import curl-7.61.1-11.el8
This commit is contained in:
commit
96ffed0bbf
1
.curl.metadata
Normal file
1
.curl.metadata
Normal file
@ -0,0 +1 @@
|
||||
8b56123714b4e061f0f71005c5be598b12f82483 SOURCES/curl-7.61.1.tar.xz
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
SOURCES/curl-7.61.1.tar.xz
|
63
SOURCES/0001-curl-7.61.1-test320-gnutls.patch
Normal file
63
SOURCES/0001-curl-7.61.1-test320-gnutls.patch
Normal file
@ -0,0 +1,63 @@
|
||||
From 3cd5b375e31fb98e4782dc3a77e7316ad9eb26cf Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Thu, 4 Oct 2018 15:34:13 +0200
|
||||
Subject: [PATCH] test320: strip out more HTML when comparing
|
||||
|
||||
To make the test case work with different gnutls-serv versions better.
|
||||
|
||||
Reported-by: Kamil Dudka
|
||||
Fixes #3093
|
||||
Closes #3094
|
||||
|
||||
Upstream-commit: 94ad57b0246b5658c2a9139dbe6a80efa4c4e2f3
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
tests/data/test320 | 24 ++++--------------------
|
||||
1 file changed, 4 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/tests/data/test320 b/tests/data/test320
|
||||
index 457a11eb2..87311d4f2 100644
|
||||
--- a/tests/data/test320
|
||||
+++ b/tests/data/test320
|
||||
@@ -62,34 +62,18 @@ simple TLS-SRP HTTPS GET, check user in response
|
||||
HTTP/1.0 200 OK
|
||||
Content-type: text/html
|
||||
|
||||
-
|
||||
-<HTML><BODY>
|
||||
-<CENTER><H1>This is <a href="http://www.gnu.org/software/gnutls">GnuTLS</a></H1></CENTER>
|
||||
-
|
||||
-
|
||||
-
|
||||
-<h5>If your browser supports session resuming, then you should see the same session ID, when you press the <b>reload</b> button.</h5>
|
||||
-<p>Connected as user 'jsmith'.</p>
|
||||
-<P>
|
||||
-<TABLE border=1><TR><TD></TD></TR>
|
||||
-<TR><TD>Key Exchange:</TD><TD>SRP</TD></TR>
|
||||
-<TR><TD>Compression</TD><TD>NULL</TD></TR>
|
||||
-<TR><TD>Cipher</TD><TD>AES-NNN-CBC</TD></TR>
|
||||
-<TR><TD>MAC</TD><TD>SHA1</TD></TR>
|
||||
-<TR><TD>Ciphersuite</TD><TD>SRP_SHA_AES_NNN_CBC_SHA1</TD></TR></p></TABLE>
|
||||
-<hr><P>Your HTTP header was:<PRE>Host: %HOSTIP:%HTTPTLSPORT
|
||||
+FINE
|
||||
User-Agent: curl-test-suite
|
||||
Accept: */*
|
||||
|
||||
-</PRE></P>
|
||||
-</BODY></HTML>
|
||||
-
|
||||
</file>
|
||||
<stripfile>
|
||||
-s/^<p>Session ID:.*//
|
||||
+s/^<p>Connected as user 'jsmith'.*/FINE/
|
||||
s/Protocol version:.*[0-9]//
|
||||
s/GNUTLS/GnuTLS/
|
||||
s/(AES[-_])\d\d\d([-_]CBC)/$1NNN$2/
|
||||
+s/^<.*\n//
|
||||
+s/^\n//
|
||||
</stripfile>
|
||||
</verify>
|
||||
|
||||
--
|
||||
2.17.1
|
||||
|
28
SOURCES/0002-curl-7.61.1-tlsv1.0-man.patch
Normal file
28
SOURCES/0002-curl-7.61.1-tlsv1.0-man.patch
Normal file
@ -0,0 +1,28 @@
|
||||
From c574e05b0035f0d78e6bf6040d3f80430112ab4f Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Fri, 7 Sep 2018 16:50:45 +0200
|
||||
Subject: [PATCH] docs/cmdline-opts: update the documentation of --tlsv1.0
|
||||
|
||||
... to reflect the changes in 6015cefb1b2cfde4b4850121c42405275e5e77d9
|
||||
|
||||
Closes #2955
|
||||
|
||||
Upstream-commit: 9ba22ce6b52751ed1e2abdd177b0a1d241819b4e
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
docs/cmdline-opts/tlsv1.0.d | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/docs/cmdline-opts/tlsv1.0.d b/docs/cmdline-opts/tlsv1.0.d
|
||||
index 8789025e0..54e259682 100644
|
||||
--- a/docs/cmdline-opts/tlsv1.0.d
|
||||
+++ b/docs/cmdline-opts/tlsv1.0.d
|
||||
@@ -3,4 +3,4 @@ Help: Use TLSv1.0
|
||||
Protocols: TLS
|
||||
Added: 7.34.0
|
||||
---
|
||||
-Forces curl to use TLS version 1.0 when connecting to a remote TLS server.
