Update to 7.21.3

- New upstream release 7.21.3:
  - added --noconfigure switch to testcurl.pl
  - added --xattr option
  - added CURLOPT_RESOLVE and --resolve
  - added CURLAUTH_ONLY
  - added version-check.pl to the examples dir
  - check for libcurl features for some command line options
  - Curl_setopt: disallow CURLOPT_USE_SSL without SSL support
  - http_chunks: remove debug output
  - URL-parsing: consider ? a divider
  - SSH: avoid using the libssh2_ prefix
  - SSH: use libssh2_session_handshake() to work on win64
  - ftp: prevent server from hanging on closed data connection when stopping
    a transfer before the end of the full transfer (ranges)
  - LDAP: detect non-binary attributes properly
  - ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
  - gnutls->handshake: improved timeout handling
  - security: pass the right parameter to init
  - krb5: use GSS_ERROR to check for error
  - TFTP: resend the correct data
  - configure: fix autoconf 2.68 warning: no AC_LANG_SOURCE call detected
  - GnuTLS: now detects socket errors on Windows
  - symbols-in-versions: updated en masse
  - added a couple of examples that were missing from the tarball
  - Curl_send/recv_plain: return errno on failure
  - Curl_wait_for_resolv (for c-ares): correct timeout
  - ossl_connect_common: detect connection re-use
  - configure: prevent link errors with --librtmp
  - openldap: use remote port in URL passed to ldap_init_fd()
  - url: provide dead_connection flag in Curl_handler::disconnect
  - lots of compiler warning fixes
  - ssh: fix a download resume point calculation
  - fix getinfo CURLINFO_LOCAL* for reused connections
  - multi: the returned running handles counter could turn negative
  - multi: only ever consider pipelining for connections doing HTTP(S)
- Drop upstream patches now in tarball
- Update bz650255 and disable-test1112 patches to apply against new codebase
- Add workaround for false-positive glibc-detected buffer overflow in tftpd
  test server with FORTIFY_SOURCE (similar to #515361)
This commit is contained in:
Paul Howarth 2010-12-16 16:33:11 +00:00
parent 451e44f944
commit 0a2e77997c
11 changed files with 77 additions and 286 deletions

1
.gitignore vendored
View File

@ -1 +1,2 @@
curl-7.21.2.tar.lzma curl-7.21.2.tar.lzma
/curl-7.21.3.tar.lzma

View File

@ -1,115 +0,0 @@
CHANGES | 10 ++++++++++
lib/ftp.c | 7 ++++++-
tests/data/test1036 | 1 +
tests/data/test1057 | 1 +
tests/data/test110 | 1 +
tests/data/test122 | 1 +
tests/data/test135 | 1 +
7 files changed, 21 insertions(+), 1 deletions(-)
diff --git a/CHANGES b/CHANGES
index c06d213..90ef831 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,16 @@
Changelog
+Kamil Dudka (29 Oct 2010)
+- ftp: prevent server from hanging on closed data connection
+
+ Some FTP servers (e.g. Pure-ftpd) end up hanging if we close the data
+ connection before transferring all the requested data. If we send ABOR
+ in that case, it prevents the server from hanging.
+
+ Bug: https://bugzilla.redhat.com/643656
+ Reported by: Pasi Karkkainen, Patrick Monnerat
+
Version 7.21.2 (12 Oct 2010)
Daniel Stenberg (12 Oct 2010)
diff --git a/lib/ftp.c b/lib/ftp.c
index 60d9517..b11be35 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -3083,6 +3083,11 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
#endif
if(conn->sock[SECONDARYSOCKET] != CURL_SOCKET_BAD) {
+ if(!result && ftpc->dont_check)
+ /* prevent some FTP servers (namely Pure-ftpd) from hanging if we close
+ * the data channel before transferring all data */
+ result = Curl_pp_sendf(&ftpc->pp, "ABOR");
+
if(conn->ssl[SECONDARYSOCKET].use) {
/* The secondary socket is using SSL so we must close down that part
first before we close the socket for real */
@@ -3097,7 +3102,7 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
}
}
- if((ftp->transfer == FTPTRANSFER_BODY) && ftpc->ctl_valid &&
+ if(!result && (ftp->transfer == FTPTRANSFER_BODY) && ftpc->ctl_valid &&
pp->pending_resp && !premature) {
/*
* Let's see what the server says about the transfer we just performed,
diff --git a/tests/data/test1036 b/tests/data/test1036
index b8ebc4f..a31cb45 100644
--- a/tests/data/test1036
+++ b/tests/data/test1036
@@ -50,6 +50,7 @@ TYPE I
SIZE 1036
REST 20
RETR 1036
+ABOR
QUIT
</protocol>
<file name="log/curl1036.out">
diff --git a/tests/data/test1057 b/tests/data/test1057
index cfb88f2..b4ef20c 100644
--- a/tests/data/test1057
+++ b/tests/data/test1057
@@ -45,6 +45,7 @@ TYPE I
SIZE 1057
REST 52
RETR 1057
+ABOR
QUIT
</protocol>
</verify>
diff --git a/tests/data/test110 b/tests/data/test110
index b63ba8a..4a094e7 100644
--- a/tests/data/test110
+++ b/tests/data/test110
@@ -46,6 +46,7 @@ TYPE I
SIZE 110
REST 20
RETR 110
+ABOR
QUIT
</protocol>
</verify>
diff --git a/tests/data/test122 b/tests/data/test122
index fb1dd05..ac60672 100644
--- a/tests/data/test122
+++ b/tests/data/test122
@@ -39,6 +39,7 @@ EPSV
PASV
TYPE I
SIZE 122
+ABOR
QUIT
</protocol>
</verify>
diff --git a/tests/data/test135 b/tests/data/test135
index a051dba..10eb0ea 100644
--- a/tests/data/test135
+++ b/tests/data/test135
@@ -47,6 +47,7 @@ TYPE I
SIZE 135
REST 4
RETR 135
+ABOR
QUIT
</protocol>
</verify>

