAGES += shell/ksh93
--- a/components/curl/Solaris/curl-config	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/Solaris/curl-config	Fri Apr 10 16:50:24 2015 -0700
@@ -135,7 +135,7 @@
 
     --libs)
 	CURLLIBDIR="-L/usr/lib "
-	echo ${CURLLIBDIR} -R/usr/lib -lcurl -lgss -lidn -lssl -lcrypto -lsldap -lldap -lgss -lssl -lcrypto -lsocket -lnsl -lc -lz 
+	echo ${CURLLIBDIR} -R/usr/lib -lcurl -lgss -lidn -lssl -lcrypto -llber-2.4 -lldap_r-2.4 -lgss -lssl -lcrypto -lsocket -lnsl -lc -lz
 	;;
 
     --static-libs)
@@ -143,7 +143,7 @@
 	;;
 
     --configure)
-      echo " '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--enable-shared' '--disable-static' '--enable-http' '--enable-ftp' '--enable-file' '--enable-dict' '--enable-manual' '--disable-libgcc' '--enable-rtsp' '--enable-proxy' '--enable-telnet' '--enable-tftp' '--enable-pop3' '--enable-imap' '--enable-smtp' '--enable-ipv6' '--enable-nonblocking' '--enable-thread' '--enable-verbose' '--disable-sspi' '--enable-crypto-auth' '--enable-cookies' '--disable-hidden-symbols' '--disable-soname-bump' '--enable-ldap' '--with-random=/dev/urandom' '--with-ssl' '--with-ldap-lib=ldap' '--with-lber-lib=sldap' '--with-gssapi-includes=/usr/include/gssapi' '--with-gssapi-libs=/usr/lib' '--with-gssapi=/usr' '--with-ca-bundle=/etc/certs/CA' '--with-zlib=/usr' '--with-libidn=/usr' '--with-pic' 'curl_disallow_getifaddrs=yes'"
+      echo " '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--enable-shared' '--disable-static' '--enable-http' '--enable-ftp' '--enable-file' '--enable-dict' '--enable-manual' '--disable-libgcc' '--enable-rtsp' '--enable-proxy' '--enable-telnet' '--enable-tftp' '--enable-pop3' '--enable-imap' '--enable-smtp' '--enable-ipv6' '--enable-nonblocking' '--enable-thread' '--enable-verbose' '--disable-sspi' '--enable-crypto-auth' '--enable-cookies' '--disable-hidden-symbols' '--disable-soname-bump' '--enable-ldap' '--with-random=/dev/urandom' '--with-ssl' '--with-ldap-lib=ldap_r-2.4' '--with-lber-lib=lber-2.4' '--with-gssapi-includes=/usr/include/gssapi' '--with-gssapi-libs=/usr/lib' '--with-gssapi=/usr' '--with-ca-bundle=/etc/certs/CA' '--with-zlib=/usr' '--with-libidn=/usr' '--with-pic' 'curl_disallow_getifaddrs=yes'"
     ;;
 
     *)
--- a/components/curl/Solaris/curl-config-64	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/Solaris/curl-config-64	Fri Apr 10 16:50:24 2015 -0700
@@ -137,7 +137,7 @@
 
     --libs)
 	CURLLIBDIR="-L/usr/lib/MACH64 "
-	echo ${CURLLIBDIR} -R/usr/lib/MACH64 -lcurl -lgss -lidn -lssl -lcrypto -lsldap -lldap -lgss -lssl -lcrypto -lsocket -lnsl -lc -lz 
+	echo ${CURLLIBDIR} -R/usr/lib/MACH64 -lcurl -lgss -lidn -lssl -lcrypto -llber-2.4 -lldap_r-2.4 -lgss -lssl -lcrypto -lsocket -lnsl -lc -lz
 	;;
 
     --static-libs)
@@ -145,7 +145,7 @@
 	;;
 
     --configure)
-      echo " '--prefix=/usr' '--bindir=/usr/bin/MACH64' '--sbindir=/usr/sbin/MACH64' '--libdir=/usr/lib/MACH64' '--libexecdir=/usr/libexec/MACH64' '--localstatedir=/var' '--enable-shared' '--disable-static' '--enable-http' '--enable-ftp' '--enable-file' '--enable-dict' '--enable-manual' '--disable-libgcc' '--enable-rtsp' '--enable-proxy' '--enable-telnet' '--enable-tftp' '--enable-pop3' '--enable-imap' '--enable-smtp' '--enable-ipv6' '--enable-nonblocking' '--enable-thread' '--enable-verbose' '--disable-sspi' '--enable-crypto-auth' '--enable-cookies' '--disable-hidden-symbols' '--disable-soname-bump' '--enable-ldap' '--with-random=/dev/urandom' '--with-ssl' '--with-ldap-lib=ldap' '--with-lber-lib=sldap' '--with-gssapi-includes=/usr/include/gssapi' '--with-gssapi-libs=/usr/lib/MACH64' '--with-gssapi=/usr' '--with-ca-bundle=/etc/certs/CA' '--with-zlib=/usr' '--with-libidn=/usr' '--with-pic' 'curl_disallow_getifaddrs=yes'"
+      echo " '--prefix=/usr' '--bindir=/usr/bin/MACH64' '--sbindir=/usr/sbin/MACH64' '--libdir=/usr/lib/MACH64' '--libexecdir=/usr/libexec/MACH64' '--localstatedir=/var' '--enable-shared' '--disable-static' '--enable-http' '--enable-ftp' '--enable-file' '--enable-dict' '--enable-manual' '--disable-libgcc' '--enable-rtsp' '--enable-proxy' '--enable-telnet' '--enable-tftp' '--enable-pop3' '--enable-imap' '--enable-smtp' '--enable-ipv6' '--enable-nonblocking' '--enable-thread' '--enable-verbose' '--disable-sspi' '--enable-crypto-auth' '--enable-cookies' '--disable-hidden-symbols' '--disable-soname-bump' '--enable-ldap' '--with-random=/dev/urandom' '--with-ssl' '--with-ldap-lib=ldap_r-2.4' '--with-lber-lib=lber-2.4' '--with-gssapi-includes=/usr/include/gssapi' '--with-gssapi-libs=/usr/lib/MACH64' '--with-gssapi=/usr' '--with-ca-bundle=/etc/certs/CA' '--with-zlib=/usr' '--with-libidn=/usr' '--with-pic' 'curl_disallow_getifaddrs=yes'"
     ;;
 
     *)
--- a/components/curl/curl.license	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/curl.license	Fri Apr 10 16:50:24 2015 -0700
@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
 
-Copyright (c) 1996 - 2010, Daniel Stenberg, <[email protected]>.
+Copyright (c) 1996 - 2014, Daniel Stenberg, <[email protected]>.
 
 All rights reserved.
 
