From 5ea227a2d785b86f60f0606bb82c5032bfd730c7 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Mon, 18 Apr 2011 08:52:55 +0200 Subject: [PATCH] new upstream release - 7.21.5 --- .gitignore | 1 + 0001-curl-7.21.4-a40f58d.patch | 46 ------------------------- 0002-curl-7.21.4-7aa2d10.patch | 44 ----------------------- 0102-curl-7.21.2-debug.patch | 2 +- 0105-curl-7.21.3-disable-test1112.patch | 2 +- curl-7.21.4.tar.lzma.asc | 7 ---- curl-7.21.5.tar.lzma.asc | 7 ++++ curl.spec | 17 +++------ sources | 2 +- 9 files changed, 16 insertions(+), 112 deletions(-) delete mode 100644 0001-curl-7.21.4-a40f58d.patch delete mode 100644 0002-curl-7.21.4-7aa2d10.patch delete mode 100644 curl-7.21.4.tar.lzma.asc create mode 100644 curl-7.21.5.tar.lzma.asc diff --git a/.gitignore b/.gitignore index 1776a6c..1b42ca9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ curl-7.21.2.tar.lzma /curl-7.21.3.tar.lzma /curl-7.21.4.tar.lzma +/curl-7.21.5.tar.lzma diff --git a/0001-curl-7.21.4-a40f58d.patch b/0001-curl-7.21.4-a40f58d.patch deleted file mode 100644 index afe99f5..0000000 --- a/0001-curl-7.21.4-a40f58d.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 292debd50217ca5e548d8e4b5b2ce93014884f6d Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Thu, 17 Feb 2011 17:37:24 +0100 -Subject: [PATCH] nss: avoid memory leak on SSL connection failure - ---- - lib/nss.c | 9 ++++++++- - 1 files changed, 8 insertions(+), 1 deletions(-) - -diff --git a/lib/nss.c b/lib/nss.c -index e115ac9..d26ad5b 100644 ---- a/lib/nss.c -+++ b/lib/nss.c -@@ -1058,6 +1058,7 @@ void Curl_nss_close(struct connectdata *conn, int sockindex) - #ifdef HAVE_PK11_CREATEGENERICOBJECT - /* destroy all NSS objects in order to avoid failure of NSS shutdown */ - Curl_llist_destroy(connssl->obj_list, NULL); -+ connssl->obj_list = NULL; - #endif - connssl->handle = NULL; - } -@@ -1216,7 +1217,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) - /* make the socket nonblocking */ - sock_opt.option = PR_SockOpt_Nonblocking; - sock_opt.value.non_blocking = PR_TRUE; -- if(PR_SetSocketOption(model, &sock_opt) != SECSuccess) -+ if(PR_SetSocketOption(model, &sock_opt) != PR_SUCCESS) - goto error; - - if(SSL_OptionSet(model, SSL_SECURITY, PR_TRUE) != SECSuccess) -@@ -1407,6 +1408,12 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) - if(model) - PR_Close(model); - -+#ifdef HAVE_PK11_CREATEGENERICOBJECT -+ /* cleanup on connection failure */ -+ Curl_llist_destroy(connssl->obj_list, NULL); -+ connssl->obj_list = NULL; -+#endif -+ - if (ssl3 && tlsv1 && isTLSIntoleranceError(err)) { - /* schedule reconnect through Curl_retry_request() */ - data->state.ssl_connect_retry = TRUE; --- -1.7.4 - diff --git a/0002-curl-7.21.4-7aa2d10.patch b/0002-curl-7.21.4-7aa2d10.patch deleted file mode 100644 index 1a7ec7c..0000000 --- a/0002-curl-7.21.4-7aa2d10.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 1f009bb739514d08efef093adf5e1813db6333ec Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Tue, 22 Feb 2011 13:13:53 +0100 -Subject: [PATCH] nss: do not ignore failure of SSL handshake - -Flaw introduced in fc77790 and present in curl-7.21.4. -Bug: https://bugzilla.redhat.com/669702#c16 ---- - lib/nss.c | 12 ++++++++---- - 1 files changed, 8 insertions(+), 4 deletions(-) - -diff --git a/lib/nss.c b/lib/nss.c -index d26ad5b..be26253 100644 ---- a/lib/nss.c -+++ b/lib/nss.c -@@ -1157,7 +1157,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) - struct SessionHandle *data = conn->data; - curl_socket_t sockfd = conn->sock[sockindex]; - struct ssl_connect_data *connssl = &conn->ssl[sockindex]; -- int curlerr; -+ CURLcode curlerr; - const int *cipher_to_enable; - PRSocketOptionData sock_opt; - long time_left; -@@ -1289,9 +1289,13 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) - NULL) != SECSuccess) - goto error; - -- if(data->set.ssl.verifypeer && (CURLE_OK != -- (curlerr = nss_load_ca_certificates(conn, sockindex)))) -- goto error; -+ if(data->set.ssl.verifypeer) { -+ const CURLcode rv = nss_load_ca_certificates(conn, sockindex); -+ if(CURLE_OK != rv) { -+ curlerr = rv; -+ goto error; -+ } -+ } - - if (data->set.ssl.CRLfile) { - if(SECSuccess != nss_load_crl(data->set.ssl.CRLfile)) { --- -1.7.4 - diff --git a/0102-curl-7.21.2-debug.patch b/0102-curl-7.21.2-debug.patch index 883128e..48db08d 100644 --- a/0102-curl-7.21.2-debug.patch +++ b/0102-curl-7.21.2-debug.patch @@ -6,7 +6,7 @@ diff --git a/configure b/configure index d3ecf69..6d8f085 100755 --- a/configure +++ b/configure -@@ -14204,18 +14204,11 @@ $as_echo "yes" >&6; } +@@ -14222,18 +14222,11 @@ $as_echo "yes" >&6; } gccvhi=`echo $gccver | cut -d . -f1` gccvlo=`echo $gccver | cut -d . -f2` compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null` diff --git a/0105-curl-7.21.3-disable-test1112.patch b/0105-curl-7.21.3-disable-test1112.patch index 72553a1..dad74c8 100644 --- a/0105-curl-7.21.3-disable-test1112.patch +++ b/0105-curl-7.21.3-disable-test1112.patch @@ -19,7 +19,7 @@ diff --git a/tests/data/Makefile.in b/tests/data/Makefile.in index 435b126..1d71c4e 100644 --- a/tests/data/Makefile.in +++ b/tests/data/Makefile.in -@@ -304,7 +304,7 @@ EXTRA_DIST = test1 test108 test117 test1 +@@ -307,7 +307,7 @@ EXTRA_DIST = test1 test108 test117 test1 test561 test1098 test1099 test562 test563 test1100 test564 test1101 \ test1102 test1103 test1104 test299 test310 test311 test312 test1105 \ test565 test800 test1106 test801 test566 test802 test803 test1107 \ diff --git a/curl-7.21.4.tar.lzma.asc b/curl-7.21.4.tar.lzma.asc deleted file mode 100644 index 4cc922a..0000000 --- a/curl-7.21.4.tar.lzma.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.10 (GNU/Linux) - -iEYEABECAAYFAk1dEroACgkQeOEcayedXJGnzwCeJ5QDI1+tKSme9fnZDRAetcQ5 -KpkAoOqmXiQVgqVLJWWIS9wbhUt+tNcL -=2k/t ------END PGP SIGNATURE----- diff --git a/curl-7.21.5.tar.lzma.asc b/curl-7.21.5.tar.lzma.asc new file mode 100644 index 0000000..ff85e5e --- /dev/null +++ b/curl-7.21.5.tar.lzma.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.11 (GNU/Linux) + +iEYEABECAAYFAk2rWlwACgkQeOEcayedXJGj9QCgwoc5sTOksar5Kp6ubovsI7Rg +/hwAnRgipolUHWrR4J0QhxDX3FzuAib3 +=AjpZ +-----END PGP SIGNATURE----- diff --git a/curl.spec b/curl.spec index f50bfa1..c104b3e 100644 --- a/curl.spec +++ b/curl.spec @@ -1,19 +1,13 @@ Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Name: curl -Version: 7.21.4 -Release: 4%{?dist} +Version: 7.21.5 +Release: 1%{?dist} License: MIT Group: Applications/Internet Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma Source2: curlbuild.h Source3: hide_selinux.c -# avoid memory leak on SSL connection failure -Patch1: 0001-curl-7.21.4-a40f58d.patch - -# do not ignore failure of SSL handshake -Patch2: 0002-curl-7.21.4-7aa2d10.patch - # patch making libcurl multilib ready Patch101: 0101-curl-7.21.1-multilib.patch @@ -112,10 +106,6 @@ for f in CHANGES README; do mv -f ${f}.utf8 ${f} done -# upstream patches (already applied) -%patch1 -p1 -%patch2 -p1 - # Fedora patches %patch101 -p1 %patch102 -p1 @@ -228,6 +218,9 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/aclocal/libcurl.m4 %changelog +* Mon Apr 18 2011 Kamil Dudka 7.21.5-1 +- new upstream release + * Sat Apr 16 2011 Peter Robinson 7.21.4-4 - no valgrind on ARMv5 arches diff --git a/sources b/sources index 1bce10d..8ff9e2a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -074fa396afe3dbf10163c05756a5a85d curl-7.21.4.tar.lzma +decd5586c2bd0496ca562dc8a7244e24 curl-7.21.5.tar.lzma