Message ID | 20240913162520.2352467-1-adolf.belka@ipfire.org |
---|---|
State | Staged |
Commit | 905f98a3f5784d7f34e9cfaca5045bfdcca4d6af |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4X506213X6z3wxl for <patchwork@web04.haj.ipfire.org>; Fri, 13 Sep 2024 16:25:30 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4X505z1bVcz2ry; Fri, 13 Sep 2024 16:25:27 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4X505y6Rgpz3475; Fri, 13 Sep 2024 16:25:26 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4X505w2b3Bz2ybk for <development@lists.ipfire.org>; Fri, 13 Sep 2024 16:25:24 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4X505v2tr4zQF; Fri, 13 Sep 2024 16:25:23 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1726244723; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=EawqQ2z4b2/AAHgog4YjRnBO5bTOVAVY81A1YJyK9Zg=; b=CcZV9vp8iUypGFWfoq5s6E4RxYST3bZsZ5jmjzthlH+OT1TmZIswx7lQKAP644r/KMwTT2 QuqrqG12h7WEVPBA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1726244723; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=EawqQ2z4b2/AAHgog4YjRnBO5bTOVAVY81A1YJyK9Zg=; b=lrp7MGu2LWiii6bQJ7MN3NH/k15NhftXLULHqnZu6BDVOhyoyJrEVXTq/fqeqdl4vhj267 PI1CPtUUV+vN8DZvwfhd1NhDUsjrgRGkQnfrsEckGJS7uptNZF3IIdbIlWO7oZ2VfMINwS cjjUbCJ8dQ1YJ3C/ADyiHUWzQpV6sUEc5ja6T4/dQtGBj7pZxSNhBET1jIy0fhLBMYXQ6p Q0aQgyCTDkSAQg1ae9RasX+iZBeou+oig/z3lSf9Z2p/XCQVHR8buvPu7ytrE6Wuj71kBQ Kaz53pkCGYH0VQURVv21o6AFDyqxFSszqMZ9eFDCtTdyLjt2AD/6giZxJ8LmeQ== From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] curl: Update to version 8.10.0 Date: Fri, 13 Sep 2024 18:25:16 +0200 Message-ID: <20240913162520.2352467-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: OJIUXXFISUWCDW66GO6OKA7V35HMIWN4 X-Message-ID-Hash: OJIUXXFISUWCDW66GO6OKA7V35HMIWN4 X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> Archived-At: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/OJIUXXFISUWCDW66GO6OKA7V35HMIWN4/> List-Archive: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Owner: <mailto:development-owner@lists.ipfire.org> List-Post: <mailto:development@lists.ipfire.org> List-Subscribe: <mailto:development-join@lists.ipfire.org> List-Unsubscribe: <mailto:development-leave@lists.ipfire.org> |
Series |
curl: Update to version 8.10.0
|
|
Commit Message
Adolf Belka
Sept. 13, 2024, 4:25 p.m. UTC
- Update from vesion 8.9.1 to 8.10.0
- Update of rootfile
- In previous versions if libpsl was not found then the build excluded it. Now it needs
to be explicitly disabled otherwise the build will stop with a warning that it could
not be found.
