%{?scl:%scl_package curl}

%{!?scl:%global pkg_name %{name}}

%{?scl:%filter_from_provides /libcurl.so/d}

%{?scl:%filter_setup}

Summary: A utility for getting files from remote servers (FTP, HTTP, and others)

Name: %{?scl_prefix}curl

Version: 7.61.0

Release: 5%{?dist}

License: MIT

Source: https://curl.haxx.se/download/%{pkg_name}-%{version}.tar.xz

# patch making libcurl multilib ready

Patch101: 0101-curl-7.32.0-multilib.patch

# prevent configure script from discarding -g in CFLAGS (#496778)

Patch102: 0102-curl-7.36.0-debug.patch

# migrate tests/http_pipe.py to Python 3

Patch103: 0103-curl-7.59.0-python3.patch

# use localhost6 instead of ip6-localhost in the curl test-suite

Patch104: 0104-curl-7.19.7-localhost6.patch

# migrate more to Python3

Patch105: python-2-to-3.patch

Provides: %{?scl_prefix}curl-full = %{version}-%{release}

Provides: %{?scl_prefix}webclient

URL: https://curl.haxx.se/

#BuildRequires: automake

#BuildRequires: brotli-devel

BuildRequires: coreutils

BuildRequires: gcc

BuildRequires: groff

BuildRequires: krb5-devel

BuildRequires: libidn-devel

#BuildRequires: libmetalink-devel

#BuildRequires: libnghttp2-devel

#BuildRequires: libpsl-devel

BuildRequires: libssh2-devel

BuildRequires: make

BuildRequires: openldap-devel

BuildRequires: openssh-clients

BuildRequires: openssh-server

BuildRequires: openssl-devel

BuildRequires: pkgconfig

BuildRequires: python3-devel

BuildRequires: sed

BuildRequires: stunnel

BuildRequires: zlib-devel

# gnutls-serv is used by the upstream test-suite

BuildRequires: gnutls-utils

# nghttpx (an HTTP/2 proxy) is used by the upstream test-suite

#BuildRequires: nghttp2

# perl modules used in the test suite

BuildRequires: perl(Cwd)

BuildRequires: perl(Digest::MD5)

BuildRequires: perl(Exporter)

BuildRequires: perl(File::Basename)

BuildRequires: perl(File::Copy)

BuildRequires: perl(File::Spec)

BuildRequires: perl(IPC::Open2)

BuildRequires: perl(MIME::Base64)

BuildRequires: perl(strict)

BuildRequires: perl(Time::Local)

BuildRequires: perl(Time::HiRes)

BuildRequires: perl(warnings)

BuildRequires: perl(vars)

# The test-suite runs automatically through valgrind if valgrind is available

# on the system.  By not installing valgrind into mock's chroot, we disable

# this feature for production builds on architectures where valgrind is known

# to be less reliable, in order to avoid unnecessary build failures (see RHBZ

# #810992, #816175, and #886891).  Nevertheless developers are free to install

# valgrind manually to improve test coverage on any architecture.

%ifarch x86_64 %{ix86}

BuildRequires: valgrind

%endif

# using an older version of libcurl could result in CURLE_UNKNOWN_OPTION

Requires: %{?scl_prefix}libcurl%{?_isa} >= %{version}-%{release}

# require at least the version of libssh that we were built against,

# to ensure that we have the necessary symbols available (#525002, #642796)

%global libssh_version %(pkg-config --modversion libssh2 2>/dev/null || echo 0)

# require at least the version of openssl-libs that we were built against,

# to ensure that we have the necessary symbols available (#1462184, #1462211)

%global openssl_version %(pkg-config --modversion openssl 2>/dev/null || echo 0)

%description

curl is a command line tool for transferring data with URL syntax, supporting

FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,

SMTP, POP3 and RTSP.  curl supports SSL certificates, HTTP POST, HTTP PUT, FTP

uploading, HTTP form based upload, proxies, cookies, user+password

authentication (Basic, Digest, NTLM, Negotiate, kerberos...), file transfer

resume, proxy tunneling and a busload of other useful tricks. 