|
||||
+Forces curl to use TLS version 1.0 or later when connecting to a remote TLS server.
|
||||
--
|
||||
2.17.1
|
||||
|
46
SOURCES/0003-curl-7.61.1-TLS-1.3-PHA.patch
Normal file
46
SOURCES/0003-curl-7.61.1-TLS-1.3-PHA.patch
Normal file
@ -0,0 +1,46 @@
|
||||
From bb8ad3da3fb4ab3f6556daa1f67b259c12a3c7de Mon Sep 17 00:00:00 2001
|
||||
From: Christian Heimes <christian@python.org>
|
||||
Date: Fri, 21 Sep 2018 10:37:43 +0200
|
||||
Subject: [PATCH] OpenSSL: enable TLS 1.3 post-handshake auth
|
||||
|
||||
OpenSSL 1.1.1 requires clients to opt-in for post-handshake
|
||||
authentication.
|
||||
|
||||
Fixes: https://github.com/curl/curl/issues/3026
|
||||
Signed-off-by: Christian Heimes <christian@python.org>
|
||||
|
||||
Closes https://github.com/curl/curl/pull/3027
|
||||
|
||||
Upstream-commit: b939bc47b27cd57c6ebb852ad653933e4124b452
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/vtls/openssl.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
|
||||
index a487f55..78970d1 100644
|
||||
--- a/lib/vtls/openssl.c
|
||||
+++ b/lib/vtls/openssl.c
|
||||
@@ -178,6 +178,7 @@ static unsigned long OpenSSL_version_num(void)
|
||||
!defined(LIBRESSL_VERSION_NUMBER) && \
|
||||
!defined(OPENSSL_IS_BORINGSSL))
|
||||
#define HAVE_SSL_CTX_SET_CIPHERSUITES
|
||||
+#define HAVE_SSL_CTX_SET_POST_HANDSHAKE_AUTH
|
||||
#endif
|
||||
|
||||
#if defined(LIBRESSL_VERSION_NUMBER)
|
||||
@@ -2467,6 +2468,11 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
|
||||
}
|
||||
#endif
|
||||
|
||||
+#ifdef HAVE_SSL_CTX_SET_POST_HANDSHAKE_AUTH
|
||||
+ /* OpenSSL 1.1.1 requires clients to opt-in for PHA */
|
||||
+ SSL_CTX_set_post_handshake_auth(BACKEND->ctx, 1);
|
||||
+#endif
|
||||
+
|
||||
#ifdef USE_TLS_SRP
|
||||
if(ssl_authtype == CURL_TLSAUTH_SRP) {
|
||||
char * const ssl_username = SSL_SET_OPTION(username);
|
||||
--
|
||||
2.17.1
|
||||
|
81
SOURCES/0004-curl-7.61.1-CVE-2018-16842.patch
Normal file
81
SOURCES/0004-curl-7.61.1-CVE-2018-16842.patch
Normal file
@ -0,0 +1,81 @@
|
||||
From 27d6c92acdac671ddf8f77f72956b2181561f774 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Sun, 28 Oct 2018 01:33:23 +0200
|
||||
Subject: [PATCH 1/2] voutf: fix bad arethmetic when outputting warnings to
|
||||
stderr
|
||||
|
||||
CVE-2018-16842
|
||||
Reported-by: Brian Carpenter
|
||||
Bug: https://curl.haxx.se/docs/CVE-2018-16842.html
|
||||
|
||||
Upstream-commit: d530e92f59ae9bb2d47066c3c460b25d2ffeb211
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
src/tool_msgs.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/tool_msgs.c b/src/tool_msgs.c
|
||||
index 9cce806..05bec39 100644
|
||||
--- a/src/tool_msgs.c
|
||||
+++ b/src/tool_msgs.c
|
||||
@@ -67,7 +67,7 @@ static void voutf(struct GlobalConfig *config,
|
||||
(void)fwrite(ptr, cut + 1, 1, config->errors);
|
||||
fputs("\n", config->errors);
|
||||
ptr += cut + 1; /* skip the space too */
|
||||
- len -= cut;
|
||||
+ len -= cut + 1;
|
||||
}
|
||||
else {
|
||||
fputs(ptr, config->errors);
|
||||
--
|
||||
2.17.2
|
||||
|
||||
|
||||
From 23f8c641b02e6c302d0e8cc5a5ee225a33b01f28 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Sun, 28 Oct 2018 10:43:57 +0100
