pool/curl
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Update to 7.53.0

Browse Source 
Changes:
  * unix_socket: added --abstract-unix-socket and
    CURLOPT_ABSTRACT_UNIX_SOCKET
  * CURLOPT_BUFFERSIZE: support enlarging receive buffer
  Bugfixes:
  * CVE-2017-2629: make SSL_VERIFYSTATUS work again
  * gnutls-random: check return code for failed random
  * openssl-random: check return code when asking for random
  * http: remove "Curl_http_done: called premature" message
  * cyassl: use time_t instead of long for timeout
  * build-wolfssl: Sync config with wolfSSL 3.10
  * ftp-gss: check for init before use
  * configure: accept --with-libidn2 instead
  * ftp: failure to resolve proxy should return that error code
  * curl.1: add three more exit codes
  * docs/ciphers: link to our own new page about ciphers
  * vtls: s/SSLEAY/OPENSSL - fixes multi_socket timeouts with openssl
  * darwinssl: fix iOS build
  * darwinssl: fix CFArrayRef leak
  * cmake: use crypt32.lib when building with OpenSSL on windows
  * curl_formadd.3: CURLFORM_CONTENTSLENGTH not needed when chunked
  * digest_sspi: copy terminating NUL as well
  * curl: fix --remote-time incorrect times on Windows
  * curl.1: several updates and corrections
  * content_encoding: change return code on a failure
  * curl.h: CURLE_FUNCTION_NOT_FOUND is no longer in use
  * docs: TCP_KEEPALIVE start and interval default to 60
  * darwinssl: --insecure overrides --cacert if both settings are in use
  * TheArtOfHttpScripting: grammar

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=184
This commit is contained in:
Ismail Dönmez 2017-02-22 13:26:22 +00:00 committed by Git OBS Bridge
parent 1002a66bcb
commit bf1e67fa8b
7 changed files with 129 additions and 228 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