--- a/components/curl/curl.p5m	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/curl.p5m	Fri Apr 10 16:50:24 2015 -0700
@@ -22,9 +22,9 @@
 #
 <transform file path=usr.*/man/.+ -> default mangler.man.stability uncommitted>
 <transform file path=usr/share/doc/curl/html/(.+)$ -> \
-    set action.hash curl-7.21.2/docs/%<\1> >
+    set action.hash curl-$(COMPONENT_VERSION)/docs/%<\1> >
 <transform file path=usr/share/doc/libcurl/html/(.+)$ -> \
-    set action.hash curl-7.21.2/docs/libcurl/%<\1> >
+    set action.hash curl-$(COMPONENT_VERSION)/docs/libcurl/%<\1> >
 set name=pkg.fmri value=pkg:/web/[email protected]$(IPS_COMPONENT_VERSION),$(BUILD_VERSION)
 set name=pkg.summary value="The CURL Network Utility and Library"
 set name=pkg.description \
@@ -36,18 +36,13 @@
     value=org.opensolaris.category.2008:System/Libraries
 set name=info.source-url value=$(COMPONENT_ARCHIVE_URL)
 set name=info.upstream-url value=$(COMPONENT_PROJECT_URL)
-set name=org.opensolaris.arc-caseid value=PSARC/2007/165
+set name=org.opensolaris.arc-caseid value=PSARC/2007/165 value=PSARC/2012/252 \
+    value=PSARC/2013/303 value=PSARC/2014/332
 set name=org.opensolaris.consolidation value=$(CONSOLIDATION)
-#
-dir  path=usr
-dir  path=usr/bin
-dir  path=usr/bin/$(MACH64)
+file path=usr/bin/$(MACH64)/curl
 file path=usr/bin/$(MACH64)/curl-config
-#
-file path=usr/bin/curl
+file usr/bin/$(MACH64)/curl path=usr/bin/curl
 file path=usr/bin/curl-config
-dir  path=usr/include
-dir  path=usr/include/curl
 file path=usr/include/curl/curl.h
 file path=usr/include/curl/curlbuild.h
 file path=usr/include/curl/curlrules.h
@@ -57,39 +52,38 @@
 file path=usr/include/curl/multi.h
 file path=usr/include/curl/stdcheaders.h
 file path=usr/include/curl/typecheck-gcc.h
-file path=usr/include/curl/types.h
-dir  path=usr/lib
-dir  path=usr/lib/$(MACH64)
-link path=usr/lib/$(MACH64)/libcurl.so target=libcurl.so.3.0.0
-link path=usr/lib/$(MACH64)/libcurl.so.3 target=libcurl.so.3.0.0
-file path=usr/lib/$(MACH64)/libcurl.so.3.0.0
+link path=usr/lib/$(MACH64)/libcurl.so target=libcurl.so.4.3.0
+link path=usr/lib/$(MACH64)/libcurl.so.3 target=libcurl.so.4.3.0
+link path=usr/lib/$(MACH64)/libcurl.so.4 target=libcurl.so.4.3.0
+# Leave old link in place until CR #19623514 is integrated.
+link path=usr/lib/$(MACH64)/libcurl.so.4.2.0 target=libcurl.so.4.3.0
+file path=usr/lib/$(MACH64)/libcurl.so.4.3.0
 file path=usr/lib/$(MACH64)/llib-lcurl.ln
-dir  path=usr/lib/$(MACH64)/pkgconfig
 file path=usr/lib/$(MACH64)/pkgconfig/libcurl.pc
-link path=usr/lib/libcurl.so target=libcurl.so.3.0.0
-#
-link path=usr/lib/libcurl.so.3 target=libcurl.so.3.0.0
-file path=usr/lib/libcurl.so.3.0.0
+link path=usr/lib/libcurl.so target=libcurl.so.4.3.0
+link path=usr/lib/libcurl.so.3 target=libcurl.so.4.3.0
+link path=usr/lib/libcurl.so.4 target=libcurl.so.4.3.0
+# Leave old link in place until CR #19623514 is integrated.
+link path=usr/lib/libcurl.so.4.2.0 target=libcurl.so.4.3.0
+file path=usr/lib/libcurl.so.4.3.0
 file path=usr/lib/llib-lcurl
 file path=usr/lib/llib-lcurl.ln
-dir  path=usr/lib/pkgconfig
 file path=usr/lib/pkgconfig/libcurl.pc
-dir  path=usr/share
-dir  path=usr/share/doc
-dir  path=usr/share/doc/curl
-dir  path=usr/share/doc/curl/html
+file path=usr/share/aclocal/libcurl.m4
 file path=usr/share/doc/curl/html/curl-config.html
 file path=usr/share/doc/curl/html/curl.html
 file path=usr/share/doc/curl/html/index.html
-dir  path=usr/share/doc/libcurl
-dir  path=usr/share/doc/libcurl/html
+file path=usr/share/doc/curl/html/mk-ca-bundle.html
 file path=usr/share/doc/libcurl/html/curl_easy_cleanup.html
 file path=usr/share/doc/libcurl/html/curl_easy_duphandle.html
 file path=usr/share/doc/libcurl/html/curl_easy_escape.html
 file path=usr/share/doc/libcurl/html/curl_easy_getinfo.html
 file path=usr/share/doc/libcurl/html/curl_easy_init.html
+file path=usr/share/doc/libcurl/html/curl_easy_pause.html
 file path=usr/share/doc/libcurl/html/curl_easy_perform.html
+file path=usr/share/doc/libcurl/html/curl_easy_recv.html
 file path=usr/share/doc/libcurl/html/curl_easy_reset.html
+file path=usr/share/doc/libcurl/html/curl_easy_send.html
 file path=usr/share/doc/libcurl/html/curl_easy_setopt.html
 file path=usr/share/doc/libcurl/html/curl_easy_strerror.html
 file path=usr/share/doc/libcurl/html/curl_easy_unescape.html
@@ -114,8 +108,10 @@
 file path=usr/share/doc/libcurl/html/curl_multi_remove_handle.html
 file path=usr/share/doc/libcurl/html/curl_multi_setopt.html
 file path=usr/share/doc/libcurl/html/curl_multi_socket.html
+file path=usr/share/doc/libcurl/html/curl_multi_socket_action.html
 file path=usr/share/doc/libcurl/html/curl_multi_strerror.html
 file path=usr/share/doc/libcurl/html/curl_multi_timeout.html
+file path=usr/share/doc/libcurl/html/curl_multi_wait.html
 file path=usr/share/doc/libcurl/html/curl_share_cleanup.html
 file path=usr/share/doc/libcurl/html/curl_share_init.html
 file path=usr/share/doc/libcurl/html/curl_share_setopt.html
@@ -133,18 +129,466 @@
 file path=usr/share/doc/libcurl/html/libcurl-share.html
 file path=usr/share/doc/libcurl/html/libcurl-tutorial.html
 file path=usr/share/doc/libcurl/html/libcurl.html
-dir  path=usr/share/man
-dir  path=usr/share/man/man1
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_MAXCONNECTS.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_MAX_HOST_CONNECTIONS.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_MAX_PIPELINE_LENGTH.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_MAX_TOTAL_CONNECTIONS.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_PIPELINING.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_PIPELINING_SERVER_BL.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_PIPELINING_SITE_BL.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_SOCKETDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_SOCKETFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_TIMERDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLMOPT_TIMERFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_ACCEPTTIMEOUT_MS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_ACCEPT_ENCODING.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_ADDRESS_SCOPE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_APPEND.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_AUTOREFERER.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_BUFFERSIZE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CAINFO.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CAPATH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CERTINFO.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CHUNK_BGN_FUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CHUNK_DATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CHUNK_END_FUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CLOSESOCKETDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CLOSESOCKETFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONNECTTIMEOUT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONNECTTIMEOUT_MS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONNECT_ONLY.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONV_FROM_NETWORK_FUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONV_FROM_UTF8_FUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CONV_TO_NETWORK_FUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIEFILE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIEJAR.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIELIST.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_COOKIESESSION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_COPYPOSTFIELDS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CRLF.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CRLFILE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_CUSTOMREQUEST.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DEBUGDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DEBUGFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DIRLISTONLY.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_CACHE_TIMEOUT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_INTERFACE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_LOCAL_IP4.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_LOCAL_IP6.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_SERVERS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_DNS_USE_GLOBAL_CACHE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_EGDSOCKET.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_ERRORBUFFER.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_EXPECT_100_TIMEOUT_MS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FAILONERROR.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FILETIME.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FNMATCH_DATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FNMATCH_FUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FOLLOWLOCATION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FORBID_REUSE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FRESH_CONNECT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTPPORT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTPSSLAUTH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_ACCOUNT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_ALTERNATIVE_TO_USER.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_CREATE_MISSING_DIRS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_FILEMETHOD.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_RESPONSE_TIMEOUT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_SKIP_PASV_IP.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_SSL_CCC.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_USE_EPRT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_USE_EPSV.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_FTP_USE_PRET.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_GSSAPI_DELEGATION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HEADER.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HEADERDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HEADERFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HEADEROPT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTP200ALIASES.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPAUTH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPGET.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPHEADER.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPPOST.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTPPROXYTUNNEL.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTP_CONTENT_DECODING.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTP_TRANSFER_DECODING.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_HTTP_VERSION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_IGNORE_CONTENT_LENGTH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_INFILESIZE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_INFILESIZE_LARGE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_INTERFACE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_INTERLEAVEDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_INTERLEAVEFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_IOCTLDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_IOCTLFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_IPRESOLVE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_ISSUERCERT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_KEYPASSWD.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_KRBLEVEL.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOCALPORT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOCALPORTRANGE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOGIN_OPTIONS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOW_SPEED_LIMIT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_LOW_SPEED_TIME.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAIL_AUTH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAIL_FROM.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAIL_RCPT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAXCONNECTS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAXFILESIZE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAXFILESIZE_LARGE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAXREDIRS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAX_RECV_SPEED_LARGE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_MAX_SEND_SPEED_LARGE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_NETRC.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_NETRC_FILE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_NEW_DIRECTORY_PERMS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_NEW_FILE_PERMS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_NOBODY.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_NOPROGRESS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_NOPROXY.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_NOSIGNAL.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_OPENSOCKETDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_OPENSOCKETFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PASSWORD.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PORT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_POST.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTFIELDS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTFIELDSIZE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTFIELDSIZE_LARGE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTQUOTE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_POSTREDIR.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PREQUOTE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PRIVATE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROGRESSDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROGRESSFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROTOCOLS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXY.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYAUTH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYHEADER.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYPASSWORD.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYPORT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYTYPE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYUSERNAME.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXYUSERPWD.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PROXY_TRANSFER_MODE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_PUT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_QUOTE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RANDOM_FILE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RANGE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_READDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_READFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_REDIR_PROTOCOLS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_REFERER.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RESOLVE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RESUME_FROM.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RESUME_FROM_LARGE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_CLIENT_CSEQ.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_REQUEST.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_SERVER_CSEQ.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_SESSION_ID.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_STREAM_URI.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_RTSP_TRANSPORT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SASL_IR.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SEEKDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SEEKFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SHARE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SOCKOPTDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SOCKOPTFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SOCKS5_GSSAPI_NEC.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_AUTH_TYPES.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_KEYDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_KEYFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_KNOWNHOSTS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_PRIVATE_KEYFILE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSH_PUBLIC_KEYFILE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLCERT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLCERTTYPE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLENGINE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLENGINE_DEFAULT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLKEY.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLKEYTYPE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSLVERSION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_CIPHER_LIST.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_CTX_DATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_CTX_FUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_ENABLE_ALPN.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_ENABLE_NPN.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_OPTIONS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_SESSIONID_CACHE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_VERIFYHOST.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_SSL_VERIFYPEER.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_STDERR.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TCP_KEEPALIVE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TCP_KEEPIDLE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TCP_KEEPINTVL.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TCP_NODELAY.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TELNETOPTIONS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TFTP_BLKSIZE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TIMECONDITION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TIMEOUT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TIMEOUT_MS.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TIMEVALUE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TLSAUTH_PASSWORD.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TLSAUTH_TYPE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TLSAUTH_USERNAME.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TRANSFERTEXT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_TRANSFER_ENCODING.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_UNIX_SOCKET_PATH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_UNRESTRICTED_AUTH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_UPLOAD.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_URL.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_USERAGENT.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_USERNAME.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_USERPWD.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_USE_SSL.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_VERBOSE.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_WILDCARDMATCH.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_WRITEDATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_WRITEFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_XFERINFODATA.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_XFERINFOFUNCTION.html
+file path=usr/share/doc/libcurl/html/opts/CURLOPT_XOAUTH2_BEARER.html
 file path=usr/share/man/man1/curl-config.1
 file path=usr/share/man/man1/curl.1
-dir  path=usr/share/man/man3
+file path=usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
+file path=usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
+file path=usr/share/man/man3/CURLMOPT_MAXCONNECTS.3
+file path=usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3
+file path=usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3
+file path=usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
+file path=usr/share/man/man3/CURLMOPT_PIPELINING.3
+file path=usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3
+file path=usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3
+file path=usr/share/man/man3/CURLMOPT_SOCKETDATA.3
+file path=usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3
+file path=usr/share/man/man3/CURLMOPT_TIMERDATA.3
+file path=usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3
+file path=usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3
+file path=usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3
+file path=usr/share/man/man3/CURLOPT_APPEND.3
+file path=usr/share/man/man3/CURLOPT_AUTOREFERER.3
+file path=usr/share/man/man3/CURLOPT_BUFFERSIZE.3
+file path=usr/share/man/man3/CURLOPT_CAINFO.3
+file path=usr/share/man/man3/CURLOPT_CAPATH.3
+file path=usr/share/man/man3/CURLOPT_CERTINFO.3
+file path=usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3
+file path=usr/share/man/man3/CURLOPT_CHUNK_DATA.3
+file path=usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3
+file path=usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3
+file path=usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3
+file path=usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3
+file path=usr/share/man/man3/CURLOPT_CONNECT_ONLY.3
+file path=usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3
+file path=usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3
+file path=usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3
+file path=usr/share/man/man3/CURLOPT_COOKIE.3
+file path=usr/share/man/man3/CURLOPT_COOKIEFILE.3
+file path=usr/share/man/man3/CURLOPT_COOKIEJAR.3
+file path=usr/share/man/man3/CURLOPT_COOKIELIST.3
+file path=usr/share/man/man3/CURLOPT_COOKIESESSION.3
+file path=usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3
+file path=usr/share/man/man3/CURLOPT_CRLF.3
+file path=usr/share/man/man3/CURLOPT_CRLFILE.3
+file path=usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3
+file path=usr/share/man/man3/CURLOPT_DEBUGDATA.3
+file path=usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_DIRLISTONLY.3
+file path=usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3
+file path=usr/share/man/man3/CURLOPT_DNS_INTERFACE.3
+file path=usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3
+file path=usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3
+file path=usr/share/man/man3/CURLOPT_DNS_SERVERS.3
+file path=usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3
+file path=usr/share/man/man3/CURLOPT_EGDSOCKET.3
+file path=usr/share/man/man3/CURLOPT_ERRORBUFFER.3
+file path=usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3
+file path=usr/share/man/man3/CURLOPT_FAILONERROR.3
+file path=usr/share/man/man3/CURLOPT_FILETIME.3
+file path=usr/share/man/man3/CURLOPT_FNMATCH_DATA.3
+file path=usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3
+file path=usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3
+file path=usr/share/man/man3/CURLOPT_FORBID_REUSE.3
+file path=usr/share/man/man3/CURLOPT_FRESH_CONNECT.3
+file path=usr/share/man/man3/CURLOPT_FTPPORT.3
+file path=usr/share/man/man3/CURLOPT_FTPSSLAUTH.3
+file path=usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3
+file path=usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3
+file path=usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3
+file path=usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3
+file path=usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3
+file path=usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3
+file path=usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3
+file path=usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3
+file path=usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3
+file path=usr/share/man/man3/CURLOPT_FTP_USE_PRET.3
+file path=usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3
+file path=usr/share/man/man3/CURLOPT_HEADER.3
+file path=usr/share/man/man3/CURLOPT_HEADERDATA.3
+file path=usr/share/man/man3/CURLOPT_HEADERFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_HEADEROPT.3
+file path=usr/share/man/man3/CURLOPT_HTTP200ALIASES.3
+file path=usr/share/man/man3/CURLOPT_HTTPAUTH.3
+file path=usr/share/man/man3/CURLOPT_HTTPGET.3
+file path=usr/share/man/man3/CURLOPT_HTTPHEADER.3
+file path=usr/share/man/man3/CURLOPT_HTTPPOST.3
+file path=usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3
+file path=usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3
+file path=usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3
+file path=usr/share/man/man3/CURLOPT_HTTP_VERSION.3
+file path=usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3
+file path=usr/share/man/man3/CURLOPT_INFILESIZE.3
+file path=usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3
+file path=usr/share/man/man3/CURLOPT_INTERFACE.3
+file path=usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3
+file path=usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_IOCTLDATA.3
+file path=usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_IPRESOLVE.3
+file path=usr/share/man/man3/CURLOPT_ISSUERCERT.3
+file path=usr/share/man/man3/CURLOPT_KEYPASSWD.3
+file path=usr/share/man/man3/CURLOPT_KRBLEVEL.3
+file path=usr/share/man/man3/CURLOPT_LOCALPORT.3
+file path=usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3
+file path=usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3
+file path=usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3
+file path=usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3
+file path=usr/share/man/man3/CURLOPT_MAIL_AUTH.3
+file path=usr/share/man/man3/CURLOPT_MAIL_FROM.3
+file path=usr/share/man/man3/CURLOPT_MAIL_RCPT.3
+file path=usr/share/man/man3/CURLOPT_MAXCONNECTS.3
+file path=usr/share/man/man3/CURLOPT_MAXFILESIZE.3
+file path=usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3
+file path=usr/share/man/man3/CURLOPT_MAXREDIRS.3
+file path=usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3
+file path=usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3
+file path=usr/share/man/man3/CURLOPT_NETRC.3
+file path=usr/share/man/man3/CURLOPT_NETRC_FILE.3
+file path=usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3
+file path=usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3
+file path=usr/share/man/man3/CURLOPT_NOBODY.3
+file path=usr/share/man/man3/CURLOPT_NOPROGRESS.3
+file path=usr/share/man/man3/CURLOPT_NOPROXY.3
+file path=usr/share/man/man3/CURLOPT_NOSIGNAL.3
+file path=usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3
+file path=usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_PASSWORD.3
+file path=usr/share/man/man3/CURLOPT_PORT.3
+file path=usr/share/man/man3/CURLOPT_POST.3
+file path=usr/share/man/man3/CURLOPT_POSTFIELDS.3
+file path=usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3
+file path=usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3
+file path=usr/share/man/man3/CURLOPT_POSTQUOTE.3
+file path=usr/share/man/man3/CURLOPT_POSTREDIR.3
+file path=usr/share/man/man3/CURLOPT_PREQUOTE.3
+file path=usr/share/man/man3/CURLOPT_PRIVATE.3
+file path=usr/share/man/man3/CURLOPT_PROGRESSDATA.3
+file path=usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_PROTOCOLS.3
+file path=usr/share/man/man3/CURLOPT_PROXY.3
+file path=usr/share/man/man3/CURLOPT_PROXYAUTH.3
+file path=usr/share/man/man3/CURLOPT_PROXYHEADER.3
+file path=usr/share/man/man3/CURLOPT_PROXYPASSWORD.3
+file path=usr/share/man/man3/CURLOPT_PROXYPORT.3
+file path=usr/share/man/man3/CURLOPT_PROXYTYPE.3
+file path=usr/share/man/man3/CURLOPT_PROXYUSERNAME.3
+file path=usr/share/man/man3/CURLOPT_PROXYUSERPWD.3
+file path=usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3
+file path=usr/share/man/man3/CURLOPT_PUT.3
+file path=usr/share/man/man3/CURLOPT_QUOTE.3
+file path=usr/share/man/man3/CURLOPT_RANDOM_FILE.3
+file path=usr/share/man/man3/CURLOPT_RANGE.3
+file path=usr/share/man/man3/CURLOPT_READDATA.3
+file path=usr/share/man/man3/CURLOPT_READFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3
+file path=usr/share/man/man3/CURLOPT_REFERER.3
+file path=usr/share/man/man3/CURLOPT_RESOLVE.3
+file path=usr/share/man/man3/CURLOPT_RESUME_FROM.3
+file path=usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3
+file path=usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3
+file path=usr/share/man/man3/CURLOPT_RTSP_REQUEST.3
+file path=usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3
+file path=usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3
+file path=usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3
+file path=usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3
+file path=usr/share/man/man3/CURLOPT_SASL_IR.3
+file path=usr/share/man/man3/CURLOPT_SEEKDATA.3
+file path=usr/share/man/man3/CURLOPT_SEEKFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_SHARE.3
+file path=usr/share/man/man3/CURLOPT_SOCKOPTDATA.3
+file path=usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3
+file path=usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
+file path=usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3
+file path=usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
+file path=usr/share/man/man3/CURLOPT_SSH_KEYDATA.3
+file path=usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3
+file path=usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3
+file path=usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3
+file path=usr/share/man/man3/CURLOPT_SSLCERT.3
+file path=usr/share/man/man3/CURLOPT_SSLCERTTYPE.3
+file path=usr/share/man/man3/CURLOPT_SSLENGINE.3
+file path=usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3
+file path=usr/share/man/man3/CURLOPT_SSLKEY.3
+file path=usr/share/man/man3/CURLOPT_SSLKEYTYPE.3
+file path=usr/share/man/man3/CURLOPT_SSLVERSION.3
+file path=usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3
+file path=usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3
+file path=usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3
+file path=usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3
+file path=usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3
+file path=usr/share/man/man3/CURLOPT_SSL_OPTIONS.3
+file path=usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3
+file path=usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3
+file path=usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3
+file path=usr/share/man/man3/CURLOPT_STDERR.3
+file path=usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3
+file path=usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3
+file path=usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3
+file path=usr/share/man/man3/CURLOPT_TCP_NODELAY.3
+file path=usr/share/man/man3/CURLOPT_TELNETOPTIONS.3
+file path=usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3
+file path=usr/share/man/man3/CURLOPT_TIMECONDITION.3
+file path=usr/share/man/man3/CURLOPT_TIMEOUT.3
+file path=usr/share/man/man3/CURLOPT_TIMEOUT_MS.3
+file path=usr/share/man/man3/CURLOPT_TIMEVALUE.3
+file path=usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3
+file path=usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3
+file path=usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3
+file path=usr/share/man/man3/CURLOPT_TRANSFERTEXT.3
+file path=usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3
+file path=usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3
+file path=usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3
+file path=usr/share/man/man3/CURLOPT_UPLOAD.3
+file path=usr/share/man/man3/CURLOPT_URL.3
+file path=usr/share/man/man3/CURLOPT_USERAGENT.3
+file path=usr/share/man/man3/CURLOPT_USERNAME.3
+file path=usr/share/man/man3/CURLOPT_USERPWD.3
+file path=usr/share/man/man3/CURLOPT_USE_SSL.3
+file path=usr/share/man/man3/CURLOPT_VERBOSE.3
+file path=usr/share/man/man3/CURLOPT_WILDCARDMATCH.3
+file path=usr/share/man/man3/CURLOPT_WRITEDATA.3
+file path=usr/share/man/man3/CURLOPT_WRITEFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_XFERINFODATA.3
+file path=usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3
+file path=usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3
 file path=usr/share/man/man3/curl_easy_cleanup.3
 file path=usr/share/man/man3/curl_easy_duphandle.3
 file path=usr/share/man/man3/curl_easy_escape.3
 file path=usr/share/man/man3/curl_easy_getinfo.3
 file path=usr/share/man/man3/curl_easy_init.3
+file path=usr/share/man/man3/curl_easy_pause.3
 file path=usr/share/man/man3/curl_easy_perform.3
+file path=usr/share/man/man3/curl_easy_recv.3
 file path=usr/share/man/man3/curl_easy_reset.3
+file path=usr/share/man/man3/curl_easy_send.3
 file path=usr/share/man/man3/curl_easy_setopt.3
 file path=usr/share/man/man3/curl_easy_strerror.3
 file path=usr/share/man/man3/curl_easy_unescape.3
@@ -169,8 +613,10 @@
 file path=usr/share/man/man3/curl_multi_remove_handle.3
 file path=usr/share/man/man3/curl_multi_setopt.3
 file path=usr/share/man/man3/curl_multi_socket.3
+file path=usr/share/man/man3/curl_multi_socket_action.3
 file path=usr/share/man/man3/curl_multi_strerror.3
 file path=usr/share/man/man3/curl_multi_timeout.3
+file path=usr/share/man/man3/curl_multi_wait.3
 file path=usr/share/man/man3/curl_share_cleanup.3
 file path=usr/share/man/man3/curl_share_init.3
 file path=usr/share/man/man3/curl_share_setopt.3
@@ -187,5 +633,4 @@
 file path=usr/share/man/man3/libcurl-share.3
 file path=usr/share/man/man3/libcurl-tutorial.3
 file path=usr/share/man/man3/libcurl.3
-#
 license curl.license license=CURL
--- a/components/curl/patches/000-configure.patch	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/patches/000-configure.patch	Fri Apr 10 16:50:24 2015 -0700
@@ -1,131 +1,21 @@
---- configure	2010-10-01 13:49:17.000000000 -0700
-+++ configure	2010-10-18 08:18:56.838791104 -0700
[email protected]@ -1,4 +1,4 @@
--#! /bin/sh
-+#! /bin/ksh93
- # Guess values for system-dependent variables and create Makefiles.
- # Generated by GNU Autoconf 2.67 for curl -.
- #
[email protected]@ -274,7 +274,7 @@
- fi
- fi
- fi
--SHELL=${CONFIG_SHELL-/bin/sh}
-+SHELL=${CONFIG_SHELL-/bin/ksh93}
- export SHELL
- # Unset more variables known to interfere with behavior of common tools.
- CLICOLOR_FORCE= GREP_OPTIONS=
[email protected]@ -565,7 +565,7 @@
- 
- 
- # Check that we are running under the correct shell.
--SHELL=${CONFIG_SHELL-/bin/sh}
-+SHELL=${CONFIG_SHELL-/bin/ksh93}
- 
- case X$lt_ECHO in
- X*--fallback-echo)
[email protected]@ -649,7 +649,7 @@
-       elif { test -f /bin/ksh || test -f /bin/ksh$ac_exeext; } &&
- 	   test "X$CONFIG_SHELL" != X/bin/ksh; then
-         # If we have ksh, try running configure again with it.
--        ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
-+        ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/ksh93}
-         export ORIGINAL_CONFIG_SHELL
-         CONFIG_SHELL=/bin/ksh
-         export CONFIG_SHELL
[email protected]@ -691,7 +691,7 @@
- 	  if test "$prev" != 'sed 50q "$0"'; then
- 	    echo_test_string=`eval $prev`
- 	    export echo_test_string
--	    exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "$0" ${1+"[email protected]"}
-+	    exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/ksh93}} "$0" ${1+"[email protected]"}
- 	  else
- 	    # Oops.  We lost completely, so just stick with echo.
- 	    ECHO=echo
[email protected]@ -2001,6 +2001,13 @@
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
- $4
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <limits.h>
-+#include <sys/types.h>
-+#include <stdint.h>
-+#include <inttypes.h>
-+#include <sys/socket.h>
- int main (void)
- {
- static int test_array [1 - 2 * !(($2) >= 0)];
[email protected]@ -2041,6 +2048,13 @@
-   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
- $4
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <limits.h>
-+#include <sys/types.h>
-+#include <stdint.h>
-+#include <inttypes.h>
-+#include <sys/socket.h>
- int main (void)
- {
- static int test_array [1 - 2 * !(($2) < 0)];
[email protected]@ -2056,6 +2070,13 @@
-     cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
- $4
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <limits.h>
-+#include <sys/types.h>
-+#include <stdint.h>
-+#include <inttypes.h>
-+#include <sys/socket.h>
- int main (void)
- {
- static int test_array [1 - 2 * !(($2) >= $ac_mid)];
[email protected]@ -2089,6 +2110,13 @@
-   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
- $4
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <limits.h>
-+#include <sys/types.h>
-+#include <stdint.h>
-+#include <inttypes.h>
-+#include <sys/socket.h>
- int main (void)
- {
- static int test_array [1 - 2 * !(($2) <= $ac_mid)];
[email protected]@ -2113,10 +2141,15 @@
-     cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
- $4
--static long int longval () { return $2; }
--static unsigned long int ulongval () { return $2; }
- #include <stdio.h>
- #include <stdlib.h>
-+#include <limits.h>
-+#include <sys/types.h>
-+#include <stdint.h>
-+#include <inttypes.h>
-+#include <sys/socket.h>
-+static long int longval () { return $2; }
-+static unsigned long int ulongval () { return $2; }
- int main (void)
- {
- 
[email protected]@ -2797,7 +2830,7 @@
+Solaris specific changes needed for how we configure curl.
+
+These changes need to be sent upstream, but before that can be done,
+they need to be reworked. They also need to apply to configure.ac,
+not configure.
+
+--- configure.orig	2014-09-10 11:57:00.611789155 -0700
++++ configure	2014-09-10 13:24:14.999402937 -0700
[email protected]@ -2975,7 +2975,7 @@
  