%package -n %{?scl_prefix}libcurl

Summary: A library for getting files from web servers

Requires: libssh2%{?_isa} >= %{libssh_version}

Requires: openssl-libs%{?_isa} >= 1:%{openssl_version}

Provides: %{?scl_prefix}libcurl-full = %{version}-%{release}

Provides: %{?scl_prefix}libcurl-full%{?_isa} = %{version}-%{release}

%{?scl:Requires: %scl_runtime}

%description -n %{?scl_prefix}libcurl

libcurl is a free and easy-to-use client-side URL transfer library, supporting

FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP,

SMTP, POP3 and RTSP. libcurl supports SSL certificates, HTTP POST, HTTP PUT,

FTP uploading, HTTP form based upload, proxies, cookies, user+password

authentication (Basic, Digest, NTLM, Negotiate, Kerberos4), file transfer

resume, http proxy tunneling and more.

%package -n %{?scl_prefix}libcurl-devel

Summary: Files needed for building applications with libcurl

Requires: %{?scl_prefix}libcurl%{?_isa} = %{version}-%{release}

Provides: %{?scl_prefix}curl-devel = %{version}-%{release}

Provides: %{?scl_prefix}curl-devel%{?_isa} = %{version}-%{release}

Obsoletes: %{?scl_prefix}curl-devel < %{version}-%{release}

%description -n %{?scl_prefix}libcurl-devel

The libcurl-devel package includes header files and libraries necessary for

developing programs which use the libcurl library. It contains the API

documentation of the library, too.

%prep

%setup -q -n %{pkg_name}-%{version}

# upstream patches

# Fedora patches

%patch101 -p1

%patch102 -p1

%patch103 -p1

%patch104 -p1

%patch105 -p1

# make tests/*.py use Python 3

sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py

# regenerate Makefile.in files

#aclocal -I m4

#automake

# disable test 1112 (#565305), test 1455 (occasionally fails with 'bind failed

# with errno 98: Address already in use' in Koji environment), and test 1801

# <https://github.com/bagder/curl/commit/21e82bd6#commitcomment-12226582>

# and test 1900, which is flaky and covers a deprecated feature of libcurl

# <https://github.com/curl/curl/pull/2705>

printf "1112\n1455\n1801\n1900\n" >> tests/data/DISABLED

# disable test 1319 on ppc64 (server times out)

%ifarch ppc64

echo "1319" >> tests/data/DISABLED

%endif

# temporarily disable test 582 on s390x (client times out)

%ifarch s390x

echo "582" >> tests/data/DISABLED

%endif

# adapt test 323 for updated OpenSSL

sed -e 's/^35$/35,52/' -i tests/data/test323

%build

mkdir build-full

export common_configure_opts=" \

    --cache-file=../config.cache \

    --disable-static \

    --enable-symbol-hiding \

    --enable-ipv6 \

    --enable-threaded-resolver \

    --with-gssapi \

    --with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"

%global _configure ../configure

# configure full build

(

    cd build-full

    %configure $common_configure_opts \

        --enable-ldap \

        --enable-ldaps \

        --enable-manual \

        --without-brotli \

        --with-libidn \

        --without-libmetalink \

        --without-libpsl \

        --with-libssh2 \

        --without-nghttp2

)

# avoid using rpath

sed -e 's/^runpath_var=.*/runpath_var=/' \

    -e 's/^hardcode_libdir_flag_spec=".*"$/hardcode_libdir_flag_spec=""/' \

    -i build-full/libtool

# make %{?_smp_mflags} V=1 -C build-minimal

make %{?_smp_mflags} V=1 -C build-full

%check

# we have to override LD_LIBRARY_PATH because we eliminated rpath

LD_LIBRARY_PATH="$RPM_BUILD_ROOT%{_libdir}:$LD_LIBRARY_PATH"

export LD_LIBRARY_PATH

# compile upstream test-cases

cd build-full/tests

make %{?_smp_mflags} V=1

# relax crypto policy for the test-suite to make it pass again (#1611712)

export OPENSSL_SYSTEM_CIPHERS_OVERRIDE=XXX

export OPENSSL_CONF=

# run the upstream test-suite

srcdir=../../tests perl -I../../tests ../../tests/runtests.pl -a -p -v '!flaky'