|
||||
Subject: [PATCH 2/2] test2080: verify the fix for CVE-2018-16842
|
||||
|
||||
Upstream-commit: 350306e4726b71b5b386fc30e3fecc039a807157
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
tests/data/Makefile.inc | 4 ++--
|
||||
tests/data/test2080 | Bin 0 -> 20659 bytes
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
create mode 100644 tests/data/test2080
|
||||
|
||||
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
|
||||
index e045748..aa5fff0 100644
|
||||
--- a/tests/data/Makefile.inc
|
||||
+++ b/tests/data/Makefile.inc
|
||||
@@ -198,7 +198,7 @@ test2048 test2049 test2050 test2051 test2052 test2053 test2054 test2055 \
|
||||
test2056 test2057 test2058 test2059 test2060 test2061 test2062 test2063 \
|
||||
test2064 test2065 test2066 test2067 test2068 test2069 \
|
||||
\
|
||||
-test2070 test2071 test2072 test2073 \
|
||||
-test2074 test2075 \
|
||||
+test2070 test2071 test2072 test2073 test2074 test2075 \
|
||||
+test2080 \
|
||||
\
|
||||
test3000 test3001
|
||||
diff --git a/tests/data/test2080 b/tests/data/test2080
|
||||
new file mode 100644
|
||||
index 0000000000000000000000000000000000000000..47e376ecb5d7879c0a98e392bff48ccc52e9db0a
|
||||
GIT binary patch
|
||||
literal 20659
|
||||
zcmeI)Pj3@35QkyT{uI*`iBshYE(n>u@JB+F3kdG+t~asjwJY0gl}``eO+)FONU8ef
|
||||
zl6Ca+%<OZ|nCeRHZE>A4K8~q<UAgUD%0ubY=PwtZRG;GL*UIRJ-;Lfy)u}p_A1>dz
|
||||
zd{+G6l*#ToY+DU||F9%J1n*+KPxQ;7MapuoQ!&MMQSXmpqMh0_yS6g=;N;HNjilBk
|
||||
zY$c?)mULZxib{;$g~jw~nrs|8b@sJI)_QmS_4(WLrNld}2Y0LEO$e>m->_NA&o$n!
|
||||
z9^YDZ>cvMs2q1s}0tg_000PG)@a?$9VHyMwKmY**5I_I{1Q0m1z~!MEP#*yV5I_I{
|
||||
z1Q0*~0R#|0009ILKmY**4ldvh-hl=PAb<b@2q1s}0tg`Rgaqum{m<+P&C93=Ab<b@
|
||||
z2q1s}0tg_0z|jf3Ji3V(2mu5TK;StGoIK~3=iL!N0D=D{@VjlsoA=?(>-+Xw`j-8D
|
||||
zzg+g?Rt8(G*s;1Sb>n1S94H%G<kGn)tFlRTrA%AW*RoyP3pi(fe!mc3WU^sQd2)l4
|
||||
jB)+~1L0rx$OS-AbERTH}TH`mZ^*=|W_vMU!*i-li)g+9V
|
||||
|
||||
literal 0
|
||||
HcmV?d00001
|
||||
|
||||
--
|
||||
2.17.2
|
||||
|
39
SOURCES/0005-curl-7.61.1-CVE-2018-16840.patch
Normal file
39
SOURCES/0005-curl-7.61.1-CVE-2018-16840.patch
Normal file
@ -0,0 +1,39 @@
|
||||
From 235f209a0e62edee654be441a50bb0c154edeaa5 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Thu, 18 Oct 2018 15:07:15 +0200
|
||||
Subject: [PATCH] Curl_close: clear data->multi_easy on free to avoid
|
||||
use-after-free
|
||||
|
||||
Regression from b46cfbc068 (7.59.0)
|
||||
CVE-2018-16840
|
||||
Reported-by: Brian Carpenter (Geeknik Labs)
|
||||
|
||||
Bug: https://curl.haxx.se/docs/CVE-2018-16840.html
|
||||
|
||||
Upstream-commit: 81d135d67155c5295b1033679c606165d4e28f3f
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/url.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/url.c b/lib/url.c
|
||||
index f159008..dcc1ecc 100644
|
||||
--- a/lib/url.c
|
||||
+++ b/lib/url.c
|
||||
@@ -319,10 +319,12 @@ CURLcode Curl_close(struct Curl_easy *data)
|
||||
and detach this handle from there. */
|
||||
curl_multi_remove_handle(data->multi, data);
|
||||
|
||||
- if(data->multi_easy)
|
||||
+ if(data->multi_easy) {
|
||||
