From 8959621de9f2767d6835678b6c4b8ca6ba1d8308 Mon Sep 17 00:00:00 2001
From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>
Date: Thu, 20 Apr 2017 14:25:30 +0000
Subject: Update to 7.54.0

Changes:	https://curl.haxx.se/changes.html
Security:	3e2e9b44-25ce-11e7-a175-939b30e0836d
MFH:		2017Q2
---
 ftp/curl/Makefile                  |   3 +-
 ftp/curl/distinfo                  |   6 +-
 ftp/curl/files/patch-CVE-2017-7407 | 164 -------------------------------------
 ftp/curl/files/patch-lib-url.c     |  15 ++--
 ftp/curl/pkg-plist                 |   2 +
 5 files changed, 13 insertions(+), 177 deletions(-)
 delete mode 100644 ftp/curl/files/patch-CVE-2017-7407

(limited to 'ftp/curl')

diff --git a/ftp/curl/Makefile b/ftp/curl/Makefile
index 55105b63fa8c..196562be49d9 100644
--- a/ftp/curl/Makefile
+++ b/ftp/curl/Makefile
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	curl
-PORTVERSION=	7.53.1
-PORTREVISION=	1
+PORTVERSION=	7.54.0
 CATEGORIES=	ftp net www
 MASTER_SITES=	http://curl.haxx.se/download/ \
 		LOCAL/sunpoet
diff --git a/ftp/curl/distinfo b/ftp/curl/distinfo
index 513d5f6b9543..afb5ef0d5eb2 100644
--- a/ftp/curl/distinfo
+++ b/ftp/curl/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1488004749
-SHA256 (curl-7.53.1.tar.lzma) = 4b124ff5984f2b537790a8f50dbf3d44da89e57d0505ba567128535a2426f5e2
-SIZE (curl-7.53.1.tar.lzma) = 2076935
+TIMESTAMP = 1492694896
+SHA256 (curl-7.54.0.tar.lzma) = cd6aa6039f13e0b06e0a93e1b93754f6dc07f444812bb6c32be75a8f28c4070a
+SIZE (curl-7.54.0.tar.lzma) = 2084912
diff --git a/ftp/curl/files/patch-CVE-2017-7407 b/ftp/curl/files/patch-CVE-2017-7407
deleted file mode 100644
index 5b9fd25d91e3..000000000000
--- a/ftp/curl/files/patch-CVE-2017-7407
+++ /dev/null
@@ -1,164 +0,0 @@
-From 6019f1795b4e3b72507b84b0e02dc8c32024f562 Mon Sep 17 00:00:00 2001
-From: Dan Fandrich <dan@coneharvesters.com>
-Date: Sat, 11 Mar 2017 10:59:34 +0100
-Subject: [PATCH] CVE-2017-7407: fixed
-
-Bug: https://curl.haxx.se/docs/adv_20170403.html
-
-Reported-by: Brian Carpenter
---- src/tool_writeout.c.orig	2017-01-13 09:55:20 UTC
-+++ src/tool_writeout.c
-@@ -5,7 +5,7 @@
-  *                            | (__| |_| |  _ <| |___
-  *                             \___|\___/|_| \_\_____|
-  *
-- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
-+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
-  *
-  * This software is licensed as described in the file COPYING, which
-  * you should have received as part of this distribution. The terms
-@@ -113,7 +113,7 @@ void ourWriteOut(CURL *curl, struct OutS
-   double doubleinfo;
- 
-   while(ptr && *ptr) {
--    if('%' == *ptr) {
-+    if('%' == *ptr && ptr[1]) {
-       if('%' == ptr[1]) {
-         /* an escaped %-letter */
-         fputc('%', stream);
-@@ -341,7 +341,7 @@ void ourWriteOut(CURL *curl, struct OutS
-         }
-       }
-     }
--    else if('\\' == *ptr) {
-+    else if('\\' == *ptr && ptr[1]) {
-       switch(ptr[1]) {
-       case 'r':
-         fputc('\r', stream);
- src/tool_writeout.c     |  6 +++---
- tests/data/Makefile.inc |  2 +-
- tests/data/test1440     | 31 +++++++++++++++++++++++++++++++
- tests/data/test1441     | 31 +++++++++++++++++++++++++++++++
- tests/data/test1442     | 35 +++++++++++++++++++++++++++++++++++
- 5 files changed, 101 insertions(+), 4 deletions(-)
- create mode 100644 tests/data/test1440
- create mode 100644 tests/data/test1441
- create mode 100644 tests/data/test1442
-
---- tests/data/Makefile.inc.orig	2017-02-21 07:09:13 UTC
-+++ tests/data/Makefile.inc
-@@ -151,7 +151,7 @@ test1408 test1409 test1410 test1411 test
- test1416 test1417 test1418 test1419 test1420 test1421 test1422 test1423 \
- test1424 \
- test1428 test1429 test1430 test1431 test1432 test1433 test1434 test1435 \
--test1436 test1437 test1438 test1439 \
-+test1436 test1437 test1438 test1439 test1440 test1441 test1442 \
- \
- test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
- test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
---- tests/data/test1440.orig	2017-04-05 17:06:44 UTC
-+++ tests/data/test1440
-@@ -0,0 +1,31 @@
-+<testcase>
-+<info>
-+<keywords>
-+--write-out
-+</keywords>
-+</info>
-+# Server-side
-+<reply>
-+</reply>
-+
-+# Client-side
-+<client>
-+<server>
-+file
-+</server>
-+
-+<name>
-+Check --write-out with trailing %{
-+</name>
-+<command>
-+file://localhost/%PWD/log/ --write-out '%{'
-+</command>
-+</client>
-+
-+# Verify data
-+<verify>
-+<stdout nonewline="yes">
-+%{
-+</stdout>
-+</verify>
-+</testcase>
---- tests/data/test1441.orig	2017-04-05 17:06:44 UTC
-+++ tests/data/test1441
-@@ -0,0 +1,31 @@
-+<testcase>
-+<info>
-+<keywords>
-+--write-out
-+</keywords>
-+</info>
-+# Server-side
-+<reply>
-+</reply>
-+
-+# Client-side
-+<client>
-+<server>
-+file
-+</server>
-+
-+<name>
-+Check --write-out with trailing %
-+</name>
-+<command>
-+file://localhost/%PWD/log/ --write-out '%'
-+</command>
-+</client>
-+
-+# Verify data
-+<verify>
-+<stdout nonewline="yes">
-+%
-+</stdout>
-+</verify>
-+</testcase>
---- tests/data/test1442.orig	2017-04-05 17:06:44 UTC
-+++ tests/data/test1442
-@@ -0,0 +1,35 @@
-+<testcase>
-+<info>
-+<keywords>
-+--write-out
-+FILE
-+</keywords>
-+</info>
-+# Server-side
-+<reply>
-+</reply>
-+
-+# Client-side
-+<client>
-+<server>
-+file
-+</server>
-+
-+<name>
-+Check --write-out with trailing \
-+</name>
-+<command>
-+file://localhost/%PWD/log/non-existent-file.txt --write-out '\'
-+</command>
-+</client>
-+
-+# Verify data
-+<verify>
-+<errorcode>
-+37
-+</errorcode>
-+<stdout nonewline="yes">
-+\
-+</stdout>
-+</verify>
-+</testcase>
diff --git a/ftp/curl/files/patch-lib-url.c b/ftp/curl/files/patch-lib-url.c
index 01387b0cb311..186206db9185 100644
--- a/ftp/curl/files/patch-lib-url.c
+++ b/ftp/curl/files/patch-lib-url.c
@@ -3,16 +3,15 @@ Forwarded: not-needed
 Author: Peter Pentchev <roam@FreeBSD.org>
 Last-Update: 2010-12-18
 
