MFH: r483704 r483944 r483945 r483947 r483948 r483949 r483950 r483952

Update to 7.62.0

Changes:	https://curl.haxx.se/changes.html
Security:	e0ab1773-07c1-46c6-9170-4c5e81c00927

Fix build with curl 7.62.0

- While I'm here, add USES=gnome

Approved by:	ports-secteam (miwi)

deskutils/fbreader/files/patch-zlibrary_core_src_unix_curl_ZLCurlNetworkManager.cpp

@@ -0,0 +1,14 @@
+--- zlibrary/core/src/unix/curl/ZLCurlNetworkManager.cpp.orig	2014-01-11 12:45:25 UTC
++++ zlibrary/core/src/unix/curl/ZLCurlNetworkManager.cpp
+@@ -285,9 +285,11 @@ std::string ZLCurlNetworkManager::perfor
+ #endif
+ 					errors.insert(ZLStringUtil::printf(errorResource["peerFailedVerificationMessage"].value(), ZLNetworkUtil::hostFromUrl(url)));
+ 					break;
++#if LIBCURL_VERSION_NUM < 0x073e00
+ 				case CURLE_SSL_CACERT:
+ 					errors.insert(ZLStringUtil::printf(errorResource["sslCertificateAuthorityMessage"].value(), ZLNetworkUtil::hostFromUrl(url)));
+ 					break;
++#endif
+ 				case CURLE_SSL_CACERT_BADFILE:
+ 					errors.insert(ZLStringUtil::printf(errorResource["sslBadCertificateFileMessage"].value(), request.sslCertificate().Path));
+ 					break;

ftp/curl/Makefile

@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	curl
-PORTVERSION=	7.61.1
+PORTVERSION=	7.62.0
 CATEGORIES=	ftp net www
 MASTER_SITES=	https://curl.haxx.se/download/ \
 		LOCAL/sunpoet

ftp/curl/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1536185778
-SHA256 (curl-7.61.1.tar.xz) = 3d5913d6a39bd22e68e34dff697fd6e4c3c81563f580c76fca2009315cd81891
-SIZE (curl-7.61.1.tar.xz) = 2360392
+TIMESTAMP = 1541005821
+SHA256 (curl-7.62.0.tar.xz) = dab5643a5fe775ae92570b9f3df6b0ef4bc2a827a959361fb130c73b721275c1
+SIZE (curl-7.62.0.tar.xz) = 2395476

ftp/curl/files/patch-configure

@@ -6,9 +6,9 @@ Forwarded: not-needed
 Author: Peter Pentchev <roam@FreeBSD.org>
 Last-Update: 2010-12-19
 
---- configure.orig	2017-06-14 06:10:57 UTC
+--- configure.orig	2018-10-30 10:03:34 UTC
 +++ configure
-@@ -4149,9 +4149,10 @@ $as_echo "$as_me: LIBS note: LIBS should
+@@ -3652,9 +3652,10 @@ $as_echo "$as_me: LIBS note: LIBS should
        -I*)
          xc_bad_var_ldflags=yes
          ;;
@@ -22,7 +22,7 @@ Last-Update: 2010-12-19
      esac
    done
    if test $xc_bad_var_ldflags = yes; then
-@@ -4221,9 +4222,10 @@ $as_echo "$as_me: $xc_bad_var_msg librar
+@@ -3724,9 +3725,10 @@ $as_echo "$as_me: $xc_bad_var_msg librar
    xc_bad_var_cflags=no
    for xc_word in $CFLAGS; do
      case "$xc_word" in
@@ -36,7 +36,7 @@ Last-Update: 2010-12-19
        -U*)
          xc_bad_var_cflags=yes
          ;;
-@@ -17982,6 +17984,8 @@ $as_echo "$as_me: WARNING: compiler opti
+@@ -17364,6 +17366,8 @@ $as_echo "$as_me: WARNING: compiler opti
      tmp_CFLAGS="$CFLAGS"
      tmp_CPPFLAGS="$CPPFLAGS"
  
@@ -45,7 +45,7 @@ Last-Update: 2010-12-19
      ac_var_stripped=""
    for word1 in $tmp_CFLAGS; do
      ac_var_strip_word="no"
-@@ -18012,6 +18016,7 @@ $as_echo "$as_me: WARNING: compiler opti
+@@ -17394,6 +17398,7 @@ $as_echo "$as_me: WARNING: compiler opti
    done
      tmp_CPPFLAGS="$ac_var_stripped"
    squeeze tmp_CPPFLAGS
@@ -53,7 +53,7 @@ Last-Update: 2010-12-19
  