%install

# install libcurl.m4

install -d $RPM_BUILD_ROOT%{_datadir}/aclocal

install -m 644 docs/libcurl/libcurl.m4 $RPM_BUILD_ROOT%{_datadir}/aclocal

# install the executable and library that will be packaged as curl and libcurl

cd build-full

make DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p" install

# install zsh completion for curl

# (we have to override LD_LIBRARY_PATH because we eliminated rpath)

LD_LIBRARY_PATH="$RPM_BUILD_ROOT%{_libdir}:$LD_LIBRARY_PATH" \

    make DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p" install -C scripts

rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la

%post -n %{?scl_prefix}libcurl -p /sbin/ldconfig

%postun -n %{?scl_prefix}libcurl -p /sbin/ldconfig

%files

%doc CHANGES README*

%doc docs/BUGS docs/FAQ docs/FEATURES

%doc docs/MANUAL docs/RESOURCES

%doc docs/TheArtOfHttpScripting docs/TODO

%{_bindir}/curl

%{_mandir}/man1/curl.1*

%{_datadir}/zsh/site-functions

%files -n %{?scl_prefix}libcurl

%license COPYING

%{_libdir}/libcurl.so.4

%{_libdir}/libcurl.so.4.[0-9].[0-9]

%files -n %{?scl_prefix}libcurl-devel

%doc docs/examples/*.c docs/examples/Makefile.example docs/INTERNALS.md

%doc docs/CONTRIBUTE.md docs/libcurl/ABI

%{_bindir}/curl-config*

%{_includedir}/curl

%{_libdir}/*.so

%{_libdir}/pkgconfig/*.pc

%{_mandir}/man1/curl-config.1*

%{_mandir}/man3/*

%{_datadir}/aclocal/libcurl.m4

%changelog

* Tue Oct 01 2019 Omair Majid <omajid@redhat.com> - 7.61.0-5

- Migrate more tests to python 3 and fix syntax errors during test

- Resolves: RHBZ#1746116

* Fri Sep 27 2019 Omair Majid <omajid@redhat.com> - 7.61.0-4

- Initial build for rh-dotnet30

- SCL'ize package

- Remove -minimal package

- Fix dependencies to work on RHEL 7

- Resolves: RHBZ#1746116

* Tue Aug 07 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-4

- relax crypto policy for the test-suite to make it pass again (#1611712)

