[pkgsrc/trunk]: pkgsrc/www/curl curl: update to 7.79.0.

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/fabc802129ff
branches:  trunk
changeset: 458382:fabc802129ff
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Wed Sep 15 06:26:00 2021 +0000

description:
curl: update to 7.79.0.

This release includes the following changes:

 o bearssl: support CURLOPT_CAINFO_BLOB [3]
 o http: consider cookies over localhost to be secure [24]
 o secure transport: support CURLINFO_CERTINFO [63]

This release includes the following bugfixes:

 o CVE-2021-22945: clear the leftovers pointer when sending succeeds [112]
 o CVE-2021-22946: do not ignore --ssl-reqd [111]
 o CVE-2021-22947: reject STARTTLS server response pipelining [110]
 o ares: use ares_getaddrinfo() [51]
 o asyn-ares.c: move all version number checks to the top
 o auth: do not append zero-terminator to authorisation id in kerberos [32]
 o auth: properly handle byte order in kerberos security message [36]
 o auth: use sasl authzid option in kerberos [34]
 o auth: we do not support a security layer after kerberos authentication [35]
 o BINDINGS.md: update links to use https where available [50]
 o build: fix compiler warnings [39]
 o c-hyper: deal with Expect: 100-continue combined with POSTFIELDS [66]
 o c-hyper: fix header value passed to debug callback [46]
 o c-hyper: handle HTTP/1.1 => HTTP/1.0 downgrade on reused connection [65]
 o c-hyper: initial step for 100-continue support [43]
 o c-hyper: initial support for "dumping" 1xx HTTP responses [40]
 o c-hyper: remove the hyper_executor_poll() loop from Curl_http [13]
 o CI/cirrus: reduce compile time with increased parallism [19]
 o CI: use GitHub Container Registry instead of Docker Hub [47]
 o cirrus: Add FreeBSD 13.0 job and disable sanitizer build [128]
 o cmake: avoid poll() on macOS [59]
 o cmake: sync CURL_DISABLE options [55]
 o codeql: fix error "Resource not accessible by integration" [61]
 o compressed.d: it's a request, not an order [21]
 o config.d: escape the backslash properly [81]
 o config.d: note that curlrc is used even when --config [107]
 o config: get rid of the unused HAVE_SIG_ATOMIC_T et. al.
 o configure.ac: revert bad nghttp2 library detection improvements [9]
 o configure: error out if both ngtcp2 and quiche are specified [30]
 o configure: make --disable-hsts work [106]
 o configure: set classic mingw minimum OS version to XP [83]
 o configure: tweak nghttp2 library name fix [2]
 o connect: get local port + ip also when reusing connections [95]
 o connect: remove superfluous conditional [23]
 o curl-openssl.m4: check lib64 for the pkg-config file [14]
 o curl-openssl.m4: show correct output for OpenSSL v3 [75]
 o curl.1: mention "global" flags [7]
 o curl.1: provide examples for each option [99]
 o curl: add warning for ignored data after quoted form parameter [60]
 o curl: add warning for incompatible parameters usage [102]
 o curl: better error message when -O fails to get a good name [88]
 o curl: stop retry if Retry-After: is longer than allowed [104]
 o curl_easy_setopt.3: improve the string copy wording [89]
 o Curl_hsts_loadcb: don't attempt to load if hsts wasn't inited [116]
 o curl_setup.h: sync values for HTTP_ONLY [82]
 o curl_url_get.3: clarify about path and query [45]
 o CURLMOPT_TIMERFUNCTION.3: remove misplaced "time" [5]
 o CURLOPT_DOH_URL.3: CURLOPT_OPENSOCKETFUNCTION is not inherited [8]
 o CURLOPT_SSL_CTX_*.3: tidy up the example [15]
 o CURLOPT_UNIX_SOCKET_PATH.3: remove nginx reference, add see also [90]
 o docs/MQTT: update state of username/password support [4]
 o docs: remove experimental mentions from HSTS and MQTT [93]
 o docs: the security list is reached at security at curl.se now [124]
 o easy: use a custom implementation of wcsdup on Windows [31]
 o examples/*hiperfifo.c: fix calloc arguments to match function proto [103]
 o examples/cookie_interface: avoid printfing time_t directly [18]
 o examples/cookie_interface: fix scan-build printf warning [16]
 o examples/ephiperfifo.c: simplify signal handler [42]
 o FAQ: add two dev related questions [108]
