curl/curl-use_OPENSSL_config.patch

This basically reverts  https://github.com/curl/curl/commit/7d2f61f66ab4e047fc9aefc2effc1ac6d340a66a

Index: curl-7.65.2/lib/vtls/openssl.c
===================================================================
--- curl-7.65.2.orig/lib/vtls/openssl.c
+++ curl-7.65.2/lib/vtls/openssl.c
@@ -1026,22 +1026,12 @@ static int Curl_ossl_init(void)
   ENGINE_load_builtin_engines();
 #endif
 
-/* CONF_MFLAGS_DEFAULT_SECTION was introduced some time between 0.9.8b and
-   0.9.8e */
-#ifndef CONF_MFLAGS_DEFAULT_SECTION
-#define CONF_MFLAGS_DEFAULT_SECTION 0x0
-#endif
-
-#ifndef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
-  CONF_modules_load_file(NULL, NULL,
-                         CONF_MFLAGS_DEFAULT_SECTION|
-                         CONF_MFLAGS_IGNORE_MISSING_FILE);
-#endif
-
 #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
     !defined(LIBRESSL_VERSION_NUMBER)
-  /* OpenSSL 1.1.0+ takes care of initialization itself */
+  OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
 #else
+  OPENSSL_config(NULL);
+
   /* Lets get nice error messages */
   SSL_load_error_strings();
Accepting request 610348 from home:vitezslav_cizek:branches:devel:libraries:c_c++ - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch OBS-URL: https://build.opensuse.org/request/show/610348 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=225 2018-05-18 13:17:37 +00:00			`This basically reverts https://github.com/curl/curl/commit/7d2f61f66ab4e047fc9aefc2effc1ac6d340a66a`

Accepting request 716040 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 7.65.2 * Bugfixes: - CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH - CMake: Fix finding Brotli on case-sensitive file systems - CURLOPT_RANGE.3: Caution against using it for HTTP PUT - CURLOPT_SEEKDATA.3: fix variable name - bindlocal: detect and avoid IP version mismatches in bind() - build: fix Codacy warnings - c-ares: honor port numbers in CURLOPT_DNS_SERVERS - config-os400: add getpeername and getsockname defines - configure: --disable-progress-meter - configure: fix --disable-code-coverage - configure: more --disable switches to toggle off individual features - configure: remove CURL_DISABLE_TLS_SRP - conn_maxage: move the check to prune_dead_connections() - curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds - docs: Explain behavior change in --tlsv1. options since 7.54 - docs: Fix links to OpenSSL docs - docs: fix string suggesting HTTP/2 is not the default - headers: Remove no longer exported functions - http2: call done_sending on end of upload - http2: don't call stream-close on already closed streams - http2: remove CURL_DISABLE_TYPECHECK define - http: allow overriding timecond with custom header - http: clarify header buffer size calculation - krb5: fix compiler warning - lib: Use UTF-8 encoding in comments - libcurl: Restrict redirect schemes to HTTP, HTTPS, FTP and FTPS - multi: enable multiplexing by default (again) - multi: fix the transfer hashes in the socket hash entries OBS-URL: https://build.opensuse.org/request/show/716040 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=257 2019-07-17 11:56:03 +00:00			`Index: curl-7.65.2/lib/vtls/openssl.c`
