pool/curl
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 220853 from home:vitezslav_cizek:branches:devel:libraries:c_c++

Browse Source 
- update to 7.35.0
  * security fix:
    CVE-2014-0015: re-use of wrong HTTP NTLM connection (bnc#858673)
  * changes:
    imap/pop3/smtp: Added support for SASL authentication downgrades
    imap/pop3/smtp: Extended the login options to support multiple auth mechanisms
    TheArtOfHttpScripting: major update, converted layout and more
    mprintf: Added support for I, I32 and I64 size specifiers
    makefile: Added support for VC7, VC11 and VC12
    SSL: protocol version can be specified more precisely
    imap/pop3/smtp: Added graceful cancellation of SASL authentication
    Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
    base64: Added validation of base64 input strings when decoding
    curl_easy_setopt: Added the ability to set the login options separately
    smtp: Added support for additional SMTP commands
    curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
    nss: allow to use TLS > 1.0 if built against recent NSS
    SECURITY: added this document to describe our security processes
    parseconfig: warn if unquoted white spaces are detected
 * and many bugfixes
- fix test failure because of an expired cookie (bnc#862144)
  * added curl-test172_cookie_expiration.patch
- refresh libcurl-ocloexec.patch

OBS-URL: https://build.opensuse.org/request/show/220853
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=102
This commit is contained in:
Sascha Peilicke 2014-02-05 08:50:22 +00:00 committed by Git OBS Bridge
parent 6a97eb12f1
commit 0ed9a14f11
8 changed files with 96 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
curl-7.33.0.tar.lzma
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:17eaa3503d84b1aebc2fbf25b9649246f5cbd7c859a497c2aa42f04d0f83a046
size 2244539

7
curl-7.33.0.tar.lzma.asc
View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEABECAAYFAlJcAyIACgkQeOEcayedXJGmzgCgiGvAZ1jUvbBw/ywZSday3J9j
KucAn2xv4XLijiR4cDH6z8bnN0zH+lpk
=o6A/
-----END PGP SIGNATURE-----

3
curl-7.35.0.tar.lzma Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6929640f1e22901cbc853c67c78f25d9e7be0934771a3c3b3582846520678593
size 2271674

7
curl-7.35.0.tar.lzma.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEABECAAYFAlLoqVAACgkQeOEcayedXJHXgACfXucGEK+4gBtUjRNJlPdBThPs
lQkAoJRfmKWAlAvMtBuXofIEog9D2y9z
=Wgsv
-----END PGP SIGNATURE-----

13
curl-test172_cookie_expiration.patch Normal file
View File

@ -0,0 +1,13 @@
Index: curl-7.19.7/tests/data/test172
===================================================================
--- curl-7.19.7.orig/tests/data/test172 2008-11-19 22:12:35.000000000 +0100
+++ curl-7.19.7/tests/data/test172 2014-02-04 15:05:46.817554144 +0100
@@ -36,7 +36,7 @@ http://%HOSTIP:%HTTPPORT/we/want/172 -b
.%HOSTIP TRUE /silly/ FALSE 0 ismatch this
.%HOSTIP TRUE / FALSE 0 partmatch present
-%HOSTIP FALSE /we/want/ FALSE 1391252187 nodomain value
+%HOSTIP FALSE /we/want/ FALSE 2139150993 nodomain value
</file>
</client>

27
curl.changes
View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Tue Feb 4 15:17:18 UTC 2014 - vcizek@suse.com
- update to 7.35.0
* security fix:
CVE-2014-0015: re-use of wrong HTTP NTLM connection (bnc#858673)
* changes:
imap/pop3/smtp: Added support for SASL authentication downgrades
imap/pop3/smtp: Extended the login options to support multiple auth mechanisms
TheArtOfHttpScripting: major update, converted layout and more
mprintf: Added support for I, I32 and I64 size specifiers
makefile: Added support for VC7, VC11 and VC12
SSL: protocol version can be specified more precisely
imap/pop3/smtp: Added graceful cancellation of SASL authentication
Add "Happy Eyeballs" for IPv4/IPv6 dual connect attempts
base64: Added validation of base64 input strings when decoding
curl_easy_setopt: Added the ability to set the login options separately
smtp: Added support for additional SMTP commands
curl_easy_getinfo: Added CURLINFO_TLS_SESSION for accessing TLS internals
nss: allow to use TLS > 1.0 if built against recent NSS
SECURITY: added this document to describe our security processes
parseconfig: warn if unquoted white spaces are detected
* and many bugfixes
- fix test failure because of an expired cookie (bnc#862144)
* added curl-test172_cookie_expiration.patch
- refresh libcurl-ocloexec.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Nov 29 15:30:23 UTC 2013 - vcizek@suse.com Fri Nov 29 15:30:23 UTC 2013 - vcizek@suse.com

6
curl.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package curl # spec file for package curl
# #
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -21,7 +21,7 @@
%bcond_without testsuite %bcond_without testsuite
Name: curl Name: curl
Version: 7.33.0 Version: 7.35.0
Release: 0 Release: 0
Summary: A Tool for Transferring Data from URLs Summary: A Tool for Transferring Data from URLs
License: BSD-3-Clause and MIT License: BSD-3-Clause and MIT
@ -34,6 +34,7 @@ Source4: %{name}.keyring
Patch: libcurl-ocloexec.patch Patch: libcurl-ocloexec.patch
Patch1: dont-mess-with-rpmoptflags.diff Patch1: dont-mess-with-rpmoptflags.diff
Patch3: curl-secure-getenv.patch Patch3: curl-secure-getenv.patch
Patch4: curl-test172_cookie_expiration.patch
# Use rpmbuild -D 'VERIFY_SIG 1' to verify signature during build or run one-shot check by "gpg-offline --verify --package=curl curl-*.asc". # Use rpmbuild -D 'VERIFY_SIG 1' to verify signature during build or run one-shot check by "gpg-offline --verify --package=curl curl-*.asc".
%if 0%{?VERIFY_SIG} %if 0%{?VERIFY_SIG}
BuildRequires: gpg-offline BuildRequires: gpg-offline
@ -100,6 +101,7 @@ user interaction or any kind of interactivity.
%patch %patch
%patch1 %patch1
%patch3 %patch3
%patch4 -p1
%build %build
# curl complains if macro definition is contained in CFLAGS # curl complains if macro definition is contained in CFLAGS
# see m4/xc-val-flgs.m4 # see m4/xc-val-flgs.m4