 o getparameter: fix the --local-port number parser [58]
 o happy-eyeballs-timeout-ms.d: polish the wording [10]
 o hostip: Make Curl_ipv6works function independent of getaddrinfo [26]
 o http2: Curl_http2_setup needs to init stream data in all invokes [119]
 o http2: revert a change that broke upgrade to h2c [57]
 o http2: revert call the handle-closed function correctly on closed stream [25]
 o http: disallow >3-digit response codes [80]
 o http: ignore content-length if any transfer-encoding is used [101]
 o http_proxy: clear 'sending' when the outgoing request is sent [6]
 o http_proxy: fix the User-Agent inclusion in CONNECT [115]
 o http_proxy: fix user-agent and custom headers for CONNECT with hyper [38]
 o http_proxy: only wait for writable socket while sending request [78]
 o INTERNALS: bump c-ares requirement to 1.16.0
 o INTERNALS: c-ares has a new home: c-ares.org
 o lib: don't use strerror() [127]
 o libcurl-errors.3: clarify two CURLUcode errors [72]
 o limit-rate.d: clarify base unit [17]
 o mailing lists: move from cool.haxx.se to lists.haxx.se
 o mbedtls: avoid using a large buffer on the stack [105]
 o mbedTLS: initial 3.0.0 support [33]
 o mbedtls_threadlock: fix unused variable warning [11]
 o mksymbolsmanpage.pl: Fix showing symbol's last used version [76]
 o mksymbolsmanpage.pl: match symbols case insenitively [77]
 o multi: fix compiler warning with `CURL_DISABLE_WAKEUP` [96]
 o ngtcp2: compile with the latest ngtcp2 and nghttp3 [12]
 o ngtcp2: fix build with ngtcp2 and nghttp3 [117]
 o ngtcp2: remove the acked_crypto_offset struct field init [64]
 o ngtcp2: replace deprecated functions with nghttp3_conn_shutdown_stream_read [28]
 o ngtcp2: reset the oustanding send buffer again when drained [53]
 o ngtcp2: rework the return value handling of ngtcp2_conn_writev_stream [29]
 o ngtcp2: stop buffering crypto data [85]
 o ngtcp2: utilize crypto API functions to simplify [52]
 o openssl: annotate SSL3_MT_SUPPLEMENTAL_DATA [98]
 o openssl: when creating a new context, there cannot be an old one [48]
 o opt-docs: make sure all man pages have examples [92]
 o opt-docs: verify man page sections + order [91]
 o opts docs: unify phrasing in NAME header [126]
 o output.d: add method to suppress response bodies [49]
 o page-header: add GOPHERS, simplify wording in the 1st para [94]
 o progress: fix a compile warning on some systems [54]
 o progress: make trspeed avoid floats [100]
 o runtests: add option -u to error on server unexpectedly alive [125]
 o schannel: Work around typo in classic mingw macro [84]
 o scripts: invoke interpreters through /usr/bin/env [68]
 o setopt: enable CURLOPT_IGNORE_CONTENT_LENGTH for hyper [70]
 o strerror.h: remove the #include from files not using it
 o symbols-in-versions: fix CURLSSLBACKEND_QSOSSL last used version [73]
 o test1138: remove trailing space to make work with hyper [71]
 o test1173: check references to libcurl options [69]
 o test1280: CRLFify the response to please hyper [86]
 o test1565: fix windows build errors [27]
 o test365: verify response with chunked AND Content-Length headers
 o tests/*server.pl: flush output before executing subprocess [41]
 o tests/*server.py: remove pidfile on server termination [1]
 o tests/runtests.pl: cleanup copy&paste mistakes and unused code
 o tests/server/*.c: align handling of portfile argument and file [56]
 o tests: adjust the tftpd output to work with hyper mode [97]
 o tests: be explicit about using 'python3' instead of 'python' [67]
 o tests: enable test 1129 for hyper builds [87]
 o tests: make three tests pass until 2037 [22]
 o tool/tests: fix potential year 2038 issues [20]
 o tool_operate: Fix --fail-early with parallel transfers [62]
 o url: fix compiler warning in no-verbose builds [120]
 o urlapi.c:seturl: assert URL instead of using if-check [74]
 o vtls: fix typo in schannel_verify.c [44]
 o winbuild/README.md: clarify GEN_PDB option
 o wolfssl: clean up wolfcrypt error queue [79]
 o write-out.d: clarify size_download/upload [118]
 o x509asn1: fix heap over-read when parsing x509 certificates [37]

