pool/curl
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1000420 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

Browse Source 
- Update to 7.85.0:
  * Security fixes: [bsc#1202593, CVE-2022-35252]
    - control code in cookie denial of service
  * Changes:
    - quic: add support via wolfSSL
    - schannel: Add TLS 1.3 support
    - setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR
  * Bugfixes:
    - asyn-thread: fix socket leak on OOM
    - asyn-thread: make getaddrinfo_complete return CURLcode
    - base64: base64url encoding has no padding
    - configure: fix broken m4 syntax in TLS options
    - configure: if asked to use TLS, fail if no TLS lib was detected
    - connect: add quic connection information
    - connect: set socktype/protocol correctly
    - cookie: reject cookies with "control bytes"
    - cookie: treat a blank domain in Set-Cookie: as non-existing
    - curl: output warning when a cookie is dropped due to size
    - Curl_close: call Curl_resolver_cancel to avoid memory-leak
    - digest: fix memory leak, fix not quoted 'opaque'
    - digest: fix missing increment of 'nc' value for auth-int
    - digest: pass over leading spaces in qop values
    - digest: reject broken header with session protocol but without qop
    - doh: use https protocol by default
    - easy_lock.h: include sched.h if available to fix build
    - easy_lock.h: use __asm__ instead of asm to fix build
    - easy_lock: switch to using atomic_int instead of bool
    - ftp: use a correct expire ID for timer expiry
    - h2h3: fix overriding the 'TE: Trailers' header
    - hostip: resolve *.localhost to 127.0.0.1/::1

OBS-URL: https://build.opensuse.org/request/show/1000420
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=317
This commit is contained in:
Pedro Monreal Gonzalez 2022-08-31 11:55:07 +00:00 committed by Git OBS Bridge
parent 2485d02a96
commit c9f82120ba
8 changed files with 100 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
curl-7.84.0.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2d118b43f547bfe5bae806d8d47b4e596ea5b25a6c1f080aef49fbcd817c5db8
size 2477944

11
curl-7.84.0.tar.xz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmK5SoUACgkQXMkI/bce
EsKDNQgAhJOD5v9j8Njhb09goLU4rHW4qCQjfhmWPEHyWqFSw4WUaBpZkNR5SzIO
wpEGgCbxbpmsfQuGeguc100hESCCjHlZlUcNDfCF0YoWt+cRKvCyR278GcqLJajH
DL5kXeq8QCkL9o1M7lmNfJn5Dmd7CcU+ALryKz6O1T7vYeZZzAYA9zZ5D0NORsil
F9n1ZjwI6r7m+S73qkI5+7LQHgtP5EkwJODVorEhmZPZAPldMxCv3yn3HwSmtzaq
JbYKsHrDh1BFCo1auSpK4LBKWBOIpYCqW0jvwnsShw72dgYGHR9uu/YMgDz18OeS
hWWVocRxW2GW+Y3dBi1PF9an3/J0nQ==
=Oe40
-----END PGP SIGNATURE-----

3
curl-7.85.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:88b54a6d4b9a48cb4d873c7056dcba997ddd5b7be5a2d537a4acb55c20b04be6
size 2480648

11
curl-7.85.0.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEJ+3q8i86vOtQ25oSXMkI/bceEsIFAmMO/LoACgkQXMkI/bce
EsK14Af+L+0de5NTHNuXkryTcHZ35nGUhBcYJxE1Gyf0Or7IpX0rYsqpE6T1B6gm
/NwJb4yDzCPbtekHBmwhQNNj91p5BCEtOlcwOYaT6rgWiXvCNMtWydmPZWrwg9Pk
zVp+CVNOVoUDI2x2EAZc6IrxagKuvEzy29MFsRmXy/17D5XKkRH0QUJE3XfxorgV
LshtSVlxzlZXmer3jGqCKqyJJc+8du92rggDhs7W8e1JZ6M6ujc9p6LfO+HaW5c+
RPcLdScjzuOurAKwhWRWYcW3hukHGZ68iZYgfT2B43iLtRiwo2hQlHkt5Jg6WYmi
jKO6tKo1uF+bm7/5PWipWCTjvR8F3g==
=TXWE
-----END PGP SIGNATURE-----

