net/curl: security update to 7.83.0

Includes fixes for
CVE-2022-22576: OAUTH2 bearer bypass in connection re-use
CVE-2022-27774: Credential leak on redirect
CVE-2022-27775: Bad local IPv6 connection reuse
CVE-2022-27776: Auth/cookie leak on redirect

net/curl/Makefile

@@ -1,7 +1,7 @@
 COMMENT=	transfer files with FTP, HTTP, HTTPS, etc.
 
-DISTNAME=	curl-7.82.0
-SHARED_LIBS=	curl                 26.13    # 11.0
+DISTNAME=	curl-7.83.0
+SHARED_LIBS=	curl                 26.14    # 12.0
 CATEGORIES=	net
 HOMEPAGE=	https://curl.se/
 

net/curl/distinfo

@@ -1,2 +1,2 @@
-SHA256 (curl-7.82.0.tar.xz) = CqoS170EsJZiVPJwPOgN1cONu9dq8Cl9PWkM3OWKWDw=
-SIZE (curl-7.82.0.tar.xz) = 2446764
+SHA256 (curl-7.83.0.tar.xz) = u/8Oa1BH53Pzw7CE2AVGzBvk41TAnkGcLQ72EWJTURo=
+SIZE (curl-7.83.0.tar.xz) = 2472560

net/curl/patches/patch-lib_vtls_openssl_c

@@ -0,0 +1,13 @@
+Index: lib/vtls/openssl.c
+--- lib/vtls/openssl.c.orig
++++ lib/vtls/openssl.c
+@@ -217,8 +217,7 @@
+  * BoringSSL: supported since 5fd1807d95f7 (committed 2016-09-30)
+  * LibreSSL: not tested.
+  */
+-#if ((OPENSSL_VERSION_NUMBER >= 0x10002000L) && \
+-     !defined(LIBRESSL_VERSION_NUMBER)) || \
++#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) || \
+     defined(OPENSSL_IS_BORINGSSL)
+ #define HAVE_SSL_CTX_SET_EC_CURVES
+ #endif

net/curl/pkg/PLIST

@@ -4,6 +4,7 @@ include/curl/
 include/curl/curl.h
 include/curl/curlver.h
 include/curl/easy.h
+include/curl/header.h
 include/curl/mprintf.h
 include/curl/multi.h
 include/curl/options.h
@@ -405,7 +406,9 @@ lib/pkgconfig/libcurl.pc
 @man man/man3/curl_easy_duphandle.3
 @man man/man3/curl_easy_escape.3
 @man man/man3/curl_easy_getinfo.3
+@man man/man3/curl_easy_header.3
 @man man/man3/curl_easy_init.3
+@man man/man3/curl_easy_nextheader.3
 @man man/man3/curl_easy_option_by_id.3
 @man man/man3/curl_easy_option_by_name.3
 @man man/man3/curl_easy_option_next.3