From 6333bbf4956fe55bfef0c3fb0430e96245c9a5e2 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Wed, 29 Jun 2022 17:37:03 +0200 Subject: [PATCH] Related: CVE-2022-32207 - fix build failure caused by openldap rebase [...] make[2]: Leaving directory '/builddir/build/BUILD/curl-7.76.1/build-full/lib' ../../lib/openldap.c:83:17: error: conflicting types for 'ldap_connect'; have 'CURLcode(struct Curl_easy *, _Bool *)' 83 | static CURLcode ldap_connect(struct Curl_easy *data, bool *done); | ^~~~~~~~~~~~ In file included from ../../lib/openldap.c:39: /usr/include/ldap.h:1555:1: note: previous declaration of 'ldap_connect' with type 'int(LDAP *)' {aka 'int(struct ldap *)'} 1555 | ldap_connect( LDAP *ld ); | ^~~~~~~~~~~~ --- 0020-curl-7.76.1-openldap-rebase.patch | 186 +++++++++++++++++++++++++ curl.spec | 4 + 2 files changed, 190 insertions(+) create mode 100644 0020-curl-7.76.1-openldap-rebase.patch diff --git a/0020-curl-7.76.1-openldap-rebase.patch b/0020-curl-7.76.1-openldap-rebase.patch new file mode 100644 index 0000000..65870b5 --- /dev/null +++ b/0020-curl-7.76.1-openldap-rebase.patch @@ -0,0 +1,186 @@ +From c2acc48854be9f8590e57a7b44b649fb8537bed4 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Tue, 4 May 2021 16:14:13 +0200 +Subject: [PATCH] openldap: replace ldap_ prefix on private functions +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Since openldap itself uses that prefix and with OpenĹDAP 2.5.4 (at +least) there's a symbol collision because of that. + +The private functions now use the 'oldap_' prefix where it previously +used 'ldap_'. + +Reported-by: 3eka on github +Fixes #7004 +Closes #7005 + +Upstream-commit: 8bdde6b14ce3b5fd71c772a578fcbd4b6fa6df19 +Signed-off-by: Kamil Dudka +--- + lib/openldap.c | 67 +++++++++++++++++++++++++------------------------- + 1 file changed, 34 insertions(+), 33 deletions(-) + +diff --git a/lib/openldap.c b/lib/openldap.c +index b515554..5a32c74 100644 +--- a/lib/openldap.c ++++ b/lib/openldap.c +@@ -76,16 +76,16 @@ extern int ldap_init_fd(ber_socket_t fd, int proto, const char *url, + LDAP **ld); + #endif + +-static CURLcode ldap_setup_connection(struct Curl_easy *data, +- struct connectdata *conn); +-static CURLcode ldap_do(struct Curl_easy *data, bool *done); +-static CURLcode ldap_done(struct Curl_easy *data, CURLcode, bool); +-static CURLcode ldap_connect(struct Curl_easy *data, bool *done); +-static CURLcode ldap_connecting(struct Curl_easy *data, bool *done); +-static CURLcode ldap_disconnect(struct Curl_easy *data, +- struct connectdata *conn, bool dead); ++static CURLcode oldap_setup_connection(struct Curl_easy *data, ++ struct connectdata *conn); ++static CURLcode oldap_do(struct Curl_easy *data, bool *done); ++static CURLcode oldap_done(struct Curl_easy *data, CURLcode, bool); ++static CURLcode oldap_connect(struct Curl_easy *data, bool *done); ++static CURLcode oldap_connecting(struct Curl_easy *data, bool *done); ++static CURLcode oldap_disconnect(struct Curl_easy *data, ++ struct connectdata *conn, bool dead); + +-static Curl_recv ldap_recv; ++static Curl_recv oldap_recv; + + /* + * LDAP protocol handler. +@@ -93,18 +93,18 @@ static Curl_recv ldap_recv; + + const struct Curl_handler Curl_handler_ldap = { + "LDAP", /* scheme */ +- ldap_setup_connection, /* setup_connection */ +- ldap_do, /* do_it */ +- ldap_done, /* done */ ++ oldap_setup_connection, /* setup_connection */ ++ oldap_do, /* do_it */ ++ oldap_done, /* done */ + ZERO_NULL, /* do_more */ +- ldap_connect, /* connect_it */ +- ldap_connecting, /* connecting */ ++ oldap_connect, /* connect_it */ ++ oldap_connecting, /* connecting */ + ZERO_NULL, /* doing */ + ZERO_NULL, /* proto_getsock */ + ZERO_NULL, /* doing_getsock */ + ZERO_NULL, /* domore_getsock */ + ZERO_NULL, /* perform_getsock */ +- ldap_disconnect, /* disconnect */ ++ oldap_disconnect, /* disconnect */ + ZERO_NULL, /* readwrite */ + ZERO_NULL, /* connection_check */ + ZERO_NULL, /* attach connection */ +@@ -121,18 +121,18 @@ const struct Curl_handler