60
curl.changes
View File

@ -1,3 +1,63 @@
-------------------------------------------------------------------
Wed Aug 31 07:34:20 UTC 2022 - Pedro Monreal <pmonreal@suse.com>
- Update to 7.85.0:
* Security fixes: [bsc#1202593, CVE-2022-35252]
- control code in cookie denial of service
* Changes:
- quic: add support via wolfSSL
- schannel: Add TLS 1.3 support
- setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR
* Bugfixes:
- asyn-thread: fix socket leak on OOM
- asyn-thread: make getaddrinfo_complete return CURLcode
- base64: base64url encoding has no padding
- configure: fix broken m4 syntax in TLS options
- configure: if asked to use TLS, fail if no TLS lib was detected
- connect: add quic connection information
- connect: set socktype/protocol correctly
- cookie: reject cookies with "control bytes"
- cookie: treat a blank domain in Set-Cookie: as non-existing
- curl: output warning when a cookie is dropped due to size
- Curl_close: call Curl_resolver_cancel to avoid memory-leak
- digest: fix memory leak, fix not quoted 'opaque'
- digest: fix missing increment of 'nc' value for auth-int
- digest: pass over leading spaces in qop values
- digest: reject broken header with session protocol but without qop
- doh: use https protocol by default
- easy_lock.h: include sched.h if available to fix build
- easy_lock.h: use __asm__ instead of asm to fix build
- easy_lock: switch to using atomic_int instead of bool
- ftp: use a correct expire ID for timer expiry
- h2h3: fix overriding the 'TE: Trailers' header
- hostip: resolve *.localhost to 127.0.0.1/::1
- HTTP3.md: update to msh3 v0.4.0
- hyper: use wakers for curl pause/resume
- lib3026: reduce the number of threads to 100
- libssh2: make atime/mtime date overflow return error
- libssh2: provide symlink name in SFTP dir listing
- multi: have curl_multi_remove_handle close CONNECT_ONLY transfer
- multi: use larger dns hash table for multi interface
- multi_wait: fix skipping to populate revents for extra_fds
- netrc: Use the password from lines without login
- ngtcp2: Fix build error due to change in nghttp3 prototypes
- ngtcp2: fix stall or busy loop on STOP_SENDING with upload data
- ngtcp2: implement cb_h3_stop_sending and cb_h3_reset_stream callbacks
- openssl: add 'CURL_BORINGSSL_VERSION' to identify BoringSSL
- openssl: add cert path in error message
- openssl: add details to "unable to set client certificate" error
- openssl: fix BoringSSL symbol conflicts with LDAP and Schannel
- select: do not return fatal error on EINTR from poll()
- sendf: fix paused header writes since after the header API
- sendf: skip storing HTTP headers if HTTP disabled
- url: really use the user provided in the url when netrc entry exists
- url: reject URLs with hostnames longer than 65535 bytes
- url: treat missing usernames in netrc as empty
- urldata: reduce size of several struct fields
- vtls: make Curl_ssl_backend() return the enum type curl_sslbackend
* Remove tests-for-32bit.patch fixed in the update
* Rebase libcurl-ocloexec.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Jul 24 19:37:01 UTC 2022 - Dirk Müller <dmueller@suse.com> Sun Jul 24 19:37:01 UTC 2022 - Dirk Müller <dmueller@suse.com>

3
curl.spec
View File

@ -21,7 +21,7 @@
# need ssl always for python-pycurl # need ssl always for python-pycurl
%bcond_without openssl %bcond_without openssl
Name: curl Name: curl
Version: 7.84.0 Version: 7.85.0
Release: 0 Release: 0
Summary: A Tool for Transferring Data from URLs Summary: A Tool for Transferring Data from URLs
License: curl License: curl
@ -35,7 +35,6 @@ Patch1: dont-mess-with-rpmoptflags.patch
Patch2: curl-secure-getenv.patch Patch2: curl-secure-getenv.patch
#PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled #PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch3: curl-disabled-redirect-protocol-message.patch Patch3: curl-disabled-redirect-protocol-message.patch
Patch4: https://github.com/curl/curl/commit/0484127805dc2cb7c743b67e017a725b5369227d.patch#/tests-for-32bit.patch
BuildRequires: libtool BuildRequires: libtool
BuildRequires: pkgconfig BuildRequires: pkgconfig
Requires: libcurl4 = %{version} Requires: libcurl4 = %{version}