  
  
--ac_config_headers="$ac_config_headers lib/curl_config.h src/curl_config.h include/curl/curlbuild.h"
-+ac_config_headers="$ac_config_headers lib/curl_config.h src/curl_config.h"
+-ac_config_headers="$ac_config_headers lib/curl_config.h include/curl/curlbuild.h"
++ac_config_headers="$ac_config_headers lib/curl_config.h"
  
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5
- $as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; }
[email protected]@ -3263,12 +3296,6 @@
+ 
+ 
[email protected]@ -3501,12 +3501,6 @@
  fi
  
  
@@ -135,76 +25,28 @@
 -  rm -f ${srcdir}/include/curl/curlbuild.h
 -fi
 -
- VERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' ${srcdir}/include/curl/curlver.h`
- am__api_version="1.9"
- ac_aux_dir=
[email protected]@ -3538,7 +3565,7 @@
-   $as_echo_n "(cached) " >&6
- else
-   cat >conftest.make <<\_ACEOF
--SHELL = /bin/sh
-+SHELL = /bin/ksh93
- all:
- 	@echo '@@@%%%=$(MAKE)[email protected]@@%%%'
- _ACEOF
[email protected]@ -4734,7 +4761,7 @@
-     for i in 1 2 3 4 5 6; do
-       echo '#include "conftst'$i'.h"' >> sub/conftest.c
-       # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with
--      # Solaris 8's {/usr,}/bin/sh.
-+      # Solaris 8's {/usr,}/bin/ksh93.
-       touch sub/conftst$i.h
-     done
-     echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf
[email protected]@ -8029,7 +8056,7 @@
-       for i in 1 2 3 4 5 6 7 8 ; do
-         teststring=$teststring$teststring
-       done
--      SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
-+      SHELL=${SHELL-${CONFIG_SHELL-/bin/ksh93}}
-       # If test is not a shell built-in, we'll probably end up computing a
-       # maximum length that is only half of the actual maximum length, but
-       # we can't tell.
[email protected]@ -9261,8 +9288,8 @@
-       case $lt_cv_prog_gnu_ld in
-       yes*) LD="${LD-ld} -m elf64_sparc" ;;
-       *)
--	if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
--	  LD="${LD-ld} -64"
-+	if ${LD-ld} -r -o conftest2.o conftest.o >/dev/null 2>&1; then
-+	  LD="${LD-ld}"
- 	fi
- 	;;
-       esac
[email protected]@ -13653,7 +13680,7 @@
-   $as_echo_n "(cached) " >&6
- else
-   cat >conftest.make <<\_ACEOF
--SHELL = /bin/sh
-+SHELL = /bin/ksh93
- all:
- 	@echo '@@@%%%=$(MAKE)[email protected]@@%%%'
- _ACEOF
[email protected]@ -19176,15 +19203,15 @@
-            LIBS="$LIBS $gss_libs"
-         elif test "$GSSAPI_ROOT" != "yes"; then
-            LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
--           LIBS="$LIBS -lgssapi"
-+           LIBS="$LIBS -lgss"
-         else
--           LIBS="$LIBS -lgssapi"
-+           LIBS="$LIBS -lgss"
-         fi
+ CURLVERSION=`$SED -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' ${srcdir}/include/curl/curlver.h`
+ 
+   xc_prog_cc_prev_IFS=$IFS
[email protected]@ -21192,7 +21186,7 @@
+               gss_libname="gss"
+               ;;
+            *)
+-              gss_libname="gssapi"
++              gss_libname="gss"
+               ;;
+            esac
+ 
[email protected]@ -21212,7 +21206,7 @@
+         LIBS="-lgss $LIBS"
+         ;;
+      *)
+-        LIBS="-lgssapi $LIBS"
++        LIBS="-lgss $LIBS"
          ;;
       esac
-   else
-      LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
--     LIBS="$LIBS -lgssapi"
-+     LIBS="$LIBS -lgss"
    fi
- else
-   CPPFLAGS="$save_CPPFLAGS"
[email protected]@ -19210,7 +19237,7 @@
[email protected]@ -21311,7 +21305,7 @@
          if test x$cross_compiling != xyes; then
              PKGTEST="yes"
      fi
@@ -213,7 +55,7 @@
      LIB_OPENSSL="$PREFIX_OPENSSL/lib$libsuff"
      ;;
    off)
[email protected]@ -22731,20 +22758,13 @@
[email protected]@ -26982,21 +26976,14 @@
  
  
  