Accepting request 645709 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to version 7.62.0 Changes: * multiplex: enable by default * url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled * setopt: add CURLOPT_DOH_URL * curl: --doh-url added * setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size * imap: change from "FETCH" to "UID FETCH" * configure: add option to disable automatic OpenSSL config loading * upkeep: add a connection upkeep API: curl_easy_upkeep() * URL-API: added five new functions * vtls: MesaLink is a new TLS backend Bugfixes: * CVE-2018-16839: SASL password overflow via integer overflow [bsc#1112758] * CVE-2018-16840: use-after-free in handle close [bsc#1113029] * CVE-2018-16842: warning message out-of-buffer read [bsc#1113660] * CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated * Curl_dedotdotify(): always nul terminate returned string * Curl_follow: Always free the passed new URL * Curl_http2_done: fix memleak in error path * Curl_retry_request: fix memory leak * Curl_saferealloc: Fixed typo in docblock * FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output * GnutTLS: TLS 1.3 support * SECURITY-PROCESS: mention the bountygraph program * VS projects: add USE_IPV6: * certs: generate tests certs with sha256 digest algorithm * checksrc: enable strict mode and warnings * checksrc: handle zero scoped ignore commands * cmake: Backport to work with CMake 3.0 again OBS-URL: https://build.opensuse.org/request/show/645709 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=235 2018-10-31 11:23:21 +00:00			`===================================================================`
Accepting request 716040 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 7.65.2 * Bugfixes: - CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH - CMake: Fix finding Brotli on case-sensitive file systems - CURLOPT_RANGE.3: Caution against using it for HTTP PUT - CURLOPT_SEEKDATA.3: fix variable name - bindlocal: detect and avoid IP version mismatches in bind() - build: fix Codacy warnings - c-ares: honor port numbers in CURLOPT_DNS_SERVERS - config-os400: add getpeername and getsockname defines - configure: --disable-progress-meter - configure: fix --disable-code-coverage - configure: more --disable switches to toggle off individual features - configure: remove CURL_DISABLE_TLS_SRP - conn_maxage: move the check to prune_dead_connections() - curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds - docs: Explain behavior change in --tlsv1. options since 7.54 - docs: Fix links to OpenSSL docs - docs: fix string suggesting HTTP/2 is not the default - headers: Remove no longer exported functions - http2: call done_sending on end of upload - http2: don't call stream-close on already closed streams - http2: remove CURL_DISABLE_TYPECHECK define - http: allow overriding timecond with custom header - http: clarify header buffer size calculation - krb5: fix compiler warning - lib: Use UTF-8 encoding in comments - libcurl: Restrict redirect schemes to HTTP, HTTPS, FTP and FTPS - multi: enable multiplexing by default (again) - multi: fix the transfer hashes in the socket hash entries OBS-URL: https://build.opensuse.org/request/show/716040 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=257 2019-07-17 11:56:03 +00:00			`--- curl-7.65.2.orig/lib/vtls/openssl.c`
			`+++ curl-7.65.2/lib/vtls/openssl.c`
			`@@ -1026,22 +1026,12 @@ static int Curl_ossl_init(void)`
Accepting request 610348 from home:vitezslav_cizek:branches:devel:libraries:c_c++ - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch OBS-URL: https://build.opensuse.org/request/show/610348 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=225 2018-05-18 13:17:37 +00:00			`ENGINE_load_builtin_engines();`
			`#endif`