50
libcurl-ocloexec.patch
View File

@ -7,20 +7,20 @@ To make it portable you have to test O_CLOEXEC support at *runtime*
compile time is not enough. compile time is not enough.
Index: curl-7.82.0/lib/file.c Index: curl-7.85.0/lib/file.c
=================================================================== ===================================================================
--- curl-7.82.0.orig/lib/file.c --- curl-7.85.0.orig/lib/file.c
+++ curl-7.82.0/lib/file.c +++ curl-7.85.0/lib/file.c
@@ -194,7 +194,7 @@ static CURLcode file_connect(struct Curl @@ -222,7 +222,7 @@ static CURLcode file_connect(struct Curl
return CURLE_URL_MALFORMAT;
} }
}
#else
- fd = open_readonly(real_path, O_RDONLY); - fd = open_readonly(real_path, O_RDONLY);
+ fd = open_readonly(real_path, O_RDONLY|O_CLOEXEC); + fd = open_readonly(real_path, O_RDONLY|O_CLOEXEC);
file->path = real_path; file->path = real_path;
#endif #endif
file->freepath = real_path; /* free this when done */ #endif
@@ -278,7 +278,7 @@ static CURLcode file_upload(struct Curl_ @@ -307,7 +307,7 @@ static CURLcode file_upload(struct Curl_
else else
mode = MODE_DEFAULT|O_TRUNC; mode = MODE_DEFAULT|O_TRUNC;
@ -29,11 +29,11 @@ Index: curl-7.82.0/lib/file.c
if(fd < 0) { if(fd < 0) {
failf(data, "Can't open %s for writing", file->path); failf(data, "Can't open %s for writing", file->path);
return CURLE_WRITE_ERROR; return CURLE_WRITE_ERROR;
Index: curl-7.82.0/lib/if2ip.c Index: curl-7.85.0/lib/if2ip.c
=================================================================== ===================================================================
--- curl-7.82.0.orig/lib/if2ip.c --- curl-7.85.0.orig/lib/if2ip.c
+++ curl-7.82.0/lib/if2ip.c +++ curl-7.85.0/lib/if2ip.c
@@ -204,7 +204,7 @@ if2ip_result_t Curl_if2ip(int af, @@ -206,7 +206,7 @@ if2ip_result_t Curl_if2ip(int af,
if(len >= sizeof(req.ifr_name)) if(len >= sizeof(req.ifr_name))
return IF2IP_NOT_FOUND; return IF2IP_NOT_FOUND;
@ -42,11 +42,11 @@ Index: curl-7.82.0/lib/if2ip.c
if(CURL_SOCKET_BAD == dummy) if(CURL_SOCKET_BAD == dummy)
return IF2IP_NOT_FOUND; return IF2IP_NOT_FOUND;
Index: curl-7.82.0/lib/connect.c Index: curl-7.85.0/lib/connect.c
=================================================================== ===================================================================
--- curl-7.82.0.orig/lib/connect.c --- curl-7.85.0.orig/lib/connect.c
+++ curl-7.82.0/lib/connect.c +++ curl-7.85.0/lib/connect.c
@@ -1622,7 +1622,9 @@ CURLcode Curl_socket(struct Curl_easy *d @@ -1651,7 +1651,9 @@ CURLcode Curl_socket(struct Curl_easy *d
} }
else else
/* opensocket callback not set, so simply create the socket now */ /* opensocket callback not set, so simply create the socket now */
@ -57,11 +57,11 @@ Index: curl-7.82.0/lib/connect.c
if(*sockfd == CURL_SOCKET_BAD) if(*sockfd == CURL_SOCKET_BAD)
/* no socket, no connection */ /* no socket, no connection */
Index: curl-7.82.0/configure.ac Index: curl-7.85.0/configure.ac
=================================================================== ===================================================================
--- curl-7.82.0.orig/configure.ac --- curl-7.85.0.orig/configure.ac
+++ curl-7.82.0/configure.ac +++ curl-7.85.0/configure.ac
@@ -320,6 +320,8 @@ AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-m @@ -335,6 +335,8 @@ AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-m
# Silence warning: ar: 'u' modifier ignored since 'D' is the default # Silence warning: ar: 'u' modifier ignored since 'D' is the default
AC_SUBST(AR_FLAGS, [cr]) AC_SUBST(AR_FLAGS, [cr])
@ -70,11 +70,11 @@ Index: curl-7.82.0/configure.ac
dnl This defines _ALL_SOURCE for AIX dnl This defines _ALL_SOURCE for AIX
CURL_CHECK_AIX_ALL_SOURCE CURL_CHECK_AIX_ALL_SOURCE
Index: curl-7.82.0/lib/hostip.c Index: curl-7.85.0/lib/hostip.c
=================================================================== ===================================================================
--- curl-7.82.0.orig/lib/hostip.c --- curl-7.85.0.orig/lib/hostip.c
+++ curl-7.82.0/lib/hostip.c +++ curl-7.85.0/lib/hostip.c
@@ -49,7 +49,7 @@ @@ -51,7 +51,7 @@
#ifdef HAVE_PROCESS_H #ifdef HAVE_PROCESS_H
#include <process.h> #include <process.h>
#endif #endif
@ -83,7 +83,7 @@ Index: curl-7.82.0/lib/hostip.c
#include "urldata.h" #include "urldata.h"
#include "sendf.h" #include "sendf.h"
#include "hostip.h" #include "hostip.h"
@@ -549,7 +549,7 @@ bool Curl_ipv6works(struct Curl_easy *da @@ -551,7 +551,7 @@ bool Curl_ipv6works(struct Curl_easy *da
else { else {
int ipv6_works = -1; int ipv6_works = -1;
/* probe to see if we have a working IPv6 stack */ /* probe to see if we have a working IPv6 stack */

30
tests-for-32bit.patch
View File

@ -1,30 +0,0 @@
From 0484127805dc2cb7c743b67e017a725b5369227d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 17 Jul 2022 23:48:22 +0200
Subject: [PATCH] lib3026: reduce the number of threads to 100
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Down from 1000, to make it run and work in more systems.
Fixes #9172
Reported-by: Érico Nogueira Rolim
Closes #9173
---
tests/libtest/lib3026.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/libtest/lib3026.c b/tests/libtest/lib3026.c
index 43fe33529e1f0..496a23f3cabd6 100644
--- a/tests/libtest/lib3026.c
+++ b/tests/libtest/lib3026.c
@@ -30,7 +30,7 @@
#include <pthread.h>
#include <unistd.h>
-#define NUM_THREADS 1000
+#define NUM_THREADS 100
static void *run_thread(void *ptr)
{