88
libcurl-ocloexec.patch
View File

@ -7,9 +7,11 @@ To make it portable you have to test O_CLOEXEC support at *runtime*
compile time is not enough. compile time is not enough.
--- lib/cookie.c.orig Index: lib/cookie.c
+++ lib/cookie.c ===================================================================
@@ -841,7 +841,7 @@ struct CookieInfo *Curl_cookie_init(stru --- lib/cookie.c.orig 2014-02-04 16:25:31.256657224 +0100
+++ lib/cookie.c 2014-02-04 16:25:32.638671791 +0100
@@ -882,7 +882,7 @@ struct CookieInfo *Curl_cookie_init(stru
fp = NULL; fp = NULL;
} }
else else
@ -18,7 +20,7 @@ compile time is not enough.
c->newsession = newsession; /* new session? */ c->newsession = newsession; /* new session? */
@@ -1179,7 +1179,7 @@ static int cookie_output(struct CookieIn @@ -1226,7 +1226,7 @@ static int cookie_output(struct CookieIn
use_stdout=TRUE; use_stdout=TRUE;
} }
else { else {
@ -27,9 +29,11 @@ compile time is not enough.
if(!out) if(!out)
return 1; /* failure */ return 1; /* failure */
} }
--- lib/file.c.orig Index: lib/file.c
+++ lib/file.c ===================================================================
@@ -243,7 +243,7 @@ static CURLcode file_connect(struct conn --- lib/file.c.orig 2014-02-04 16:25:31.257657234 +0100
+++ lib/file.c 2014-02-04 16:25:32.638671791 +0100
@@ -232,7 +232,7 @@ static CURLcode file_connect(struct conn
fd = open_readonly(actual_path, O_RDONLY|O_BINARY); fd = open_readonly(actual_path, O_RDONLY|O_BINARY);
file->path = actual_path; file->path = actual_path;
#else #else
@ -38,7 +42,7 @@ compile time is not enough.
file->path = real_path; file->path = real_path;
#endif #endif
file->freepath = real_path; /* free this when done */ file->freepath = real_path; /* free this when done */
@@ -341,7 +341,7 @@ static CURLcode file_upload(struct conne @@ -330,7 +330,7 @@ static CURLcode file_upload(struct conne
else else
mode = MODE_DEFAULT|O_TRUNC; mode = MODE_DEFAULT|O_TRUNC;
@ -47,8 +51,10 @@ compile time is not enough.
if(fd < 0) { if(fd < 0) {
failf(data, "Can't open %s for writing", file->path); failf(data, "Can't open %s for writing", file->path);
return CURLE_WRITE_ERROR; return CURLE_WRITE_ERROR;
--- lib/formdata.c.orig Index: lib/formdata.c
+++ lib/formdata.c ===================================================================
--- lib/formdata.c.orig 2014-02-04 16:25:31.257657234 +0100
+++ lib/formdata.c 2014-02-04 16:25:32.639671801 +0100
@@ -1297,7 +1297,7 @@ CURLcode Curl_getformdata(struct Session @@ -1297,7 +1297,7 @@ CURLcode Curl_getformdata(struct Session
FILE *fileread; FILE *fileread;
@ -67,8 +73,10 @@ compile time is not enough.
if(!form->fp) if(!form->fp)
return (size_t)-1; /* failure */ return (size_t)-1; /* failure */
} }
--- lib/hostip6.c.orig Index: lib/hostip6.c
+++ lib/hostip6.c ===================================================================
--- lib/hostip6.c.orig 2014-02-04 16:25:31.277657445 +0100
+++ lib/hostip6.c 2014-02-04 16:25:32.639671801 +0100
@@ -39,7 +39,7 @@ @@ -39,7 +39,7 @@
#ifdef HAVE_PROCESS_H #ifdef HAVE_PROCESS_H
#include <process.h> #include <process.h>
@ -87,8 +95,10 @@ compile time is not enough.
if(s == CURL_SOCKET_BAD) if(s == CURL_SOCKET_BAD)
/* an ipv6 address was requested but we can't get/use one */ /* an ipv6 address was requested but we can't get/use one */
ipv6_works = 0; ipv6_works = 0;
--- lib/if2ip.c.orig Index: lib/if2ip.c
+++ lib/if2ip.c ===================================================================
--- lib/if2ip.c.orig 2014-02-04 16:25:31.277657445 +0100
+++ lib/if2ip.c 2014-02-04 16:25:32.639671801 +0100
@@ -171,7 +171,7 @@ if2ip_result_t Curl_if2ip(int af, unsign @@ -171,7 +171,7 @@ if2ip_result_t Curl_if2ip(int af, unsign
if(len >= sizeof(req.ifr_name)) if(len >= sizeof(req.ifr_name))
return IF2IP_NOT_FOUND; return IF2IP_NOT_FOUND;
@ -98,40 +108,24 @@ compile time is not enough.
if(CURL_SOCKET_BAD == dummy) if(CURL_SOCKET_BAD == dummy)
return IF2IP_NOT_FOUND; return IF2IP_NOT_FOUND;
--- lib/netrc.c.orig Index: lib/netrc.c
+++ lib/netrc.c ===================================================================
@@ -97,7 +97,7 @@ int Curl_parsenetrc(const char *host, --- lib/netrc.c.orig 2014-02-04 16:25:32.639671801 +0100
+++ lib/netrc.c 2014-02-04 16:26:01.737978525 +0100
@@ -99,7 +99,7 @@ int Curl_parsenetrc(const char *host,
netrc_alloc = TRUE; netrc_alloc = TRUE;
} }
- file = fopen(netrcfile, "r"); - file = fopen(netrcfile, "r");
+ file = fopen(netrcfile, "re"); + file = fopen(netrcfile, "re");
if(netrc_alloc)
Curl_safefree(netrcfile);
if(file) { if(file) {
char *tok; Index: lib/connect.c
char *tok_buf; ===================================================================
--- lib/ssluse.c.orig --- lib/connect.c.orig 2014-02-04 16:25:31.277657445 +0100
+++ lib/ssluse.c +++ lib/connect.c 2014-02-04 16:25:32.761673087 +0100
@@ -420,7 +420,7 @@ int cert_stuff(struct connectdata *conn, @@ -1298,7 +1298,7 @@ CURLcode Curl_socket(struct connectdata
STACK_OF(X509) *ca = NULL;
int i;
- f = fopen(cert_file,"rb");
+ f = fopen(cert_file,"rbe");
if(!f) {
failf(data, "could not open PKCS12 file '%s'", cert_file);
return 0;
@@ -2168,7 +2168,7 @@ static CURLcode servercert(struct connec
/* e.g. match issuer name with provided issuer certificate */
if(data->set.str[STRING_SSL_ISSUERCERT]) {
- fp=fopen(data->set.str[STRING_SSL_ISSUERCERT],"r");
+ fp=fopen(data->set.str[STRING_SSL_ISSUERCERT],"re");
if(!fp) {
if(strict)
failf(data, "SSL: Unable to open issuer cert (%s)",
--- lib/connect.c.orig
+++ lib/connect.c
@@ -1313,7 +1313,7 @@ CURLcode Curl_socket(struct connectdata
(struct curl_sockaddr *)addr); (struct curl_sockaddr *)addr);
else else
/* opensocket callback not set, so simply create the socket now */ /* opensocket callback not set, so simply create the socket now */
@ -140,9 +134,11 @@ compile time is not enough.
if(*sockfd == CURL_SOCKET_BAD) if(*sockfd == CURL_SOCKET_BAD)
/* no socket, no connection */ /* no socket, no connection */
--- configure.ac.orig Index: configure.ac
+++ configure.ac ===================================================================
@@ -183,6 +183,7 @@ AC_CANONICAL_HOST --- configure.ac.orig 2014-02-04 16:25:31.278657455 +0100
+++ configure.ac 2014-02-04 16:25:32.762673098 +0100
@@ -182,6 +182,7 @@ AC_CANONICAL_HOST
dnl Get system canonical name dnl Get system canonical name
AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-machine-OS]) AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-machine-OS])
@ -150,7 +146,7 @@ compile time is not enough.
dnl Checks for programs. dnl Checks for programs.
dnl Our curl_off_t internal and external configure settings dnl Our curl_off_t internal and external configure settings
@@ -195,6 +196,7 @@ dnl Our configure and build reentrant se @@ -194,6 +195,7 @@ dnl Our configure and build reentrant se
CURL_CONFIGURE_THREAD_SAFE CURL_CONFIGURE_THREAD_SAFE
CURL_CONFIGURE_REENTRANT CURL_CONFIGURE_REENTRANT