@@ -229,6 +71,7 @@
  
  
          #
+     #
    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for curl_socklen_t data type" >&5
  $as_echo_n "checking for curl_socklen_t data type... " >&6; }
 -  curl_typeof_curl_socklen_t="unknown"
@@ -236,10 +79,10 @@
    for arg1 in int SOCKET; do
      for arg2 in 'struct sockaddr' void; do
        for t in socklen_t int size_t 'unsigned int' long 'unsigned long' void; do
[email protected]@ -35751,7 +35771,6 @@
[email protected]@ -40418,7 +40405,6 @@
+ do
    case $ac_config_target in
      "lib/curl_config.h") CONFIG_HEADERS="$CONFIG_HEADERS lib/curl_config.h" ;;
-     "src/curl_config.h") CONFIG_HEADERS="$CONFIG_HEADERS src/curl_config.h" ;;
 -    "include/curl/curlbuild.h") CONFIG_HEADERS="$CONFIG_HEADERS include/curl/curlbuild.h" ;;
      "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;;
      "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;;
--- a/components/curl/patches/001-Makefile.in.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,20 +0,0 @@
---- lib/Makefile.in	2010-10-01 13:49:18.000000000 -0700
-+++ lib/Makefile.in	2010-10-18 08:05:00.803406622 -0700
[email protected]@ -364,7 +364,7 @@
- @[email protected]           -I$(top_builddir)/ares         \
- @[email protected]           -I$(top_srcdir)/ares
- 
[email protected][email protected] = -version-info 6:0:2
[email protected][email protected] = -version-info 3:0:0
- 
- #
- # Bumping of SONAME conditionally may seem like a weird thing to do, and yeah
[email protected]@ -375,7 +375,7 @@
- #
- # This conditional soname bump SHOULD be removed at next "proper" bump.
- #
[email protected][email protected] = -version-info 7:0:2
[email protected][email protected] = -version-info 3:0:0
- 
- # This flag accepts an argument of the form current[:revision[:age]]. So,
- # passing -version-info 3:12:1 sets current to 3, revision to 12, and age to
--- a/components/curl/patches/002-curlbuild.h.patch	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/patches/002-curlbuild.h.patch	Fri Apr 10 16:50:24 2015 -0700
@@ -1,10 +1,14 @@
---- include/curl/curlbuild.h	2010-10-12 15:04:32.000000000 -0700
-+++ include/curl/curlbuild.h	2010-12-02 10:18:42.364070201 -0800
+Various curl build definitions for Solaris for both Studio and Gnu compilers.
+
+These changes need to be sent upsteam.
+
+--- include/curl/curlbuild.h.orig	2014-09-10 12:10:14.624818524 -0700
++++ include/curl/curlbuild.h	2014-09-10 12:10:08.344835020 -0700
 @@ -496,6 +496,45 @@
  #  define CURL_SIZEOF_CURL_SOCKLEN_T 4
  
  /* ===================================== */
-+/*    Sun Studio Compilers		 */
++/*    Sun Studio Compilers               */
 +/* ===================================== */
 +
 +#elif defined(__SUNPRO_C) || defined(__SUNPRO_CC)
@@ -84,10 +88,10 @@
 +#     endif
 +#  endif
 +#  else /* !((sun) || (__sun) || (__sun__)) */
- #  if defined(__i386__) || defined(__ppc__)
+ #  if defined(__ILP32__) || \
+       defined(__i386__) || defined(__ppc__) || defined(__arm__) || defined(__sparc__)
  #    define CURL_SIZEOF_LONG           4
- #    define CURL_TYPEOF_CURL_OFF_T     long long
[email protected]@ -550,6 +623,7 @@
[email protected]@ -552,6 +625,7 @@
  #  define CURL_SIZEOF_CURL_SOCKLEN_T 4
  #  define CURL_PULL_SYS_TYPES_H      1
  #  define CURL_PULL_SYS_SOCKET_H     1
--- a/components/curl/patches/003-Makefile.in.patch	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/patches/003-Makefile.in.patch	Fri Apr 10 16:50:24 2015 -0700
@@ -1,11 +1,19 @@
---- tests/server/Makefile.in	2010-10-01 13:49:21.000000000 -0700
-+++ tests/server/Makefile.in	2010-10-18 08:05:49.792499927 -0700
[email protected]@ -209,7 +209,7 @@
- LDFLAGS = @[email protected]
- LIBCURL_LIBS = @[email protected]
+Adjusted to include all the libraries needed to successfully link on Solaris.
+
+Note that on S11, the LIBS line will need to be:
+LIBS = $(BLANK_AT_MAKETIME) -lsocket -lresolv -lnsl -lgen
+as -lsocket and -lnsl have not yet been subsumed into libc.
+
+This patch needs to be sent upstream, but needs to be reworked first.
+
+--- tests/server/Makefile.in.orig	2014-09-10 12:16:40.748828978 -0700
++++ tests/server/Makefile.in	2014-09-10 12:17:11.065886554 -0700
[email protected]@ -377,7 +377,7 @@
  LIBOBJS = @[email protected]
--LIBS = @[email protected]
-+LIBS = @[email protected] -lsocket -lresolv -lnsl -lgen
+ 
+ # Prevent LIBS from being used for all link targets
+-LIBS = $(BLANK_AT_MAKETIME)
++LIBS = $(BLANK_AT_MAKETIME) -lresolv -lgen
  LIBTOOL = @[email protected]
  LIPO = @[email protected]
  LN_S = @[email protected]
--- a/components/curl/patches/004-Makefile.in.patch	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/patches/004-Makefile.in.patch	Fri Apr 10 16:50:24 2015 -0700
@@ -1,22 +1,20 @@
---- include/curl/Makefile.in	2010-10-01 13:49:18.000000000 -0700
-+++ include/curl/Makefile.in	2011-03-31 11:29:48.945604347 -0700
[email protected]@ -306,18 +306,8 @@
- $(ACLOCAL_M4): @[email protected] $(am__aclocal_m4_deps)
- 	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+Adjust how the stamp-h2: Makefile target works.
+
+I'm not sure why this is here. It comes from the previous curl maintainer.
+It needs to be further investigated and either removed or reworked into
+something that can be passed upstream.
+
+--- include/curl/Makefile.in.orig	2014-09-10 12:19:40.843896341 -0700
++++ include/curl/Makefile.in	2014-09-10 12:20:56.618505665 -0700
[email protected]@ -441,9 +441,9 @@
+ 	@test -f [email protected] || rm -f stamp-h2
+ 	@test -f [email protected] || $(MAKE) $(AM_MAKEFLAGS) stamp-h2
  
--curlbuild.h: stamp-h3
--	@if test ! -f [email protected]; then \
--	  rm -f stamp-h3; \
--	  $(MAKE) stamp-h3; \
--	else :; fi
--
--stamp-h3: $(srcdir)/curlbuild.h.in $(top_builddir)/config.status
-+stamp-h3:
- 	@rm -f stamp-h3
+-stamp-h2: $(srcdir)/curlbuild.h.in $(top_builddir)/config.status
++stamp-h2:
+ 	@rm -f stamp-h2
 -	cd $(top_builddir) && $(SHELL) ./config.status include/curl/curlbuild.h
--$(srcdir)/curlbuild.h.in: @[email protected] $(am__configure_deps) 
--	cd $(top_srcdir) && $(AUTOHEADER)
--	rm -f stamp-h3
- 	touch [email protected]
++	touch [email protected]
  