      #
      if test "$want_debug" = "yes"; then
-@@ -18229,6 +18234,8 @@ $as_echo "$honor_optimize_option" >&6; }
+@@ -17616,6 +17621,8 @@ $as_echo "$honor_optimize_option" >&6; }
      #
      if test "$honor_optimize_option" = "yes"; then
  
@@ -62,7 +62,7 @@ Last-Update: 2010-12-19
      ac_var_stripped=""
    for word1 in $tmp_CFLAGS; do
      ac_var_strip_word="no"
-@@ -18259,6 +18266,7 @@ $as_echo "$honor_optimize_option" >&6; }
+@@ -17646,6 +17653,7 @@ $as_echo "$honor_optimize_option" >&6; }
    done
      tmp_CPPFLAGS="$ac_var_stripped"
    squeeze tmp_CPPFLAGS
@@ -70,7 +70,7 @@ Last-Update: 2010-12-19
  
        if test "$want_optimize" = "yes"; then
          { $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler accepts optimizer enabling options" >&5
-@@ -26661,30 +26669,30 @@ $as_echo "found" >&6; }
+@@ -26970,30 +26978,30 @@ $as_echo "found" >&6; }
      ;;
    off)
          LIB_RTMP="-lrtmp"
@@ -110,7 +110,7 @@ Last-Update: 2010-12-19
  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
  /* end confdefs.h.  */
  
-@@ -41279,9 +41287,10 @@ $as_echo "$as_me: LIBS note: LIBS should
+@@ -41444,9 +41452,10 @@ $as_echo "$as_me: LIBS note: LIBS should
        -I*)
          xc_bad_var_ldflags=yes
          ;;
@@ -124,7 +124,7 @@ Last-Update: 2010-12-19
      esac
    done
    if test $xc_bad_var_ldflags = yes; then
-@@ -41351,9 +41360,10 @@ $as_echo "$as_me: $xc_bad_var_msg librar
+@@ -41516,9 +41525,10 @@ $as_echo "$as_me: $xc_bad_var_msg librar
    xc_bad_var_cflags=no
    for xc_word in $CFLAGS; do
      case "$xc_word" in

ftp/curl/files/patch-lib-url.c

@@ -3,16 +3,16 @@ Forwarded: not-needed
 Author: Peter Pentchev <roam@FreeBSD.org>
 Last-Update: 2010-12-18
 
---- lib/url.c.orig	2018-01-23 07:55:37 UTC
+--- lib/url.c.orig	2018-10-30 06:47:16 UTC
 +++ lib/url.c
-@@ -589,6 +589,10 @@ CURLcode Curl_open(struct Curl_easy **cu
-       data->state.current_speed = -1; /* init to negative == impossible */
-       data->set.fnmatch = ZERO_NULL;
-       data->set.maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */
+@@ -536,6 +536,10 @@ CURLcode Curl_init_userdefined(struct Cu
+   set->fnmatch = ZERO_NULL;
+   set->upkeep_interval_ms = CURL_UPKEEP_INTERVAL_DEFAULT;
+   set->maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */
 +#if defined(__FreeBSD_version)
-+      /* different handling of signals and threads */
-+      data->set.no_signal = TRUE;
-+#endif /* __FreeBSD_version */
- 
-       Curl_http2_init_state(&data->state);
-     }
++  /* different handling of signals and threads */
++  set->no_signal = TRUE;
++#endif
+   set->httpversion =
+ #ifdef USE_NGHTTP2
+     CURL_HTTP_VERSION_2TLS

ftp/curl/files/patch-lib-vtls-openssl.c

@@ -1,20 +1,6 @@
---- lib/vtls/openssl.c.orig	2018-03-22 14:26:38 UTC
+--- lib/vtls/openssl.c.orig	2018-10-27 13:34:01 UTC
 +++ lib/vtls/openssl.c
-@@ -117,12 +117,7 @@
- #define X509_get0_notBefore(x) X509_get_notBefore(x)
- #define X509_get0_notAfter(x) X509_get_notAfter(x)
- #define CONST_EXTS /* nope */
--#ifdef LIBRESSL_VERSION_NUMBER
--static unsigned long OpenSSL_version_num(void)
--{
--  return LIBRESSL_VERSION_NUMBER;
--}
--#else
-+#ifndef LIBRESSL_VERSION_NUMBER
- #define OpenSSL_version_num() SSLeay()
- #endif
- #endif
-@@ -3526,7 +3521,11 @@ static size_t Curl_ossl_version(char *bu
+@@ -3715,7 +3715,11 @@ static size_t Curl_ossl_version(char *bu
    unsigned long ssleay_value;
    sub[2]='\0';
    sub[1]='\0';