- Changelog
8.10.0
changes:
o autotools: add `--enable-windows-unicode` option [103]
o curl: --help [option] displays documentation for given cmdline option [19]
o curl: add --skip-existing [54]
o curl: for -O, use "default" as filename when the URL has none [34]
o curl: make --rate accept "number of units" [4]
o curl: make --show-headers the same as --include [6]
o curl: support --dump-header % to direct to stderr [31]
o curl: support embedding a CA bundle and --dump-ca-embed [20]
o curl: support repeated use of the verbose option; -vv etc [35]
o curl: use libuv for parallel transfers with --test-event [82]
o getinfo: add CURLINFO_POSTTRANSFER_TIME_T [87]
o mbedtls: add CURLOPT_TLS13_CIPHERS support [78]
o rustls: add support for setting TLS version and ciphers [113]
o vtls: stop offering alpn http/1.1 for http2-prior-knowledge [53]
o wolfssl: add CURLOPT_TLS13_CIPHERS support [76]
o wolfssl: add support for ssl cert blob / ssl key blob options [50]
bugfixes:
o asyn-thread: stop using GetAddrInfoExW on Windows [241]
o autotools: fix MS-DOS builds [249]
o autotools: fix typo in tests/data target [30]
o aws_sigv4: fix canon order for headers with same prefix [74]
o bearssl: fix setting tls version [203]
o bearssl: improve shutdown handling [45]
o BINDINGS: add zig binding [100]
o build: add `iphlpapi` lib for libssh on Windows [166]
o build: add `poll()` detection for cross-builds [244]
o build: add options to disable SHA-512/256 hash algo [239]
o build: check OS-native IDN first, then libidn2 [223]
o build: delete unused `REQUIRE_LIB_DEPS` [226]
o build: drop unused `NROFF` reference [253]
o build: drop unused feature-detection code for Apple `poll()` [227]
o build: generate `buildinfo.txt` for test logs [256]
o build: improve compiler version detection portability
o build: make `CURL_FORMAT_CURL_OFF_T[U]` work with mingw-w64 <=7.0.0 [207]
o build: silence C4232 MSVC warnings in vcpkg ngtcp2 builds [137]
o build: use -Wno-format-overflow [195]
o buildconf.bat: fix tool_hugehelp.c generation [173]
o cf-socket: fix pollset for listening [179]
o cf-socket: prevent KEEPALIVE_FACTOR being set to 1000 for Windows [185]
o cfilters: send flush [13]
o CHANGES: rename to CHANGES.md, no longer generated [40]
o CI: enable parallel testing in CI builds [18]
o ci: Update actions/upload-artifact digest to 89ef406 [24]
o cmake: `Libs.private` improvements [215]
o cmake: add `CURL_USE_PKGCONFIG` option [138]
o cmake: add Linux CI job, fix pytest with cmake [71]
o cmake: add math library when using wolfssl and ngtcp2 [66]
o cmake: add missing `pkg-config` hints to Find modules [158]
o cmake: add missing version detection to Find modules [170]
o cmake: add rustls [116]
o cmake: add support for versioned symbols option [51]
o cmake: add wolfSSH support [117]
o cmake: allow `pkg-config` in more envs [147]
o cmake: cleanup header paths [59]
o cmake: default `CURL_DISABLE_LDAPS` to the value of `CURL_DISABLE_LDAP` [231]
o cmake: delete MSVC warning suppression for tests/server [101]
o cmake: detect `nghttp2` via `pkg-config`, enable by default [21]
o cmake: detect and show VCPKG in platform flags [84]
o cmake: distcheck for files in CMake subdir [9]
o cmake: drop custom `CMakeOutput.log`/`CMakeError.log` logs [27]
o cmake: drop libssh CONFIG-style detection [167]
o cmake: drop no-op `tests/data/CMakeLists.txt` [26]
o cmake: drop reference to undefined variable [25]
o cmake: drop unused `HAVE_IDNA_STRERROR` [62]
o cmake: drop unused internal variable [22]
o cmake: exclude tests/http/clients builds by default [110]
o cmake: fix `GSS_VERSION` for Heimdal found via pkg-config [77]
o cmake: fix `pkg-config`-based detection in `FindGSS.cmake` [94]
o cmake: fix and tidy up c-ares builds, enable in more CI jobs [156]
o cmake: fix find rustls [148]
o cmake: fixup linking libgsasl when detected via CMake-native
o cmake: honor custom `CMAKE_UNITY_BUILD_BATCH_SIZE` [163]