Accepting request 716040 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to 7.65.2 * Bugfixes: - CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH - CMake: Fix finding Brotli on case-sensitive file systems - CURLOPT_RANGE.3: Caution against using it for HTTP PUT - CURLOPT_SEEKDATA.3: fix variable name - bindlocal: detect and avoid IP version mismatches in bind() - build: fix Codacy warnings - c-ares: honor port numbers in CURLOPT_DNS_SERVERS - config-os400: add getpeername and getsockname defines - configure: --disable-progress-meter - configure: fix --disable-code-coverage - configure: more --disable switches to toggle off individual features - configure: remove CURL_DISABLE_TLS_SRP - conn_maxage: move the check to prune_dead_connections() - curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds - docs: Explain behavior change in --tlsv1. options since 7.54 - docs: Fix links to OpenSSL docs - docs: fix string suggesting HTTP/2 is not the default - headers: Remove no longer exported functions - http2: call done_sending on end of upload - http2: don't call stream-close on already closed streams - http2: remove CURL_DISABLE_TYPECHECK define - http: allow overriding timecond with custom header - http: clarify header buffer size calculation - krb5: fix compiler warning - lib: Use UTF-8 encoding in comments - libcurl: Restrict redirect schemes to HTTP, HTTPS, FTP and FTPS - multi: enable multiplexing by default (again) - multi: fix the transfer hashes in the socket hash entries OBS-URL: https://build.opensuse.org/request/show/716040 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=257 2019-07-17 11:56:03 +00:00			`-/* CONF_MFLAGS_DEFAULT_SECTION was introduced some time between 0.9.8b and`
			`- 0.9.8e */`
Accepting request 610348 from home:vitezslav_cizek:branches:devel:libraries:c_c++ - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch OBS-URL: https://build.opensuse.org/request/show/610348 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=225 2018-05-18 13:17:37 +00:00			`-#ifndef CONF_MFLAGS_DEFAULT_SECTION`
			`-#define CONF_MFLAGS_DEFAULT_SECTION 0x0`
			`-#endif`
			`-`
Accepting request 645709 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to version 7.62.0 Changes: * multiplex: enable by default * url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled * setopt: add CURLOPT_DOH_URL * curl: --doh-url added * setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size * imap: change from "FETCH" to "UID FETCH" * configure: add option to disable automatic OpenSSL config loading * upkeep: add a connection upkeep API: curl_easy_upkeep() * URL-API: added five new functions * vtls: MesaLink is a new TLS backend Bugfixes: * CVE-2018-16839: SASL password overflow via integer overflow [bsc#1112758] * CVE-2018-16840: use-after-free in handle close [bsc#1113029] * CVE-2018-16842: warning message out-of-buffer read [bsc#1113660] * CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated * Curl_dedotdotify(): always nul terminate returned string * Curl_follow: Always free the passed new URL * Curl_http2_done: fix memleak in error path * Curl_retry_request: fix memory leak * Curl_saferealloc: Fixed typo in docblock * FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output * GnutTLS: TLS 1.3 support * SECURITY-PROCESS: mention the bountygraph program * VS projects: add USE_IPV6: * certs: generate tests certs with sha256 digest algorithm * checksrc: enable strict mode and warnings * checksrc: handle zero scoped ignore commands * cmake: Backport to work with CMake 3.0 again OBS-URL: https://build.opensuse.org/request/show/645709 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=235 2018-10-31 11:23:21 +00:00			`-#ifndef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG`
Accepting request 610348 from home:vitezslav_cizek:branches:devel:libraries:c_c++ - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch OBS-URL: https://build.opensuse.org/request/show/610348 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=225 2018-05-18 13:17:37 +00:00			`- CONF_modules_load_file(NULL, NULL,`
			`- CONF_MFLAGS_DEFAULT_SECTION\|`
			`- CONF_MFLAGS_IGNORE_MISSING_FILE);`
Accepting request 645709 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ - Update to version 7.62.0 Changes: * multiplex: enable by default * url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled * setopt: add CURLOPT_DOH_URL * curl: --doh-url added * setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size * imap: change from "FETCH" to "UID FETCH" * configure: add option to disable automatic OpenSSL config loading * upkeep: add a connection upkeep API: curl_easy_upkeep() * URL-API: added five new functions * vtls: MesaLink is a new TLS backend Bugfixes: * CVE-2018-16839: SASL password overflow via integer overflow [bsc#1112758] * CVE-2018-16840: use-after-free in handle close [bsc#1113029] * CVE-2018-16842: warning message out-of-buffer read [bsc#1113660] * CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated * Curl_dedotdotify(): always nul terminate returned string * Curl_follow: Always free the passed new URL * Curl_http2_done: fix memleak in error path * Curl_retry_request: fix memory leak * Curl_saferealloc: Fixed typo in docblock * FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output * GnutTLS: TLS 1.3 support * SECURITY-PROCESS: mention the bountygraph program * VS projects: add USE_IPV6: * certs: generate tests certs with sha256 digest algorithm * checksrc: enable strict mode and warnings * checksrc: handle zero scoped ignore commands * cmake: Backport to work with CMake 3.0 again OBS-URL: https://build.opensuse.org/request/show/645709 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=235 2018-10-31 11:23:21 +00:00			`-#endif`
Accepting request 610348 from home:vitezslav_cizek:branches:devel:libraries:c_c++ - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch - Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367) * add curl-use_OPENSSL_config.patch OBS-URL: https://build.opensuse.org/request/show/610348 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=225 2018-05-18 13:17:37 +00:00			`-`
			`#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \`
			`!defined(LIBRESSL_VERSION_NUMBER)`
			`- /* OpenSSL 1.1.0+ takes care of initialization itself */`
			`+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);`
			`#else`
			`+ OPENSSL_config(NULL);`
			`+`
			`/* Lets get nice error messages */`
			`SSL_load_error_strings();`