ftp/curl/files/patch-src-tool_operate.c

@@ -1,6 +1,6 @@
---- src/tool_operate.c.orig	2017-06-09 09:57:41 UTC
+--- src/tool_operate.c.orig	2018-10-27 10:00:54 UTC
 +++ src/tool_operate.c
-@@ -654,20 +654,7 @@ static CURLcode operate_do(struct Global
+@@ -603,20 +603,7 @@ static CURLcode operate_do(struct Global
              DEBUGASSERT(!outs.filename);
            }
  
@@ -22,7 +22,7 @@
  #ifdef __VMS
              /* open file for output, forcing VMS output format into stream
                 mode which is needed for stat() call above to always work. */
-@@ -675,7 +662,8 @@ static CURLcode operate_do(struct Global
+@@ -624,7 +611,8 @@ static CURLcode operate_do(struct Global
                                 "ctx=stm", "rfm=stmlf", "rat=cr", "mrs=0");
  #else
              /* open file for output: */
@@ -32,7 +32,7 @@
  #endif
              if(!file) {
                helpf(global->errors, "Can't open '%s'!\n", outfile);
-@@ -684,6 +672,19 @@ static CURLcode operate_do(struct Global
+@@ -633,6 +621,19 @@ static CURLcode operate_do(struct Global
              }
              outs.fopened = TRUE;
              outs.stream = file;

ftp/curl/pkg-plist

@@ -8,6 +8,7 @@ include/curl/multi.h
 include/curl/stdcheaders.h
 include/curl/system.h
 include/curl/typecheck-gcc.h
+include/curl/urlapi.h
 lib/libcurl.a
 lib/libcurl.so
 lib/libcurl.so.4
@@ -136,6 +137,7 @@ man/man3/CURLOPT_DNS_LOCAL_IP6.3.gz
 man/man3/CURLOPT_DNS_SERVERS.3.gz
 man/man3/CURLOPT_DNS_SHUFFLE_ADDRESSES.3.gz
 man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3.gz
+man/man3/CURLOPT_DOH_URL.3.gz
 man/man3/CURLOPT_EGDSOCKET.3.gz
 man/man3/CURLOPT_ERRORBUFFER.3.gz
 man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3.gz
@@ -339,7 +341,9 @@ man/man3/CURLOPT_TRANSFERTEXT.3.gz
 man/man3/CURLOPT_TRANSFER_ENCODING.3.gz
 man/man3/CURLOPT_UNIX_SOCKET_PATH.3.gz
 man/man3/CURLOPT_UNRESTRICTED_AUTH.3.gz
+man/man3/CURLOPT_UPKEEP_INTERVAL_MS.3.gz
 man/man3/CURLOPT_UPLOAD.3.gz
+man/man3/CURLOPT_UPLOAD_BUFFERSIZE.3.gz
 man/man3/CURLOPT_URL.3.gz
 man/man3/CURLOPT_USERAGENT.3.gz
 man/man3/CURLOPT_USERNAME.3.gz
@@ -365,6 +369,7 @@ man/man3/curl_easy_send.3.gz
 man/man3/curl_easy_setopt.3.gz
 man/man3/curl_easy_strerror.3.gz
 man/man3/curl_easy_unescape.3.gz
+man/man3/curl_easy_upkeep.3.gz
 man/man3/curl_escape.3.gz
 man/man3/curl_formadd.3.gz
 man/man3/curl_formfree.3.gz
@@ -413,6 +418,11 @@ man/man3/curl_slist_free_all.3.gz
 man/man3/curl_strequal.3.gz
 man/man3/curl_strnequal.3.gz
 man/man3/curl_unescape.3.gz
+man/man3/curl_url.3.gz
+man/man3/curl_url_cleanup.3.gz
+man/man3/curl_url_dup.3.gz
+man/man3/curl_url_get.3.gz
+man/man3/curl_url_set.3.gz
 man/man3/curl_version.3.gz
 man/man3/curl_version_info.3.gz
 man/man3/libcurl-easy.3.gz
@@ -424,6 +434,7 @@ man/man3/libcurl-share.3.gz
 man/man3/libcurl-symbols.3.gz
 man/man3/libcurl-thread.3.gz
 man/man3/libcurl-tutorial.3.gz
+man/man3/libcurl-url.3.gz
 man/man3/libcurl.3.gz
 share/aclocal/libcurl.m4
 share/zsh/site-functions/_curl

