Accepting request 155712 from devel:libraries:c_c++

Fixup .changes entry - Require patch name in .changes (forwarded request 155702 from dimstar) OBS-URL: https://build.opensuse.org/request/show/155712 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/curl?expand=0&rev=81
2013-02-18 12:46:23 +00:00 · 2013-02-18 12:46:23 +00:00 · a4b0d99eec
commit a4b0d99eec
parent cbf92ceed0 8581e3aee5
3 changed files with 46 additions and 1 deletions
--- a/curl-secure-getenv.patch
+++ b/curl-secure-getenv.patch
@ -0,0 +1,37 @@
+--- lib/getenv.c.orig
+++ lib/getenv.c
+@@ -31,6 +31,14 @@
+ 
+ #include "memdebug.h"
+ 
+#ifndef HAVE_SECURE_GETENV
+#  ifdef HAVE__SECURE_GETENV
+#    define secure_getenv __secure_getenv
+#  else
+#    error neither secure_getenv nor __secure_getenv is available
+#  endif
+#endif
+
+ static
+ char *GetEnv(const char *variable)
+ {
+@@ -45,7 +53,7 @@ char *GetEnv(const char *variable)
+     ExpandEnvironmentStringsA(temp, env, sizeof(env));
+   return (env[0] != '\0')?strdup(env):NULL;
+ #else
+-  char *env = getenv(variable);
+  char *env = secure_getenv(variable);
+ #ifdef __VMS
+   if(env && strcmp("HOME",variable) == 0)
+     env = decc_translate_vms(env);
+--- configure.ac.orig
+++ configure.ac
+@@ -3480,6 +3480,8 @@ if test "x$want_curldebug_assumed" = "xy
+   ac_configure_args="$ac_configure_args --enable-curldebug"
+ fi
+ 
+AC_CHECK_FUNCS([__secure_getenv secure_getenv])
+
+ AC_CONFIG_FILES([Makefile \
+            docs/Makefile \
+            docs/examples/Makefile \
--- a/curl.changes
+++ b/curl.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sun Feb 17 17:04:34 UTC 2013 - crrodriguez@opensuse.org
+
+- Add curl-secure-getenv.patch: Use secure_getenv if available.
+  libcurl might be linked to a program where "secure execution" is
+  required.
+
 -------------------------------------------------------------------
 Thu Feb  7 10:54:15 UTC 2013 - vcizek@suse.com

--- a/curl.spec
+++ b/curl.spec
@ -34,6 +34,7 @@ Source4:        %{name}.keyring
 Patch:          libcurl-ocloexec.patch
 Patch1:         dont-mess-with-rpmoptflags.diff
 Patch2:         curl-CVE-2013-0249.patch
+Patch3:         curl-secure-getenv.patch
 # Use rpmbuild -D 'VERIFY_SIG 1' to verify signature during build or run one-shot check by "gpg-offline --verify --package=curl curl-*.asc".
 %if 0%{?VERIFY_SIG}
 BuildRequires:  gpg-offline
@ -100,7 +101,7 @@ user interaction or any kind of interactivity.
 %patch
 %patch1
 %patch2 -p1
-
+%patch3
 %build
 autoreconf -fi
 # local hack to make curl-config --libs stop printing libraries it depends on