Commit Graph

45 Commits

Author SHA1 Message Date
Gustavo Zacarias
1f556833c3 libcurl: bump to version 7.41.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-02-25 17:25:54 +01:00
Gustavo Zacarias
4073d1515f libcurl: drop curl* aliases
They're unused hence not useful.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-01-12 12:31:55 +01:00
Gustavo Zacarias
d71a51d0e5 libcurl: security bump to version 7.40.0
Fixes:
CVE-2014-8150 - When libcurl sends a request to a server via a HTTP
proxy, it copies the entire URL into the request and sends if off.
If the given URL contains line feeds and carriage returns those will be
sent along to the proxy too, which allows the program to for example
send a separate HTTP request injected embedded in the URL.

CVE-2014-8151 - libcurl stores TLS Session IDs in its associated Session
ID cache when it connects to TLS servers. In subsequent connects it
re-uses the entry in the cache to resume the TLS connection faster than
when doing a full TLS handshake. The actual implementation for the
Session ID caching varies depending on the underlying TLS backend.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-01-08 19:19:15 +01:00
Gustavo Zacarias
c30e017a1a libcurl: security bump to version 7.39.0
Fixes:
CVE-2014-3707 - libcurl's function curl_easy_duphandle() has a bug that
can lead to libcurl eventually sending off sensitive data that was not
intended for sending.

Removed patch that was upstream and now in the release.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-06 09:09:20 +01:00
Thomas De Schampheleire
aaffd209fa packages: rename FOO_CONF_OPT into FOO_CONF_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:54:16 +02:00
Bernd Kuhls
48849055b9 package/libcurl: Remove autoreconf
When libcurl-0001-build-link-curl-to-NSS-libraries-when-NSS-support.patch
was removed the corresponding autoreconf was left behind:
http://git.buildroot.net/buildroot/commit/?id=9185b64ed5599622cb89ca4ee6ee29440b02ec8a

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-28 21:53:39 +02:00
Gustavo Zacarias
9185b64ed5 libcurl: security bump to version 7.38.0
Fixes:
CVE-2014-3613 cookie leak with IP address as domain
CVE-2014-3620 cookie leak for TLDs

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-11 22:45:20 +02:00
Gustavo Zacarias
c8da1bce78 libcurl: fix nss related build failure
Patch is a reduced set from upstream (removed RELEASE-NOTES chunk or it
doesn't apply, cosmetic only). Fixes:
http://autobuild.buildroot.net/results/d0b/d0bf614006e7c7de749dcea7abd584f0aa142418/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-21 21:51:53 +02:00
Gustavo Zacarias
57c303f624 libcurl: bump to version 7.37.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-18 19:51:27 +02:00
Gustavo Zacarias
3ea2555944 libcurl: bump to version 7.37.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-05-23 22:07:13 +02:00
Gustavo Zacarias
f475b9fc8e libcurl: drop polarssl support
As of curl 7.36.0 it doesn't support polarssl < 1.3 any longer. Fixes:
http://autobuild.buildroot.net/results/d82/d82c3618e9dde3da7e36ba2b58545a9a8de5e442/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-04-15 21:54:47 +02:00
Gustavo Zacarias
71878d2972 libcurl: security bump to version 7.36.0
Fixes CVE-2014-0005, CVE-2014-0319, CVE-2014-1263 and CVE-2014-2522.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-04-01 14:45:20 +02:00
Gustavo Zacarias
8abdd5fa3e libcurl: security bump to version 7.35.0
Fixes CVE-2014-0015.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-01-29 21:44:00 +01:00
Maxime Hadjinlian
f873de877d libcurl: Add rtmp support
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Bernd Kuhls <berndkuhls@hotmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-01-26 21:24:19 +01:00
Gustavo Zacarias
cbb6cdc69c libcurl: security bump to version 7.34.0
Fixes CVE-2013-4545.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-19 23:17:25 +01:00
Gustavo Zacarias
fba3da5638 libcurl: bump to version 7.33.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-02 08:42:38 +01:00
Ryan Barnett
d45db95633 libcurl: add support for compiling with libssh2
Adding configuration options that if libssh2 is selected, compile libcurl
with --with-ssh config flag.

Signed-off-by: Ryan Barnett <rjbarnet@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-09-08 21:53:11 +02:00
Gustavo Zacarias
9834bf533e libcurl: extend package support
Add support for gnutls, nss and polarssl backends.
Add support for libidn and zlib.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-09-04 23:50:08 +02:00
Ryan Barnett
9093cc451c libcurl: up revision to 7.32.0
Updating revision of libcurl to version 7.32.0

Signed-off-by: Ryan Barnett <rjbarnet@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-09-02 21:42:41 +02:00
Alexandre Belloni
8dfd59d114 Normalize separator size to 80
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 22:30:24 +02:00
Shawn J. Goff
4f3c8cf94b libcurl: specify capath
Since openssl's path is '/etc/ssl/' (specified in our openssl package),
we should also make sure that's what curl is using.

Previously, it's hasn't been specified, which means it changes depending
on the host system where it's compiled.

Signed-off-by: Shawn J. Goff <shawn7400@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-04-21 23:15:08 +02:00
Thomas Petazzoni
e32c29a098 libcurl: re-enable on non-MMU platforms
In 9229b82d63 ('libcurl: needs MMU'),
the libcurl package was disabled on non-MMU systems, due to the usage
of the fork() function in the library.

However, a deeper inspection reveals that fork() is only used in the
implementation of NTLM, an obscure, undocumented, Microsoft specific
authentication method that apparently isn't common anymore. See
http://curl.haxx.se/docs/manpage.html#--ntlm.