o cmake: limit `pkg-config` to UNIX and MSVC+vcpkg by default [188]
o cmake: limit libidn2 `pkg-config` detection to `UNIX` [109]
o cmake: migrate dependency detections to Find modules [183]
o cmake: more small tidy-ups and fixes [80]
o cmake: rename wolfSSL and zstd config variables to uppercase [151]
o cmake: respect cflags/libdirs of native pkg-config detections [175]
o cmake: show CMake platform/compiler flags [63]
o cmake: show warning if libpsl is not found [154]
o cmake: sync code between test/example targets [234]
o cmake: sync up formatting in Find modules [129]
o cmake: TLS 1.3 warning only for bearssl and sectranp [118]
o cmake: update `curl-config.cmake.in` template var list
o cmake: update list of "advanced" variables [119]
o cmake: use numeric comparison for `HAVE_WIN32_WINNT` [69]
o cmdline-opts: language fix for expect100-timeout.md and max-time.md [192]
o configure: delete unused `CURL_DEFINE_UNQUOTED` function [224]
o configure: delete unused `HAVE_OPENSSL3` macro [225]
o configure: delete unused `m4/xc-translit.m4` [114]
o configure: detect AppleIDN [70]
o configure: fail if PSL is not disabled but not found [46]
o configure: fix WinIDN builds targeting old Windows [210]
o configure: remove USE_EXPLICIT_LIB_DEPS [199]
o configure: replace nonportable grep -o with awk [111]
o connect: always prefer ipv6 in IP eyeballing [209]
o connect: limit update IP info [191]
o cookie.md: try to articulate the two different uses this option has [92]
o curl: allow 500MB data URL encode strings [38]
o curl: find curlrc in XDG_CONFIG_HOME without leading dot [186]
o curl: fix --proxy-pinnedpubkey [91]
o curl: fix the -w urle.* variables [153]
o curl: make the progress bar detect terminal width changes [169]
o curl: warn on unsupported SSL options [106]
o Curl_rand_bytes to control env override [17]
o curl_sha512_256: fix symbol collisions with nettle library [131]
o CURLMOPT_SOCKETFUNCTION.md: expand on the easy argument [216]
o CURLOPT_XFERINFOFUNCTION: clarify the callback return codes [141]
o dist: add missing `docs/examples/CMakeLists.txt` [58]
o dist: add missing `FindNettle.cmake` [11]
o dist: add missing `lib/optiontable.pl` [115]
o dist: add missing `test_*.py` scripts [102]
o dist: drop buildconf [65]
o dist: fix reproducible build from release tarball [36]
o dmaketgz: only run 'make distclean' if Makefile exists
o docs/SSLCERTS: rewrite [174]
o docs: add description of effect of --location-trusted on cookie [157]
o docs: document the (weak) random value situation in rustls builds [252]
o docs: fix some examples in man pages
o docs: improve cipher options documentation [159]
o docs: mention "@-" in more places [67]
o docs: remove ALTSVC.md, HSTS.md, HTTP2.md and PARALLEL-TRANSFERS.md [105]
o docs: update CIPHERS.md [140]
o doh-url.md: point out DOH server IP pinning [37]
o doh: remove redundant checks [242]
o easy: fix curl_easy_upkeep for shared connection caches [52]
o escape: allow curl_easy_escape to generate 3*input length output [39]
o FEATURES.md: fix typo [180]
o ftp: always offer line end conversions [219]
o ftp: flush pingpong before response [73]
o getinfo: return zero for unsupported options (when disabled) [189]
o GHA/windows: enable MulitSSL in an MSVC job [2]
o GHA: scan git repository and detect unvetted binary files [3]
o gnutls/wolfssl: improve error message when certificate fails [125]
o gnutls: send all data [230]
o gtls: fix OCSP stapling management [206]
o haproxy: send though next filter [222]
o hash: provide asserts to verify API use [96]
o http/2: simplify eos/blocked handling [90]
o http2+h3 filters: fix ctx init [142]
o http2: fix GOAWAY message sent to server [171]
o http2: improve rate limiting of downloads [33]
o http2: improved upload eos handling [41]
o http3.md: mention how the fallback can be h1 or h2 [194]
o hyper: call Curl_req_set_upload_done() [126]
o idn: more strictly check AppleIDN errors [98]