207
curl-7.52.1-idn-fixes.patch
View File

@ -1,207 +0,0 @@
From 0bc24d6f9d15a2cc5898cae4f214487200e78f44 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 25 Dec 2016 01:13:12 +0100
Subject: [PATCH] configure: accept --with-libidn2 instead
... which the help text already implied since we switched to libidn2
from libidn in commit 9c91ec778104ae3b back in October 2016.
Reported-by: Christian Weisgerber
Bug: https://curl.haxx.se/mail/lib-2016-12/0110.html
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 91028458f..65dac55bc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2830,7 +2830,7 @@ dnl **********************************************************************
AC_MSG_CHECKING([whether to build with libidn2])
OPT_IDN="default"
-AC_ARG_WITH(libidn,
+AC_ARG_WITH(libidn2,
AC_HELP_STRING([--with-libidn2=PATH],[Enable libidn2 usage])
AC_HELP_STRING([--without-libidn2],[Disable libidn2 usage]),
[OPT_IDN=$withval])
--
2.11.1
From f30cbcac11f5a627992f0c48cff91135808fa70f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Fri, 13 Jan 2017 09:36:33 +0100
Subject: [PATCH] IDN: Use TR46 'transitional' for toASCII translations
References: http://unicode.org/faq/idn.html
http://unicode.org/reports/tr46
Closes #1206
---
lib/url.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/url.c b/lib/url.c
index c7a91a4f7..29beb3853 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -4010,7 +4010,12 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host)
#ifdef USE_LIBIDN2
if(idn2_check_version(IDN2_VERSION)) {
char *ace_hostname = NULL;
- int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, 0);
+#ifdef IDN2_TRANSITIONAL
+ int flags = IDN2_NFC_INPUT | IDN2_TRANSITIONAL;
+#else
+ int flags = IDN2_NFC_INPUT;
+#endif
+ int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags);
if(rc == IDN2_OK) {
host->encalloc = (char *)ace_hostname;
/* change the name pointer to point to the encoded hostname */
--
2.11.1
From ba315745f7f4ddfedd0763833c22f019817535cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Fri, 13 Jan 2017 11:50:01 +0100
Subject: [PATCH] IDN: Fix compile time detection of linidn2 TR46
Follow-up to f30cbcac1
Closes #1207
---
lib/url.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/url.c b/lib/url.c
index 1f6e5bed9..9112baee0 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -4010,7 +4010,7 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host)
#ifdef USE_LIBIDN2
if(idn2_check_version(IDN2_VERSION)) {
char *ace_hostname = NULL;
-#ifdef IDN2_TRANSITIONAL
+#if IDN2_VERSION_NUMBER >= 0x00140000
int flags = IDN2_NFC_INPUT | IDN2_TRANSITIONAL;
#else
int flags = IDN2_NFC_INPUT;
--
2.11.1
From ee357664df9bbb301e3bc1070a855e6b13303a5d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 13 Jan 2017 14:31:40 +0100
Subject: [PATCH] IDN: revert use of the transitional option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
It made the german ß get converted to ss, IDNA2003 style, and we can't
have that for the .de TLD - a primary reason for our switch to IDNA2008.
Test 165 verifies.
---
lib/url.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/lib/url.c b/lib/url.c
index 9112baee0..b088b61e3 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -4010,12 +4010,8 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host)
#ifdef USE_LIBIDN2
if(idn2_check_version(IDN2_VERSION)) {
char *ace_hostname = NULL;
-#if IDN2_VERSION_NUMBER >= 0x00140000
- int flags = IDN2_NFC_INPUT | IDN2_TRANSITIONAL;
-#else
- int flags = IDN2_NFC_INPUT;
-#endif
- int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags);
+ int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname,
+ IDN2_NFC_INPUT);
if(rc == IDN2_OK) {
host->encalloc = (char *)ace_hostname;
/* change the name pointer to point to the encoded hostname */
--
2.11.1
From 7d6e3f8cfa5c8de1ecb4ab63ed0c0660cce7acdc Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 13 Jan 2017 14:49:11 +0100
Subject: [PATCH] IDN: Use TR46 non-transitional
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Assisted-by: Tim Rühsen
---
lib/url.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/lib/url.c b/lib/url.c
index b088b61e3..074289ed4 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -4010,8 +4010,15 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host)
#ifdef USE_LIBIDN2
if(idn2_check_version(IDN2_VERSION)) {
char *ace_hostname = NULL;
- int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname,
- IDN2_NFC_INPUT);
+#if IDN2_VERSION_NUMBER >= 0x00140000
+ /* IDN2_NFC_INPUT: Normalize input string using normalization form C.
+ IDN2_NONTRANSITIONAL: Perform Unicode TR46 non-transitional
+ processing. */
+ int flags = IDN2_NFC_INPUT | IDN2_NONTRANSITIONAL;
+#else
+ int flags = IDN2_NFC_INPUT;
+#endif
+ int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags);
if(rc == IDN2_OK) {
host->encalloc = (char *)ace_hostname;
/* change the name pointer to point to the encoded hostname */
--
2.11.1
From b135cd255b6aa7d051ea906693bf67580153ed76 Mon Sep 17 00:00:00 2001
From: Alessandro Ghedini <alessandro@ghedini.me>
Date: Sat, 14 Jan 2017 16:16:56 +0000
Subject: [PATCH] url: assume UTF-8 when doing idn2 lookup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Thanks to Tim Rühsen for the suggestion.
---
lib/url.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/url.c b/lib/url.c
index edae1e3f3..49ed4f669 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -4026,7 +4026,8 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host)
#else
int flags = IDN2_NFC_INPUT;
#endif
- int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags);
+ int rc = idn2_lookup_u8((const uint8_t *)host->name,
+ (uint8_t **)&ace_hostname, flags);
if(rc == IDN2_OK) {
host->encalloc = (char *)ace_hostname;
/* change the name pointer to point to the encoded hostname */
--
2.11.1

3
curl-7.52.1.tar.lzma
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:44286d4b825936e2430fc44ad730ce899afb736a5d328cbb8b5d42462f3f2365
size 2068290

11
curl-7.52.1.tar.lzma.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAlhc0OoACgkQXMkI/bce
EsISngf/adTW6+PCMHxPISnBqoCzO6/3YAH52WDZ1Z0A11VaCAkIbcsqXFF9K1xX
1W/cRt2ZR+eyAhm7gpulUJfxOy1ak5VuguebEY4vENmEpNg94+7iS9yldYJ4m0Q8
t6MeYW+twMazzKarU2CvRJBHW1H+olt0G/3+K6o8LPoLyuqHhGGssvm2c24hb8RZ
Kj9m027qg3KVi89cL5eND0OeLW5mMjNr0TjokicWE7/AP7Wd181ag/jMU3BTX/yh
n5KYp562kDR34AIgV2xbHe8Rmfce9lGNAMW90+xnDbKo3Gjm8I8Cq4UkVBspazV5
hieNGVze2dodGIh+O37iKhaoAoOJsg==
=2ZM9
-----END PGP SIGNATURE-----