View File

@ -1,108 +0,0 @@
From 9d506521f3c22e94da5c80eebef2b9438073c75d Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Thu, 4 Nov 2010 21:44:02 +0100
Subject: [PATCH] ftp: close connection as soon as ABOR has been sent
... and do not send ABOR unless really necessary.
Bug: https://bugzilla.redhat.com/649347
Reported by: Simon H.
---
CHANGES | 8 ++++++++
lib/ftp.c | 15 +++++++++++----
tests/data/test1036 | 1 -
tests/data/test110 | 1 -
tests/data/test122 | 1 -
5 files changed, 19 insertions(+), 7 deletions(-)
diff --git a/CHANGES b/CHANGES
index 90ef831..a93216e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,14 @@
Changelog
+Kamil Dudka (4 Nov 2010)
+- ftp: close connection as soon as ABOR has been sent
+
+ ... and do not send ABOR unless really necessary.
+
+ Bug: https://bugzilla.redhat.com/649347
+ Reported by: Simon H.
+
Kamil Dudka (29 Oct 2010)
- ftp: prevent server from hanging on closed data connection
diff --git a/lib/ftp.c b/lib/ftp.c
index b11be35..ddd1dcf 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -3083,10 +3083,9 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
#endif
if(conn->sock[SECONDARYSOCKET] != CURL_SOCKET_BAD) {
- if(!result && ftpc->dont_check)
- /* prevent some FTP servers (namely Pure-ftpd) from hanging if we close
- * the data channel before transferring all data */
- result = Curl_pp_sendf(&ftpc->pp, "ABOR");
+ if(!result && ftpc->dont_check && data->req.maxdownload > 0)
+ /* partial download completed */
+ result = Curl_pp_sendf(pp, "ABOR");
if(conn->ssl[SECONDARYSOCKET].use) {
/* The secondary socket is using SSL so we must close down that part
@@ -3128,6 +3127,14 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
if(result)
return result;
+ if(ftpc->dont_check && data->req.maxdownload > 0) {
+ /* we have just sent ABOR and there is no reliable way to check if it was
+ * successful or not; we have to close the connection now */
+ infof(data, "partial download completed, closing connection\n");
+ conn->bits.close = TRUE; /* mark for closure */
+ return result;
+ }
+
if(!ftpc->dont_check) {
/* 226 Transfer complete, 250 Requested file action okay, completed. */
if((ftpcode != 226) && (ftpcode != 250)) {
diff --git a/tests/data/test1036 b/tests/data/test1036
index a31cb45..b8ebc4f 100644
--- a/tests/data/test1036
+++ b/tests/data/test1036
@@ -50,7 +50,6 @@ TYPE I
SIZE 1036
REST 20
RETR 1036
-ABOR
QUIT
</protocol>
<file name="log/curl1036.out">
diff --git a/tests/data/test110 b/tests/data/test110
index 4a094e7..b63ba8a 100644
--- a/tests/data/test110
+++ b/tests/data/test110
@@ -46,7 +46,6 @@ TYPE I
SIZE 110
REST 20
RETR 110
-ABOR
QUIT
</protocol>
</verify>
diff --git a/tests/data/test122 b/tests/data/test122
index ac60672..fb1dd05 100644
--- a/tests/data/test122
+++ b/tests/data/test122
@@ -39,7 +39,6 @@ EPSV
PASV
TYPE I
SIZE 122
-ABOR
QUIT
</protocol>
</verify>
--
1.7.2.3

