import curl-7.61.1-14.el8_3.1
This commit is contained in:
parent
239d821966
commit
324a6e1c46
60
SOURCES/0023-curl-7.61.1-no-https-proxy-crash.patch
Normal file
60
SOURCES/0023-curl-7.61.1-no-https-proxy-crash.patch
Normal file
@ -0,0 +1,60 @@
|
||||
From 9d5903ebcbcbcc4f3a997ec7d5552721c5383b9f Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Martin=20Ba=C5=A1ti?= <mbasti@redhat.com>
|
||||
Date: Thu, 27 Aug 2020 23:09:56 +0200
|
||||
Subject: [PATCH] http_proxy: do not crash with HTTPS_PROXY and NO_PROXY set
|
||||
|
||||
... in case NO_PROXY takes an effect
|
||||
|
||||
Without this patch, the following command crashes:
|
||||
|
||||
$ GIT_CURL_VERBOSE=1 NO_PROXY=github.com HTTPS_PROXY=https://example.com \
|
||||
git clone https://github.com/curl/curl.git
|
||||
|
||||
Minimal libcurl-based reproducer:
|
||||
|
||||
#include <curl/curl.h>
|
||||
|
||||
int main() {
|
||||
CURL *curl = curl_easy_init();
|
||||
if(curl) {
|
||||
CURLcode ret;
|
||||
curl_easy_setopt(curl, CURLOPT_URL, "https://github.com/");
|
||||
curl_easy_setopt(curl, CURLOPT_PROXY, "example.com");
|
||||
/* set the proxy type */
|
||||
curl_easy_setopt(curl, CURLOPT_PROXYTYPE, CURLPROXY_HTTPS);
|
||||
curl_easy_setopt(curl, CURLOPT_NOPROXY, "github.com");
|
||||
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
|
||||
ret = curl_easy_perform(curl);
|
||||
curl_easy_cleanup(curl);
|
||||
return ret;
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
Assisted-by: Kamil Dudka
|
||||
Bug: https://bugzilla.redhat.com/1873327
|
||||
Closes #5902
|
||||
|
||||
Upstream-commit: 3eff1c5092e542819ac7e6454a70c94b36ab2a40
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/url.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/lib/url.c b/lib/url.c
|
||||
index d65d17d..e77f391 100644
|
||||
--- a/lib/url.c
|
||||
+++ b/lib/url.c
|
||||
@@ -3074,6 +3074,9 @@ static CURLcode create_conn_helper_init_proxy(struct connectdata *conn)
|
||||
conn->bits.socksproxy = FALSE;
|
||||
conn->bits.proxy_user_passwd = FALSE;
|
||||
conn->bits.tunnel_proxy = FALSE;
|
||||
+ /* CURLPROXY_HTTPS does not have its own flag in conn->bits, yet we need
|
||||
+ to signal that CURLPROXY_HTTPS is not used for this connection */
|
||||
+ conn->http_proxy.proxytype = CURLPROXY_HTTP;
|
||||
}
|
||||
|
||||
out:
|
||||
--
|
||||
2.25.4
|
||||
|
@ -1,7 +1,7 @@
|
||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||
Name: curl
|
||||
Version: 7.61.1
|
||||
Release: 14%{?dist}
|
||||
Release: 14%{?dist}.1
|
||||
License: MIT
|
||||
Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
|
||||
|
||||
@ -58,6 +58,9 @@ Patch20: 0020-curl-7.61.1-openssl-engines.patch
|
||||
# avoid overwriting a local file with -J (CVE-2020-8177)
|
||||
Patch21: 0021-curl-7.61.1-CVE-2020-8177.patch
|
||||
|
||||
# do not crash when HTTPS_PROXY and NO_PROXY are used together (#1873327)
|
||||
Patch23: 0023-curl-7.61.1-no-https-proxy-crash.patch
|
||||
|
||||
# patch making libcurl multilib ready
|
||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||
|
||||
@ -242,6 +245,7 @@ git apply %{PATCH4}
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
%patch23 -p1
|
||||
|
||||
# make tests/*.py use Python 3
|
||||
sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
|
||||
@ -402,6 +406,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
||||
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
||||
|
||||
%changelog
|
||||
* Mon Nov 23 2020 Kamil Dudka <kdudka@redhat.com> - 7.61.1-14.el8_3.1
|
||||
- do not crash when HTTPS_PROXY and NO_PROXY are used together (#1873327)
|
||||
|
||||
* Tue Jul 28 2020 Kamil Dudka <kdudka@redhat.com> - 7.61.1-14
|
||||
- avoid overwriting a local file with -J (CVE-2020-8177)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user