ftp/rubygem-curb/files/patch-ext-curb_errors.c

@@ -0,0 +1,28 @@
+--- ext/curb_errors.c.orig	2018-11-03 08:38:15 UTC
++++ ext/curb_errors.c
+@@ -307,9 +307,11 @@ VALUE rb_curl_easy_error(CURLcode code) 
+       exclz = eCurlErrObsolete;
+       break;
+ #endif
++#if LIBCURL_VERSION_NUM < 0x073e00
+     case CURLE_SSL_PEER_CERTIFICATE:    /* 51 - peer's certificate wasn't ok */
+       exclz = eCurlErrSSLPeerCertificate;
+       break;
++#endif
+     case CURLE_GOT_NOTHING:             /* 52 - when this is a specific error */
+       exclz = eCurlErrGotNothing;
+       break;
+@@ -334,8 +336,13 @@ VALUE rb_curl_easy_error(CURLcode code) 
+     case CURLE_SSL_CIPHER:              /* 59 - couldn't use specified cipher */
+       exclz = eCurlErrSSLCipher;
+       break;
++#if LIBCURL_VERSION_NUM >= 0x073e00
++    case CURLE_PEER_FAILED_VERIFICATION:              /* 60 - problem with the CA cert (path?) */
++      exclz = eCurlErrSSLPeerCertificate;
++#else
+     case CURLE_SSL_CACERT:              /* 60 - problem with the CA cert (path?) */
+       exclz = eCurlErrSSLCACertificate;
++#endif
+       break;
+     case CURLE_BAD_CONTENT_ENCODING:    /* 61 - Unrecognized transfer encoding */
+       exclz = eCurlErrBadContentEncoding;

mail/libetpan/files/patch-src-low-level-feed-newsfeed.c

@@ -0,0 +1,12 @@
+--- src/low-level/feed/newsfeed.c.orig	2018-09-12 11:54:16 UTC
++++ src/low-level/feed/newsfeed.c
+@@ -535,7 +535,9 @@ static int curl_error_convert(int curl_r
+   case CURLE_SSL_ENGINE_SETFAILED:
+   case CURLE_SSL_CERTPROBLEM:
+   case CURLE_SSL_CIPHER:
++#if LIBCURL_VERSION_NUM < 0x073e00
+   case CURLE_SSL_CACERT:
++#endif
+   case CURLE_FTP_SSL_FAILED:
+   case CURLE_SSL_ENGINE_INITFAILED:
+     return NEWSFEED_ERROR_SSL;

net-im/sayaka/Makefile

@@ -12,7 +12,7 @@ LICENSE=	BSD2CLAUSE
 BUILD_DEPENDS=	valac:lang/vala
 LIB_DEPENDS=	libcurl.so:ftp/curl
 
-USES=		gettext-runtime pkgconfig
+USES=		gettext-runtime gnome pkgconfig
 USE_GNOME=	glib20 gdkpixbuf2
 
 USE_GITHUB=	yes

net-im/sayaka/files/patch-libcurl.vapi

@@ -0,0 +1,19 @@
+--- libcurl.vapi.orig	2016-09-25 11:53:37 UTC
++++ libcurl.vapi
+@@ -236,7 +236,6 @@ namespace Native.Curl {
+ 		TOO_MANY_REDIRECTS,
+ 		UNKNOWN_OPTION,
+ 		TELNET_OPTION_SYNTAX,
+-		PEER_FAILED_VERIFICATION,
+ 		GOT_NOTHING,
+ 		SSL_ENGINE_NOTFOUND,
+ 		SSL_ENGINE_SETFAILED,
+@@ -244,7 +243,7 @@ namespace Native.Curl {
+ 		RECV_ERROR,
+ 		SSL_CERTPROBLEM,
+ 		SSL_CIPHER,
+-		SSL_CACERT,
++		PEER_FAILED_VERIFICATION,
+ 		BAD_CONTENT_ENCODING,
+ 		LDAP_INVALID_URL,
+ 		FILESIZE_EXCEEDED,

net-mgmt/seafile-client/Makefile

@@ -23,7 +23,7 @@ RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}sqlite3>0:databases/py-sqlite3@${PY_FLAVOR}
 		${PYTHON_PKGNAMEPREFIX}urllib3>0:net/py-urllib3@${PY_FLAVOR} \
 		bash:shells/bash
 