3
curl-7.53.0.tar.lzma Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:38bf7820a72ae476a7637d55ec1e794cb3bb78b111521a0c2300ade77b1811cc
size 2076287

11
curl-7.53.0.tar.lzma.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAliszGIACgkQXMkI/bce
EsLC6AgAsRQhShQK1jA8thL7Vmon15i56XRyilzLER8JprzD/BG/M2Up1WESd2zJ
CzqfD9i7EL7kvysfHe/U5hv7UJCgI4PBxXfo2cjwade6DaO9tcFLTJShmXFI/ccU
lVhw69cF/mzniwiNHftfOFrl+d4G4evfWB+Lvr0dg9DRTTT/sSchXsSkVwh/flX1
97kBrv3E6RyloFZ0+2qyKI15ZXvPnwhi+agXqC2SQZ+y7rFTKpgowzVWKDI6/W/M
6gCeiC2TymxdvZkcdvQUO90zIXrOL/Tdc54L78cp8RmJg/5dMdsTU9RjYnwpoaja
Y4d1JCWXeYOx8CIC9vlb1mBotf/WVQ==
=ZmEV
-----END PGP SIGNATURE-----

109
curl.changes
View File

@ -1,3 +1,112 @@
-------------------------------------------------------------------
Wed Feb 22 09:49:12 UTC 2017 - idonmez@suse.com
- Update to 7.53.0
Changes:
* unix_socket: added --abstract-unix-socket and
CURLOPT_ABSTRACT_UNIX_SOCKET
* CURLOPT_BUFFERSIZE: support enlarging receive buffer
Bugfixes:
* CVE-2017-2629: make SSL_VERIFYSTATUS work again
* gnutls-random: check return code for failed random
* openssl-random: check return code when asking for random
* http: remove "Curl_http_done: called premature" message
* cyassl: use time_t instead of long for timeout
* build-wolfssl: Sync config with wolfSSL 3.10
* ftp-gss: check for init before use
* configure: accept --with-libidn2 instead
* ftp: failure to resolve proxy should return that error code
* curl.1: add three more exit codes
* docs/ciphers: link to our own new page about ciphers
* vtls: s/SSLEAY/OPENSSL - fixes multi_socket timeouts with openssl
* darwinssl: fix iOS build
* darwinssl: fix CFArrayRef leak
* cmake: use crypt32.lib when building with OpenSSL on windows
* curl_formadd.3: CURLFORM_CONTENTSLENGTH not needed when chunked
* digest_sspi: copy terminating NUL as well
* curl: fix --remote-time incorrect times on Windows
* curl.1: several updates and corrections
* content_encoding: change return code on a failure
* curl.h: CURLE_FUNCTION_NOT_FOUND is no longer in use
* docs: TCP_KEEPALIVE start and interval default to 60
* darwinssl: --insecure overrides --cacert if both settings are in use
* TheArtOfHttpScripting: grammar
* CIPHERS.md: document GSKit ciphers
* wolfssl: support setting cipher list
* wolfssl: display negotiated SSL version and cipher
* lib506: fix build for Open Watcom
* asiohiper: improved socket handling
* examples: make the C++ examples follow our code style too
* tests/sws: retry send() on EWOULDBLOCK
* cmake: Fix passing _WINSOCKAPI_ macro to compiler
* smtp: Fix STARTTLS denied error message
* imap/pop3: don't print response character in STARTTLS denied messages
* rand: make it work without TLS backing
* url: fix parsing for when 'file' is the default protocol
* url: allow file://X:/path URLs on windows again
* gnutls: check for alpn and ocsp in configure
* IDN: Use TR46 'non-transitional' for toASCII translations
* url: Fix NO_PROXY env var to work properly with --proxy option
* CURLOPT_PREQUOTE.3: takes a struct curl_slist*, not a char*
* docs: Add note about libcurl copying strings to CURLOPT_* manpages
* curl: reset the easy handle at --next
* --next docs: --trace and --trace-ascii are also global
* --write-out docs: 'time_total' is not always shown with ms precision
* http: print correct HTTP string in verbose output when using HTTP/2
* docs: improved language in README.md HISTORY.md CONTRIBUTE.md
* http2: disable server push if not requested
* nss: use the correct lock in nss_find_slot_by_name()
* usercertinmem.c: improve the short description
* CURLOPT_CONNECT_TO: Fix compile warnings
* docs: non-blocking SSL handshake is now supported with NSS
* *.rc: escape non-ASCII/non-UTF-8 character for clarity
* mbedTLS: fix multi interface non-blocking handshake
* PolarSSL: fix multi interface non-blocking handshake
* VC: remove the makefile.vc6 build infra
* telnet: fix windows compiler warnings
* cookies: do not assume a valid domain has a dot
* polarssl: fix hangs
* gnutls: disable TLS session tickets
* mbedtls: disable TLS session tickets
* mbedtls: implement CTR-DRBG and HAVEGE random generators
* openssl: Don't use certificate after transferring ownership
* cmake: Support curl --xattr when built with cmake
* OS400: Fix symbols
* docs: Add more HTTPS proxy documentation
* docs: use more HTTPS links
* cmdline-opts: Fixed build and test in out of source tree builds
* CHANGES.0: removed
* schannel: Remove incorrect SNI disabled message
* darwinssl: Avoid parsing certificates when not in verbose mode
* test552: Fix typos
* telnet: Fix typos
* transfer: only retry nobody-requests for HTTP
* http2: reset push header counter fixes crash
* nss: make FTPS work with --proxytunnel
* test1139: Added the --manual keyword since the manual is required
* polarssl, mbedtls: Fix detection of pending data
* http_proxy: Fix tiny memory leak upon edge case connecting to proxy
* URL: only accept ";options" in SMTP/POP3/IMAP URL schemes
* curl.1: ftp.sunet.se is no longer an FTP mirror
* tool_operate: Show HTTPS-Proxy options on CURLE_SSL_CACERT
* http2: fix memory-leak when denying push streams
* configure: Allow disabling pthreads, fall back on Win32 threads
* curl: fix typo in time condition warning message
* axtls: adapt to API changes
* tool_urlglob: Allow a glob range with the same start and stop
* winbuild: add note on auto-detection of MACHINE in Makefile.vc
* http: fix missing 'Content-Length: 0' while negotiating auth
* proxy: fix hostname resolution and IDN conversion
* docs: fix timeout handling in multi-uv example
* digest_sspi: Fix nonce-count generation in HTTP digest
* sftp: improved checks for create dir failures
* smb: use getpid replacement for windows UWP builds
* digest_sspi: Handle 'stale=TRUE' directive in HTTP digest
- Refresh curl-7.52.1-idn-fixes.patch and rename to
curl-7.53.0-idn-fixes.patch
-------------------------------------------------------------------
Sun Feb 5 22:33:33 UTC 2017 - astieger@suse.com

