Upgraded packages to latest upstream
Upgraded net-misc/curl to v8.1.0-r1
BUG=b/284099241
TEST=presubmit
RELEASE_NOTE=Upgraded net-misc/curl to v8.1.0-r1.
Change-Id: I17d4fc5dc01e2409549a434c7c70e3203c4593ef
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/49750
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: He Gao <hegao@google.com>
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
index 7b6217a..23d9927 100644
--- a/net-misc/curl/Manifest
+++ b/net-misc/curl/Manifest
@@ -1,6 +1,4 @@
-DIST curl-7.87.0.tar.xz 2547932 BLAKE2B b272ec928c5ef1728434630d8910f58834327a30570913df9d47921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13 SHA512 aa125991592667280dce3788aabe81487cf8c55b0afc59d675cc30b76055bb7114f5380b4a0e3b6461a8f81bf9812fa26d493a85f7e01d84263d484a0d699ee7
-DIST curl-7.87.0.tar.xz.asc 488 BLAKE2B 031d8236b357bd3c519548b181254dc0aea1efc1375738bce04f4f331d35bafe99d1ca394ecf5943ede7cae040854b6d2b478fd305147eb7330f8d50e5d95c96 SHA512 0bcc12bafc4ae50d80128af2cf4bf1a1ec6018ebb8d5b9c49f52b51c0c25acc77e820858965656549ef43c1f923f4e5fe75b0a3523623154b4cfb9dc8a1d76e4
-DIST curl-7.88.1.tar.xz 2581032 BLAKE2B ed7e7aa29efb02fd89a53d5c8d0ec79b4d17612ea07d2a6b5a951f0ca651b4cf7264704344b1a0c2d82196f4cb5c08525e06b4cdd432bc3278ff23c7a6580839 SHA512 b8d30c52a6d1c3e272608a7a8db78dfd79aef21330f34d6f1df43839a400e13ac6aac72a383526db0b711a70ecbec89a3b934677d7ecf5094fd64d3dbcb3492f
-DIST curl-7.88.1.tar.xz.asc 488 BLAKE2B ea90d840846fca3f0b17838a84431cb44d6e3f8d2b42c3eced1fb1c929a58e8899b303c93d27ca3cafcaa52e7269ac440e7102191d6b2c2751729a6c4116e82f SHA512 d6dc720533004c4d533cc4fb3dd33ac28d95e114f440ec011e4b58f65d1f4c40cfa10ba26d2e2f2f1f9de99511632578b4758c5e79593c7c30d29788fdf1cbb6
DIST curl-8.0.1.tar.xz 2575544 BLAKE2B 67d82e9d71f0a351b5c2ed3ad5eab02e367ded872658a295179b935729d5105015f8c29569c396e11cd14036656af894ded85c8838cba260d9f6f1a8dcb5e22b SHA512 3bb777982659ed697ae90f113ff7b65d6ce8ba9fe6a8984cfd6769d2f051a72ba953c911abe234c204ec2cc5a35d68b4d033037fad7fba31bb92a52543f8d13d
DIST curl-8.0.1.tar.xz.asc 488 BLAKE2B 452e1bebe1028e7621bbf8829e50cf56e254cd63a8cf2a4c0332176b9f18fb2821304ae556a203996d273c986bddbd04db2218c18fd34dee66e9155861ba50ce SHA512 92c6a0570e9a8a708fe2f717b8b37a68dcb9cd4520ca50c9baafec5891bda103bce2d2dcb67f1387bf11bd7e51e0e64ccd52d196e61d58b598ad3aa1960386cf
+DIST curl-8.1.0.tar.xz 2612568 BLAKE2B 768a824b8f5f6ddaa073599c4106f07a8134bcbe0e0d666390be1bce16ba25386d85930853bb47bc90b2c8a499a0b2abb9c685042563801e0fe58b9c315ac6cc SHA512 b99926f372ddd715cd1d2b54d8fb96b26b085e6501715e25aa57b6c6a7f8452473506ddb284e2f280f8afdb301b7f0c3bfde7ad7ed393b12c022430a9301096d
+DIST curl-8.1.0.tar.xz.asc 488 BLAKE2B c1a8e50eddc7dd140af2af29736eb486e96a6d3b67a9161244daa86558f65522527380c92597a5f10e5dad187f0bda6ac5b9cadc29386bef4492bc047c77b423 SHA512 191a74c7a6b6aa78b7f36e1535fda0701bde8b333a61c90343e1f1b2d65cc5097b5febc5fa42b2f373795ef1b34078790deaaa71c8aaa45eed1c753729a45f3d
diff --git a/net-misc/curl/curl-8.0.1.ebuild b/net-misc/curl/curl-8.1.0-r1.ebuild
similarity index 94%
rename from net-misc/curl/curl-8.0.1.ebuild
rename to net-misc/curl/curl-8.1.0-r1.ebuild
index 0fff9da..45466db 100644
--- a/net-misc/curl/curl-8.0.1.ebuild
+++ b/net-misc/curl/curl-8.1.0-r1.ebuild
@@ -108,9 +108,9 @@
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
-
- # Backports
- "${FILESDIR}"/${PN}-8.0.1-onion-resolution.patch
+ ### Backports
+ "${FILESDIR}"/${P}-numeric-hostname.patch
+ "${FILESDIR}"/${P}-header-length.patch
)
src_prepare() {
@@ -304,9 +304,12 @@
# -k: keep test files after completion
# -am: automake style TAP output
# -p: print logs if test fails
- # Note: if needed, we can skip specific tests. See e.g. Fedora's packaging
- # or just read https://github.com/curl/curl/tree/master/tests#run.
- multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
+ # Note: if needed, we can skip specific tests. Prefix the test number in TFLAGS
+ # with a '!'. For example, to skip test 241 and 1083, use '!241 !1083'.
+ # See https://github.com/curl/curl/tree/master/tests#run for advanced test selection.
+ # The network sandbox causes tests 241 and 1083 to fail; these are typically skipped
+ # as most gentoo users don't have an 'ip6-localhost'
+ multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p !241 !1083"
}
multilib_src_install_all() {
diff --git a/net-misc/curl/files/curl-7.87.0-gnutls-openssl-build.patch b/net-misc/curl/files/curl-7.87.0-gnutls-openssl-build.patch
deleted file mode 100644
index 88463dc..0000000
--- a/net-misc/curl/files/curl-7.87.0-gnutls-openssl-build.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-https://bugs.gentoo.org/887833
-https://github.com/curl/curl/issues/10110
-https://github.com/curl/curl/commit/aef4dc892d012d990c85c7bad0d9d06c2ebfa775
-
-From aef4dc892d012d990c85c7bad0d9d06c2ebfa775 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Thu, 22 Dec 2022 17:40:26 +0100
-Subject: [PATCH] md4: fix build with GnuTLS + OpenSSL v1
-
-Reported-by: Esdras de Morais da Silva
-
-Fixes #10110
-Closes #10142
---- a/lib/md4.c
-+++ b/lib/md4.c
-@@ -86,11 +86,7 @@
- #include "memdebug.h"
-
-
--#if defined(USE_WOLFSSL) && !defined(WOLFSSL_NO_MD4)
--
--#elif defined(USE_OPENSSL) && !defined(OPENSSL_NO_MD4)
--
--#elif defined(USE_GNUTLS)
-+#if defined(USE_GNUTLS)
-
- typedef struct md4_ctx MD4_CTX;
-
-@@ -109,6 +105,10 @@ static void MD4_Final(unsigned char *result, MD4_CTX *ctx)
- md4_digest(ctx, MD4_DIGEST_SIZE, result);
- }
-
-+#elif defined(USE_WOLFSSL) && !defined(WOLFSSL_NO_MD4)
-+
-+#elif defined(USE_OPENSSL) && !defined(OPENSSL_NO_MD4)
-+
- #elif defined(AN_APPLE_OS)
- typedef CC_MD4_CTX MD4_CTX;
-
diff --git a/net-misc/curl/files/curl-7.87.0-typecheck-deprecated.patch b/net-misc/curl/files/curl-7.87.0-typecheck-deprecated.patch
deleted file mode 100644
index dec6d11..0000000
--- a/net-misc/curl/files/curl-7.87.0-typecheck-deprecated.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-https://bugs.gentoo.org/890587
-https://github.com/curl/curl/issues/10148
-https://github.com/curl/curl/commit/e2aed004302e51cfa5b6ce8c8ab65ef92aa83196
-
-From e2aed004302e51cfa5b6ce8c8ab65ef92aa83196 Mon Sep 17 00:00:00 2001
-From: Patrick Monnerat <patrick@monnerat.net>
-Date: Fri, 23 Dec 2022 15:35:27 +0100
-Subject: [PATCH] typecheck: accept expressions for option/info parameters
-
-As expressions can have side effects, evaluate only once.
-
-To enable deprecation reporting only once, get rid of the __typeof__
-use to define the local temporary variable and use the target type
-(CURLoption/CURLINFO). This also avoids multiple reports on type
-conflicts (if some) by the curlcheck_* macros.