o idn: support non-UTF-8 input under AppleIDN [99]
o INSTALL.md: MultiSSL and QUIC are mutually exclusive [7]
o KNOWN_BUGS: "special characers" in URL works with aws-sigv4 [81]
o krb5: add Linux/macOS CI tests, fix cmake GSS detection [83]
o krb5: fix `-Wcast-align` [95]
o lib: add eos flag to send methods [14]
o lib: avoid macro collisions between wolfSSL and GnuTLS headers [133]
o lib: convert some debugf()s into traces [8]
o lib: delete stray undefs for `vsnprintf`, `vsprintf` [152]
o lib: fix AIX build issues [112]
o lib: fix building with wolfSSL without DES support [134]
o lib: make SSPI global symbols use Curl_ prefix [251]
o lib: prefer `CURL_SHA256_DIGEST_LENGTH` over the unprefixed name [132]
o lib: remove the final strncpy() calls [240]
o lib: remove use of RANDOM_FILE [235]
o libcurl.def: move from / into lib [238]
o libcurl.pc: add `Cflags.private` [10]
o libcurl.pc: add reference to `libgsasl` [150]
o libcurl/docs: expand on redirect following and secrets to other hosts [85]
o llist: remove direct struct accesses, use only functions [72]
o Makefile.dist: fix `ca-firefox` target [254]
o Makefile.mk: fixup enabling libidn2 [61]
o Makefile: remove 'scripts' duplicate from DIST_SUBDIRS
o maketgz: accept option to include latest commit hash [5]
o maketgz: fix RELEASE-TOOLS.md for daily tarballs [243]
o maketgz: move from / into scripts [237]
o managen: fix superfluous leading blank line in quoted sections [211]
o managen: in man output, remove the leading space from examples [198]
o managen: wordwrap long example lines in ASCII output [143]
o manpage: ensure a maximum width for the text version [75]
o max-filesize.md: mention zero disables the limit [93]
o mbedtls: add more informative logging [162]
o mbedtls: fix setting tls version [200]
o mbedtls: no longer use MBEDTLS_SSL_VERIFY_OPTIONAL [181]
o mime: avoid inifite loop in client reader [155]
o mk-ca-bundle.pl: include a link to the caextract webpage [68]
o multi: make the "general" list of easy handles a Curl_llist [97]
o multi: on socket callback error, remove socket hash entry nonetheless [149]
o ngtcp2/osslq: remove NULL pointer dereferences [213]
o ngtcp2: use NGHTTP3 prefix instead of NGTCP2 for errors in h3 callbacks [79]
o openssl quic: fix memory leak [229]
o openssl: certinfo errors now fail correctly [250]
o openssl: fix the data race when sharing an SSL session between threads [221]
o openssl: improve shutdown handling [44]
o pingpong: drain the input buffer when reading responses [193]
o POP3: fix multi-line responses [168]
o pop3: use the protocol handler ->write_resp [220]
o printf: fix mingw-w64 format checks [228]
o progress: ratelimit/progress tweaks [32]
o pytests: add tests for HEAD requests in all HTTP versions [42]
o rand: only provide weak random when needed [233]
o runtests: if DISABLED cannot be read, error out [56]
o runtests: log ignored but passed tests [130]
o runtests: remove "has_textaware" [217]
o rustls: fix setting tls version [202]
o rustls: make all tests pass [1]
o schannel: avoid malloc for CAinfo_blob_digest [247]
o scorecard: tweak request measurements [139]
o sectransp: fix setting tls version [204]
o SECURITY: mention OpenSSF best practices gold badge [161]
o setopt: allow CURLOPT_INTERFACE to be set to NULL [165]
o setopt: let CURLOPT_ECH set to NULL reset to default [187]
o setopt: make CURLOPT_TFTP_BLKSIZE accept bad values [184]
o sha256: fix symbol collision between nettle (GnuTLS) and OpenSSL [135]
o share: don't reinitialize conncache [214]
o sigpipe: init the struct so that first apply ignores [49]
o smb: convert superflous assign into assert [246]
o smtp: add tracing feature [120]
o splay: use access functions, add asserts, use Curl_timediff [121]
o spnego_gssapi: implement TLS channel bindings for openssl [146]
o src: delete `curlx_m*printf()` aliases [197]
o src: fix potential macro confusion in cmake unity builds [208]
o src: namespace symbols clashing with lib [248]