13
curl.spec
View File

@ -20,7 +20,7 @@
%bcond_with mozilla_nss
%bcond_without testsuite
Name: curl
Version: 7.52.1
Version: 7.53.0
Release: 0
Summary: A Tool for Transferring Data from URLs
License: BSD-3-Clause and MIT
@ -32,8 +32,7 @@ Source3: baselibs.conf
Source4: https://daniel.haxx.se/mykey.asc#/%{name}.keyring
Patch0: libcurl-ocloexec.patch
Patch1: dont-mess-with-rpmoptflags.diff
Patch3: curl-secure-getenv.patch
Patch5: curl-7.52.1-idn-fixes.patch
Patch2: curl-secure-getenv.patch
BuildRequires: groff
BuildRequires: krb5-mini-devel
BuildRequires: libidn2-devel
@ -97,8 +96,7 @@ user interaction or any kind of interactivity.
%setup -q
%patch0
%patch1
%patch3
%patch5 -p1
%patch2
%build
# curl complains if macro definition is contained in CFLAGS
@ -127,7 +125,8 @@ sed -i 's/\(link_all_deplibs=\)unknown/\1no/' configure
%endif
%endif
--with-gssapi=%{_libexecdir}/mit \
--with-libssh2\
--with-libidn2 \
--with-libssh2 \
--enable-hidden-symbols \
--disable-static \
--enable-threaded-resolver \
@ -153,7 +152,7 @@ fi
base=$((8990 + $BUILD_INCARNATION * 20))
# bug940009 do not run flaky tests for any architecture
# at least test 1510 do fail for i586 and ppc64le
perl ./runtests.pl -a -b$base '!flaky' || exit
LANG=en_US.UTF-8 perl ./runtests.pl -a -b$base '!flaky' || exit
popd
%endif