diffstat:

 www/curl/Makefile                |   4 ++--
 www/curl/distinfo                |  12 ++++++------
 www/curl/patches/patch-configure |  30 +++++++++++++++---------------
 3 files changed, 23 insertions(+), 23 deletions(-)

diffs (143 lines):

diff -r 1f514adc06d8 -r fabc802129ff www/curl/Makefile
--- a/www/curl/Makefile Wed Sep 15 01:18:14 2021 +0000
+++ b/www/curl/Makefile Wed Sep 15 06:26:00 2021 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.245 2021/07/21 09:32:04 leot Exp $
+# $NetBSD: Makefile,v 1.246 2021/09/15 06:26:00 wiz Exp $
 
-DISTNAME=      curl-7.78.0
+DISTNAME=      curl-7.79.0
 CATEGORIES=    www
 MASTER_SITES=  https://curl.haxx.se/download/
 EXTRACT_SUFX=  .tar.xz
diff -r 1f514adc06d8 -r fabc802129ff www/curl/distinfo
--- a/www/curl/distinfo Wed Sep 15 01:18:14 2021 +0000
+++ b/www/curl/distinfo Wed Sep 15 06:26:00 2021 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.172 2021/07/21 09:32:04 leot Exp $
+$NetBSD: distinfo,v 1.173 2021/09/15 06:26:00 wiz Exp $
 
-SHA1 (curl-7.78.0.tar.xz) = 52600f84018002cf9d0f58d65b65573ca08e1308
-RMD160 (curl-7.78.0.tar.xz) = a3c6639da7482c5ed9aac36a16d1daa253e4a9d1
-SHA512 (curl-7.78.0.tar.xz) = f72e822a0b5e28320ef547c7a441c07f3b4870579a70ab4c428751baba435a1385cb89a22b9ed4b84a7fafecf620f155911e4131e3463ec1bdad80ecde47bb7a
-Size (curl-7.78.0.tar.xz) = 2440640 bytes
-SHA1 (patch-configure) = ffea96ece54567c9339753628bfae9c7a60bce61
+SHA1 (curl-7.79.0.tar.xz) = b048415f3071f04a44d441682b4a20675e566d8a
+RMD160 (curl-7.79.0.tar.xz) = ca97340f1b1bbcd3bc5128a76987ba5bdccba3b9
+SHA512 (curl-7.79.0.tar.xz) = 68bccba61f18de9f94c311b0d92cfa6572bb7e55e8773917c13b25203164a5a9f4ef6b8ad84a14d3d5dcb286271bf18c3dd84c4ca353866763c726f9defce808
+Size (curl-7.79.0.tar.xz) = 2463072 bytes
+SHA1 (patch-configure) = 89400a8a1a83b49d70de23d34794ecaeeb8b8c62
 SHA1 (patch-curl-config.in) = a58c777fc1a0a087776e62ed2e2a1e0a339716df
diff -r 1f514adc06d8 -r fabc802129ff www/curl/patches/patch-configure
--- a/www/curl/patches/patch-configure  Wed Sep 15 01:18:14 2021 +0000
+++ b/www/curl/patches/patch-configure  Wed Sep 15 06:26:00 2021 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-configure,v 1.11 2021/07/21 09:32:04 leot Exp $
+$NetBSD: patch-configure,v 1.12 2021/09/15 06:26:01 wiz Exp $
 
 - Builtin krb5-config in platforms such as solaris do not support
   the gssapi option, and need an explicit -lgss
@@ -6,17 +6,17 @@
 - Do not strip debug flags.
 - Support Minix.
 