  distclean-hdr:
+ 	-rm -f curlbuild.h stamp-h2
--- a/components/curl/patches/005-libcurl.pc.in.patch	Fri Apr 10 18:00:20 2015 -0400
+++ b/components/curl/patches/005-libcurl.pc.in.patch	Fri Apr 10 16:50:24 2015 -0700
@@ -1,5 +1,10 @@
---- libcurl.pc.in	2010-09-18 14:00:22.000000000 -0700
-+++ libcurl.pc.in	2011-03-31 15:39:42.953234906 -0700
+Provide the correct Solaris curl include directory.
+
+This patch should be send upstream, but needs to be reworked into something
+that they will accept.
+
+--- libcurl.pc.in.orig	2014-09-10 12:23:52.455848654 -0700
++++ libcurl.pc.in	2014-09-10 12:24:13.252589181 -0700
 @@ -26,7 +26,7 @@
  [email protected]@
  [email protected][email protected]
--- a/components/curl/patches/006-curl-gssapi-delegation.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,11 +0,0 @@
---- lib/http_negotiate.c	2010-09-18 14:00:21.000000000 -0700
-+++ lib/http_negotiate.c	2011-07-05 08:16:14.333605202 -0700
[email protected]@ -242,7 +242,7 @@
-                                       &neg_ctx->context,
-                                       neg_ctx->server_name,
-                                       GSS_C_NO_OID,
--                                      GSS_C_DELEG_FLAG,
-+                                      0,
-                                       0,
-                                       GSS_C_NO_CHANNEL_BINDINGS,
-                                       &input_token,
--- a/components/curl/patches/007-curl-dont-insert-empty-fragments.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,42 +0,0 @@
---- lib/ssluse.c	2010-09-18 14:00:21.000000000 -0700
-+++ lib/ssluse.c	2012-01-24 07:43:28.989624080 -0800
[email protected]@ -1428,6 +1428,7 @@
-   X509_LOOKUP *lookup=NULL;
-   curl_socket_t sockfd = conn->sock[sockindex];
-   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
-+  long ctx_options;
- #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
-   bool sni;
- #ifdef ENABLE_IPV6
[email protected]@ -1507,16 +1508,27 @@
-      If someone writes an application with libcurl and openssl who wants to
-      enable the feature, one can do this in the SSL callback.
- 
-+     OpenSSL added a work-around for a SSL 3.0/TLS 1.0 CBC vulnerability
-+     (http://www.openssl.org/~bodo/tls-cbc.txt). In 0.9.6e they added a bit to
-+     SSL_OP_ALL that _disables_ that work-around despite the fact that
-+     SSL_OP_ALL is documented to do "rather harmless" workarounds. In order to
-+     keep the secure work-around, the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS bit
-+     must not be set.
-+
-   */
-+
-+  ctx_options = SSL_OP_ALL;
-+
- #ifdef SSL_OP_NO_TICKET
-   /* expect older openssl releases to not have this define so only use it if
-      present */
--#define CURL_CTX_OPTIONS SSL_OP_ALL|SSL_OP_NO_TICKET
--#else
--#define CURL_CTX_OPTIONS SSL_OP_ALL
-+  ctx_options |= SSL_OP_NO_TICKET;
-+#endif
-+#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-+  ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
- #endif
- 
--  SSL_CTX_set_options(connssl->ctx, CURL_CTX_OPTIONS);
-+  SSL_CTX_set_options(connssl->ctx, ctx_options);
- 
-   /* disable SSLv2 in the default case (i.e. allow SSLv3 and TLSv1) */
-   if(data->set.ssl.version == CURL_SSLVERSION_DEFAULT)
--- a/components/curl/patches/008-curl-url-sanitize.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,199 +0,0 @@
---- lib/escape.c	2010-10-01 13:48:39.000000000 -0700
-+++ lib/escape.c	2012-01-26 10:54:22.962290288 -0800
[email protected]@ -88,7 +88,7 @@
-   char *testing_ptr = NULL;
-   unsigned char in; /* we need to treat the characters unsigned */
-   size_t newlen = alloc;
--  int strindex=0;
-+  size_t strindex=0;
-   size_t length;
- 
- #ifndef CURL_DOES_CONVERSIONS
[email protected]@ -143,26 +143,25 @@
- }
- 
- /*
-- * Unescapes the given URL escaped string of given length. Returns a
-- * pointer to a malloced string with length given in *olen.
-- * If length == 0, the length is assumed to be strlen(string).
-- * If olen == NULL, no output length is stored.
-+ * Curl_urldecode() URL decodes the given string.
-+ *
-+ * Optionally detects control characters (byte codes lower than 32) in the
-+ * *olen. If length == 0, the length is assumed to be strlen(string).
-  */
--char *curl_easy_unescape(CURL *handle, const char *string, int length,
--                         int *olen)
-+CURLcode Curl_urldecode(struct SessionHandle *data,
-+                        const char *string, size_t length,
-+			char **ostring, size_t *olen,
-+			bool reject_ctrl)
- {
--  int alloc = (length?length:(int)strlen(string))+1;
-+  size_t alloc = (length?length:strlen(string))+1;
-   char *ns = malloc(alloc);
-   unsigned char in;
--  int strindex=0;
-+  size_t strindex=0;
-   unsigned long hex;
-+  CURLcode res;
- 
--#ifndef CURL_DOES_CONVERSIONS
--  /* avoid compiler warnings */
--  (void)handle;
--#endif
-   if( !ns )
--    return NULL;
-+      return CURLE_OUT_OF_MEMORY;
- 
-   while(--alloc > 0) {
-     in = *string;
[email protected]@ -180,17 +179,21 @@
- 
- #ifdef CURL_DOES_CONVERSIONS
- /* escape sequences are always in ASCII so convert them on non-ASCII hosts */
--      if(!handle ||
--          (Curl_convert_from_network(handle, &in, 1) != CURLE_OK)) {
-+	  res = Curl_convert_from_network(data, &in, 1);
-+	  if(res) {
-         /* Curl_convert_from_network calls failf if unsuccessful */
-         free(ns);
--        return NULL;
-+	      return res;
-       }
- #endif /* CURL_DOES_CONVERSIONS */
- 
-       string+=2;
-       alloc-=2;
-     }
-+      if(reject_ctrl && (in < 0x20)) {
-+	  free(ns);
-+	  return CURLE_URL_MALFORMAT;
-+      }
- 
-     ns[strindex++] = in;
-     string++;
[email protected]@ -200,7 +203,34 @@
-   if(olen)
-     /* store output size */
-     *olen = strindex;
--  return ns;
-+
-+  if(ostring)
-+      /* store output string */
-+      *ostring = ns;
-+
-+  return CURLE_OK;
-+}
-+
-+
-+/*
-+ * Unescapes the given URL escaped string of given length. Returns a
-+ * pointer to a malloced string with length given in *olen.
-+ * If length == 0, the length is assumed to be strlen(string).
-+ * If olen == NULL, no output length is stored.
-+ */
-+char *curl_easy_unescape(CURL *handle, const char *string, int length,
-+                         int *olen)
-+{
-+  char *str = NULL;
-+  size_t inputlen = length;
-+  size_t outputlen;
-+  CURLcode res = Curl_urldecode(handle, string, inputlen, &str, &outputlen,
-+	  FALSE);
-+  if(res)
-+      return NULL;
-+  if(olen)
-+      *olen = curlx_uztosi(outputlen);
-+  return str;
- }
- 
- /* For operating systems/environments that use different malloc/free
---- lib/escape.h	2010-09-18 14:00:21.000000000 -0700
-+++ lib/escape.h	2012-01-26 09:42:20.936213952 -0800
[email protected]@ -1,5 +1,5 @@
--#ifndef __ESCAPE_H
--#define __ESCAPE_H
-+#ifndef HEADER_CURL_ESCAPE_H
-+#define HEADER_CURL_ESCAPE_H
- 
- /***************************************************************************
-  *                                  _   _ ____  _
[email protected]@ -8,7 +8,7 @@
-  *                            | (__| |_| |  _ <| |___
-  *                             \___|\___/|_| \_\_____|
-  *
-- * Copyright (C) 1998 - 2006, Daniel Stenberg, <[email protected]>, et al.
-+ * Copyright (C) 1998 - 2011, Daniel Stenberg, <[email protected]>, et al.
-  *
-  * This software is licensed as described in the file COPYING, which
-  * you should have received as part of this distribution. The terms
[email protected]@ -25,5 +25,9 @@
- /* Escape and unescape URL encoding in strings. The functions return a new
-  * allocated string or NULL if an error occurred.  */
- 
-+CURLcode Curl_urldecode(struct SessionHandle *data,
-+                        const char *string, size_t length,
-+			char **ostring, size_t *olen,
-+			bool reject_crlf);
- 
- #endif
---- lib/imap.c	2010-09-18 14:00:21.000000000 -0700
-+++ lib/imap.c	2012-01-26 09:35:07.180464878 -0800
[email protected]@ -906,17 +906,12 @@
-   struct imap_conn *imapc = &conn->proto.imapc;
-   struct SessionHandle *data = conn->data;
-   const char *path = data->state.path;
--  int len;
- 
-   if(!*path)
-     path = "INBOX";
- 
-   /* url decode the path and use this mailbox */
--  imapc->mailbox = curl_easy_unescape(data, path, 0, &len);
--  if(!imapc->mailbox)
--    return CURLE_OUT_OF_MEMORY;
--
--  return CURLE_OK;
-+  return Curl_urldecode(data, path, 0, &imapc->mailbox, NULL, TRUE);
- }
- 
- /* call this when the DO phase has completed */
---- lib/pop3.c	2010-09-18 14:00:21.000000000 -0700
-+++ lib/pop3.c	2012-01-26 09:35:47.059691860 -0800
[email protected]@ -852,11 +852,7 @@
-   const char *path = data->state.path;
- 
-   /* url decode the path and use this mailbox */
--  pop3c->mailbox = curl_easy_unescape(data, path, 0, NULL);
--  if (!pop3c->mailbox)
--    return CURLE_OUT_OF_MEMORY;
--
--  return CURLE_OK;
-+  return Curl_urldecode(data, path, 0, &pop3c->mailbox, NULL, TRUE);
- }
- 
- /* call this when the DO phase has completed */
---- lib/smtp.c	2010-10-12 13:56:21.000000000 -0700
-+++ lib/smtp.c	2012-01-26 09:38:03.856720962 -0800
[email protected]@ -1045,7 +1045,6 @@
-   struct SessionHandle *data=conn->data;
-   struct pingpong *pp=&smtpc->pp;
-   const char *path = conn->data->state.path;
--  int len;
-   char localhost[1024 + 1];
- 
-   *done = FALSE; /* default to not done yet */
[email protected]@ -1119,9 +1118,9 @@
-   }
- 
-   /* url decode the path and use it as domain with EHLO */
--  smtpc->domain = curl_easy_unescape(conn->data, path, 0, &len);
--  if(!smtpc->domain)
--    return CURLE_OUT_OF_MEMORY;
-+  result = Curl_urldecode(conn->data, path, 0, &smtpc->domain, NULL, TRUE);
-+  if(result)
-+    return result;
- 
-   /* When we connect, we start in the state where we await the server greeting
-    */
--- a/components/curl/patches/009-CVE-2013-2174.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,33 +0,0 @@
-CVE-2013-2174: Heap-based buffer overflow in the curl_easy_unescape function
-in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote
-attackers to cause a denial of service (application crash) or possibly
-execute arbitrary code via a crafted string ending in a "%" (percent)
-character.
-
-CVE webpage for this problem:
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
-
-Relevant upstream patch at:
-https://github.com/bagder/curl/commit/192c4f788d48f82c03e9cef40013f34370e90737
-
---- lib/escape.c.orig	2013-08-27 05:41:07.197713748 -0700
-+++ lib/escape.c	2013-08-27 05:42:54.003927843 -0700
[email protected]@ -5,7 +5,7 @@
-  *                            | (__| |_| |  _ <| |___
-  *                             \___|\___/|_| \_\_____|
-  *
-- * Copyright (C) 1998 - 2010, Daniel Stenberg, <[email protected]>, et al.
-+ * Copyright (C) 1998 - 2013, Daniel Stenberg, <[email protected]>, et al.
-  *
-  * This software is licensed as described in the file COPYING, which
-  * you should have received as part of this distribution. The terms
[email protected]@ -165,7 +165,8 @@
- 
-   while(--alloc > 0) {
-     in = *string;
--    if(('%' == in) && ISXDIGIT(string[1]) && ISXDIGIT(string[2])) {
-+    if(('%' == in) && (alloc > 2) &&
-+       ISXDIGIT(string[1]) && ISXDIGIT(string[2])) {
-       /* this is two hexadecimal digits following a '%' */
-       char hexstr[3];
-       char *ptr;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/curl/patches/009-runtests.pl.patch	Fri Apr 10 16:50:24 2015 -0700
@@ -0,0 +1,24 @@
+The various curl NTLM tests try to LD_PRELOAD a test library
+called .../tests/libtest/.libs/libhostname.so that's been
+created as a pre-requisite to running the numerous Perl tests.
+
+This patch adjusts LD_PRELOAD to be LD_PRELOAD_32 or LD_PRELOAD_64
+depending upong whether we are running the 32 or 64 bit tests.
+
+As this is Solaris specific, this patch will not be pushed upstream.
+
+--- tests/runtests.pl.orig	2014-09-10 12:26:52.624143266 -0700
++++ tests/runtests.pl	2014-09-10 16:51:13.663390869 -0700
[email protected]@ -3060,6 +3060,12 @@
+                             # print "Skipping LD_PRELOAD due to no release shared build\n";
+                             next;
+                         }
++                        # make this LD_PRELOAD_{bits}
++                        open(FP, "/bin/file $content |");
++                        my $bits = <FP>;
++                        if ($bits =~ /^.+ELF\s(\d\d)-bit.+$/) {
++                            $var .= '_'.$1;
++                        }
+                     }
+                     $ENV{$var} = "$content";
+                 }
--- a/components/curl/patches/010-CVE-2013-4545.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-CVE-2013-4545: Setting only CURLOPT_SSL_VERIFYHOST without 
-CURLOPT_SSL_VERIFYPEER set should still verify that the host 
-name fields in the server certificate is fine or return failure.
-
-Bug: http://curl.haxx.se/mail/lib-2013-10/0002.html
-Reported-by: Ishan SinghLevett
-
-Relevant upstream patch at:
-https://github.com/bagder/curl/commit/3c3622b6
-
---- lib/ssluse.c.orig	2013-11-18 06:59:53.408117483 -0800
-+++ lib/ssluse.c	2013-11-18 07:00:26.212993187 -0800
[email protected]@ -2357,7 +2357,7 @@
-    * operations.
-    */
- 
--  if(!data->set.ssl.verifypeer)
-+  if(!data->set.ssl.verifypeer && !data->set.ssl.verifyhost)
-     (void)servercert(conn, connssl, FALSE);
-   else
-     retcode = servercert(conn, connssl, TRUE);
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/curl/patches/010-fix-tests.patch	Fri Apr 10 16:50:24 2015 -0700
@@ -0,0 +1,41 @@