View File

@ -1,29 +0,0 @@
From 1cd485edb996ab3c52e8501d452de00e0be3b092 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Tue, 9 Nov 2010 17:04:04 +0100
Subject: [PATCH] curl: bz650255
---
lib/ftp.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/lib/ftp.c b/lib/ftp.c
index d79878e..416e5ec 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -425,6 +425,12 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
if(ftpcode)
*ftpcode = code;
+ if(421 == code)
+ /* 421 means "Service not available, closing control connection." and FTP
+ * servers use it to signal that idle session timeout has been exceeded.
+ * If we ignored the response, it could end up hanging in some cases. */
+ return CURLE_OPERATION_TIMEDOUT;
+
return result;
}
--
1.7.2.3

View File

@ -5,7 +5,7 @@ diff --git a/lib/url.c b/lib/url.c
index 1b65a92..4e2bce6 100644 index 1b65a92..4e2bce6 100644
--- a/lib/url.c --- a/lib/url.c
+++ b/lib/url.c +++ b/lib/url.c
@@ -2886,6 +2886,11 @@ ConnectionExists(struct SessionHandle *data, @@ -2910,6 +2910,11 @@
check->data = data; check->data = data;
infof(data, "Connection #%ld seems to be dead!\n", i); infof(data, "Connection #%ld seems to be dead!\n", i);
@ -14,6 +14,6 @@ index 1b65a92..4e2bce6 100644
+ * connection */ + * connection */
+ check->proto.ftpc.ctl_valid = FALSE; + check->proto.ftpc.ctl_valid = FALSE;
+ +
Curl_disconnect(check); /* disconnect resources */ /* disconnect resources */
Curl_disconnect(check, /* dead_connection */ TRUE);
data->state.connc->connects[i]=NULL; /* nothing here */ data->state.connc->connects[i]=NULL; /* nothing here */

View File

@ -0,0 +1,12 @@
--- curl-7.21.3/tests/server/tftpd.c.orig 2010-12-01 18:45:49.000000000 +0000
+++ curl-7.21.3/tests/server/tftpd.c 2010-12-16 13:19:13.489446036 +0000
@@ -1291,8 +1291,8 @@
pe->e_msg = strerror(error - 100);
tp->th_code = EUNDEF; /* set 'undef' errorcode */
}
- strcpy(tp->th_msg, pe->e_msg);
length = (int)strlen(pe->e_msg);
+ memcpy(tp->th_msg, pe->e_msg, length + 1);
tp->th_msg[length] = '\0';
length += 5;
if (swrite(peer, &buf.storage[0], length) != length)