* Tue Jul 31 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-3

- disable flaky test 1900, which covers deprecated HTTP pipelining

- adapt test 323 for updated OpenSSL

* Tue Jul 17 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-2

- rebuild against against brotli-1.0.5

* Wed Jul 11 2018 Kamil Dudka <kdudka@redhat.com> - 7.61.0-1

- new upstream release, which fixes the following vulnerability

    CVE-2018-0500 - SMTP send heap buffer overflow

* Tue Jul 10 2018 Kamil Dudka <kdudka@redhat.com> - 7.60.0-3

- enable support for brotli compression in libcurl-full

* Wed Jul 04 2018 Kamil Dudka <kdudka@redhat.com> - 7.60.0-2

- do not hard-wire path of the Python 3 interpreter

* Wed May 16 2018 Kamil Dudka <kdudka@redhat.com> - 7.60.0-1

- new upstream release, which fixes the following vulnerabilities

    CVE-2018-1000300 - FTP shutdown response buffer overflow

    CVE-2018-1000301 - RTSP bad headers buffer over-read

* Thu Mar 15 2018 Kamil Dudka <kdudka@redhat.com> - 7.59.0-3

- make the test-suite use Python 3

* Wed Mar 14 2018 Kamil Dudka <kdudka@redhat.com> - 7.59.0-2

- ftp: fix typo in recursive callback detection for seeking

* Wed Mar 14 2018 Kamil Dudka <kdudka@redhat.com> - 7.59.0-1

- new upstream release, which fixes the following vulnerabilities

    CVE-2018-1000120 - FTP path trickery leads to NIL byte out of bounds write

    CVE-2018-1000121 - LDAP NULL pointer dereference

    CVE-2018-1000122 - RTSP RTP buffer over-read

* Mon Mar 12 2018 Kamil Dudka <kdudka@redhat.com> - 7.58.0-8

- http2: mark the connection for close on GOAWAY

* Mon Feb 19 2018 Paul Howarth <paul@city-fan.org> - 7.58.0-7

- Add explicity-used build requirements

- Fix libcurl soname version number in %%files list to avoid accidental soname

  bumps

* Thu Feb 15 2018 Paul Howarth <paul@city-fan.org> - 7.58.0-6

- switch to %%ldconfig_scriptlets

- drop legacy BuildRoot: and Group: tags

- enforce versioned libssh dependency for libcurl

* Tue Feb 13 2018 Kamil Dudka <kdudka@redhat.com> - 7.58.0-5

- drop temporary workaround for #1540549

* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 7.58.0-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Wed Jan 31 2018 Kamil Dudka <kdudka@redhat.com> - 7.58.0-3

- temporarily work around internal compiler error on x86_64 (#1540549)

- disable brp-ldconfig to make RemovePathPostfixes work with shared libs again

* Wed Jan 24 2018 Andreas Schneider <asn@redhat.com> - 7.58.0-2

- use libssh (instead of libssh2) to implement SCP/SFTP in libcurl (#1531483)

* Wed Jan 24 2018 Kamil Dudka <kdudka@redhat.com> - 7.58.0-1

- new upstream release, which fixes the following vulnerabilities

    CVE-2018-1000005 - curl: HTTP/2 trailer out-of-bounds read

    CVE-2018-1000007 - curl: HTTP authentication leak in redirects

* Wed Nov 29 2017 Kamil Dudka <kdudka@redhat.com> - 7.57.0-1

- new upstream release, which fixes the following vulnerabilities

    CVE-2017-8816 - curl: NTLM buffer overflow via integer overflow

    CVE-2017-8817 - curl: FTP wildcard out of bounds read

    CVE-2017-8818 - curl: SSL out of buffer access

* Mon Oct 23 2017 Kamil Dudka <kdudka@redhat.com> - 7.56.1-1

- new upstream release (fixes CVE-2017-1000257)

* Wed Oct 04 2017 Kamil Dudka <kdudka@redhat.com> - 7.56.0-1

- new upstream release (fixes CVE-2017-1000254)

* Mon Aug 28 2017 Kamil Dudka <kdudka@redhat.com> - 7.55.1-5

- apply the patch for the previous commit and fix its name (#1485702)

* Mon Aug 28 2017 Bastien Nocera <bnocera@redhat.com> - 7.55.1-4

- Fix NetworkManager connectivity check not working (#1485702)

* Tue Aug 22 2017 Kamil Dudka <kdudka@redhat.com> 7.55.1-3

- utilize system wide crypto policies for TLS (#1483972)

* Tue Aug 15 2017 Kamil Dudka <kdudka@redhat.com> 7.55.1-2

- make zsh completion work again

* Mon Aug 14 2017 Kamil Dudka <kdudka@redhat.com> 7.55.1-1

- new upstream release

* Wed Aug 09 2017 Kamil Dudka <kdudka@redhat.com> 7.55.0-1

- drop multilib fix for libcurl header files no longer needed

- new upstream release, which fixes the following vulnerabilities

    CVE-2017-1000099 - FILE buffer read out of bounds

    CVE-2017-1000100 - TFTP sends more than buffer size

    CVE-2017-1000101 - URL globbing out of bounds read

* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 7.54.1-8

- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

* Fri Jul 28 2017 Florian Weimer <fweimer@redhat.com> - 7.54.1-7

- Rebuild with fixed binutils (#1475636)

* Fri Jul 28 2017 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 7.54.1-6

- Enable separate debuginfo back

* Thu Jul 27 2017 Kamil Dudka <kdudka@redhat.com> 7.54.1-5

- rebuild to fix broken linkage of cmake on ppc64le

* Wed Jul 26 2017 Kamil Dudka <kdudka@redhat.com> 7.54.1-4

- avoid build failure caused broken RPM code that produces debuginfo packages

* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 7.54.1-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

* Mon Jun 19 2017 Kamil Dudka <kdudka@redhat.com> 7.54.1-2

- enforce versioned openssl-libs dependency for libcurl (#1462184)

* Wed Jun 14 2017 Kamil Dudka <kdudka@redhat.com> 7.54.1-1

- new upstream release

* Tue May 16 2017 Kamil Dudka <kdudka@redhat.com> 7.54.0-5

- add *-full provides for curl and libcurl to make them explicitly installable

* Thu May 04 2017 Kamil Dudka <kdudka@redhat.com> 7.54.0-4

- make curl-minimal require a new enough version of libcurl

* Thu Apr 27 2017 Kamil Dudka <kdudka@redhat.com> 7.54.0-3

- switch the TLS backend back to OpenSSL (#1445153)

* Tue Apr 25 2017 Kamil Dudka <kdudka@redhat.com> 7.54.0-2

- nss: use libnssckbi.so as the default source of trust

- nss: do not leak PKCS #11 slot while loading a key (#1444860)

* Thu Apr 20 2017 Kamil Dudka <kdudka@redhat.com> 7.54.0-1

- new upstream release (fixes CVE-2017-7468)

* Thu Apr 13 2017 Paul Howarth <paul@city-fan.org> 7.53.1-7

- add %%post and %%postun scriptlets for libcurl-minimal

- libcurl-minimal provides both libcurl and libcurl%%{?_isa}

- remove some legacy spec file cruft

* Wed Apr 12 2017 Kamil Dudka <kdudka@redhat.com> 7.53.1-6

- provide (lib)curl-minimal subpackages with lightweight build of (lib)curl

* Mon Apr 10 2017 Kamil Dudka <kdudka@redhat.com> 7.53.1-5

- disable upstream test 2033 (flaky test for HTTP/1 pipelining)

* Fri Apr 07 2017 Kamil Dudka <kdudka@redhat.com> 7.53.1-4

- fix out of bounds read in curl --write-out (CVE-2017-7407)

* Mon Mar 06 2017 Kamil Dudka <kdudka@redhat.com> 7.53.1-3

- make the dependency on nss-pem arch-specific (#1428550)

* Thu Mar 02 2017 Kamil Dudka <kdudka@redhat.com> 7.53.1-2

- re-enable valgrind on ix86 because sqlite is fixed (#1428286)

* Fri Feb 24 2017 Kamil Dudka <kdudka@redhat.com> 7.53.1-1

- new upstream release

* Wed Feb 22 2017 Kamil Dudka <kdudka@redhat.com> 7.53.0-1

- do not use valgrind on ix86 until sqlite is rebuilt by patched GCC (#1423434)

- new upstream release (fixes CVE-2017-2629)

* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 7.52.1-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

* Fri Dec 23 2016 Kamil Dudka <kdudka@redhat.com> 7.52.1-1

- new upstream release (fixes CVE-2016-9586)

* Mon Nov 21 2016 Kamil Dudka <kdudka@redhat.com> 7.51.0-3

- map CURL_SSLVERSION_DEFAULT to NSS default, add support for TLS 1.3 (#1396719)

* Tue Nov 15 2016 Kamil Dudka <kdudka@redhat.com> 7.51.0-2

- stricter host name checking for file:// URLs

- ssh: check md5 fingerprints case insensitively

* Wed Nov 02 2016 Kamil Dudka <kdudka@redhat.com> 7.51.0-1

- temporarily disable failing libidn2 test-cases

- new upstream release, which fixes the following vulnerabilities

    CVE-2016-8615 - Cookie injection for other servers

    CVE-2016-8616 - Case insensitive password comparison

    CVE-2016-8617 - Out-of-bounds write via unchecked multiplication

    CVE-2016-8618 - Double-free in curl_maprintf

    CVE-2016-8619 - Double-free in krb5 code

    CVE-2016-8620 - Glob parser write/read out of bounds

    CVE-2016-8621 - curl_getdate out-of-bounds read

    CVE-2016-8622 - URL unescape heap overflow via integer truncation

    CVE-2016-8623 - Use-after-free via shared cookies

    CVE-2016-8624 - Invalid URL parsing with '#'

    CVE-2016-8625 - IDNA 2003 makes curl use wrong host

* Thu Oct 20 2016 Kamil Dudka <kdudka@redhat.com> 7.50.3-3

- drop 0103-curl-7.50.0-stunnel.patch no longer needed

* Fri Oct 07 2016 Kamil Dudka <kdudka@redhat.com> 7.50.3-2

- use the just built version of libcurl while generating zsh completion

* Wed Sep 14 2016 Kamil Dudka <kdudka@redhat.com> 7.50.3-1

- new upstream release (fixes CVE-2016-7167)

* Wed Sep 07 2016 Kamil Dudka <kdudka@redhat.com> 7.50.2-1

- new upstream release

* Fri Aug 26 2016 Kamil Dudka <kdudka@redhat.com> 7.50.1-2

- work around race condition in PK11_FindSlotByName()

- fix incorrect use of a previously loaded certificate from file

  (related to CVE-2016-5420)

* Wed Aug 03 2016 Kamil Dudka <kdudka@redhat.com> 7.50.1-1

- new upstream release (fixes CVE-2016-5419, CVE-2016-5420, and CVE-2016-5421)

* Tue Jul 26 2016 Kamil Dudka <kdudka@redhat.com> 7.50.0-2

- run HTTP/2 tests on all architectures (#1360319 now worked around in nghttp2)

* Thu Jul 21 2016 Kamil Dudka <kdudka@redhat.com> 7.50.0-1

- run HTTP/2 tests only on Intel for now to work around #1358845

- require nss-pem because it is no longer included in the nss package (#1347336)

- fix HTTPS and FTPS tests (work around stunnel bug #1358810)

- new upstream release

* Fri Jun 17 2016 Kamil Dudka <kdudka@redhat.com> 7.49.1-3

- use multilib-rpm-config to install arch-dependent header files

* Fri Jun 03 2016 Kamil Dudka <kdudka@redhat.com> 7.49.1-2

- fix SIGSEGV of the curl tool while parsing URL with too many globs (#1340757)

* Mon May 30 2016 Kamil Dudka <kdudka@redhat.com> 7.49.1-1

- new upstream release

* Wed May 18 2016 Kamil Dudka <kdudka@redhat.com> 7.49.0-1

- new upstream release

* Wed Mar 23 2016 Kamil Dudka <kdudka@redhat.com> 7.48.0-1

- new upstream release

* Wed Mar 02 2016 Kamil Dudka <kdudka@redhat.com> 7.47.1-4

- do not refuse cookies for localhost (#1308791)

* Wed Feb 17 2016 Kamil Dudka <kdudka@redhat.com> 7.47.1-3

- make SCP and SFTP test-cases work with up2date OpenSSH

* Wed Feb 10 2016 Kamil Dudka <kdudka@redhat.com> 7.47.1-2

- enable support for Public Suffix List (#1305701)

* Mon Feb 08 2016 Kamil Dudka <kdudka@redhat.com> 7.47.1-1

- new upstream release

* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 7.47.0-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

* Wed Jan 27 2016 Kamil Dudka <kdudka@redhat.com> 7.47.0-1

- new upstream release (fixes CVE-2016-0755)

* Fri Dec  4 2015 Kamil Dudka <kdudka@redhat.com> 7.46.0-2

- own /usr/share/zsh/site-functions instead of requiring zsh (#1288529)

* Wed Dec  2 2015 Kamil Dudka <kdudka@redhat.com> 7.46.0-1

- disable silent builds (suggested by Paul Howarth)

- use default port numbers when running the upstream test-suite

- install zsh completion script

- new upstream release

* Wed Oct  7 2015 Paul Howarth <paul@city-fan.org> 7.45.0-1

- new upstream release

- drop %%defattr, redundant since rpm 4.4

* Fri Sep 18 2015 Kamil Dudka <kdudka@redhat.com> 7.44.0-2

- prevent NSS from incorrectly re-using a session (#1104597)

* Wed Aug 12 2015 Kamil Dudka <kdudka@redhat.com> 7.44.0-1

- new upstream release

* Thu Jul 30 2015 Kamil Dudka <kdudka@redhat.com> 7.43.0-3

- prevent dnf from crashing when using both FTP and HTTP (#1248389)

* Thu Jul 16 2015 Kamil Dudka <kdudka@redhat.com> 7.43.0-2

- build support for the HTTP/2 protocol

* Wed Jun 17 2015 Kamil Dudka <kdudka@redhat.com> 7.43.0-1

- new upstream release (fixes CVE-2015-3236 and CVE-2015-3237)

* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.42.1-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

* Fri Jun 05 2015 Kamil Dudka <kdudka@redhat.com> 7.42.1-2

- curl-config --libs now works on x86_64 without libcurl-devel.x86_64 (#1228363)

* Wed Apr 29 2015 Kamil Dudka <kdudka@redhat.com> 7.42.1-1

- new upstream release (fixes CVE-2015-3153)

* Wed Apr 22 2015 Kamil Dudka <kdudka@redhat.com> 7.42.0-1

- new upstream release (fixes CVE-2015-3143, CVE-2015-3144, CVE-2015-3145,

  and CVE-2015-3148)

- implement public key pinning for NSS backend (#1195771)

- do not run flaky test-cases in %%check

* Wed Feb 25 2015 Kamil Dudka <kdudka@redhat.com> 7.41.0-1

- new upstream release

- include extern-scan.pl to make test1135 succeed (upstream commit 1514b718)

* Mon Feb 23 2015 Kamil Dudka <kdudka@redhat.com> 7.40.0-3

- fix a spurious connect failure on dual-stacked hosts (#1187531)

* Sat Feb 21 2015 Till Maas <opensource@till.name> - 7.40.0-2

- Rebuilt for Fedora 23 Change

  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code

* Thu Jan 08 2015 Kamil Dudka <kdudka@redhat.com> 7.40.0-1

- new upstream release (fixes CVE-2014-8150)

* Wed Nov 05 2014 Kamil Dudka <kdudka@redhat.com> 7.39.0-1

- new upstream release (fixes CVE-2014-3707)

* Tue Oct 21 2014 Kamil Dudka <kdudka@redhat.com> 7.38.0-2

- fix a connection failure when FTPS handle is reused

* Wed Sep 10 2014 Kamil Dudka <kdudka@redhat.com> 7.38.0-1

- new upstream release (fixes CVE-2014-3613 and CVE-2014-3620)

* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.37.1-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

* Wed Aug 13 2014 Rex Dieter <rdieter@fedoraproject.org> 7.37.1-2

- include arch'd Requires/Provides

* Wed Jul 16 2014 Kamil Dudka <kdudka@redhat.com> 7.37.1-1

- new upstream release

- fix endless loop with GSSAPI proxy auth (patches by David Woodhouse, #1118751)

* Fri Jul 11 2014 Tom Callaway <spot@fedoraproject.org> 7.37.0-4

- fix license handling

* Fri Jul 04 2014 Kamil Dudka <kdudka@redhat.com> 7.37.0-3

- various SSL-related fixes (mainly crash on connection failure)

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.37.0-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Wed May 21 2014 Kamil Dudka <kdudka@redhat.com> 7.37.0-1

- new upstream release

* Fri May 09 2014 Kamil Dudka <kdudka@redhat.com> 7.36.0-4

- auth failure on duplicated 'WWW-Authenticate: Negotiate' header (#1093348)

* Fri Apr 25 2014 Kamil Dudka <kdudka@redhat.com> 7.36.0-3

- nss: implement non-blocking SSL handshake

* Wed Apr 02 2014 Kamil Dudka <kdudka@redhat.com> 7.36.0-2

- extend URL parser to support IPv6 zone identifiers (#680996)

* Wed Mar 26 2014 Kamil Dudka <kdudka@redhat.com> 7.36.0-1

- new upstream release (fixes CVE-2014-0138)

* Mon Mar 17 2014 Paul Howarth <paul@city-fan.org> 7.35.0-5

- add all perl build requirements for the test suite, in a portable way

* Mon Mar 17 2014 Kamil Dudka <kdudka@redhat.com> 7.35.0-4

- add BR for perl-Digest-MD5, which is required by the test-suite

* Wed Mar 05 2014 Kamil Dudka <kdudka@redhat.com> 7.35.0-3

- avoid spurious failure of test1086 on s390(x) koji builders (#1072273)

* Tue Feb 25 2014 Kamil Dudka <kdudka@redhat.com> 7.35.0-2

- refresh expired cookie in test172 from upstream test-suite (#1068967)

* Wed Jan 29 2014 Kamil Dudka <kdudka@redhat.com> 7.35.0-1

- new upstream release (fixes CVE-2014-0015)

* Wed Dec 18 2013 Kamil Dudka <kdudka@redhat.com> 7.34.0-1

- new upstream release

* Mon Dec 02 2013 Kamil Dudka <kdudka@redhat.com> 7.33.0-2

- allow to use TLS > 1.0 if built against recent NSS

* Mon Oct 14 2013 Kamil Dudka <kdudka@redhat.com> 7.33.0-1

- new upstream release

- fix missing initialization in NTLM code causing test 906 to fail

- fix missing initialization in SSH code causing test 619 to fail

* Fri Oct 11 2013 Kamil Dudka <kdudka@redhat.com> 7.32.0-3

- do not limit the speed of SCP upload on a fast connection

* Mon Sep 09 2013 Kamil Dudka <kdudka@redhat.com> 7.32.0-2

- avoid delay if FTP is aborted in CURLOPT_HEADERFUNCTION callback (#1005686)

* Mon Aug 12 2013 Kamil Dudka <kdudka@redhat.com> 7.32.0-1

- new upstream release

- make sure that NSS is initialized prior to calling PK11_GenerateRandom()

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.31.0-5

- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Tue Jul 09 2013 Kamil Dudka <kdudka@redaht.com> 7.31.0-4

- mention all option listed in 'curl --help' in curl.1 man page

* Tue Jul 02 2013 Kamil Dudka <kdudka@redhat.com> 7.31.0-3

- restore the functionality of 'curl -u :'

* Wed Jun 26 2013 Kamil Dudka <kdudka@redhat.com> 7.31.0-2

- build the curl tool with metalink support

* Sat Jun 22 2013 Kamil Dudka <kdudka@redhat.com> 7.31.0-1

- new upstream release (fixes CVE-2013-2174)

* Fri Apr 26 2013 Kamil Dudka <kdudka@redhat.com> 7.30.0-2

- prevent an artificial timeout event due to stale speed-check data (#906031)

* Fri Apr 12 2013 Kamil Dudka <kdudka@redhat.com> 7.30.0-1

- new upstream release (fixes CVE-2013-1944)

- prevent test-suite failure due to using non-default port ranges in tests

* Tue Mar 12 2013 Kamil Dudka <kdudka@redhat.com> 7.29.0-4

- do not ignore poll() failures other than EINTR (#919127)

- curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag (#919127)

* Wed Mar 06 2013 Kamil Dudka <kdudka@redhat.com> 7.29.0-3

- switch SSL socket into non-blocking mode after handshake

- drop the hide_selinux.c hack no longer needed in %%check

* Fri Feb 22 2013 Kamil Dudka <kdudka@redhat.com> 7.29.0-2

- fix a SIGSEGV when closing an unused multi handle (#914411)

* Wed Feb 06 2013 Kamil Dudka <kdudka@redhat.com> 7.29.0-1

- new upstream release (fixes CVE-2013-0249)

* Tue Jan 15 2013 Kamil Dudka <kdudka@redhat.com> 7.28.1-3

- require valgrind for build only on i386 and x86_64 (#886891)

* Tue Jan 15 2013 Kamil Dudka <kdudka@redhat.com> 7.28.1-2

- prevent NSS from crashing on client auth hook failure

- clear session cache if a client cert from file is used

- fix error messages for CURLE_SSL_{CACERT,CRL}_BADFILE

* Tue Nov 20 2012 Kamil Dudka <kdudka@redhat.com> 7.28.1-1