-USES=		autoreconf iconv libarchive libtool localbase mysql \
+USES=		autoreconf gnome iconv libarchive libtool localbase mysql \
 		pathfix pkgconfig python:-2.7 shebangfix sqlite ssl
 USE_GITHUB=	yes
 GH_ACCOUNT=	haiwen

net-mgmt/seafile-client/files/patch-daemon_http-tx-mgr.c

@@ -1,7 +1,7 @@
---- daemon/http-tx-mgr.c.orig	2015-09-21 03:42:11 UTC
+--- daemon/http-tx-mgr.c.orig	2018-02-02 05:55:07 UTC
 +++ daemon/http-tx-mgr.c
-@@ -58,6 +58,22 @@
- #define USER_AGENT_OS "Linux"
+@@ -68,6 +68,22 @@
+ #define USER_AGENT_OS "BSD"
  #endif
  
 +#ifdef __FreeBSD__
@@ -23,3 +23,13 @@
  struct _Connection {
      CURL *curl;
      gint64 ctime;               /* Used to clean up unused connection. */
+@@ -1091,7 +1107,9 @@ curl_error_to_http_task_error (int curl_
+     case CURLE_SSL_CONNECT_ERROR:
+     case CURLE_PEER_FAILED_VERIFICATION:
+     case CURLE_SSL_CERTPROBLEM:
++#if LIBCURL_VERSION_NUM < 0x073e00
+     case CURLE_SSL_CACERT:
++#endif
+     case CURLE_SSL_CACERT_BADFILE:
+     case CURLE_SSL_ISSUER_ERROR:
+         return HTTP_TASK_ERR_SSL;

www/cpr/files/patch-cpr-error.cpp

@@ -0,0 +1,27 @@
+--- cpr/error.cpp.orig	2017-11-01 21:56:02 UTC
++++ cpr/error.cpp
+@@ -22,8 +22,10 @@ ErrorCode Error::getErrorCodeForCurlErro
+             return ErrorCode::OPERATION_TIMEDOUT;
+         case CURLE_SSL_CONNECT_ERROR:
+             return ErrorCode::SSL_CONNECT_ERROR;
++#if LIBCURL_VERSION_NUM < 0x073e00
+         case CURLE_PEER_FAILED_VERIFICATION:
+             return ErrorCode::SSL_REMOTE_CERTIFICATE_ERROR;
++#endif
+         case CURLE_GOT_NOTHING:
+             return ErrorCode::EMPTY_RESPONSE;
+         case CURLE_SSL_ENGINE_NOTFOUND:
+@@ -38,8 +40,13 @@ ErrorCode Error::getErrorCodeForCurlErro
+             return ErrorCode::SSL_LOCAL_CERTIFICATE_ERROR;
+         case CURLE_SSL_CIPHER:
+             return ErrorCode::GENERIC_SSL_ERROR;
++#if LIBCURL_VERSION_NUM >= 0x073e00
++        case CURLE_PEER_FAILED_VERIFICATION:
++            return ErrorCode::SSL_REMOTE_CERTIFICATE_ERROR;
++#else
+         case CURLE_SSL_CACERT:
+             return ErrorCode::SSL_CACERT_ERROR;
++#endif
+         case CURLE_USE_SSL_FAILED:
+             return ErrorCode::GENERIC_SSL_ERROR;
+         case CURLE_SSL_ENGINE_INITFAILED:

www/rubygem-passenger/files/patch-src-agent-Core-SecurityUpdateChecker.h

@@ -0,0 +1,14 @@
+--- src/agent/Core/SecurityUpdateChecker.h.orig	2018-11-03 10:06:51 UTC
++++ src/agent/Core/SecurityUpdateChecker.h
+@@ -256,9 +256,11 @@ private:
+ 				error.append(" for proxy address " + sessionState.config["proxy_url"].asString());
+ 				break;
+ 
++#if LIBCURL_VERSION_NUM < 0x073e00
+ 			case CURLE_SSL_CACERT:
+ 				// Peer certificate cannot be authenticated with given / known CA certificates. This would happen
+ 				// for MITM but could also be a truststore issue.
++#endif
+ 			case CURLE_PEER_FAILED_VERIFICATION:
+ 				// The remote server's SSL certificate or SSH md5 fingerprint was deemed not OK.
+ 				error.append(" while connecting to " + sessionState.configRlz.url