/* when curl_easy_perform() is used, it creates its own multi handle to
|
||||
use and this is the one */
|
||||
curl_multi_cleanup(data->multi_easy);
|
||||
+ data->multi_easy = NULL;
|
||||
+ }
|
||||
|
||||
/* Destroy the timeout list that is held in the easy handle. It is
|
||||
/normally/ done by curl_multi_remove_handle() but this is "just in
|
||||
--
|
||||
2.17.2
|
||||
|
31
SOURCES/0006-curl-7.61.1-CVE-2018-16839.patch
Normal file
31
SOURCES/0006-curl-7.61.1-CVE-2018-16839.patch
Normal file
@ -0,0 +1,31 @@
|
||||
From ad9943254ded9a983af7d581e8a1f3317e8a8781 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Fri, 28 Sep 2018 16:08:16 +0200
|
||||
Subject: [PATCH] Curl_auth_create_plain_message: fix too-large-input-check
|
||||
|
||||
CVE-2018-16839
|
||||
Reported-by: Harry Sintonen
|
||||
Bug: https://curl.haxx.se/docs/CVE-2018-16839.html
|
||||
|
||||
Upstream-commit: f3a24d7916b9173c69a3e0ee790102993833d6c5
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/vauth/cleartext.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c
|
||||
index 5d61ce6..1367143 100644
|
||||
--- a/lib/vauth/cleartext.c
|
||||
+++ b/lib/vauth/cleartext.c
|
||||
@@ -74,7 +74,7 @@ CURLcode Curl_auth_create_plain_message(struct Curl_easy *data,
|
||||
plen = strlen(passwdp);
|
||||
|
||||
/* Compute binary message length. Check for overflows. */
|
||||
- if((ulen > SIZE_T_MAX/2) || (plen > (SIZE_T_MAX/2 - 2)))
|
||||
+ if((ulen > SIZE_T_MAX/4) || (plen > (SIZE_T_MAX/2 - 2)))
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
plainlen = 2 * ulen + plen + 2;
|
||||
|
||||
--
|
||||
2.17.2
|
||||
|
116
SOURCES/0007-curl-7.63.0-JO-preserve-local-file.patch
Normal file
116
SOURCES/0007-curl-7.63.0-JO-preserve-local-file.patch
Normal file
@ -0,0 +1,116 @@
|
||||
From ff74657fb645e7175971128a171ef7d5ece40d77 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Mon, 17 Dec 2018 12:51:51 +0100
|
||||
Subject: [PATCH] curl -J: do not append to the destination file
|
||||
|
||||
Reported-by: Kamil Dudka
|
||||
Fixes #3380
|
||||
Closes #3381
|
||||
|
||||
Upstream-commit: 4849267197682e69cfa056c2bd7a44acd123a917
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
src/tool_cb_hdr.c | 6 +++---
|
||||
src/tool_cb_wrt.c | 9 ++++-----
|
||||
src/tool_cb_wrt.h | 2 +-
|
||||
src/tool_operate.c | 2 +-
|
||||
4 files changed, 9 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
|
||||
index 84b0d9c..3844904 100644
|
||||
--- a/src/tool_cb_hdr.c
|
||||
+++ b/src/tool_cb_hdr.c
|
||||
@@ -148,12 +148,12 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
|
||||
outs->filename = filename;
|
||||
outs->alloc_filename = TRUE;
|
||||
hdrcbdata->honor_cd_filename = FALSE; /* done now! */
|
||||
- if(!tool_create_output_file(outs, TRUE))
|
||||
+ if(!tool_create_output_file(outs))
|
||||
return failure;
|
||||
}
|
||||
break;
|
||||
}
|
||||
- if(!outs->stream && !tool_create_output_file(outs, FALSE))
|
||||
+ if(!outs->stream && !tool_create_output_file(outs))
|
||||
return failure;
|
||||
}
|
||||
|
||||
@@ -162,7 +162,7 @@ size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
|
||||
