pool/curl
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36257dd5a4
curl/libcurl-ocloexec.patch
Ismail Dönmez 2cd7cc2321 Accepting request 312733 from home:pluskalm:branches:devel:libraries:c_c++ 
- Update to 7.43.0
  * Added CURLOPT_PROXY_SERVICE_NAME
  * Added CURLOPT_SERVICE_NAME
  * New curl option: --proxy-service-name
  * Mew curl option: --service-name
  * New curl option: --data-raw
  * Added CURLOPT_PIPEWAIT
  * Added support for multiplexing transfers using HTTP/2, enable 
    this with the new CURLPIPE_MULTIPLEX bit for 
    CURLMOPT_PIPELINING
  * HTTP/2: requires nghttp2 1.0.0 or later
  * scripts: add zsh.pl for generating zsh completion
  * curl.h: add CURL_HTTP_VERSION_2
  * CVE-2015-3236: lingering HTTP credentials in connection re-use
  * CVE-2015-3237: SMB send off unrelated memory contents 
- Disable HTTP/2 as it would create build cycle

OBS-URL: https://build.opensuse.org/request/show/312733
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=135
2015-06-19 13:41:49 +00:00

122 lines
4.1 KiB
Diff
Raw Blame History

Open library file descriptors with O_CLOEXEC
This patch is non-portable, it needs linux 2.6.23 and glibc 2.7
or later, different combinations (old linux, new glibc and vice-versa)
will result in a crash.
To make it portable you have to test O_CLOEXEC support at *runtime*
compile time is not enough.
Index: lib/file.c
===================================================================
--- lib/file.c.orig
+++ lib/file.c
@@ -238,7 +238,7 @@ static CURLcode file_connect(struct conn
/* binary zeroes indicate foul play */
return CURLE_URL_MALFORMAT;
- fd = open_readonly(real_path, O_RDONLY);
+ fd = open_readonly(real_path, O_RDONLY|O_CLOEXEC);
file->path = real_path;
#endif
file->freepath = real_path; /* free this when done */
@@ -334,7 +334,7 @@ static CURLcode file_upload(struct conne
else
mode = MODE_DEFAULT|O_TRUNC;
- fd = open(file->path, mode, conn->data->set.new_file_perms);
+ fd = open(file->path, mode | O_CLOEXEC, conn->data->set.new_file_perms);
if(fd < 0) {
failf(data, "Can't open %s for writing", file->path);
return CURLE_WRITE_ERROR;
Index: lib/formdata.c
===================================================================
--- lib/formdata.c.orig
+++ lib/formdata.c
@@ -1256,7 +1256,7 @@ CURLcode Curl_getformdata(struct Session
FILE *fileread;
fileread = strequal("-", file->contents)?
- stdin:fopen(file->contents, "rb"); /* binary read for win32 */
+ stdin:fopen(file->contents, "rbe"); /* binary read for win32 */
/*
* VMS: This only allows for stream files on VMS. Stream files are
@@ -1415,7 +1415,7 @@ static size_t readfromfile(struct Form *
else {
if(!form->fp) {
/* this file hasn't yet been opened */
- form->fp = fopen_read(form->data->line, "rb"); /* b is for binary */
+ form->fp = fopen_read(form->data->line, "rbe"); /* b is for binary */
if(!form->fp)
return (size_t)-1; /* failure */
}
Index: lib/hostip6.c
===================================================================
--- lib/hostip6.c.orig
+++ lib/hostip6.c
@@ -39,7 +39,7 @@
#ifdef HAVE_PROCESS_H
#include <process.h>
#endif
-
+#include <fcntl.h>
#include "urldata.h"
#include "sendf.h"
#include "hostip.h"
@@ -104,7 +104,7 @@ bool Curl_ipv6works(void)
static int ipv6_works = -1;
if(-1 == ipv6_works) {
/* probe to see if we have a working IPv6 stack */
- curl_socket_t s = socket(PF_INET6, SOCK_DGRAM, 0);
+ curl_socket_t s = socket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if(s == CURL_SOCKET_BAD)
/* an IPv6 address was requested but we can't get/use one */
ipv6_works = 0;
Index: lib/if2ip.c
===================================================================
--- lib/if2ip.c.orig
+++ lib/if2ip.c
@@ -222,7 +222,7 @@ if2ip_result_t Curl_if2ip(int af, unsign
if(len >= sizeof(req.ifr_name))
return IF2IP_NOT_FOUND;
- dummy = socket(AF_INET, SOCK_STREAM, 0);
+ dummy = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
if(CURL_SOCKET_BAD == dummy)
return IF2IP_NOT_FOUND;
Index: lib/connect.c
===================================================================
--- lib/connect.c.orig
+++ lib/connect.c
@@ -1337,7 +1337,7 @@ CURLcode Curl_socket(struct connectdata
(struct curl_sockaddr *)addr);
else
/* opensocket callback not set, so simply create the socket now */
- *sockfd = socket(addr->family, addr->socktype, addr->protocol);
+ *sockfd = socket(addr->family, addr->socktype | SOCK_CLOEXEC, addr->protocol);
if(*sockfd == CURL_SOCKET_BAD)
/* no socket, no connection */
Index: configure.ac
===================================================================
--- configure.ac.orig
+++ configure.ac
@@ -182,6 +182,7 @@ AC_CANONICAL_HOST
dnl Get system canonical name
AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-machine-OS])
+AC_USE_SYSTEM_EXTENSIONS
dnl Checks for programs.
dnl Our curl_off_t internal and external configure settings
@@ -194,6 +195,7 @@ dnl Our configure and build reentrant se
CURL_CONFIGURE_THREAD_SAFE
CURL_CONFIGURE_REENTRANT
+
dnl check for how to do large files
AC_SYS_LARGEFILE
Reference in New Issue View Git Blame Copy Permalink