---- lib/url.c.orig	2015-04-22 05:55:54 UTC
+--- lib/url.c.orig	2017-04-18 06:36:20 UTC
 +++ lib/url.c
-@@ -659,6 +659,10 @@ CURLcode Curl_open(struct SessionHandle 
-     data->progress.flags |= PGRS_HIDE;
+@@ -671,6 +671,9 @@ CURLcode Curl_open(struct Curl_easy **cu
      data->state.current_speed = -1; /* init to negative == impossible */
- 
+     data->set.fnmatch = ZERO_NULL;
+     data->set.maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */
 +#if defined(__FreeBSD_version)
 +    data->set.no_signal = TRUE; /* different handling of signals and threads */
 +#endif /* __FreeBSD_version */
-+
-     data->wildcard.state = CURLWC_INIT;
-     data->wildcard.filelist = NULL;
-     data->set.fnmatch = ZERO_NULL;
+ 
+     Curl_http2_init_state(&data->state);
+   }
diff --git a/ftp/curl/pkg-plist b/ftp/curl/pkg-plist
index 8c1f2aab16bc..469fc38c678b 100644
--- a/ftp/curl/pkg-plist
+++ b/ftp/curl/pkg-plist
@@ -8,6 +8,7 @@ include/curl/easy.h
 include/curl/mprintf.h
 include/curl/multi.h
 include/curl/stdcheaders.h
+include/curl/system.h
 include/curl/typecheck-gcc.h
 lib/libcurl.a
 lib/libcurl.so
@@ -293,6 +294,7 @@ man/man3/CURLOPT_STDERR.3.gz
 man/man3/CURLOPT_STREAM_DEPENDS.3.gz
 man/man3/CURLOPT_STREAM_DEPENDS_E.3.gz
 man/man3/CURLOPT_STREAM_WEIGHT.3.gz
+man/man3/CURLOPT_SUPPRESS_CONNECT_HEADERS.3.gz
 man/man3/CURLOPT_TCP_FASTOPEN.3.gz
 man/man3/CURLOPT_TCP_KEEPALIVE.3.gz
 man/man3/CURLOPT_TCP_KEEPIDLE.3.gz
-- 
cgit v1.2.3