/* bold headers only happen for HTTP(S) and RTSP */
|
||||
char *value = NULL;
|
||||
|
||||
- if(!outs->stream && !tool_create_output_file(outs, FALSE))
|
||||
+ if(!outs->stream && !tool_create_output_file(outs))
|
||||
return failure;
|
||||
|
||||
if(hdrcbdata->global->isatty && hdrcbdata->global->styled_output)
|
||||
diff --git a/src/tool_cb_wrt.c b/src/tool_cb_wrt.c
|
||||
index 2cb5e1b..195d6e7 100644
|
||||
--- a/src/tool_cb_wrt.c
|
||||
+++ b/src/tool_cb_wrt.c
|
||||
@@ -32,8 +32,7 @@
|
||||
#include "memdebug.h" /* keep this as LAST include */
|
||||
|
||||
/* create a local file for writing, return TRUE on success */
|
||||
-bool tool_create_output_file(struct OutStruct *outs,
|
||||
- bool append)
|
||||
+bool tool_create_output_file(struct OutStruct *outs)
|
||||
{
|
||||
struct GlobalConfig *global = outs->config->global;
|
||||
FILE *file;
|
||||
@@ -43,7 +42,7 @@ bool tool_create_output_file(struct OutStruct *outs,
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
- if(outs->is_cd_filename && !append) {
|
||||
+ if(outs->is_cd_filename) {
|
||||
/* don't overwrite existing files */
|
||||
file = fopen(outs->filename, "rb");
|
||||
if(file) {
|
||||
@@ -55,7 +54,7 @@ bool tool_create_output_file(struct OutStruct *outs,
|
||||
}
|
||||
|
||||
/* open file for writing */
|
||||
- file = fopen(outs->filename, append?"ab":"wb");
|
||||
+ file = fopen(outs->filename, "wb");
|
||||
if(!file) {
|
||||
warnf(global, "Failed to create the file %s: %s\n", outs->filename,
|
||||
strerror(errno));
|
||||
@@ -142,7 +141,7 @@ size_t tool_write_cb(char *buffer, size_t sz, size_t nmemb, void *userdata)
|
||||
}
|
||||
#endif
|
||||
|
||||
- if(!outs->stream && !tool_create_output_file(outs, FALSE))
|
||||
+ if(!outs->stream && !tool_create_output_file(outs))
|
||||
return failure;
|
||||
|
||||
if(is_tty && (outs->bytes < 2000) && !config->terminal_binary_ok) {
|
||||
diff --git a/src/tool_cb_wrt.h b/src/tool_cb_wrt.h
|
||||
index 51e002b..188d3ea 100644
|
||||
--- a/src/tool_cb_wrt.h
|
||||
+++ b/src/tool_cb_wrt.h
|
||||
@@ -30,7 +30,7 @@
|
||||
size_t tool_write_cb(char *buffer, size_t sz, size_t nmemb, void *userdata);
|
||||
|
||||
/* create a local file for writing, return TRUE on success */
|
||||
-bool tool_create_output_file(struct OutStruct *outs, bool append);
|
||||
+bool tool_create_output_file(struct OutStruct *outs);
|
||||
|
||||
#endif /* HEADER_CURL_TOOL_CB_WRT_H */
|
||||
|
||||
diff --git a/src/tool_operate.c b/src/tool_operate.c
|
||||
index e53a9d8..429e9cf 100644
|
||||
--- a/src/tool_operate.c
|
||||
+++ b/src/tool_operate.c
|
||||
@@ -1581,7 +1581,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
|
||||
/* do not create (or even overwrite) the file in case we get no
|
||||
data because of unmet condition */
|
||||
curl_easy_getinfo(curl, CURLINFO_CONDITION_UNMET, &cond_unmet);
|
||||
- if(!cond_unmet && !tool_create_output_file(&outs, FALSE))
|
||||
+ if(!cond_unmet && !tool_create_output_file(&outs))
|
||||
result = CURLE_WRITE_ERROR;
|
||||
}
|
||||
|
||||
--
|
||||
2.17.2
|
||||
|
4776
SOURCES/0008-curl-7.61.1-CVE-2018-20483.patch