View File

@ -6,7 +6,7 @@ diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 9370974..b553f54 100644 index 9370974..b553f54 100644
--- a/tests/data/Makefile.am --- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am +++ b/tests/data/Makefile.am
@@ -65,7 +65,7 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \ @@ -65,7 +65,7 @@ EXTRA_DIST = test1 test108 test117 test1
test561 test1098 test1099 test562 test563 test1100 test564 test1101 \ test561 test1098 test1099 test562 test563 test1100 test564 test1101 \
test1102 test1103 test1104 test299 test310 test311 test312 test1105 \ test1102 test1103 test1104 test299 test310 test311 test312 test1105 \
test565 test800 test1106 test801 test566 test802 test803 test1107 \ test565 test800 test1106 test801 test566 test802 test803 test1107 \
@ -14,12 +14,12 @@ index 9370974..b553f54 100644
+ test1108 test1109 test1110 test1111 test129 test567 test568 \ + test1108 test1109 test1110 test1111 test129 test567 test568 \
test569 test570 test571 test572 test804 test805 test806 test807 test573 \ test569 test570 test571 test572 test804 test805 test806 test807 test573 \
test313 test1115 test578 test579 test1116 test1200 test1201 test1202 \ test313 test1115 test578 test579 test1116 test1200 test1201 test1202 \
test1203 test1117 test1203 test1117 test1118 test1119 test1120
diff --git a/tests/data/Makefile.in b/tests/data/Makefile.in diff --git a/tests/data/Makefile.in b/tests/data/Makefile.in
index 435b126..1d71c4e 100644 index 435b126..1d71c4e 100644
--- a/tests/data/Makefile.in --- a/tests/data/Makefile.in
+++ b/tests/data/Makefile.in +++ b/tests/data/Makefile.in
@@ -302,7 +302,7 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \ @@ -302,7 +302,7 @@ EXTRA_DIST = test1 test108 test117 test1
test561 test1098 test1099 test562 test563 test1100 test564 test1101 \ test561 test1098 test1099 test562 test563 test1100 test564 test1101 \
test1102 test1103 test1104 test299 test310 test311 test312 test1105 \ test1102 test1103 test1104 test299 test310 test311 test312 test1105 \
test565 test800 test1106 test801 test566 test802 test803 test1107 \ test565 test800 test1106 test801 test566 test802 test803 test1107 \
@ -27,4 +27,4 @@ index 435b126..1d71c4e 100644
+ test1108 test1109 test1110 test1111 test129 test567 test568 \ + test1108 test1109 test1110 test1111 test129 test567 test568 \
test569 test570 test571 test572 test804 test805 test806 test807 test573 \ test569 test570 test571 test572 test804 test805 test806 test807 test573 \
test313 test1115 test578 test579 test1116 test1200 test1201 test1202 \ test313 test1115 test578 test579 test1116 test1200 test1201 test1202 \
test1203 test1117 test1203 test1117 test1118 test1119 test1120

View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEABECAAYFAky025IACgkQeOEcayedXJHIEwCgqKMXD6Kd9MHuwDGaGME6ooNK
1mYAn0bGy1L/qmAzyCAy5TAZnj0Lkmhk
=CUrv
-----END PGP SIGNATURE-----

7
curl-7.21.3.tar.lzma.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEABECAAYFAk0Iz2QACgkQeOEcayedXJGrpwCfWyvtIlugNkF2FFwFQfofss07
XNoAoKIwCqlnHNQx/7B02B2DJRPLctvG
=H9uq
-----END PGP SIGNATURE-----