+Adjust the Python http_pipe.py script to work with our default version of
+Python.
+
+This change will be sent back up stream for consideration.
+
+--- tests/http_pipe.py.orig	2014-09-10 15:59:26.498743943 -0700
++++ tests/http_pipe.py	2014-09-10 15:58:59.502589711 -0700
[email protected]@ -435,7 +435,7 @@
+ if args.pidfile:
+     pid = os.getpid()
+     f = open(args.pidfile, 'w')
+-    f.write('{}'.format(pid))
++    f.write('{0}'.format(pid))
+     f.close()
+ 
+ server = PipelineServer(('0.0.0.0', args.port), PipelineRequestHandler)
+
+
+# ----------------------------------------------------------------------------
+Tests #530 and #584 fail with curl version 7.40.0. This is discussed at:
+
+  http://curl.haxx.se/mail/lib-2014-08/0161.html
+
+with the patch at:
+
+http://curl.haxx.se/mail/lib-2014-06/att-0139/0001-Delay-Curl_addHandleToPipeline-by-a-milisecond.patch
+
+addressing the problem.
+
+Upstream is already aware of this issue.
+
+--- lib/url.c.orig	2015-01-26 13:49:21.041657976 -0800
++++ lib//url.c	2015-01-26 13:50:45.391515086 -0800
[email protected]@ -2748,6 +2748,7 @@
+ {
+   if(!Curl_llist_insert_next(pipeline, pipeline->tail, data))
+     return CURLE_OUT_OF_MEMORY;
++  Curl_wait_ms(1);
+   return CURLE_OK;
+ }
+ 
--- a/components/curl/patches/011-runtests.pl.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,37 +0,0 @@
-The various curl NTLM tests try to LD_PRELOAD a test library
-called .../tests/libtest/.libs/libhostname.so that's been
-created as a pre-requisite to running the numerous Perl tests.
-
-This patch adjusts LD_PRELOAD to be LD_PRELOAD_32 or LD_PRELOAD_64
-depending upon whether we are running the 32 or 64 bit tests.
-
-As this is Solaris specific, this patch will not be pushed upstream.
-
---- tests/runtests.pl.orig	2013-11-18 07:12:48.748872794 -0800
-+++ tests/runtests.pl	2013-11-18 07:15:32.604982653 -0800
[email protected]@ -2405,10 +2405,21 @@
-                     delete $ENV{$var} if($ENV{$var});
-                 }
-                 else {
--                    if(($var =~ /^LD_PRELOAD/) &&
--                       ($debug_build || ($has_shared ne "yes"))) {
--                        # print "Skipping LD_PRELOAD due to no release shared build\n";
--                        next;
-+                    if($var =~ /^LD_PRELOAD/) {
-+                        if(exe_ext() && (exe_ext() eq '.exe')) {
-+                            # print "Skipping LD_PRELOAD due to lack of OS support\n";
-+                            next;
-+                        }
-+                        if($debug_build || ($has_shared ne "yes")) {
-+                            # print "Skipping LD_PRELOAD due to no release shared build\n";
-+                            next;
-+                        }
-+                        # make this LD_PRELOAD_{bits}
-+                        open(FP, "/bin/file $content |");
-+                        my $bits = <FP>;
-+                        if ($bits =~ /^.+ELF\s(\d\d)-bit.+$/) {
-+                            $var .= '_'.$1;
-+                        }
-                     }
-                     $ENV{$var} = "$content";
-                 }
--- a/components/curl/patches/012-CVE-2013-1944.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,49 +0,0 @@
-From 3604fde3d3c9b0d0e389e079aecf470d123ba180 Mon Sep 17 00:00:00 2001
-From: YAMADA Yasuharu <[email protected]>
-Date: Thu, 11 Apr 2013 00:17:15 +0200
-Subject: [PATCH] cookie: fix tailmatching to prevent cross-domain leakage
-
-Cookies set for 'example.com' could accidentaly also be sent by libcurl
-to the 'bexample.com' (ie with a prefix to the first domain name).
-
-This is a security vulnerabilty, CVE-2013-1944.
-
-Bug: http://curl.haxx.se/docs/adv_20130412.html
-
---- lib/cookie.c.orig	2013-11-18 14:05:59.517749330 -0800
-+++ lib/cookie.c	2013-11-18 14:08:09.852442022 -0800
[email protected]@ -122,15 +122,29 @@
-   free(co);
- }
- 
--static bool tailmatch(const char *little, const char *bigone)
-+static bool tailmatch(const char *cooke_domain, const char *hostname)
- {
--  size_t littlelen = strlen(little);
--  size_t biglen = strlen(bigone);
-+  size_t cookie_domain_len = strlen(cooke_domain);
-+  size_t hostname_len = strlen(hostname);
- 
--  if(littlelen > biglen)
-+  if(hostname_len < cookie_domain_len)
-     return FALSE;
- 
--  return (bool)Curl_raw_equal(little, bigone+biglen-littlelen);
-+  if(!Curl_raw_equal(cooke_domain, hostname+hostname_len-cookie_domain_len))
-+    return FALSE;
-+
-+  /* A lead char of cookie_domain is not '.'.
-+     RFC6265 4.1.2.3. The Domain Attribute says:
-+       For example, if the value of the Domain attribute is
-+       "example.com", the user agent will include the cookie in the Cookie
-+       header when making HTTP requests to example.com, www.example.com, and
-+       www.corp.example.com.
-+   */
-+  if(hostname_len == cookie_domain_len)
-+    return TRUE;
-+  if('.' == *(hostname + hostname_len - cookie_domain_len - 1))
-+    return TRUE;
-+  return FALSE;
- }
- 
- /*
--- a/components/curl/patches/013-CVE-2014-0015.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,20 +0,0 @@
-CVE-2014-0015: libcurl can in some circumstances re-use the wrong
-connection when asked to do an NTLM-authenticated HTTP or HTTPS request.
-
-More information at:
-http://curl.haxx.se/docs/adv_20140129.html
-
-Closest relevant upstream patch at:
-http://curl.haxx.se/CVE-2014-0015-7-27.patch
-
---- lib/url.c.orig	2014-02-04 12:41:29.827372361 -0800
-+++ lib/url.c	2014-02-04 12:56:44.394433387 -0800
[email protected]@ -2998,7 +2998,7 @@
-         }
-         if((needle->protocol & PROT_FTP) ||
-            ((needle->protocol & PROT_HTTP) &&
--            (data->state.authhost.want==CURLAUTH_NTLM))) {
-+            (data->state.authhost.want & CURLAUTH_NTLM))) {
-           /* This is FTP or HTTP+NTLM, verify that we're using the same name
-              and password as well */
-           if(!strequal(needle->user, check->user) ||
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/curl/patches/013-curl_sasl_gssapi.c.patch	Fri Apr 10 16:50:24 2015 -0700
@@ -0,0 +1,20 @@
+From: https://www.mail-archive.com/[email protected]/msg21757.html
+Quanah Gibson-Mount Thu, 15 Jan 2015 12:27:13 -0800
+Unfortunately, it appears that curl is still not tested against Heimdal
+Kerberos.
+
+This problem has been reported upstream.
+
+--- lib/curl_sasl_gssapi.c.orig	2015-01-26 08:22:32.369117065 -0800
++++ lib/curl_sasl_gssapi.c	2015-01-26 08:36:35.452740440 -0800
[email protected]@ -31,6 +31,10 @@
+ #define NCOMPAT 1
+ #endif
+ 
++#ifdef HAVE_GSSHEIMDAL
++#define gss_nt_service_name GSS_C_NT_HOSTBASED_SERVICE
++#endif
++
+ #define GSSAUTH_P_NONE      1
+ #define GSSAUTH_P_INTEGRITY 2
+ #define GSSAUTH_P_PRIVACY   4
--- a/components/curl/patches/014-OpenSSL-deselect-weak-ciphers-by-default.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,67 +0,0 @@
-From 30e24c74774ef642f6d34638bb2b701877c7ce93 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <[email protected]>
-Date: Sat, 11 Jan 2014 00:05:19 +0100
-Subject: [PATCH] OpenSSL: deselect weak ciphers by default
-
-By default even recent versions of OpenSSL supports and accepts both
-"export strength" ciphers, small-bitsize ciphers as well as downright
-deprecated ones.
-
-This change sets a default cipher selection that tries to avoid the
-worst ones, and subsequently it makes https://www.howsmyssl.com/a/check
-no longer grade curl/OpenSSL connects as 'Bad'.
-
-Bug: http://curl.haxx.se/bug/view.cgi?id=1323
-Reported-by: Jeff Hodges
-
-(Note that we have an older version of curl, and the required changes need
-to be made to .../lib/ssluse.[c,h] not .../lib/vtls/openssl.[c,h].)
-
---- lib/ssluse.c.orig	2014-07-08 07:13:52.002064381 -0700
-+++ lib/ssluse.c	2014-07-08 07:18:11.256793811 -0700
[email protected]@ -1422,6 +1422,7 @@
- {
-   CURLcode retcode = CURLE_OK;
- 
-+  char *ciphers;
-   struct SessionHandle *data = conn->data;
-   SSL_METHOD_QUAL SSL_METHOD *req_method=NULL;
-   void *ssl_sessionid=NULL;
[email protected]@ -1556,12 +1557,12 @@
-     }
-   }
- 
--  if(data->set.str[STRING_SSL_CIPHER_LIST]) {
--    if(!SSL_CTX_set_cipher_list(connssl->ctx,
--                                data->set.str[STRING_SSL_CIPHER_LIST])) {
--      failf(data, "failed setting cipher list");
--      return CURLE_SSL_CIPHER;
--    }
-+  ciphers = data->set.str[STRING_SSL_CIPHER_LIST];
-+  if(!ciphers)
-+    ciphers = (char *)DEFAULT_CIPHER_SELECTION;
-+  if(!SSL_CTX_set_cipher_list(connssl->ctx, ciphers)) {
-+    failf(data, "failed setting cipher list: %s", ciphers);
-+    return CURLE_SSL_CIPHER;
-   }
- 
-   if(data->set.str[STRING_SSL_CAFILE] || data->set.str[STRING_SSL_CAPATH]) {
---- lib/ssluse.h.orig	2014-07-08 07:13:58.481773165 -0700
-+++ lib/ssluse.h	2014-07-08 07:16:39.119426762 -0700
[email protected]@ -7,7 +7,7 @@
-  *                            | (__| |_| |  _ <| |___
-  *                             \___|\___/|_| \_\_____|
-  *
-- * Copyright (C) 1998 - 2010, Daniel Stenberg, <[email protected]>, et al.
-+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <[email protected]>, et al.
-  *
-  * This software is licensed as described in the file COPYING, which
-  * you should have received as part of this distribution. The terms
[email protected]@ -80,5 +80,7 @@
- #define curlssl_check_cxn Curl_ossl_check_cxn
- #define curlssl_data_pending(x,y) Curl_ossl_data_pending(x,y)
- 
-+#define DEFAULT_CIPHER_SELECTION "ALL!EXPORT!EXPORT40!EXPORT56!aNULL!LOW!RC4"
-+
- #endif /* USE_SSLEAY */
- #endif /* __SSLUSE_H */
--- a/components/curl/patches/015-CVE-2014-3613-part1.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,261 +0,0 @@
-From eac573ea9c368f5e3c07de4d5ec5c5d0f84a021a Mon Sep 17 00:00:00 2001
-From: Tim Ruehsen <[email protected]>
-Date: Tue, 19 Aug 2014 21:01:28 +0200
-Subject: [PATCH 1/2] cookies: only use full host matches for hosts used as IP
- address
-
-By not detecting and rejecting domain names for partial literal IP
-addresses properly when parsing received HTTP cookies, libcurl can be
-fooled to both send cookies to wrong sites and to allow arbitrary sites
-to set cookies for others.
-
-Bug: http://curl.haxx.se/docs/adv_20140910.html
----
- lib/cookie.c        | 50 ++++++++++++++++++++++++++++++++++++++----------
- tests/data/test1105 |  3 +--
- tests/data/test31   | 55 +++++++++++++++++++++++++++--------------------------
- tests/data/test8    |  3 ++-
- 4 files changed, 71 insertions(+), 40 deletions(-)
-
-This problem has been fixed upstream in curl version 7.38.0
-
---- lib/cookie.c.orig	2014-09-04 10:25:26.404578422 -0700
-+++ lib/cookie.c	2014-09-04 10:40:04.769726955 -0700
[email protected]@ -97,6 +97,7 @@
- #include "strtoofft.h"
- #include "rawstr.h"
- #include "curl_memrchr.h"
-+#include "inet_pton.h"
- 
- /* The last #include file should be: */
- #include "memdebug.h"
[email protected]@ -181,6 +182,27 @@
-   *str = strdup(newstr);
- }
- 
-+/*
-+ * Return true if the given string is an IP(v4|v6) address.
-+ */
-+static bool isip(const char *domain)
-+{
-+  struct in_addr addr;
-+#ifdef ENABLE_IPV6
-+  struct in6_addr addr6;
-+#endif
-+
-+  if(Curl_inet_pton(AF_INET, domain, &addr)
-+#ifdef ENABLE_IPV6
-+     || Curl_inet_pton(AF_INET6, domain, &addr6)
-+#endif
-+    ) {
-+    /* domain name given as IP address */
-+    return TRUE;
-+  }
-+
-+  return FALSE;
-+}
- 
- /****************************************************************************
-  *
[email protected]@ -280,6 +302,8 @@
-             }
-           }
-           else if(Curl_raw_equal("domain", name)) {
-+            bool is_ip;
-+
-             /* note that this name may or may not have a preceeding dot, but
-                we don't care about that, we treat the names the same anyway */
- 
[email protected]@ -321,18 +345,19 @@
-               if('.' == whatptr[0])
-                 whatptr++; /* ignore preceeding dot */
- 
--              if(!domain || tailmatch(whatptr, domain)) {
--                const char *tailptr=whatptr;
--                if(tailptr[0] == '.')
--                  tailptr++;
--                strstore(&co->domain, tailptr); /* don't prefix w/dots
--                                                   internally */
-+              is_ip = isip(domain ? domain : whatptr);
-+
-+              if(!domain
-+                 || (is_ip && !strcmp(whatptr, domain))
-+                 || (!is_ip && tailmatch(whatptr, domain))) {
-+                strstore(&co->domain, whatptr);
-                 if(!co->domain) {
-                   badcookie = TRUE;
-                   break;
-                 }
--                co->tailmatch=TRUE; /* we always do that if the domain name was
--                                       given */
-+                if(!is_ip)
-+                  co->tailmatch=TRUE; /* we always do that if the domain name
-+                                         was given */
-               }
-               else {
-                 /* we did not get a tailmatch and then the attempted set domain
[email protected]@ -821,10 +846,14 @@
-   time_t now = time(NULL);
-   struct Cookie *mainco=NULL;
-   size_t matches = 0;
-+  bool is_ip;
- 
-   if(!c || !c->cookies)
-     return NULL; /* no cookie struct or no cookies in the struct */
- 
-+  /* check if host is an IP(v4|v6) address */
-+  is_ip = isip(host);
-+
-   co = c->cookies;
- 
-   while(co) {
[email protected]@ -836,8 +865,8 @@
- 
-       /* now check if the domain is correct */
-       if(!co->domain ||