o src: replace copy of printf mappings with an include [190]
o ssh: deduplicate SSH backend includes (and fix libssh cmake unity build) [177]
o system_win32: fix typo
o test httpd: tweak cipher list [124]
o test1521: verify setting options to NULL better [182]
o test1707: output diff more for debugging differences in CI outputs
o test556: improve robustness [64]
o test579: improve robustness [60]
o test587: improve robustness [123]
o test649: improve robustness [122]
o test677: improve robustness [47]
o tests/runner: only allow [!A-Za-z0-9_-] in %if feature names [55]
o tests: constrain http pytest to tests/http directory [205]
o tests: don't mangle output if hostname or type unknown
o tests: ignore QUIT from FTP protocol comparisons [108]
o tests: provide docs as curldown, not nroff [12]
o tidy-up: misc build, tests, `lib/macos.c` [172]
o tidy-up: OS names [57]
o tool_operhlp: fix "potentially uninitialized local variable 'pc' used" [48]
o tool_paramhlp: bump maximum post data size in memory to 16GB [128]
o transfer: Curl_sendrecv() and event related improvements [164]
o transfer: remove comments, add asserts [218]
o transfer: skip EOS read when download done [196]
o url: dns_entry related improvements [16]
o url: fix connection reuse for HTTP/2 upgrades [236]
o urlapi: verify URL *decoded* hostname when set [160]
o urldata: introduce `data->mid`, a unique identifier inside a multi [127]
o urldata: remove 'scratch' from the UrlState struct [86]
o urldata: remove crlf_conversions counter [232]
o urldata: remove proxy_connect_closed bit [178]
o verify-release: shell script that verifies a release tarball [29]
o version: fix shadowing a `libssh.h` symbol [176]
o vtls: add SSLSUPP_CIPHER_LIST [107]
o vtls: fix MSVC 'cast truncates constant value' warning [23]
o vtls: fix static function name collisions between TLS backends [136]
o vtls: init ssl peer only once [15]
o websocket: introduce blocking sends [145]
o wolfssl: avoid taking cached x509 store ref if sslctx already using it [88]
o wolfssl: fix CURLOPT_SSLVERSION [144]
o wolfssl: fix setting tls version [201]
o wolfssl: improve shutdown handling [43]
o ws: flags to opcodes should ignore CURLWS_CONT flag [104]
o x509asn1: raise size limit for x509 certification information [28]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/curl | 1 +
lfs/curl | 17 +++++++++--------
2 files changed, 10 insertions(+), 8 deletions(-)
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index 02789e64b..be5ba351d 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -53,6 +53,7 @@ usr/lib/libcurl.so.4.8.0 #usr/share/man/man3/CURLINFO_NAMELOOKUP_TIME_T.3 #usr/share/man/man3/CURLINFO_NUM_CONNECTS.3 #usr/share/man/man3/CURLINFO_OS_ERRNO.3 +#usr/share/man/man3/CURLINFO_POSTTRANSFER_TIME_T.3 #usr/share/man/man3/CURLINFO_PRETRANSFER_TIME.3 #usr/share/man/man3/CURLINFO_PRETRANSFER_TIME_T.3 #usr/share/man/man3/CURLINFO_PRIMARY_IP.3 diff --git a/lfs/curl b/lfs/curl index 7652f5d37..4b901cad7 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@ include Config -VER = 8.9.1 +VER = 8.10.0 THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 6e38e20e2b03ab5bfbb8d9797442dfdd9644fc80d7b1f7c1efb1f44e0d730524e82ccf7413b2c6f4555bd61ae42f91ec7c0201e2c0d563811c85164aa234aada +$(DL_FILE)_BLAKE2 = 18b438c0e4e7b0b698a1fee16406c611124e3d137349869dd8dbb43b5ba45163c6a053e02f665e627424c96e18f8499c13ebe1eeb4c1441936d0183d28696ae6 install : $(TARGET) @@ -71,12 +71,13 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && ./configure \ - --prefix=/usr \ - --disable-ipv6 \ - --disable-static \ - --enable-threaded-resolver \ - --with-ca-bundle=/etc/ssl/certs/ca-bundle.crt \ - --with-openssl + --prefix=/usr \ + --disable-ipv6 \ + --disable-static \ + --enable-threaded-resolver \ + --with-ca-bundle=/etc/ssl/certs/ca-bundle.crt \ + --with-openssl \ + --without-libpsl cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP)