net-misc/curl: add 8.1.0-r1

Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
Signed-off-by: Sam James <sam@gentoo.org>

3 files changed, 632 insertions, 0 deletions

diff --git a/net-misc/curl/curl-8.1.0-r1.ebuild b/net-misc/curl/curl-8.1.0-r1.ebuild
new file mode 100644
index 000000000000..bad759c48393
--- /dev/null
+++ b/net-misc/curl/curl-8.1.0-r1.ebuild
@@ -0,0 +1,319 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
+inherit autotools multilib-minimal prefix verify-sig
+
+DESCRIPTION="A Client that groks URLs"
+HOMEPAGE="https://curl.se/"
+SRC_URI="
+	https://curl.se/download/${P}.tar.xz
+	verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )
+"
+
+LICENSE="curl"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls"
+IUSE+=" nghttp3"
+RESTRICT="!test? ( test )"
+
+# Only one default ssl provider can be enabled
+REQUIRED_USE="
+	ssl? (
+		^^ (
+			curl_ssl_gnutls
+			curl_ssl_mbedtls
+			curl_ssl_nss
+			curl_ssl_openssl
+			curl_ssl_rustls
+		)
+	)
+"
+
+RDEPEND="
+	sys-libs/zlib[${MULTILIB_USEDEP}]
+	adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] )
+	brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
+	http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
+	idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] )
+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+	ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
+	nghttp3? (
+		net-libs/nghttp3[${MULTILIB_USEDEP}]
+		net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
+	)
+	rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
+	ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
+	ssl? (
+		gnutls? (
+			app-misc/ca-certificates
+			net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}]
+			dev-libs/nettle:=[${MULTILIB_USEDEP}]
+		)
+		mbedtls? (
+			app-misc/ca-certificates
+			net-libs/mbedtls:=[${MULTILIB_USEDEP}]
+		)
+		nss? (
+			app-misc/ca-certificates
+			dev-libs/nss[${MULTILIB_USEDEP}]
+			dev-libs/nss-pem
+		)
+		openssl? (
+			dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
+		)
+		rustls? (
+			net-libs/rustls-ffi:=[${MULTILIB_USEDEP}]
+		)
+	)
+	zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+	dev-lang/perl
+	virtual/pkgconfig
+	test? (
+		sys-apps/diffutils
+		http2? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
+		nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
+	)
+	verify-sig? ( sec-keys/openpgp-keys-danielstenberg )
+"
+
+DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
+
+MULTILIB_WRAPPED_HEADERS=(
+	/usr/include/curl/curlbuild.h
+)
+
+MULTILIB_CHOST_TOOLS=(
+	/usr/bin/curl-config
+)
+
+QA_CONFIG_IMPL_DECL_SKIP=(
+	__builtin_available
+	closesocket
+	CloseSocket
+	getpass_r
+	ioctlsocket
+	IoctlSocket
+	mach_absolute_time
+	setmode
+)
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-7.30.0-prefix.patch
+	"${FILESDIR}"/${PN}-respect-cflags-3.patch
+	### Backports
+	"${FILESDIR}"/${P}-numeric-hostname.patch
+	"${FILESDIR}"/${P}-header-length.patch
+)
+
+src_prepare() {
+	default
+
+	eprefixify curl-config.in
+	eautoreconf
+}
+
+multilib_src_configure() {
+	# We make use of the fact that later flags override earlier ones
+	# So start with all ssl providers off until proven otherwise
+	# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
+	local myconf=()
+
+	myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt  )
+	#myconf+=( --without-default-ssl-backend )
+	if use ssl ; then
+		myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls )
+
+		if use gnutls || use curl_ssl_gnutls; then
+			einfo "SSL provided by gnutls"
+			myconf+=( --with-gnutls )
+		fi
+		if use mbedtls || use curl_ssl_mbedtls; then
+			einfo "SSL provided by mbedtls"
+			myconf+=( --with-mbedtls )
+		fi
+		if use nss || use curl_ssl_nss; then
+			einfo "SSL provided by nss"
+			myconf+=( --with-nss --with-nss-deprecated )
+		fi
+		if use openssl || use curl_ssl_openssl; then
+			einfo "SSL provided by openssl"
+			myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
+		fi
+		if use rustls || use curl_ssl_rustls; then
+			einfo "SSL provided by rustls"
+			myconf+=( --with-rustls )
+		fi
+		if use curl_ssl_gnutls; then
+			einfo "Default SSL provided by gnutls"
+			myconf+=( --with-default-ssl-backend=gnutls )
+		elif use curl_ssl_mbedtls; then
+			einfo "Default SSL provided by mbedtls"
+			myconf+=( --with-default-ssl-backend=mbedtls )
+		elif use curl_ssl_nss; then
+			einfo "Default SSL provided by nss"
+			myconf+=( --with-default-ssl-backend=nss )
+		elif use curl_ssl_openssl; then
+			einfo "Default SSL provided by openssl"
+			myconf+=( --with-default-ssl-backend=openssl )
+		elif use curl_ssl_rustls; then
+			einfo "Default SSL provided by rustls"
+			myconf+=( --with-default-ssl-backend=rustls )
+		else
+			eerror "We can't be here because of REQUIRED_USE."
+		fi
+
+	else
+		myconf+=( --without-ssl )
+		einfo "SSL disabled"
+	fi
+
+	# These configuration options are organized alphabetically
+	# within each category.  This should make it easier if we
+	# ever decide to make any of them contingent on USE flags:
+	# 1) protocols first.  To see them all do
+	# 'grep SUPPORT_PROTOCOLS configure.ac'
+	# 2) --enable/disable options second.
+	# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
+	# 3) --with/without options third.
+	# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
+
+	myconf+=(
+		$(use_enable alt-svc)
+		--enable-crypto-auth
+		--enable-dict
+		--disable-ech
+		--enable-file
+		$(use_enable ftp)
+		$(use_enable gopher)
+		$(use_enable hsts)
+		--enable-http
+		$(use_enable imap)
+		$(use_enable ldap)
+		$(use_enable ldap ldaps)
+		--enable-ntlm
+		--disable-ntlm-wb
+		$(use_enable pop3)
+		--enable-rt
+		--enable-rtsp
+		$(use_enable samba smb)
+		$(use_with ssh libssh2)
+		$(use_enable smtp)
+		$(use_enable telnet)
+		$(use_enable tftp)
+		--enable-tls-srp
+		$(use_enable adns ares)
+		--enable-cookies
+		--enable-dateparse
+		--enable-dnsshuffle
+		--enable-doh
+		--enable-symbol-hiding
+		--enable-http-auth
+		--enable-ipv6
+		--enable-largefile
+		--enable-manual
+		--enable-mime
+		--enable-netrc
+		$(use_enable progress-meter)
+		--enable-proxy
+		--enable-socketpair
+		--disable-sspi
+		$(use_enable static-libs static)
+		--enable-pthreads
+		--enable-threaded-resolver
+		--disable-versioned-symbols
+		--without-amissl
+		--without-bearssl
+		$(use_with brotli)
+		--without-fish-functions-dir
+		$(use_with http2 nghttp2)
+		--without-hyper
+		$(use_with idn libidn2)
+		$(use_with kerberos gssapi "${EPREFIX}"/usr)
+		--without-libgsasl
+		--without-libpsl
+		--without-msh3
+		$(use_with nghttp3)
+		$(use_with nghttp3 ngtcp2)
+		--without-quiche
+		$(use_with rtmp librtmp)
+		--without-schannel
+		--without-secure-transport
+		--without-test-caddy
+		--without-test-httpd
+		--without-test-nghttpx
+		$(use_enable websockets)
+		--without-winidn
+		--without-wolfssl
+		--with-zlib
+		$(use_with zstd)
+	)
+
+	if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then
+		myconf+=(
+			--with-test-nghttpx="${BROOT}/usr/bin/nghttpx"
+		)
+	fi
+
+	ECONF_SOURCE="${S}" econf "${myconf[@]}"
+
+	if ! multilib_is_native_abi; then
+		# Avoid building the client (we just want libcurl for multilib)
+		sed -i -e '/SUBDIRS/s:src::' Makefile || die
+		sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
+	fi
+
+	# Fix up the pkg-config file to be more robust.
+	# https://github.com/curl/curl/issues/864
+	local priv=() libs=()
+	# We always enable zlib.
+	libs+=( "-lz" )
+	priv+=( "zlib" )
+	if use http2; then
+		libs+=( "-lnghttp2" )
+		priv+=( "libnghttp2" )
+	fi
+	if use nghttp3; then
+		libs+=( "-lnghttp3" "-lngtcp2" )
+		priv+=( "libnghttp3" "libngtcp2" )
+	fi
+	if use ssl && use curl_ssl_openssl; then
+		libs+=( "-lssl" "-lcrypto" )
+		priv+=( "openssl" )
+	fi
+	grep -q Requires.private libcurl.pc && die "need to update ebuild"
+	libs=$(printf '|%s' "${libs[@]}")
+	sed -i -r \
+		-e "/^Libs.private/s:(${libs#|})( |$)::g" \
+		libcurl.pc || die
+	echo "Requires.private: ${priv[*]}" >> libcurl.pc || die
+}
+
+multilib_src_test() {
+	# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
+	# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
+	# -v: verbose
+	# -a: keep going on failure (so we see everything which breaks, not just 1st test)
+	# -k: keep test files after completion
+	# -am: automake style TAP output
+	# -p: print logs if test fails
+	# Note: if needed, we can skip specific tests. Prefix the test number in TFLAGS
+	# with a '!'. For example, to skip test 241 and 1083, use '!241 !1083'.
+	# See https://github.com/curl/curl/tree/master/tests#run for advanced test selection.
+	# The network sandbox causes tests 241 and 1083 to fail; these are typically skipped
+	# as most gentoo users don't have an 'ip6-localhost'
+	multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p !241 !1083"
+}
+
+multilib_src_install_all() {
+	einstalldocs
+	find "${ED}" -type f -name '*.la' -delete || die
+	rm -rf "${ED}"/etc/ || die
+}
diff --git a/net-misc/curl/files/curl-8.1.0-header-length.patch b/net-misc/curl/files/curl-8.1.0-header-length.patch
new file mode 100644
index 000000000000..6229fd817f2a
--- /dev/null
+++ b/net-misc/curl/files/curl-8.1.0-header-length.patch
@@ -0,0 +1,86 @@
+https://github.com/curl/curl/commit/77c9a9845bbee66f3aff158b8452dc8cd963cbd5.patch
+From: =?UTF-8?q?Emilio=20Cobos=20=C3=81lvarez?= <emilio@crisal.io>
+Date: Thu, 18 May 2023 18:22:57 +0200
+Subject: [PATCH] http2: double http request parser max line length
+
+This works around #11138, by doubling the limit, and should be a
+relatively safe fix.
+
+Ideally the buffer would grow as needed and there would be no need for a
+limit? But that might be follow-up material.
+
+Fixes #11138
+Closes #11139
+---
+ lib/http1.h             | 2 ++
+ lib/http2.c             | 2 +-
+ lib/vquic/curl_msh3.c   | 2 +-
+ lib/vquic/curl_ngtcp2.c | 2 +-
+ lib/vquic/curl_quiche.c | 2 +-
+ 5 files changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/lib/http1.h b/lib/http1.h
+index c2d107587a6f8..8acb9db401a95 100644
+--- a/lib/http1.h
++++ b/lib/http1.h
+@@ -33,6 +33,8 @@
+ #define H1_PARSE_OPT_NONE       (0)
+ #define H1_PARSE_OPT_STRICT     (1 << 0)
+ 
++#define H1_PARSE_DEFAULT_MAX_LINE_LEN (8 * 1024)
++
+ struct h1_req_parser {
+   struct http_req *req;
+   struct bufq scratch;
+diff --git a/lib/http2.c b/lib/http2.c
+index 47e6f71393156..4e3b182b8d815 100644
+--- a/lib/http2.c
++++ b/lib/http2.c
+@@ -1860,7 +1860,7 @@ static ssize_t h2_submit(struct stream_ctx **pstream,
+   nghttp2_priority_spec pri_spec;
+   ssize_t nwritten;
+ 
+-  Curl_h1_req_parse_init(&h1, (4*1024));
++  Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
+   Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
+ 
+   *err = http2_data_setup(cf, data, &stream);
+diff --git a/lib/vquic/curl_msh3.c b/lib/vquic/curl_msh3.c
+index 40e89379fc402..173886739b6dc 100644
+--- a/lib/vquic/curl_msh3.c
++++ b/lib/vquic/curl_msh3.c
+@@ -575,7 +575,7 @@ static ssize_t cf_msh3_send(struct Curl_cfilter *cf, struct Curl_easy *data,
+ 
+   CF_DATA_SAVE(save, cf, data);
+ 
+-  Curl_h1_req_parse_init(&h1, (4*1024));
++  Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
+   Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
+ 
+   /* Sizes must match for cast below to work" */
+diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
+index 05f960afdffa1..7794f148c6ec9 100644
+--- a/lib/vquic/curl_ngtcp2.c
++++ b/lib/vquic/curl_ngtcp2.c
+@@ -1550,7 +1550,7 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
+   nghttp3_data_reader reader;
+   nghttp3_data_reader *preader = NULL;
+ 
+-  Curl_h1_req_parse_init(&h1, (4*1024));
++  Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
+   Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
+ 
+   *err = h3_data_setup(cf, data);
+diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
+index 392b9beb83c59..c63e8e10a22e0 100644
+--- a/lib/vquic/curl_quiche.c
++++ b/lib/vquic/curl_quiche.c
+@@ -913,7 +913,7 @@ static ssize_t h3_open_stream(struct Curl_cfilter *cf,
+     DEBUGASSERT(stream);
+   }
+ 
+-  Curl_h1_req_parse_init(&h1, (4*1024));
++  Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
+   Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
+ 
+   DEBUGASSERT(stream);
diff --git a/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch b/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch
new file mode 100644
index 000000000000..6a0dd1382d62
--- /dev/null
+++ b/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch
@@ -0,0 +1,227 @@
+https://github.com/curl/curl/commit/92772e6d395bbdda0e7822d980caf86e8c4aa51c.patch
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Thu, 18 May 2023 00:31:17 +0200
+Subject: [PATCH] urlapi: allow numerical parts in the host name
+
+It can only be an IPv4 address if all parts are all digits and no more than
+four parts, otherwise it is a host name. Even slightly wrong IPv4 will now be
+passed through as a host name.
+
+Regression from 17a15d88467 shipped in 8.1.0
+
+Extended test 1560 accordingly.
+
+Reported-by: Pavel Kalyugin
+Fixes #11129
+Closes #11131
+--- a/lib/urlapi.c
++++ b/lib/urlapi.c
+@@ -34,6 +34,7 @@
+ #include "inet_ntop.h"
+ #include "strdup.h"
+ #include "idn.h"
++#include "curl_memrchr.h"
+ 
+ /* The last 3 #include files should be in this order */
+ #include "curl_printf.h"
+@@ -643,8 +644,8 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname,
+  * Handle partial IPv4 numerical addresses and different bases, like
+  * '16843009', '0x7f', '0x7f.1' '0177.1.1.1' etc.
+  *
+- * If the given input string is syntactically wrong or any part for example is
+- * too big, this function returns FALSE and doesn't create any output.
++ * If the given input string is syntactically wrong IPv4 or any part for
++ * example is too big, this function returns HOST_NAME.
+  *
+  * Output the "normalized" version of that input string in plain quad decimal
+  * integers.
+@@ -675,7 +676,7 @@ static int ipv4_normalize(struct dynbuf *host)
+     unsigned long l;
+     if(!ISDIGIT(*c))
+       /* most importantly this doesn't allow a leading plus or minus */
+-      return n ? HOST_BAD : HOST_NAME;
++      return HOST_NAME;
+     l = strtoul(c, &endp, 0);
+ 
+     parts[n] = l;
+@@ -684,7 +685,7 @@ static int ipv4_normalize(struct dynbuf *host)
+     switch(*c) {
+     case '.':
+       if(n == 3)
+-        return HOST_BAD;
++        return HOST_NAME;
+       n++;
+       c++;
+       break;
+@@ -694,39 +695,40 @@ static int ipv4_normalize(struct dynbuf *host)
+       break;
+ 
+     default:
+-      return n ? HOST_BAD : HOST_NAME;
++      return HOST_NAME;
+     }
+ 
+     /* overflow */
+     if((l == ULONG_MAX) && (errno == ERANGE))
+-      return HOST_BAD;
++      return HOST_NAME;
+ 
+ #if SIZEOF_LONG > 4
+     /* a value larger than 32 bits */
+     if(l > UINT_MAX)
+-      return HOST_BAD;
++      return HOST_NAME;
+ #endif
+   }
+ 
+-  /* this is a valid IPv4 numerical address */
+-  Curl_dyn_reset(host);
+-
+   switch(n) {
+   case 0: /* a -- 32 bits */
++    Curl_dyn_reset(host);
++
+     result = Curl_dyn_addf(host, "%u.%u.%u.%u",
+                            parts[0] >> 24, (parts[0] >> 16) & 0xff,
+                            (parts[0] >> 8) & 0xff, parts[0] & 0xff);
+     break;
+   case 1: /* a.b -- 8.24 bits */
+     if((parts[0] > 0xff) || (parts[1] > 0xffffff))
+-      return HOST_BAD;
++      return HOST_NAME;
++    Curl_dyn_reset(host);
+     result = Curl_dyn_addf(host, "%u.%u.%u.%u",
+                            parts[0], (parts[1] >> 16) & 0xff,
+                            (parts[1] >> 8) & 0xff, parts[1] & 0xff);
+     break;
+   case 2: /* a.b.c -- 8.8.16 bits */
+     if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xffff))
+-      return HOST_BAD;
++      return HOST_NAME;
++    Curl_dyn_reset(host);
+     result = Curl_dyn_addf(host, "%u.%u.%u.%u",
+                            parts[0], parts[1], (parts[2] >> 8) & 0xff,
+                            parts[2] & 0xff);
+@@ -734,7 +736,8 @@ static int ipv4_normalize(struct dynbuf *host)
+   case 3: /* a.b.c.d -- 8.8.8.8 bits */
+     if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xff) ||
+        (parts[3] > 0xff))
+-      return HOST_BAD;
++      return HOST_NAME;
++    Curl_dyn_reset(host);
+     result = Curl_dyn_addf(host, "%u.%u.%u.%u",
+                            parts[0], parts[1], parts[2], parts[3]);
+     break;
+@@ -796,6 +799,9 @@ static CURLUcode parse_authority(struct Curl_URL *u,
+   if(result)
+     goto out;
+ 
++  if(!Curl_dyn_len(host))
++    return CURLUE_NO_HOST;
++
+   switch(ipv4_normalize(host)) {
+   case HOST_IPV4:
+     break;
+--- a/tests/libtest/lib1560.c
++++ b/tests/libtest/lib1560.c
+@@ -474,6 +474,13 @@ static const struct testcase get_parts_list[] ={
+ };
+ 
+ static const struct urltestcase get_url_list[] = {
++  {"https://1.0x1000000", "https://1.0x1000000/", 0, 0, CURLUE_OK},
++  {"https://0x7f.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
++  {"https://1.2.3.256.com", "https://1.2.3.256.com/", 0, 0, CURLUE_OK},
++  {"https://10.com", "https://10.com/", 0, 0, CURLUE_OK},
++  {"https://1.2.com", "https://1.2.com/", 0, 0, CURLUE_OK},
++  {"https://1.2.3.com", "https://1.2.3.com/", 0, 0, CURLUE_OK},
++  {"https://1.2.com.99", "https://1.2.com.99/", 0, 0, CURLUE_OK},
+   {"https://[fe80::0000:20c:29ff:fe9c:409b]:80/moo",
+    "https://[fe80::20c:29ff:fe9c:409b]:80/moo",
+    0, 0, CURLUE_OK},
+@@ -522,22 +529,24 @@ static const struct urltestcase get_url_list[] = {
+ 
+   /* IPv4 trickeries */
+   {"https://16843009", "https://1.1.1.1/", 0, 0, CURLUE_OK},
+-  {"https://0x7f.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
+   {"https://0177.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
+   {"https://0111.02.0x3", "https://73.2.0.3/", 0, 0, CURLUE_OK},
++  {"https://0111.02.0x3.", "https://0111.02.0x3./", 0, 0, CURLUE_OK},
++  {"https://0111.02.030", "https://73.2.0.24/", 0, 0, CURLUE_OK},
++  {"https://0111.02.030.", "https://0111.02.030./", 0, 0, CURLUE_OK},
+   {"https://0xff.0xff.0377.255", "https://255.255.255.255/", 0, 0, CURLUE_OK},
+   {"https://1.0xffffff", "https://1.255.255.255/", 0, 0, CURLUE_OK},
+   /* IPv4 numerical overflows or syntax errors will not normalize */
+   {"https://a127.0.0.1", "https://a127.0.0.1/", 0, 0, CURLUE_OK},
+   {"https://\xff.127.0.0.1", "https://%FF.127.0.0.1/", 0, CURLU_URLENCODE,
+    CURLUE_OK},
+-  {"https://127.-0.0.1", "https://127.-0.0.1/", 0, 0, CURLUE_BAD_HOSTNAME},
++  {"https://127.-0.0.1", "https://127.-0.0.1/", 0, 0, CURLUE_OK},
+   {"https://127.0. 1", "https://127.0.0.1/", 0, 0, CURLUE_MALFORMED_INPUT},
+-  {"https://1.0x1000000", "https://1.0x1000000/", 0, 0, CURLUE_BAD_HOSTNAME},
+-  {"https://1.2.3.256", "https://1.2.3.256/", 0, 0, CURLUE_BAD_HOSTNAME},
+-  {"https://1.2.3.4.5", "https://1.2.3.4.5/", 0, 0, CURLUE_BAD_HOSTNAME},
+-  {"https://1.2.0x100.3", "https://1.2.0x100.3/", 0, 0, CURLUE_BAD_HOSTNAME},
+-  {"https://4294967296", "https://4294967296/", 0, 0, CURLUE_BAD_HOSTNAME},
++  {"https://1.2.3.256", "https://1.2.3.256/", 0, 0, CURLUE_OK},
++  {"https://1.2.3.256.", "https://1.2.3.256./", 0, 0, CURLUE_OK},
++  {"https://1.2.3.4.5", "https://1.2.3.4.5/", 0, 0, CURLUE_OK},
++  {"https://1.2.0x100.3", "https://1.2.0x100.3/", 0, 0, CURLUE_OK},
++  {"https://4294967296", "https://4294967296/", 0, 0, CURLUE_OK},
+   {"https://123host", "https://123host/", 0, 0, CURLUE_OK},
+   /* 40 bytes scheme is the max allowed */
+   {"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA://hostname/path",
+@@ -599,20 +608,11 @@ static const struct urltestcase get_url_list[] = {
+    0, 0, CURLUE_OK},
+   /* here the password has the semicolon */
+   {"http://user:pass;word@host/file",
+-   "http://user:pass;word@host/file",
+-   0, 0, CURLUE_OK},
+-  {"file:///file.txt#moo",
+-   "file:///file.txt#moo",
+-   0, 0, CURLUE_OK},
+-  {"file:////file.txt",
+-   "file:////file.txt",
+-   0, 0, CURLUE_OK},
+-  {"file:///file.txt",
+-   "file:///file.txt",
+-   0, 0, CURLUE_OK},
+-  {"file:./",
+-   "file://",
+-   0, 0, CURLUE_BAD_SCHEME},
++   "http://user:pass;word@host/file", 0, 0, CURLUE_OK},
++  {"file:///file.txt#moo", "file:///file.txt#moo", 0, 0, CURLUE_OK},
++  {"file:////file.txt", "file:////file.txt", 0, 0, CURLUE_OK},
++  {"file:///file.txt", "file:///file.txt", 0, 0, CURLUE_OK},
++  {"file:./", "file://", 0, 0, CURLUE_OK},
+   {"http://example.com/hello/../here",
+    "http://example.com/hello/../here",
+    CURLU_PATH_AS_IS, 0, CURLUE_OK},
+@@ -1124,7 +1124,7 @@ static int get_url(void)
+       }
+       curl_free(url);
+     }
+-    else if(rc != get_url_list[i].ucode) {
++    if(rc != get_url_list[i].ucode) {
+       fprintf(stderr, "Get URL\nin: %s\nreturned %d (expected %d)\n",
+               get_url_list[i].in, (int)rc, get_url_list[i].ucode);
+       error++;
+@@ -1515,6 +1515,9 @@ int test(char *URL)
+ {
+   (void)URL; /* not used */
+ 
++  if(get_url())
++    return 3;
++
+   if(huge())
+     return 9;
+ 
+@@ -1533,9 +1536,6 @@ int test(char *URL)
+   if(set_parts())
+     return 2;
+ 
+-  if(get_url())
+-    return 3;
+-
+   if(get_parts())
+     return 4;
+