Curl_handler_ldap = { + + const struct Curl_handler Curl_handler_ldaps = { + "LDAPS", /* scheme */ +- ldap_setup_connection, /* setup_connection */ +- ldap_do, /* do_it */ +- ldap_done, /* done */ ++ oldap_setup_connection, /* setup_connection */ ++ oldap_do, /* do_it */ ++ oldap_done, /* done */ + ZERO_NULL, /* do_more */ +- ldap_connect, /* connect_it */ +- ldap_connecting, /* connecting */ ++ oldap_connect, /* connect_it */ ++ oldap_connecting, /* connecting */ + ZERO_NULL, /* doing */ + ZERO_NULL, /* proto_getsock */ + ZERO_NULL, /* doing_getsock */ + ZERO_NULL, /* domore_getsock */ + ZERO_NULL, /* perform_getsock */ +- ldap_disconnect, /* disconnect */ ++ oldap_disconnect, /* disconnect */ + ZERO_NULL, /* readwrite */ + ZERO_NULL, /* connection_check */ + ZERO_NULL, /* attach connection */ +@@ -173,8 +173,8 @@ struct ldapreqinfo { + int nument; + }; + +-static CURLcode ldap_setup_connection(struct Curl_easy *data, +- struct connectdata *conn) ++static CURLcode oldap_setup_connection(struct Curl_easy *data, ++ struct connectdata *conn) + { + struct ldapconninfo *li; + LDAPURLDesc *lud; +@@ -209,7 +209,7 @@ static CURLcode ldap_setup_connection(struct Curl_easy *data, + static Sockbuf_IO ldapsb_tls; + #endif + +-static CURLcode ldap_connect(struct Curl_easy *data, bool *done) ++static CURLcode oldap_connect(struct Curl_easy *data, bool *done) + { + struct connectdata *conn = data->conn; + struct ldapconninfo *li = conn->proto.ldapc; +@@ -257,7 +257,7 @@ static CURLcode ldap_connect(struct Curl_easy *data, bool *done) + return CURLE_OK; + } + +-static CURLcode ldap_connecting(struct Curl_easy *data, bool *done) ++static CURLcode oldap_connecting(struct Curl_easy *data, bool *done) + { + struct connectdata *conn = data->conn; + struct ldapconninfo *li = conn->proto.ldapc; +@@ -356,14 +356,15 @@ static CURLcode ldap_connecting(struct Curl_easy *data, bool *done) + + if(info) + ldap_memfree(info); +- conn->recv[FIRSTSOCKET] = ldap_recv; ++ conn->recv[FIRSTSOCKET] = oldap_recv; + *done = TRUE; + + return CURLE_OK; + } + +-static CURLcode ldap_disconnect(struct Curl_easy *data, +- struct connectdata *conn, bool dead_connection) ++static CURLcode oldap_disconnect(struct Curl_easy *data, ++ struct connectdata *conn, ++ bool dead_connection) + { + struct ldapconninfo *li = conn->proto.ldapc; + (void) dead_connection; +@@ -384,7 +385,7 @@ static CURLcode ldap_disconnect(struct Curl_easy *data, + return CURLE_OK; + } + +-static CURLcode ldap_do(struct Curl_easy *data, bool *done) ++static CURLcode oldap_do(struct Curl_easy *data, bool *done) + { + struct connectdata *conn = data->conn; + struct ldapconninfo *li = conn->proto.ldapc; +@@ -429,8 +430,8 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) + return CURLE_OK; + } + +-static CURLcode ldap_done(struct Curl_easy *data, CURLcode res, +- bool premature) ++static CURLcode oldap_done(struct Curl_easy *data, CURLcode res, ++ bool premature) + { + struct connectdata *conn = data->conn; + struct ldapreqinfo *lr = data->req.p.ldap; +@@ -452,8 +453,8 @@ static CURLcode ldap_done(struct Curl_easy *data, CURLcode res, + return CURLE_OK; + } + +-static ssize_t ldap_recv(struct Curl_easy *data, int sockindex, char *buf, +- size_t len, CURLcode *err) ++static ssize_t oldap_recv(struct Curl_easy *data, int sockindex, char *buf, ++ size_t len, CURLcode *err) + { + struct connectdata *conn = data->conn; + struct ldapconninfo *li = conn->proto.ldapc; +-- +2.35.3 + diff --git a/curl.spec b/curl.spec index fcc5afb..3660f44 100644 --- a/curl.spec +++ b/curl.spec @@ -59,6 +59,9 @@ Patch17: 0017-curl-7.76.1-CVE-2022-32206.patch # fix unpreserved file permissions (CVE-2022-32207) Patch19: 0019-curl-7.76.1-CVE-2022-32207.patch +# fix build failure caused by openldap rebase (#2094159) +Patch20: 0020-curl-7.76.1-openldap-rebase.patch + # patch making libcurl multilib ready Patch101: 0101-curl-7.32.0-multilib.patch @@ -252,6 +255,7 @@ be installed. %patch16 -p1 %patch17 -p1 %patch19 -p1 +%patch20 -p1 # Fedora patches %patch101 -p1