pool/curl
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
curl/curl-use_OPENSSL_config.patch
Ismail Dönmez 681d679767 Accepting request 645709 from home:pmonrealgonzalez:branches:devel:libraries:c_c++ 
- Update to version 7.62.0
 Changes:
  * multiplex: enable by default
  * url: default to CURL_HTTP_VERSION_2TLS if built h2-enabled
  * setopt: add CURLOPT_DOH_URL
  * curl: --doh-url added
  * setopt: add CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
  * imap: change from "FETCH" to "UID FETCH"
  * configure: add option to disable automatic OpenSSL config loading
  * upkeep: add a connection upkeep API: curl_easy_upkeep()
  * URL-API: added five new functions
  * vtls: MesaLink is a new TLS backend 
 Bugfixes:
  * CVE-2018-16839: SASL password overflow via integer overflow [bsc#1112758]
  * CVE-2018-16840: use-after-free in handle close [bsc#1113029]
  * CVE-2018-16842: warning message out-of-buffer read [bsc#1113660]
  * CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated
  * Curl_dedotdotify(): always nul terminate returned string
  * Curl_follow: Always free the passed new URL
  * Curl_http2_done: fix memleak in error path
  * Curl_retry_request: fix memory leak
  * Curl_saferealloc: Fixed typo in docblock
  * FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER output
  * GnutTLS: TLS 1.3 support
  * SECURITY-PROCESS: mention the bountygraph program
  * VS projects: add USE_IPV6:
  * certs: generate tests certs with sha256 digest algorithm
  * checksrc: enable strict mode and warnings
  * checksrc: handle zero scoped ignore commands
  * cmake: Backport to work with CMake 3.0 again

OBS-URL: https://build.opensuse.org/request/show/645709
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=235
2018-10-31 11:23:21 +00:00

39 lines
1.4 KiB
Diff
Raw Blame History

This basically reverts https://github.com/curl/curl/commit/7d2f61f66ab4e047fc9aefc2effc1ac6d340a66a
Index: curl-7.62.0/lib/vtls/openssl.c
===================================================================
--- curl-7.62.0.orig/lib/vtls/openssl.c
+++ curl-7.62.0/lib/vtls/openssl.c
@@ -982,28 +982,12 @@ static int Curl_ossl_init(void)
ENGINE_load_builtin_engines();
#endif
- /* OPENSSL_config(NULL); is "strongly recommended" to use but unfortunately
- that function makes an exit() call on wrongly formatted config files
- which makes it hard to use in some situations. OPENSSL_config() itself
- calls CONF_modules_load_file() and we use that instead and we ignore
- its return code! */
-
- /* CONF_MFLAGS_DEFAULT_SECTION introduced some time between 0.9.8b and
- 0.9.8e */
-#ifndef CONF_MFLAGS_DEFAULT_SECTION
-#define CONF_MFLAGS_DEFAULT_SECTION 0x0
-#endif
-
-#ifndef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
- CONF_modules_load_file(NULL, NULL,
- CONF_MFLAGS_DEFAULT_SECTION|
- CONF_MFLAGS_IGNORE_MISSING_FILE);
-#endif
-
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
!defined(LIBRESSL_VERSION_NUMBER)
- /* OpenSSL 1.1.0+ takes care of initialization itself */
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
#else
+ OPENSSL_config(NULL);
+
/* Lets get nice error messages */
SSL_load_error_strings();
Reference in New Issue View Git Blame Copy Permalink