-
-Note that CURLOPT_* and CURLINFO_* symbols may be deprecated, but not
-their values: a curl_easy_setopt call with an integer constant as option
-will never report a deprecation.
-
-Reported-by: Thomas Klausner
-Fixes #10148
-Closes #10149
---- a/include/curl/typecheck-gcc.h
-+++ b/include/curl/typecheck-gcc.h
-@@ -42,9 +42,8 @@
- */
- #define curl_easy_setopt(handle, option, value) \
- __extension__({ \
-- CURL_IGNORE_DEPRECATION(__typeof__(option) _curl_opt = option;) \
-+ CURLoption _curl_opt = (option); \
- if(__builtin_constant_p(_curl_opt)) { \
-- (void) option; \
- CURL_IGNORE_DEPRECATION( \
- if(curlcheck_long_option(_curl_opt)) \
- if(!curlcheck_long(value)) \
-@@ -120,9 +119,8 @@
- /* wraps curl_easy_getinfo() with typechecking */
- #define curl_easy_getinfo(handle, info, arg) \
- __extension__({ \
-- CURL_IGNORE_DEPRECATION(__typeof__(info) _curl_info = info;) \
-+ CURLINFO _curl_info = (info); \
- if(__builtin_constant_p(_curl_info)) { \
-- (void) info; \
- CURL_IGNORE_DEPRECATION( \
- if(curlcheck_string_info(_curl_info)) \
- if(!curlcheck_arr((arg), char *)) \
-
diff --git a/net-misc/curl/files/curl-7.88.1-header-dump-segfault.patch b/net-misc/curl/files/curl-7.88.1-header-dump-segfault.patch
deleted file mode 100644
index 48ebb7a..0000000
--- a/net-misc/curl/files/curl-7.88.1-header-dump-segfault.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-https://github.com/curl/curl/commit/1c9cfb7af368feefb522caf81b052ee742a76da8
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Mon, 20 Feb 2023 18:35:13 +0100
-Subject: [PATCH] tool_operate: avoid fclose(NULL) on bad header dump file
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Fixes #10570
-Reported-by: Jérémy Rabasco
-Closes #10571
---- a/src/tool_operate.c
-+++ b/src/tool_operate.c
-@@ -984,12 +984,13 @@ static CURLcode single_transfer(struct GlobalConfig *global,
- */
- if(!per->prev || per->prev->config != config) {
- newfile = fopen(config->headerfile, "wb+");
-- fclose(newfile);
-+ if(newfile)
-+ fclose(newfile);
- }
- newfile = fopen(config->headerfile, "ab+");
-
- if(!newfile) {
-- warnf(global, "Failed to open %s\n", config->headerfile);
-+ errorf(global, "Failed to open %s\n", config->headerfile);
- result = CURLE_WRITE_ERROR;
- break;
- }
diff --git a/net-misc/curl/files/curl-7.88.1-onion-resolution.patch b/net-misc/curl/files/curl-7.88.1-onion-resolution.patch
deleted file mode 100644
index d338562..0000000
--- a/net-misc/curl/files/curl-7.88.1-onion-resolution.patch
+++ /dev/null
@@ -1,134 +0,0 @@
-https://bugs.gentoo.org/887287
-https://github.com/curl/curl/pull/10705
-
-From: Matt Jolly <Matt.Jolly@footclan.ninja>
-Date: Wed, 8 Mar 2023 02:16:45 +1100
-Subject: [PATCH] Refuse to resolve the .onion TLD.
-
-RFC 7686 states that:
-
-> Applications that do not implement the Tor
-> protocol SHOULD generate an error upon the use of .onion and
-> SHOULD NOT perform a DNS lookup.
-
-Let's do that.