--         (co->tailmatch && tailmatch(co->domain, host)) ||
--         (!co->tailmatch && Curl_raw_equal(host, co->domain)) ) {
-+         (co->tailmatch && !is_ip && tailmatch(co->domain, host)) ||
-+         ((!co->tailmatch || is_ip) && Curl_raw_equal(host, co->domain)) ) {
-         /* the right part of the host matches the domain stuff in the
-            cookie data */
- 
---- tests/data/test1105.orig	2014-09-04 10:27:20.052223915 -0700
-+++ tests/data/test1105	2014-09-04 10:41:18.310085197 -0700
[email protected]@ -56,8 +56,7 @@
- # This file was generated by libcurl! Edit at your own risk.
- 
- 127.0.0.1	FALSE	/we/want/	FALSE	0	foobar	name
--.127.0.0.1	TRUE	"/silly/"	FALSE	0	mismatch	this
--.0.0.1	TRUE	/	FALSE	0	partmatch	present
-+127.0.0.1	FALSE	"/silly/"	FALSE	0	mismatch	this
- </file>
- </verify>
- </testcase>
---- tests/data/test31.orig	2014-09-04 10:27:10.395450839 -0700
-+++ tests/data/test31	2014-09-04 11:27:38.685969246 -0700
[email protected]@ -18,6 +18,30 @@
- Funny-head: yesyes
- Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure
- Set-Cookie:ismatch=this  ; domain=127.0.0.1; path=/silly/
-+Set-Cookie: overwrite=this  ; domain=127.0.0.1; path=/overwrite/
-+Set-Cookie: overwrite=this2  ; domain=127.0.0.1; path=/overwrite
-+Set-Cookie: sec1value=secure1  ; domain=127.0.0.1; path=/secure1/ ; secure
-+Set-Cookie: sec2value=secure2  ; domain=127.0.0.1; path=/secure2/ ; secure=
-+Set-Cookie: sec3value=secure3  ; domain=127.0.0.1; path=/secure3/ ; secure=
-+Set-Cookie: sec4value=secure4  ; secure=; domain=127.0.0.1; path=/secure4/ ; 
-+Set-Cookie: sec5value=secure5  ; secure; domain=127.0.0.1; path=/secure5/ ; 
-+Set-Cookie: sec6value=secure6  ; secure ; domain=127.0.0.1; path=/secure6/ ; 
-+Set-Cookie: sec7value=secure7  ; secure   ; domain=127.0.0.1; path=/secure7/ ; 
-+Set-Cookie: sec8value=secure8  ; secure= ; domain=127.0.0.1; path=/secure8/ ; 
-+Set-Cookie: secure=very1  ; secure=; domain=127.0.0.1; path=/secure9/; 
-+Set-Cookie: httpo1=value1  ; domain=127.0.0.1; path=/p1/; httponly
-+Set-Cookie: httpo2=value2  ; domain=127.0.0.1; path=/p2/; httponly=
-+Set-Cookie: httpo3=value3  ; httponly; domain=127.0.0.1; path=/p3/;
-+Set-Cookie: httpo4=value4  ; httponly=; domain=127.0.0.1; path=/p4/; 
-+Set-Cookie: httponly=myvalue1  ; domain=127.0.0.1; path=/p4/; httponly
-+Set-Cookie: httpandsec=myvalue2  ; domain=127.0.0.1; path=/p4/; httponly; secure
-+Set-Cookie: httpandsec2=myvalue3; domain=127.0.0.1; path=/p4/; httponly=; secure
-+Set-Cookie: httpandsec3=myvalue4  ; domain=127.0.0.1; path=/p4/; httponly; secure=
-+Set-Cookie: httpandsec4=myvalue5  ; domain=127.0.0.1; path=/p4/; httponly=; secure=
-+Set-Cookie: httpandsec5=myvalue6  ; domain=127.0.0.1; path=/p4/; secure; httponly=
-+Set-Cookie: httpandsec6=myvalue7  ; domain=127.0.0.1; path=/p4/; secure=; httponly=
-+Set-Cookie: httpandsec7=myvalue8  ; domain=127.0.0.1; path=/p4/; secure; httponly
-+Set-Cookie: httpandsec8=myvalue9; domain=127.0.0.1; path=/p4/; secure=; httponly
- Set-Cookie: partmatch=present; domain=127.0.0.1 ; path=/;
- Set-Cookie:eat=this; domain=moo.foo.moo;
- Set-Cookie: eat=this-too; domain=.foo.moo;
[email protected]@ -27,7 +51,8 @@
- Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2030
- Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2030
- Set-Cookie: magic=yessir; path=/silly/; HttpOnly
--Set-Cookie: blexp=yesyes; domain=.0.0.1; domain=.0.0.1; expiry=totally bad;
-+Set-Cookie: blexp=yesyes; domain=127.0.0.1; domain=127.0.0.1; expiry=totally bad;
-+Set-Cookie: partialip=nono; domain=.0.0.1;
- 
- boo
- </data>
[email protected]@ -50,6 +75,9 @@
-  <command>
- http://%HOSTIP:%HTTPPORT/we/want/31 -b none -c log/jar31.txt
- </command>
-+<precheck>
-+perl -e 'if ("%HOSTIP" !~ /127\.0\.0\.1$/) {print "Test only works for HOSTIP 127.0.0.1"; exit(1)}'
-+</precheck>
- </client>
- 
- # Verify data after the test has been "shot"
[email protected]@ -68,11 +96,35 @@
- # http://curl.haxx.se/rfc/cookie_spec.html
- # This file was generated by libcurl! Edit at your own risk.
- 
--.127.0.0.1	TRUE	/silly/	FALSE	0	ismatch	this
--.127.0.0.1	TRUE	/	FALSE	0	partmatch	present
-+127.0.0.1	FALSE	/silly/	FALSE	0	ismatch	this
-+127.0.0.1	FALSE	/overwrite/	FALSE	0	overwrite	this
-+127.0.0.1	FALSE	/overwrite	FALSE	0	overwrite	this2
-+127.0.0.1	FALSE	/secure1/	TRUE	0	sec1value	secure1
-+127.0.0.1	FALSE	/secure2/	FALSE	0	sec2value	secure2
-+127.0.0.1	FALSE	/secure3/	FALSE	0	sec3value	secure3
-+127.0.0.1	FALSE	/secure4/	FALSE	0	sec4value	secure4
-+127.0.0.1	FALSE	/secure5/	TRUE	0	sec5value	secure5
-+127.0.0.1	FALSE	/secure6/	FALSE	0	sec6value	secure6
-+127.0.0.1	FALSE	/secure7/	FALSE	0	sec7value	secure7
-+127.0.0.1	FALSE	/secure8/	FALSE	0	sec8value	secure8
-+127.0.0.1	FALSE	/secure9/	FALSE	0	secure	very1
-+#HttpOnly_127.0.0.1	FALSE	/p1/	FALSE	0	httpo1	value1
-+127.0.0.1	FALSE	/p2/	FALSE	0	httpo2	value2
-+#HttpOnly_127.0.0.1	FALSE	/p3/	FALSE	0	httpo3	value3
-+127.0.0.1	FALSE	/p4/	FALSE	0	httpo4	value4
-+#HttpOnly_127.0.0.1	FALSE	/p4/	FALSE	0	httponly	myvalue1
-+#HttpOnly_127.0.0.1	FALSE	/p4/	TRUE	0	httpandsec	myvalue2
-+127.0.0.1	FALSE	/p4/	TRUE	0	httpandsec2	myvalue3
-+#HttpOnly_127.0.0.1	FALSE	/p4/	FALSE	0	httpandsec3	myvalue4
-+127.0.0.1	FALSE	/p4/	FALSE	0	httpandsec4	myvalue5
-+127.0.0.1	FALSE	/p4/	TRUE	0	httpandsec5	myvalue6
-+127.0.0.1	FALSE	/p4/	FALSE	0	httpandsec6	myvalue7
-+#HttpOnly_127.0.0.1	FALSE	/p4/	TRUE	0	httpandsec7	myvalue8
-+#HttpOnly_127.0.0.1	FALSE	/p4/	FALSE	0	httpandsec8	myvalue9
-+127.0.0.1	FALSE	/	FALSE	0	partmatch	present
- 127.0.0.1	FALSE	/we/want/	FALSE	2054030187	nodomain	value
- #HttpOnly_127.0.0.1	FALSE	/silly/	FALSE	0	magic	yessir
--.0.0.1	TRUE	/we/want/	FALSE	0	blexp	yesyes
-+127.0.0.1	FALSE	/we/want/	FALSE	0	blexp	yesyes
- </file>
- </verify>
- </testcase>
---- tests/data/test8.orig	2014-09-04 10:27:04.885231628 -0700
-+++ tests/data/test8	2014-09-04 10:41:44.133914601 -0700
[email protected]@ -35,16 +35,20 @@
- Server: test-server/fake
- Content-Type: text/html
- Funny-head: yesyes
--Set-Cookie: foobar=name; domain=127.0.0.1; path=/;
--Set-Cookie: mismatch=this; domain=127.0.0.1; path="/silly/";
-+Set-Cookie: foobar=name; domain=%HOSTIP; path=/;
-+Set-Cookie: mismatch=this; domain=%HOSTIP; path="/silly/";
- Set-Cookie: partmatch=present; domain=.0.0.1; path=/w;
- Set-Cookie: duplicate=test; domain=.0.0.1; domain=.0.0.1; path=/donkey;
- Set-Cookie: cookie=yes; path=/we;
- Set-Cookie: cookie=perhaps; path=/we/want;
- Set-Cookie: nocookie=yes; path=/WE;
--Set-Cookie: blexp=yesyes; domain=.0.0.1; domain=.0.0.1; expiry=totally bad;
-+Set-Cookie: blexp=yesyes; domain=%HOSTIP; domain=%HOSTIP; expiry=totally bad;
-+Set-Cookie: partialip=nono; domain=.0.0.1;
- 
- </file>
-+<precheck>
-+perl -e 'if ("%HOSTIP" !~ /\.0\.0\.1$/) {print "Test only works for HOSTIPs ending with .0.0.1"; exit(1)}'
-+</precheck>
- </client>
- 
- # Verify data after the test has been "shot"
[email protected]@ -56,7 +60,7 @@
- GET /we/want/8 HTTP/1.1
- Host: %HOSTIP:%HTTPPORT
- Accept: */*
--Cookie: cookie=perhaps; cookie=yes; partmatch=present; foobar=name; blexp=yesyes
-+Cookie: cookie=perhaps; cookie=yes; foobar=name; blexp=yesyes
- 
- </protocol>
- </verify>
--- a/components/curl/patches/015-CVE-2014-3613-part2.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,48 +0,0 @@
-From ceab2ea8f0c0fc4c4be219240ccf99ddc2de7b22 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <[email protected]>
-Date: Tue, 19 Aug 2014 21:11:20 +0200
-Subject: [PATCH 2/2] cookies: reject incoming cookies set for TLDs
-
-Test 61 was modified to verify this.
-
-Reported-by: Tim Ruehsen
----
- lib/cookie.c      | 6 ++++++
- tests/data/test61 | 1 +
- 2 files changed, 7 insertions(+)
-
-This problem has been fixed upstream in curl version 7.38.0
-
---- lib/cookie.c.orig	2014-09-04 10:48:44.170722741 -0700
-+++ lib/cookie.c	2014-09-04 10:44:28.980086252 -0700
[email protected]@ -303,6 +303,7 @@
-           }
-           else if(Curl_raw_equal("domain", name)) {
-             bool is_ip;
-+            const char *dotp;
- 
-             /* note that this name may or may not have a preceeding dot, but
-                we don't care about that, we treat the names the same anyway */
[email protected]@ -347,6 +348,11 @@
- 
-               is_ip = isip(domain ? domain : whatptr);
- 
-+              /* check for more dots */
-+              dotp = strchr(whatptr, '.');
-+              if(!dotp)
-+                domain=":";
-+
-               if(!domain
-                  || (is_ip && !strcmp(whatptr, domain))
-                  || (!is_ip && tailmatch(whatptr, domain))) {
---- tests/data/test61.orig	2014-09-04 10:50:40.756783312 -0700
-+++ tests/data/test61	2014-09-04 10:53:06.461671210 -0700
[email protected]@ -22,6 +22,8 @@
- Set-Cookie: test3=maybe; domain=foo.com; path=/moo; secure
- Set-Cookie: test4=no; domain=nope.foo.com; path=/moo; secure
- Set-Cookie: test5=name; domain=anything.com; path=/ ; secure
-+Set-Cookie: fake=fooledyou; domain=..com; path=/;
-+Set-Cookie: supercookie=fooledyou; domain=.com; path=/;
- Content-Length: 4
- 
- boo
--- a/components/curl/patches/016-curl-disable-sslv3.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,75 +0,0 @@
-Remove SSLv3 from SSL default due to the POODLE attack.
-
-Based on the following curl changeset:
-
-commit ec783dc142129d3860e542b443caaa78a6172d56
-Author: Jay Satiro <[email protected]>
-Date:   Fri Oct 24 13:41:56 2014 +0200
-
-    - Remove SSLv3 from the SSL default effectively making the default TLS 1.x.
-    - Update curl_easy_setopt doc.
-
---- ./docs/libcurl/curl_easy_setopt.3.orig	2014-11-11 12:03:20.659217117 -0800
-+++ ./docs/libcurl/curl_easy_setopt.3	2014-11-11 12:06:57.274210401 -0800
[email protected]@ -1819,8 +1819,7 @@
- .RS
- .IP CURL_SSLVERSION_DEFAULT
- The default action. This will attempt to figure out the remote SSL protocol
--version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled
--by default with 7.18.1).
-+version. SSLv2 and SSLv3 are disabled by default.
- .IP CURL_SSLVERSION_TLSv1
- Force TLSv1
- .IP CURL_SSLVERSION_SSLv2
---- ./lib/nss.c.orig	2014-11-11 12:08:37.152918397 -0800
-+++ ./lib/nss.c	2014-11-11 12:11:02.819141917 -0800
[email protected]@ -1177,12 +1177,6 @@
-   switch (data->set.ssl.version) {
-   default:
-   case CURL_SSLVERSION_DEFAULT:
--    ssl3 = PR_TRUE;
--    if (data->state.ssl_connect_retry)
--      infof(data, "TLS disabled due to previous handshake failure\n");
--    else
--      tlsv1 = PR_TRUE;
--    break;
-   case CURL_SSLVERSION_TLSv1:
-     tlsv1 = PR_TRUE;
-     break;
---- ./lib/qssl.c.orig	2014-11-11 12:08:44.037832982 -0800
-+++ ./lib/qssl.c	2014-11-11 12:12:10.802950719 -0800
[email protected]@ -192,9 +192,6 @@
- 
-   default:
-   case CURL_SSLVERSION_DEFAULT:
--    h->protocol = SSL_VERSION_CURRENT;          /* TLSV1 compat. SSLV[23]. */
--    break;
--
-   case CURL_SSLVERSION_TLSv1:
-     h->protocol = TLS_VERSION_1;
-     break;
---- ./lib/ssluse.c.orig	2014-11-11 12:08:52.156569428 -0800
-+++ ./lib/ssluse.c	2014-11-11 12:21:38.593664424 -0800
[email protected]@ -1448,10 +1448,6 @@
-   switch(data->set.ssl.version) {
-   default:
-   case CURL_SSLVERSION_DEFAULT:
--    /* we try to figure out version */
--    req_method = SSLv23_client_method();
--    use_sni(TRUE);
--    break;
-   case CURL_SSLVERSION_TLSv1:
-     req_method = TLSv1_client_method();
-     use_sni(TRUE);
[email protected]@ -1531,9 +1527,9 @@
- 
-   SSL_CTX_set_options(connssl->ctx, ctx_options);
- 
--  /* disable SSLv2 in the default case (i.e. allow SSLv3 and TLSv1) */
-+  /* disable SSLv2 and SSLv3 in the default case (i.e. allow TLSv1) */
-   if(data->set.ssl.version == CURL_SSLVERSION_DEFAULT)
--    SSL_CTX_set_options(connssl->ctx, SSL_OP_NO_SSLv2);
-+    SSL_CTX_set_options(connssl->ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
- 
- #if 0
-   /*
--- a/components/curl/patches/017-CVE-2014-3707.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,385 +0,0 @@
-(This is based on the curl patch at:
- http://curl.haxx.se/CVE-2014-3707.patch
- but adjusted for curl version 7.21.2).
-
-From 3696fc1ba79d9b34660c44150be5e93ecf87dd9e Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <[email protected]>
-Date: Fri, 17 Oct 2014 12:59:32 +0200
-Subject: [PATCH] curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of
- bounds
-
-When duplicating a handle, the data to post was duplicated using
-strdup() when it could be binary and contain zeroes and it was not even
-zero terminated! This caused read out of bounds crashes/segfaults.
-
-Since the lib/strdup.c file no longer is easily shared with the curl
-tool with this change, it now uses its own version instead.
-
-Bug: http://curl.haxx.se/docs/adv_20141105.html
-CVE: CVE-2014-3707
-Reported-By: Symeon Paraschoudis
----
- lib/formdata.c    | 52 +++++++++-------------------------------------------
- lib/strdup.c      | 32 +++++++++++++++++++++++++++-----
- lib/strdup.h      |  3 ++-
- lib/url.c         | 22 +++++++++++++++++-----
- lib/urldata.h     | 11 +++++++++--
- src/Makefile.inc  |  4 ++--
- src/tool_setup.h  |  5 ++---
- src/tool_strdup.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++
- src/tool_strdup.h | 30 ++++++++++++++++++++++++++++++
- 9 files changed, 145 insertions(+), 61 deletions(-)
- create mode 100644 src/tool_strdup.c
- create mode 100644 src/tool_strdup.h
-
---- lib/formdata.c.orig	2014-11-18 03:29:06.861398190 -0800
-+++ lib/formdata.c	2014-11-18 03:33:25.634942129 -0800
[email protected]@ -123,6 +123,7 @@
- #include "curl_rand.h"
- #include "strequal.h"
