SECURITY fix for libcurl data callback excessive length bug.

http://curl.haxx.se/docs/adv_20100209.html

ok ajacoutot@, jasper@

net/curl/Makefile

@@ -1,8 +1,9 @@
-# $OpenBSD: Makefile,v 1.69 2009/11/10 19:13:49 naddy Exp $
+# $OpenBSD: Makefile,v 1.70 2010/02/10 16:27:32 naddy Exp $
 
 COMMENT=	get files from FTP, Gopher, HTTP or HTTPS servers
 
 DISTNAME=	curl-7.19.7
+PKGNAME=	${DISTNAME}p0
 SHARED_LIBS +=  curl                 14.1     # .5.1
 CATEGORIES=	net
 MASTER_SITES=	http://curl.haxx.se/download/ \

net/curl/patches/patch-lib_content_encoding_c

@@ -0,0 +1,15 @@
+$OpenBSD: patch-lib_content_encoding_c,v 1.1 2010/02/10 16:27:32 naddy Exp $
+
+http://curl.haxx.se/docs/adv_20100209.html
+
+--- lib/content_encoding.c.orig	Sun Aug 30 13:28:33 2009
++++ lib/content_encoding.c	Wed Feb 10 13:58:18 2010
+@@ -40,7 +40,7 @@
+    (doing so will reduce code size slightly). */
+ #define OLD_ZLIB_SUPPORT 1
+ 
+-#define DSIZ 0x10000             /* buffer size for decompressed data */
++#define DSIZ CURL_MAX_WRITE_SIZE /* buffer size for decompressed data */
+ 
+ #define GZIP_MAGIC_0 0x1f
+ #define GZIP_MAGIC_1 0x8b