-
-See curl/curl#543
-https://www.rfc-editor.org/rfc/rfc7686#section-2
---- a/lib/hostip.c
-+++ b/lib/hostip.c
-@@ -652,6 +652,14 @@ enum resolve_t Curl_resolv(struct Curl_easy *data,
- CURLcode result;
- enum resolve_t rc = CURLRESOLV_ERROR; /* default to failure */
- struct connectdata *conn = data->conn;
-+ /* We should intentionally error and not resolve .onion TLDs */
-+ size_t hostname_len = strlen(hostname);
-+ if(hostname_len >= 7 &&
-+ (curl_strequal(&hostname[hostname_len-6], ".onion") ||
-+ curl_strequal(&hostname[hostname_len-7], ".onion."))) {
-+ failf(data, "Not resolving .onion address (RFC 7686)");
-+ return CURLRESOLV_ERROR;
-+ }
- *entry = NULL;
- #ifndef CURL_DISABLE_DOH
- conn->bits.doh = FALSE; /* default is not */
---- a/tests/data/Makefile.inc
-+++ b/tests/data/Makefile.inc
-@@ -186,8 +186,8 @@ test1432 test1433 test1434 test1435 test1436 test1437 test1438 test1439 \
- test1440 test1441 test1442 test1443 test1444 test1445 test1446 test1447 \
- test1448 test1449 test1450 test1451 test1452 test1453 test1454 test1455 \
- test1456 test1457 test1458 test1459 test1460 test1461 test1462 test1463 \
--test1464 test1465 test1466 test1467 test1468 test1469 \
--\
-+test1464 test1465 test1466 test1467 test1468 test1469 test1471 \
-+test1472 \
- test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
- test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
- test1516 test1517 test1518 test1519 test1520 test1521 test1522 test1523 \
---- /dev/null
-+++ b/tests/data/test1471
-@@ -0,0 +1,39 @@
-+<testcase>
-+<info>
-+<keywords>
-+Onion
-+Tor
-+FAILURE
-+</keywords>
-+</info>
-+#
-+# Server-side
-+<reply>
-+</reply>
-+
-+#
-+# Client-side
-+<client>
-+<server>
-+none
-+</server>
-+<name>
-+Fail to resolve .onion TLD
-+</name>
-+<command>
-+red.onion
-+</command>
-+</client>
-+
-+#
-+# Verify data after the test has been "shot"
-+<verify>
-+# Couldn't resolve host name
-+<errorcode>
-+6
-+</errorcode>
-+<stderr mode="text">
-+curl: (6) Not resolving .onion address (RFC 7686)
-+</stderr>
-+</verify>
-+</testcase>
---- /dev/null
-+++ b/tests/data/test1472
-@@ -0,0 +1,39 @@
-+<testcase>
-+<info>
-+<keywords>
-+Onion
-+Tor
-+FAILURE
-+</keywords>
-+</info>
-+#
-+# Server-side
-+<reply>
-+</reply>
-+
-+#
-+# Client-side
-+<client>
-+<server>
-+none
-+</server>
-+<name>
-+Fail to resolve .onion. TLD
-+</name>
-+<command>
-+tasty.onion.
-+</command>
-+</client>
-+
-+#
-+# Verify data after the test has been "shot"
-+<verify>
-+# Couldn't resolve host name
-+<errorcode>
-+6
-+</errorcode>
-+<stderr mode="text">
-+curl: (6) Not resolving .onion address (RFC 7686)
-+</stderr>
-+</verify>
-+</testcase>
---
-2.39.2
-
diff --git a/net-misc/curl/files/curl-7.88.1-pipewait.patch b/net-misc/curl/files/curl-7.88.1-pipewait.patch
deleted file mode 100644
index 6c626a8..0000000
--- a/net-misc/curl/files/curl-7.88.1-pipewait.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-https://github.com/curl/curl/commit/821f6e2a89de8aec1c7da3c0f381b92b2b801efc
-From: Stefan Eissing <stefan@eissing.org>
-Date: Thu, 9 Feb 2023 16:07:34 +0100
-Subject: [PATCH] CURLOPT_PIPEWAIT: allow waited reuse also for subsequent
- connections
-
-note: Dropped test portion of patch; not shipped in source tarball!
-
-As tested in test_02_07, when firing off 200 urls with --parallel, 199
-wait for the first connection to be established. if that is multiuse,
-urls are added up to its capacity.
-
-The first url over capacity opens another connection. But subsequent
-urls found the same situation and open a connection too. They should
-have waited for the second connection to actually connect and make its
-capacity known.
-
-This change fixes that by
-
-- setting `connkeep()` early in the HTTP setup handler. as otherwise
- a new connection is marked as closeit by default and not considered
- for multiuse at all
-- checking the "connected" status for a candidate always and continuing
- to PIPEWAIT if no alternative is found.
-
-pytest:
-- removed "skip" from test_02_07
-- added test_02_07b to check that http/1.1 continues to work as before
-
-Closes #10456
---- a/lib/http.c
-+++ b/lib/http.c
-@@ -233,6 +233,7 @@ static CURLcode http_setup_conn(struct Curl_easy *data,
-
- Curl_mime_initpart(&http->form);
- data->req.p.http = http;
-+ connkeep(conn, "HTTP default");
-
- if((data->state.httpwant == CURL_HTTP_VERSION_3)
- || (data->state.httpwant == CURL_HTTP_VERSION_3ONLY)) {
---- a/lib/url.c
-+++ b/lib/url.c
-@@ -1170,14 +1170,14 @@ ConnectionExists(struct Curl_easy *data,
- continue;
- }
- }
-+ }
-
-- if(!Curl_conn_is_connected(check, FIRSTSOCKET)) {
-- foundPendingCandidate = TRUE;
-- /* Don't pick a connection that hasn't connected yet */
-- infof(data, "Connection #%ld isn't open enough, can't reuse",
-- check->connection_id);
-- continue;
-- }
-+ if(!Curl_conn_is_connected(check, FIRSTSOCKET)) {
-+ foundPendingCandidate = TRUE;
-+ /* Don't pick a connection that hasn't connected yet */
-+ infof(data, "Connection #%ld isn't open enough, can't reuse",
-+ check->connection_id);
-+ continue;
- }
-
- #ifdef USE_UNIX_SOCKETS
diff --git a/net-misc/curl/files/curl-7.88.1-silent-parallel.patch b/net-misc/curl/files/curl-7.88.1-silent-parallel.patch
deleted file mode 100644
index 1162067..0000000
--- a/net-misc/curl/files/curl-7.88.1-silent-parallel.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-https://github.com/curl/curl/commit/475207c1c834ecf203dc4f3bc1917ae87628b6d0
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Tue, 21 Feb 2023 11:38:03 +0100
-Subject: [PATCH] tool_progress: shut off progress meter for --silent in
- parallel
-
-Reported-by: finkjsc on github
-Fixes #10573
-Closes #10579
---- a/src/tool_progress.c
-+++ b/src/tool_progress.c
-@@ -173,7 +173,7 @@ bool progress_meter(struct GlobalConfig *global,
- struct timeval now;
- long diff;
-
-- if(global->noprogress)
-+ if(global->noprogress || global->silent)
- return FALSE;
-
- now = tvnow();
diff --git a/net-misc/curl/files/curl-8.1.0-header-length.patch b/net-misc/curl/files/curl-8.1.0-header-length.patch
new file mode 100644
index 0000000..6229fd8
--- /dev/null
+++ b/net-misc/curl/files/curl-8.1.0-header-length.patch
@@ -0,0 +1,86 @@
+https://github.com/curl/curl/commit/77c9a9845bbee66f3aff158b8452dc8cd963cbd5.patch
+From: =?UTF-8?q?Emilio=20Cobos=20=C3=81lvarez?= <emilio@crisal.io>
+Date: Thu, 18 May 2023 18:22:57 +0200
+Subject: [PATCH] http2: double http request parser max line length
+
+This works around #11138, by doubling the limit, and should be a
+relatively safe fix.
+
+Ideally the buffer would grow as needed and there would be no need for a
+limit? But that might be follow-up material.
+
+Fixes #11138
+Closes #11139
+---
+ lib/http1.h | 2 ++
+ lib/http2.c | 2 +-
+ lib/vquic/curl_msh3.c | 2 +-
+ lib/vquic/curl_ngtcp2.c | 2 +-
+ lib/vquic/curl_quiche.c | 2 +-
+ 5 files changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/lib/http1.h b/lib/http1.h
+index c2d107587a6f8..8acb9db401a95 100644
+--- a/lib/http1.h
++++ b/lib/http1.h
+@@ -33,6 +33,8 @@
+ #define H1_PARSE_OPT_NONE (0)
+ #define H1_PARSE_OPT_STRICT (1 << 0)
+
++#define H1_PARSE_DEFAULT_MAX_LINE_LEN (8 * 1024)
++
+ struct h1_req_parser {
+ struct http_req *req;
+ struct bufq scratch;
+diff --git a/lib/http2.c b/lib/http2.c
+index 47e6f71393156..4e3b182b8d815 100644
+--- a/lib/http2.c
++++ b/lib/http2.c
+@@ -1860,7 +1860,7 @@ static ssize_t h2_submit(struct stream_ctx **pstream,
+ nghttp2_priority_spec pri_spec;
+ ssize_t nwritten;
+
+- Curl_h1_req_parse_init(&h1, (4*1024));
++ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
+ Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
+
+ *err = http2_data_setup(cf, data, &stream);
+diff --git a/lib/vquic/curl_msh3.c b/lib/vquic/curl_msh3.c
+index 40e89379fc402..173886739b6dc 100644
+--- a/lib/vquic/curl_msh3.c
++++ b/lib/vquic/curl_msh3.c
+@@ -575,7 +575,7 @@ static ssize_t cf_msh3_send(struct Curl_cfilter *cf, struct Curl_easy *data,
+
+ CF_DATA_SAVE(save, cf, data);
+
+- Curl_h1_req_parse_init(&h1, (4*1024));
++ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
+ Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
+
+ /* Sizes must match for cast below to work" */
+diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
+index 05f960afdffa1..7794f148c6ec9 100644
+--- a/lib/vquic/curl_ngtcp2.c
++++ b/lib/vquic/curl_ngtcp2.c
+@@ -1550,7 +1550,7 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
+ nghttp3_data_reader reader;
+ nghttp3_data_reader *preader = NULL;
+
+- Curl_h1_req_parse_init(&h1, (4*1024));
++ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
+ Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
+
+ *err = h3_data_setup(cf, data);
+diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
+index 392b9beb83c59..c63e8e10a22e0 100644
+--- a/lib/vquic/curl_quiche.c
++++ b/lib/vquic/curl_quiche.c
+@@ -913,7 +913,7 @@ static ssize_t h3_open_stream(struct Curl_cfilter *cf,
+ DEBUGASSERT(stream);
+ }
+
+- Curl_h1_req_parse_init(&h1, (4*1024));
++ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
+ Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
+
+ DEBUGASSERT(stream);
diff --git a/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch b/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch
new file mode 100644
index 0000000..6a0dd13
--- /dev/null
+++ b/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch
@@ -0,0 +1,227 @@
+https://github.com/curl/curl/commit/92772e6d395bbdda0e7822d980caf86e8c4aa51c.patch
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Thu, 18 May 2023 00:31:17 +0200
+Subject: [PATCH] urlapi: allow numerical parts in the host name
+
+It can only be an IPv4 address if all parts are all digits and no more than
+four parts, otherwise it is a host name. Even slightly wrong IPv4 will now be
+passed through as a host name.
+
+Regression from 17a15d88467 shipped in 8.1.0
+
+Extended test 1560 accordingly.
+
+Reported-by: Pavel Kalyugin
+Fixes #11129
+Closes #11131
+--- a/lib/urlapi.c
++++ b/lib/urlapi.c
+@@ -34,6 +34,7 @@
+ #include "inet_ntop.h"
+ #include "strdup.h"
+ #include "idn.h"
++#include "curl_memrchr.h"
+
+ /* The last 3 #include files should be in this order */
+ #include "curl_printf.h"
+@@ -643,8 +644,8 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname,
+ * Handle partial IPv4 numerical addresses and different bases, like
+ * '16843009', '0x7f', '0x7f.1' '0177.1.1.1' etc.
+ *
+- * If the given input string is syntactically wrong or any part for example is
+- * too big, this function returns FALSE and doesn't create any output.
++ * If the given input string is syntactically wrong IPv4 or any part for
++ * example is too big, this function returns HOST_NAME.
+ *
+ * Output the "normalized" version of that input string in plain quad decimal
+ * integers.
+@@ -675,7 +676,7 @@ static int ipv4_normalize(struct dynbuf *host)
+ unsigned long l;
+ if(!ISDIGIT(*c))
+ /* most importantly this doesn't allow a leading plus or minus */
+- return n ? HOST_BAD : HOST_NAME;
++ return HOST_NAME;
+ l = strtoul(c, &endp, 0);
+
+ parts[n] = l;
+@@ -684,7 +685,7 @@ static int ipv4_normalize(struct dynbuf *host)
+ switch(*c) {
+ case '.':
+ if(n == 3)
+- return HOST_BAD;
++ return HOST_NAME;
+ n++;
+ c++;
+ break;
+@@ -694,39 +695,40 @@ static int ipv4_normalize(struct dynbuf *host)
+ break;
+
+ default:
+- return n ? HOST_BAD : HOST_NAME;
++ return HOST_NAME;
+ }
+
+ /* overflow */
+ if((l == ULONG_MAX) && (errno == ERANGE))
+- return HOST_BAD;
++ return HOST_NAME;
+
+ #if SIZEOF_LONG > 4
+ /* a value larger than 32 bits */
+ if(l > UINT_MAX)
+- return HOST_BAD;
++ return HOST_NAME;
+ #endif
+ }
+
+- /* this is a valid IPv4 numerical address */
+- Curl_dyn_reset(host);
+-
+ switch(n) {
+ case 0: /* a -- 32 bits */
++ Curl_dyn_reset(host);
++
+ result = Curl_dyn_addf(host, "%u.%u.%u.%u",
+ parts[0] >> 24, (parts[0] >> 16) & 0xff,
+ (parts[0] >> 8) & 0xff, parts[0] & 0xff);
+ break;
+ case 1: /* a.b -- 8.24 bits */
+ if((parts[0] > 0xff) || (parts[1] > 0xffffff))
+- return HOST_BAD;
++ return HOST_NAME;
++ Curl_dyn_reset(host);
+ result = Curl_dyn_addf(host, "%u.%u.%u.%u",
+ parts[0], (parts[1] >> 16) & 0xff,
+ (parts[1] >> 8) & 0xff, parts[1] & 0xff);
+ break;
+ case 2: /* a.b.c -- 8.8.16 bits */
+ if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xffff))
+- return HOST_BAD;
++ return HOST_NAME;
++ Curl_dyn_reset(host);
+ result = Curl_dyn_addf(host, "%u.%u.%u.%u",
+ parts[0], parts[1], (parts[2] >> 8) & 0xff,
+ parts[2] & 0xff);
+@@ -734,7 +736,8 @@ static int ipv4_normalize(struct dynbuf *host)
+ case 3: /* a.b.c.d -- 8.8.8.8 bits */
+ if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xff) ||
+ (parts[3] > 0xff))
+- return HOST_BAD;
++ return HOST_NAME;
++ Curl_dyn_reset(host);
+ result = Curl_dyn_addf(host, "%u.%u.%u.%u",
+ parts[0], parts[1], parts[2], parts[3]);
+ break;
+@@ -796,6 +799,9 @@ static CURLUcode parse_authority(struct Curl_URL *u,
+ if(result)
+ goto out;
+
++ if(!Curl_dyn_len(host))
++ return CURLUE_NO_HOST;
++
+ switch(ipv4_normalize(host)) {
+ case HOST_IPV4:
+ break;
+--- a/tests/libtest/lib1560.c
++++ b/tests/libtest/lib1560.c
+@@ -474,6 +474,13 @@ static const struct testcase get_parts_list[] ={
+ };
+
+ static const struct urltestcase get_url_list[] = {
++ {"https://1.0x1000000", "https://1.0x1000000/", 0, 0, CURLUE_OK},
++ {"https://0x7f.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
++ {"https://1.2.3.256.com", "https://1.2.3.256.com/", 0, 0, CURLUE_OK},
++ {"https://10.com", "https://10.com/", 0, 0, CURLUE_OK},
++ {"https://1.2.com", "https://1.2.com/", 0, 0, CURLUE_OK},
++ {"https://1.2.3.com", "https://1.2.3.com/", 0, 0, CURLUE_OK},
++ {"https://1.2.com.99", "https://1.2.com.99/", 0, 0, CURLUE_OK},
+ {"https://[fe80::0000:20c:29ff:fe9c:409b]:80/moo",
+ "https://[fe80::20c:29ff:fe9c:409b]:80/moo",
+ 0, 0, CURLUE_OK},
+@@ -522,22 +529,24 @@ static const struct urltestcase get_url_list[] = {
+
+ /* IPv4 trickeries */
+ {"https://16843009", "https://1.1.1.1/", 0, 0, CURLUE_OK},
+- {"https://0x7f.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
+ {"https://0177.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
+ {"https://0111.02.0x3", "https://73.2.0.3/", 0, 0, CURLUE_OK},
++ {"https://0111.02.0x3.", "https://0111.02.0x3./", 0, 0, CURLUE_OK},
++ {"https://0111.02.030", "https://73.2.0.24/", 0, 0, CURLUE_OK},
++ {"https://0111.02.030.", "https://0111.02.030./", 0, 0, CURLUE_OK},
+ {"https://0xff.0xff.0377.255", "https://255.255.255.255/", 0, 0, CURLUE_OK},
+ {"https://1.0xffffff", "https://1.255.255.255/", 0, 0, CURLUE_OK},
+ /* IPv4 numerical overflows or syntax errors will not normalize */
+ {"https://a127.0.0.1", "https://a127.0.0.1/", 0, 0, CURLUE_OK},
+ {"https://\xff.127.0.0.1", "https://%FF.127.0.0.1/", 0, CURLU_URLENCODE,
+ CURLUE_OK},
+- {"https://127.-0.0.1", "https://127.-0.0.1/", 0, 0, CURLUE_BAD_HOSTNAME},
++ {"https://127.-0.0.1", "https://127.-0.0.1/", 0, 0, CURLUE_OK},
+ {"https://127.0. 1", "https://127.0.0.1/", 0, 0, CURLUE_MALFORMED_INPUT},
+- {"https://1.0x1000000", "https://1.0x1000000/", 0, 0, CURLUE_BAD_HOSTNAME},
+- {"https://1.2.3.256", "https://1.2.3.256/", 0, 0, CURLUE_BAD_HOSTNAME},
+- {"https://1.2.3.4.5", "https://1.2.3.4.5/", 0, 0, CURLUE_BAD_HOSTNAME},
+- {"https://1.2.0x100.3", "https://1.2.0x100.3/", 0, 0, CURLUE_BAD_HOSTNAME},
+- {"https://4294967296", "https://4294967296/", 0, 0, CURLUE_BAD_HOSTNAME},
++ {"https://1.2.3.256", "https://1.2.3.256/", 0, 0, CURLUE_OK},
++ {"https://1.2.3.256.", "https://1.2.3.256./", 0, 0, CURLUE_OK},
++ {"https://1.2.3.4.5", "https://1.2.3.4.5/", 0, 0, CURLUE_OK},
++ {"https://1.2.0x100.3", "https://1.2.0x100.3/", 0, 0, CURLUE_OK},
++ {"https://4294967296", "https://4294967296/", 0, 0, CURLUE_OK},
+ {"https://123host", "https://123host/", 0, 0, CURLUE_OK},
+ /* 40 bytes scheme is the max allowed */
+ {"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA://hostname/path",
+@@ -599,20 +608,11 @@ static const struct urltestcase get_url_list[] = {
+ 0, 0, CURLUE_OK},
+ /* here the password has the semicolon */
+ {"http://user:pass;word@host/file",
+- "http://user:pass;word@host/file",
+- 0, 0, CURLUE_OK},
+- {"file:///file.txt#moo",
+- "file:///file.txt#moo",
+- 0, 0, CURLUE_OK},
+- {"file:////file.txt",
+- "file:////file.txt",
+- 0, 0, CURLUE_OK},
+- {"file:///file.txt",
+- "file:///file.txt",
+- 0, 0, CURLUE_OK},
+- {"file:./",
+- "file://",
+- 0, 0, CURLUE_BAD_SCHEME},
++ "http://user:pass;word@host/file", 0, 0, CURLUE_OK},
++ {"file:///file.txt#moo", "file:///file.txt#moo", 0, 0, CURLUE_OK},
++ {"file:////file.txt", "file:////file.txt", 0, 0, CURLUE_OK},
++ {"file:///file.txt", "file:///file.txt", 0, 0, CURLUE_OK},
++ {"file:./", "file://", 0, 0, CURLUE_OK},
+ {"http://example.com/hello/../here",
+ "http://example.com/hello/../here",
+ CURLU_PATH_AS_IS, 0, CURLUE_OK},
+@@ -1124,7 +1124,7 @@ static int get_url(void)
+ }
+ curl_free(url);
+ }
+- else if(rc != get_url_list[i].ucode) {
++ if(rc != get_url_list[i].ucode) {
+ fprintf(stderr, "Get URL\nin: %s\nreturned %d (expected %d)\n",
+ get_url_list[i].in, (int)rc, get_url_list[i].ucode);
+ error++;
+@@ -1515,6 +1515,9 @@ int test(char *URL)
+ {
+ (void)URL; /* not used */
+
++ if(get_url())
++ return 3;
++
+ if(huge())
+ return 9;
+
+@@ -1533,9 +1536,6 @@ int test(char *URL)
+ if(set_parts())
+ return 2;
+
+- if(get_url())
+- return 3;
+-
+ if(get_parts())
+ return 4;
+
diff --git a/net-misc/curl/metadata.xml b/net-misc/curl/metadata.xml
index cdd47f1..10ae7d7 100644
--- a/net-misc/curl/metadata.xml
+++ b/net-misc/curl/metadata.xml
@@ -20,7 +20,6 @@
<flag name="imap">Enable Internet Message Access Protocol support</flag>
<flag name="mbedtls">Enable mbedtls ssl backend</flag>
<flag name="nghttp3">Enable HTTP/3.0 support using <pkg>net-libs/nghttp3</pkg> and <pkg>net-libs/ngtcp2</pkg></flag>
- <flag name="quiche">Enable HTTP/3.0 support using <pkg>net-libs/quiche</pkg></flag>
<flag name="nss">Enable nss ssl backend</flag>
<flag name="openssl">Enable openssl ssl backend</flag>
<flag name="pop3">Enable Post Office Protocol 3 support</flag>