Therefore, this commit re-enables libcurl on non-MMU systems by
explicitly disabling the NTLM support. If someone ever needs NTLM
support in Buildroot's libcurl package, it will always be time to add
a libcurl sub-option to enable it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-02-17 23:02:01 +01:00
Thomas Petazzoni
a5ce857674 package: use <pkg>_CONFIG_SCRIPTS wherever possible
Use the <pkg>_CONFIG_SCRIPTS mechanism in all packages for which it
does all what the package was doing. A few packages, like libxslt, are
for now left out, since they need some additional fixup (for example a
fixup of includedir).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-02-08 22:34:26 +01:00
Gustavo Zacarias
c0170428f9 libcurl: bump to version 7.28.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-12-05 00:40:33 -08:00
Yann E. MORIN
61d322c3d2 package/cURL: fix static link whith openSSL
When openSSL is selected, cURL is configured to use it.

But in this case, the libcurl.pc file /forgets/ to require link
against -ldl.

This can happen, for example, when BR2_PREFER_STATIC_LIB is not set,
but an executable wants to be linked statically (for various reasons
which are irrelevant here).

Fix that by appending a 'Requires: openssl' line to libcurl.pc.in,
but only if openSSL is enabled.

As suggested by Arnout, do it in a post-patch hook, rather as a
post-install hook.

Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-12-02 23:21:00 -08:00
Gustavo Zacarias
2737d9edf8 libcurl: bump to version 7.27.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-10-09 14:43:16 +02:00
Danomi Manchego
a393477289 libcurl: add license info
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-08-15 12:03:12 +02:00
Arnout Vandecappelle (Essensium/Mind)
e1502ebc0c all packages: rename XXXTARGETS to xxx-package
Also remove the redundant $(call ...).

This is a purely mechanical change, performed with
find package linux toolchain boot -name \*.mk | \
  xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \
               -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \
               -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-07-17 20:23:05 +02:00
Thomas Petazzoni
f83cd59890 libcurl: fix up prefix in curl-config
While most packages that rely on libcurl use pkg-config, a few
packages (such as libxmlrpc) still use curl-config. So we need to fix
up the prefix locations in the curl-config script installed in
STAGING_DIR.

[Peter: only fixup if prefix=/usr]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-06-11 22:35:45 +02:00
Gustavo Zacarias
357322934d libcurl: bump to version 7.25.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-05-18 22:26:37 +02:00
Gustavo Zacarias
d88a3cc40d libcurl: security bump to version 7.24.0
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-03-11 23:00:50 +01:00
Thomas Petazzoni
300f9c9c9d package: remove useless arguments from AUTOTARGETS
Thanks to the pkgparentdir and pkgname functions, we can rewrite the
AUTOTARGETS macro in a way that avoids the need for each package to
repeat its name and the directory in which it is present.

[Peter: pkgdir->pkgparentdir]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-09-29 23:12:27 +02:00
Gustavo Zacarias
d1a7e85170 libcurl: bump to version 7.21.7
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-09-11 22:04:22 +02:00
Gustavo Zacarias
1d6b9bcf9e libcurl: security bump to 7.21.2
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-11-19 15:46:06 +01:00
Thomas Petazzoni
fa6c7989ac libcurl: convert old-style hook to new-style
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2010-09-12 19:25:00 +02:00
Thomas Petazzoni
28ac3c6785 libcurl: bump version to fix build issue
The ./configure script of libcurl includes <arpa_inet.h> instead of
<arpa/inet.h> when testing for inet_pton(). The test fails, but it
doesn't prevent libcurl to build as it can work without inet_pton().

However, it fills the configure cache with the fact that inet_pton()
does not exist. And later, tcpreplay reads this from the configure
cache and fails to build, because tcpreplay really need inet_pton().

Unfortunately, just fixing the .m4 file doesn't work because the
autoreconfiguration of the package fails. Since the fix for this
problem is already upstream, the easiest solution is therefore to bump
libcurl.

The libcurl-7.19.2-fix-ssl-no-verbose.patch patch is no longer needed.

Since we're patching a m4 file, we must autoreconfigure the package.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2010-07-29 22:18:58 +02:00
Peter Korsgaard
a96be19bc3 package: remove redundant DISABLE_{IPV6,NLS,LARGEFILE} configure args
Makefile.autotools.in automatically adds these to the configure invocation,
so there's no need to explicitly list them.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-03-22 14:29:00 +01:00
Peter Korsgaard
5198e6642c libcurl: fix --without-ssl typo
Reported-by: Nestor <nestor@traceback.com.br>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-06-10 09:27:02 +02:00
Peter Korsgaard
3169b04725 curl: make sure openssl isn't tried when the openssl package isn't enabled
Works around build errors caused by broken Xorg dependencies.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-05-27 07:18:43 +02:00
Peter Korsgaard
a51ce31949 libcurl: fix configure with openssl when target == host. 2009-03-10 21:03:14 +00:00
Thomas Lundquist
c86f23b770 Getting rid of a bit more configure options that's been centralized. 2009-01-18 09:26:28 +00:00
Peter Korsgaard
85f10c757c libcurl/libglade: touch _HOOK_POST_INSTALL target 2008-12-31 09:35:06 +00:00
Peter Korsgaard
5d2ca232ce libcurl: add dummy curl-* targets 2008-12-28 20:06:20 +00:00
Peter Korsgaard
84c556006d libcurl: compile with openssl support if available 2008-12-28 20:04:01 +00:00
Peter Korsgaard
615528ba93 curl: rename to libcurl so Makefile.autotools.in can find patches 2008-12-28 20:00:07 +00:00