---- configure.orig     2021-07-19 12:47:17.000000000 +0000
+--- configure.orig     2021-09-13 14:46:32.000000000 +0000
 +++ configure
-@@ -3830,6 +3830,7 @@ $as_echo "$as_me: $xc_bad_var_msg librar
+@@ -4253,6 +4253,7 @@ printf "%s\n" "$as_me: $xc_bad_var_msg l
          ;;
      esac
    done
 +  xc_bad_var_cflags=no
    if test $xc_bad_var_cflags = yes; then
-     { $as_echo "$as_me:${as_lineno-$LINENO}: using CFLAGS: $CFLAGS" >&5
- $as_echo "$as_me: using CFLAGS: $CFLAGS" >&6;}
-@@ -7885,7 +7886,7 @@ else
+     { printf "%s\n" "$as_me:${as_lineno-$LINENO}: using CFLAGS: $CFLAGS" >&5
+ printf "%s\n" "$as_me: using CFLAGS: $CFLAGS" >&6;}
+@@ -8633,7 +8634,7 @@ else $as_nop
      lt_cv_sys_max_cmd_len=8192;
      ;;
  
@@ -25,7 +25,7 @@
      # This has been around since 386BSD, at least.  Likely further.
      if test -x /sbin/sysctl; then
        lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
-@@ -8351,12 +8352,8 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu 
+@@ -9113,12 +9114,8 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu 
    lt_cv_deplibs_check_method=pass_all
    ;;
  
@@ -40,7 +40,7 @@
    ;;
  
  newos6*)
-@@ -12563,14 +12560,13 @@ _LT_EOF
+@@ -13384,14 +13381,13 @@ _LT_EOF
        fi
        ;;
  
@@ -62,7 +62,7 @@
        ;;
  
      solaris*)
-@@ -13253,15 +13249,13 @@ $as_echo "$lt_cv_irix_exported_symbol" >
+@@ -14081,15 +14077,13 @@ printf "%s\n" "$lt_cv_irix_exported_symb
        esac
        ;;
  
@@ -83,7 +83,7 @@
        ;;
  
      newsos6)
-@@ -14367,6 +14361,18 @@ fi
+@@ -15199,6 +15193,18 @@ fi
    dynamic_linker='GNU/Linux ld.so'
    ;;
  
@@ -102,7 +102,7 @@
  netbsdelf*-gnu)
    version_type=linux
    need_lib_prefix=no
-@@ -16884,7 +16890,7 @@ squeeze() {
+@@ -17759,7 +17765,7 @@ squeeze() {
  
  
        #
@@ -111,7 +111,7 @@
      #
      tmp_save_CPPFLAGS="$CPPFLAGS"
      tmp_save_CFLAGS="$CFLAGS"
-@@ -17135,13 +17141,6 @@ $as_echo_n "checking if compiler accepts
+@@ -18014,13 +18020,6 @@ printf %s "checking if compiler accepts 
        tmp_options="$flags_dbg_yes"
      fi
      #
@@ -125,7 +125,7 @@
      squeeze CPPFLAGS
      squeeze CFLAGS
    fi
-@@ -19798,7 +19797,7 @@ $as_echo "no" >&6; }
+@@ -20734,7 +20733,7 @@ printf "%s\n" "no" >&6; }
    tst_cflags="no"
    case $host_os in
      darwin*)
@@ -134,7 +134,7 @@
        ;;
    esac
  
-@@ -23385,7 +23384,11 @@ $as_echo "yes" >&6; }
+@@ -24428,7 +24427,11 @@ printf "%s\n" "yes" >&6; }
       if test -n "$host_alias" -a -f "$GSSAPI_ROOT/bin/$host_alias-krb5-config"; then
          GSSAPI_INCS=`$GSSAPI_ROOT/bin/$host_alias-krb5-config --cflags gssapi`
       elif test -f "$KRB5CONFIG"; then
@@ -147,7 +147,7 @@
       elif test "$GSSAPI_ROOT" != "yes"; then
          GSSAPI_INCS="-I$GSSAPI_ROOT/include"
       fi
-@@ -23558,7 +23561,7 @@ $as_echo "#define HAVE_GSSAPI 1" >>confd
+@@ -24600,7 +24603,7 @@ printf "%s\n" "#define HAVE_GSSAPI 1" >>
          LIBS="-lgss $LIBS"
          ;;
       *)