- #include "curl_memory.h"
-+#include "strdup.h"
- 
- #define _MPRINTF_REPLACE /* use our functions only */
- #include <curl/mprintf.h>
[email protected]@ -302,46 +303,6 @@
- 
- /***************************************************************************
-  *
-- * memdup()
-- *
-- * Copies the 'source' data to a newly allocated buffer buffer (that is
-- * returned). Uses buffer_length if not null, else uses strlen to determine
-- * the length of the buffer to be copied
-- *
-- * Returns the new pointer or NULL on failure.
-- *
-- ***************************************************************************/
--static char *memdup(const char *src, size_t buffer_length)
--{
--  size_t length;
--  bool add = FALSE;
--  char *buffer;
--
--  if(buffer_length)
--    length = buffer_length;
--  else if(src) {
--    length = strlen(src);
--    add = TRUE;
--  }
--  else
--    /* no length and a NULL src pointer! */
--    return strdup("");
--
--  buffer = malloc(length+add);
--  if(!buffer)
--    return NULL; /* fail */
--
--  memcpy(buffer, src, length);
--
--  /* if length unknown do null termination */
--  if(add)
--    buffer[length] = '\0';
--
--  return buffer;
--}
--
--/***************************************************************************
-- *
-  * FormAdd()
-  *
-  * Stores a formpost parameter and builds the appropriate linked list.
[email protected]@ -745,9 +706,12 @@
-              (form == first_form) ) {
-           /* Note that there's small risk that form->name is NULL here if the
-              app passed in a bad combo, so we better check for that first. */
--          if(form->name)
-+          if(form->name) {
-             /* copy name (without strdup; possibly contains null characters) */
--            form->name = memdup(form->name, form->namelength);
-+            form->name = Curl_memdup(form->name, form->namelength?
-+                                     form->namelength:
-+                                     strlen(form->name)+1);
-+          }
-           if(!form->name) {
-             return_value = CURL_FORMADD_MEMORY;
-             break;
[email protected]@ -758,7 +722,9 @@
-                              HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER |
-                              HTTPPOST_CALLBACK)) ) {
-           /* copy value (without strdup; possibly contains null characters) */
--          form->value = memdup(form->value, form->contentslength);
-+          form->value = Curl_memdup(form->value, form->contentslength?
-+                                    form->contentslength:
-+                                    strlen(form->value)+1);
-           if(!form->value) {
-             return_value = CURL_FORMADD_MEMORY;
-             break;
---- lib/strdup.c.orig	2014-11-18 03:34:47.615106130 -0800
-+++ lib/strdup.c	2014-11-18 03:36:24.540240128 -0800
[email protected]@ -5,7 +5,7 @@
-  *                            | (__| |_| |  _ <| |___
-  *                             \___|\___/|_| \_\_____|
-  *
-- * Copyright (C) 1998 - 2008, Daniel Stenberg, <[email protected]>, et al.
-+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <[email protected]>, et al.
-  *
-  * This software is licensed as described in the file COPYING, which
-  * you should have received as part of this distribution. The terms
[email protected]@ -22,6 +22,10 @@
- 
- #include "setup.h"
- #include "strdup.h"
-+#include "curl_memory.h"
-+
-+/* The last #include file should be: */
-+#include "memdebug.h"
- 
- #ifndef HAVE_STRDUP
- char *curlx_strdup(const char *str)
[email protected]@ -47,3 +51,25 @@
- 
- }
- #endif
-+
-+/***************************************************************************
-+ *
-+ * Curl_memdup(source, length)
-+ *
-+ * Copies the 'source' data to a newly allocated buffer (that is
-+ * returned). Copies 'length' bytes.
-+ *
-+ * Returns the new pointer or NULL on failure.
-+ *
-+ ***************************************************************************/
-+char *Curl_memdup(const char *src, size_t length)
-+{
-+  char *buffer = malloc(length);
-+  if(!buffer)
-+    return NULL; /* fail */
-+
-+  memcpy(buffer, src, length);
-+
-+  /* if length unknown do null termination */
-+  return buffer;
-+}
---- lib/strdup.h.orig	2014-11-18 03:37:29.169630451 -0800
-+++ lib/strdup.h	2014-11-18 03:37:58.420841595 -0800
[email protected]@ -7,7 +7,7 @@
-  *                            | (__| |_| |  _ <| |___
-  *                             \___|\___/|_| \_\_____|
-  *
-- * Copyright (C) 1998 - 2010, Daniel Stenberg, <[email protected]>, et al.
-+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <[email protected]>, et al.
-  *
-  * This software is licensed as described in the file COPYING, which
-  * you should have received as part of this distribution. The terms
[email protected]@ -26,5 +26,6 @@
- #ifndef HAVE_STRDUP
- extern char *curlx_strdup(const char *str);
- #endif
-+char *Curl_memdup(const char *src, size_t buffer_length);
- 
- #endif /* HEADER_CURL_STRDUP_H */
---- lib/url.c.orig	2014-11-18 03:38:54.137970835 -0800
-+++ lib/url.c	2014-11-18 03:43:13.569265802 -0800
[email protected]@ -139,6 +139,7 @@
- #include "rtsp.h"
- #include "curl_rtmp.h"
- #include "gopher.h"
-+#include "strdup.h"
- 
- #define _MPRINTF_REPLACE /* use our functions only */
- #include <curl/mprintf.h>
[email protected]@ -284,8 +285,9 @@
- {
-   /* Free all dynamic strings stored in the data->set substructure. */
-   enum dupstring i;
--  for(i=(enum dupstring)0; i < STRING_LAST; i++)
-+  for(i=(enum dupstring)0; i < STRING_LAST; i++) {
-     Curl_safefree(data->set.str[i]);
-+  }
- }
- 
- static CURLcode setstropt(char **charp, char * s)
[email protected]@ -365,14 +367,24 @@
-   memset(dst->set.str, 0, STRING_LAST * sizeof(char *));
- 
-   /* duplicate all strings */
--  for(i=(enum dupstring)0; i< STRING_LAST; i++) {
-+  for(i=(enum dupstring)0; i< STRING_LASTZEROTERMINATED; i++) {
-     r = setstropt(&dst->set.str[i], src->set.str[i]);
-     if(r != CURLE_OK)
--      break;
-+      return r;
-   }
- 
--  /* If a failure occurred, freeing has to be performed externally. */
--  return r;
-+  /* duplicate memory areas pointed to */
-+  i = STRING_COPYPOSTFIELDS;
-+  if(src->set.postfieldsize && src->set.str[i]) {
-+    /* postfieldsize is curl_off_t, Curl_memdup() takes a size_t ... */
-+    dst->set.str[i] = Curl_memdup(src->set.str[i], src->set.postfieldsize);
-+    if(!dst->set.str[i])
-+      return CURLE_OUT_OF_MEMORY;
-+    /* point to the new copy */
-+    dst->set.postfields = dst->set.str[i];
-+  }
-+
-+  return CURLE_OK;
- }
- 
- #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
---- lib/urldata.h.orig	2014-11-18 03:44:28.965134703 -0800
-+++ lib/urldata.h	2014-11-18 03:46:24.706226763 -0800
[email protected]@ -1216,7 +1216,6 @@
-   STRING_KRB_LEVEL,       /* krb security level */
-   STRING_NETRC_FILE,      /* if not NULL, use this instead of trying to find
-                              $HOME/.netrc */
--  STRING_COPYPOSTFIELDS,  /* if POST, set the fields' values here */
-   STRING_PROXY,           /* proxy to use */
-   STRING_SET_RANGE,       /* range, if used */
-   STRING_SET_REFERER,     /* custom string for the HTTP referer field */
[email protected]@ -1249,7 +1248,15 @@
- #endif
-   STRING_MAIL_FROM,
- 
--  /* -- end of strings -- */
-+  /* -- end of zero-terminated strings -- */
-+
-+  STRING_LASTZEROTERMINATED,
-+
-+  /* -- below this are pointers to binary data that cannot be strdup'ed.
-+     Each such pointer must be added manually to Curl_dupset() --- */
-+
-+  STRING_COPYPOSTFIELDS,  /* if POST, set the fields' values here */
-+
-   STRING_LAST /* not used, just an end-of-list marker */
- };
- 
---- src/Makefile.inc.orig	2014-11-18 03:47:49.286734214 -0800
-+++ src/Makefile.inc	2014-11-18 03:52:27.133161024 -0800
[email protected]@ -10,15 +10,16 @@
- # libcurl has sources that provide functions named curlx_* that aren't part of
- # the official API, but we re-use the code here to avoid duplication.
- CURLX_ONES = $(top_srcdir)/lib/strtoofft.c \
--	$(top_srcdir)/lib/strdup.c \
- 	$(top_srcdir)/lib/rawstr.c \
- 	$(top_srcdir)/lib/nonblock.c
- 
- CURL_CFILES = main.c hugehelp.c urlglob.c writeout.c writeenv.c \
--	getpass.c homedir.c curlutil.c os-specific.c
-+	getpass.c homedir.c curlutil.c os-specific.c \
-+	tool_strdup.c
- 
- CURL_HFILES = hugehelp.h setup.h config-win32.h config-mac.h \
- 	config-riscos.h urlglob.h version.h os-specific.h \
-+	tool_strdup.h \
- 	writeout.h writeenv.h getpass.h homedir.h curlutil.h
- 
- curl_SOURCES = $(CURL_CFILES) $(CURLX_ONES) $(CURL_HFILES)
---- src/setup.h.orig	2014-11-18 03:54:19.162704002 -0800
-+++ src/setup.h	2014-11-18 03:55:05.389517301 -0800
[email protected]@ -7,7 +7,7 @@
-  *                            | (__| |_| |  _ <| |___
-  *                             \___|\___/|_| \_\_____|
-  *
-- * Copyright (C) 1998 - 2010, Daniel Stenberg, <[email protected]>, et al.
-+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <[email protected]>, et al.
-  *
-  * This software is licensed as described in the file COPYING, which
-  * you should have received as part of this distribution. The terms
[email protected]@ -203,8 +203,7 @@
- #endif
- 
- #ifndef HAVE_STRDUP
--#include "strdup.h"
--#define strdup(ptr) curlx_strdup(ptr)
-+#  include "tool_strdup.h"
- #endif
- 
- /* Define S_ISREG if not defined by system headers, f.e. MSVC */
---- src/tool_strdup.c.orig	2014-11-18 03:56:00.122473188 -0800
-+++ src/tool_strdup.c	2014-11-18 03:57:10.023119420 -0800
[email protected]@ -0,0 +1,47 @@
-+/***************************************************************************
-+ *                                  _   _ ____  _
-+ *  Project                     ___| | | |  _ \| |
-+ *                             / __| | | | |_) | |
-+ *                            | (__| |_| |  _ <| |___
-+ *                             \___|\___/|_| \_\_____|
-+ *
-+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <[email protected]>, et al.
-+ *
-+ * This software is licensed as described in the file COPYING, which
-+ * you should have received as part of this distribution. The terms
-+ * are also available at http://curl.haxx.se/docs/copyright.html.
-+ *
-+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
-+ * copies of the Software, and permit persons to whom the Software is
-+ * furnished to do so, under the terms of the COPYING file.
-+ *
-+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-+ * KIND, either express or implied.
-+ *
-+ ***************************************************************************/
-+#include "strdup.h"
-+
-+#ifndef HAVE_STRDUP
-+char *strdup(const char *str)
-+{
-+  size_t len;
-+  char *newstr;
-+
-+  if(!str)
-+    return (char *)NULL;
-+
-+  len = strlen(str);
-+
-+  if(len >= ((size_t)-1) / sizeof(char))
-+    return (char *)NULL;
-+
-+  newstr = malloc((len+1)*sizeof(char));
-+  if(!newstr)
-+    return (char *)NULL;
-+
-+  memcpy(newstr,str,(len+1)*sizeof(char));
-+
-+  return newstr;
-+
-+}
-+#endif
---- src/tool_strdup.h.orig	2014-11-18 03:57:45.315222626 -0800
-+++ src/tool_strdup.h	2014-11-18 03:58:13.983815925 -0800
[email protected]@ -0,0 +1,30 @@
-+#ifndef HEADER_TOOL_STRDUP_H
-+#define HEADER_TOOL_STRDUP_H
-+/***************************************************************************
-+ *                                  _   _ ____  _
-+ *  Project                     ___| | | |  _ \| |
-+ *                             / __| | | | |_) | |
-+ *                            | (__| |_| |  _ <| |___
-+ *                             \___|\___/|_| \_\_____|
-+ *
-+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <[email protected]>, et al.
-+ *
-+ * This software is licensed as described in the file COPYING, which
-+ * you should have received as part of this distribution. The terms
-+ * are also available at http://curl.haxx.se/docs/copyright.html.
-+ *
-+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
-+ * copies of the Software, and permit persons to whom the Software is
-+ * furnished to do so, under the terms of the COPYING file.
-+ *
-+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-+ * KIND, either express or implied.
-+ *
-+ ***************************************************************************/
-+#include "tool_setup.h"
-+
-+#ifndef HAVE_STRDUP
-+extern char *strdup(const char *str);
-+#endif
-+
-+#endif /* HEADER_TOOL_STRDUP_H */
--- a/components/curl/patches/018-CVE-2014-8150.patch	Fri Apr 10 18:00:20 2015 -0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,29 +0,0 @@
-From 4e2ac2afa94f014a2a015c48c678e2367a63ae82 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <[email protected]>
-Date: Thu, 25 Dec 2014 23:55:03 +0100
-Subject: [PATCH] url-parsing: reject CRLFs within URLs
-
-Bug: http://curl.haxx.se/docs/adv_20150108B.html
-Reported-by: Andrey Labunets
----
- lib/url.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-This fix is already available upstream in curl version 7.40.0
-
---- lib/url.c.orig	2015-01-05 17:12:46.302124082 -0800
-+++ lib/url.c	2015-01-05 17:13:15.299976184 -0800
[email protected]@ -3545,6 +3545,13 @@
- 
-   *prot_missing = FALSE;
- 
-+  /* We might pass the entire URL into the request so we need to make sure
-+   * there are no bad characters in there.*/ 
-+  if(strpbrk(data->change.url, "\r\n")) {
-+    failf(data, "Illegal characters found in URL");
-+    return CURLE_URL_MALFORMAT;
-+  }
-+
-   /*************************************************************
-    * Parse the URL.
-    *