View File

@ -1,25 +1,18 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl Name: curl
Version: 7.21.2 Version: 7.21.3
Release: 5%{?dist} Release: 1%{?dist}
License: MIT License: MIT
Group: Applications/Internet Group: Applications/Internet
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
Source2: curlbuild.h Source2: curlbuild.h
Source3: hide_selinux.c Source3: hide_selinux.c
# ftp: prevent server from hanging on closed data connection (#643656)
Patch1: 0001-curl-7.21.2-0c8e5f7.patch
# ftp: close connection as soon as ABOR has been sent (#649347)
Patch2: 0002-curl-7.21.2-c6b97a8.patch
# return more appropriate error code in case FTP server session idle
# timeout has exceeded (#650255)
Patch3: 0003-curl-7.21.2-12b2412.patch
# do not send QUIT to a dead FTP control connection (#650255) # do not send QUIT to a dead FTP control connection (#650255)
Patch4: 0004-curl-7.21.2-bz650255.patch Patch4: 0004-curl-7.21.3-bz650255.patch
# Avoid buffer overflow report from glibc with FORTIFY_SOURCE
Patch5: 0005-curl-7.21.3-tftpd-buffer-overflow.patch
# patch making libcurl multilib ready # patch making libcurl multilib ready
Patch101: 0101-curl-7.21.1-multilib.patch Patch101: 0101-curl-7.21.1-multilib.patch
@ -31,7 +24,7 @@ Patch102: 0102-curl-7.21.2-debug.patch
Patch104: 0104-curl-7.19.7-localhost6.patch Patch104: 0104-curl-7.19.7-localhost6.patch
# exclude test1112 from the test suite (#565305) # exclude test1112 from the test suite (#565305)
Patch105: 0105-curl-7.20.0-disable-test1112.patch Patch105: 0105-curl-7.21.3-disable-test1112.patch
# disable valgrind for certain test-cases (libssh2 problem) # disable valgrind for certain test-cases (libssh2 problem)
Patch106: 0106-curl-7.21.0-libssh2-valgrind.patch Patch106: 0106-curl-7.21.0-libssh2-valgrind.patch
@ -116,13 +109,9 @@ for f in CHANGES README; do
mv -f ${f}.utf8 ${f} mv -f ${f}.utf8 ${f}
done done
# upstream patches (already applied)
%patch1 -p1
%patch2 -p1
%patch3 -p1
# upstream patches (not yet applied) # upstream patches (not yet applied)
%patch4 -p1 %patch4 -p1
%patch5 -p1
# Fedora patches # Fedora patches
%patch101 -p1 %patch101 -p1
@ -234,6 +223,47 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/aclocal/libcurl.m4 %{_datadir}/aclocal/libcurl.m4
%changelog %changelog
* Thu Dec 16 2010 Paul Howarth <paul@city-fan.org> 7.21.3-1
- update to 7.21.3:
- added --noconfigure switch to testcurl.pl
- added --xattr option
- added CURLOPT_RESOLVE and --resolve
- added CURLAUTH_ONLY
- added version-check.pl to the examples dir
- check for libcurl features for some command line options
- Curl_setopt: disallow CURLOPT_USE_SSL without SSL support
- http_chunks: remove debug output
- URL-parsing: consider ? a divider
- SSH: avoid using the libssh2_ prefix
- SSH: use libssh2_session_handshake() to work on win64
- ftp: prevent server from hanging on closed data connection when stopping
a transfer before the end of the full transfer (ranges)
- LDAP: detect non-binary attributes properly
- ftp: treat server's response 421 as CURLE_OPERATION_TIMEDOUT
- gnutls->handshake: improved timeout handling
- security: pass the right parameter to init
- krb5: use GSS_ERROR to check for error
- TFTP: resend the correct data
- configure: fix autoconf 2.68 warning: no AC_LANG_SOURCE call detected
- GnuTLS: now detects socket errors on Windows
- symbols-in-versions: updated en masse
- added a couple of examples that were missing from the tarball
- Curl_send/recv_plain: return errno on failure
- Curl_wait_for_resolv (for c-ares): correct timeout
- ossl_connect_common: detect connection re-use
- configure: prevent link errors with --librtmp
- openldap: use remote port in URL passed to ldap_init_fd()
- url: provide dead_connection flag in Curl_handler::disconnect
- lots of compiler warning fixes
- ssh: fix a download resume point calculation
- fix getinfo CURLINFO_LOCAL* for reused connections
- multi: the returned running handles counter could turn negative
- multi: only ever consider pipelining for connections doing HTTP(S)
- drop upstream patches now in tarball
- update bz650255 and disable-test1112 patches to apply against new codebase
- add workaround for false-positive glibc-detected buffer overflow in tftpd
test server with FORTIFY_SOURCE (similar to #515361)
* Fri Nov 12 2010 Kamil Dudka <kdudka@redhat.com> 7.21.2-5 * Fri Nov 12 2010 Kamil Dudka <kdudka@redhat.com> 7.21.2-5
- do not send QUIT to a dead FTP control connection (#650255) - do not send QUIT to a dead FTP control connection (#650255)
- pull back glibc's implementation of str[n]casecmp(), #626470 appears fixed - pull back glibc's implementation of str[n]casecmp(), #626470 appears fixed

View File

@ -1 +1 @@
4a7675737e0d3e19b193b3e765f5cf41 curl-7.21.2.tar.lzma 04f45add29bd9d314811193fc8bd8817 curl-7.21.3.tar.lzma