Normal file
4776
SOURCES/0008-curl-7.61.1-CVE-2018-20483.patch
Normal file
File diff suppressed because it is too large
Load Diff
36
SOURCES/0009-curl-7.61.1-CVE-2018-16890.patch
Normal file
36
SOURCES/0009-curl-7.61.1-CVE-2018-16890.patch
Normal file
@ -0,0 +1,36 @@
|
||||
From 81c0e81531623251a0e78f7779c049f530abe733 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Wed, 2 Jan 2019 20:33:08 +0100
|
||||
Subject: [PATCH] NTLM: fix size check condition for type2 received data
|
||||
|
||||
Bug: https://curl.haxx.se/docs/CVE-2018-16890.html
|
||||
Reported-by: Wenxiang Qian
|
||||
CVE-2018-16890
|
||||
|
||||
Upstream-commit: b780b30d1377adb10bbe774835f49e9b237fb9bb
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/vauth/ntlm.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
|
||||
index cdb8d8f..b614cda 100644
|
||||
--- a/lib/vauth/ntlm.c
|
||||
+++ b/lib/vauth/ntlm.c
|
||||
@@ -182,10 +182,11 @@ static CURLcode ntlm_decode_type2_target(struct Curl_easy *data,
|
||||
target_info_len = Curl_read16_le(&buffer[40]);
|
||||
target_info_offset = Curl_read32_le(&buffer[44]);
|
||||
if(target_info_len > 0) {
|
||||
- if(((target_info_offset + target_info_len) > size) ||
|
||||
+ if((target_info_offset >= size) ||
|
||||
+ ((target_info_offset + target_info_len) > size) ||
|
||||
(target_info_offset < 48)) {
|
||||
infof(data, "NTLM handshake failure (bad type-2 message). "
|
||||
- "Target Info Offset Len is set incorrect by the peer\n");
|
||||
+ "Target Info Offset Len is set incorrect by the peer\n");
|
||||
return CURLE_BAD_CONTENT_ENCODING;
|
||||
}
|
||||
|
||||
--
|
||||
2.17.2
|
||||
|
41
SOURCES/0010-curl-7.61.1-CVE-2019-3822.patch
Normal file
41
SOURCES/0010-curl-7.61.1-CVE-2019-3822.patch
Normal file
@ -0,0 +1,41 @@
|
||||
From ab22e3a00f04b458039c21111cfa448051e5777d Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: Thu, 3 Jan 2019 12:59:28 +0100
|
||||
Subject: [PATCH] ntlm: fix *_type3_message size check to avoid buffer overflow
|
||||
|
||||
Bug: https://curl.haxx.se/docs/CVE-2019-3822.html
|
||||
Reported-by: Wenxiang Qian
|
||||
CVE-2019-3822
|
||||
|
||||
Upstream-commit: 50c9484278c63b958655a717844f0721263939cc
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/vauth/ntlm.c | 11 +++++++----
|
||||
1 file changed, 7 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c
|
||||
index b614cda..a3a55d9 100644
|
||||
--- a/lib/vauth/ntlm.c
|
||||
+++ b/lib/vauth/ntlm.c
|
||||
@@ -777,11 +777,14 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
|
||||
});
|
||||
|
||||
#ifdef USE_NTRESPONSES
|
||||
- if(size < (NTLM_BUFSIZE - ntresplen)) {
|
||||
- DEBUGASSERT(size == (size_t)ntrespoff);
|
||||
- memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen);
|
||||
- size += ntresplen;
|
||||
+ /* ntresplen + size should not be risking an integer overflow here */
|
||||
+ if(ntresplen + size > sizeof(ntlmbuf)) {
|
||||
+ failf(data, "incoming NTLM message too big");
|
||||
+ return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
+ DEBUGASSERT(size == (size_t)ntrespoff);
|
||||
+ memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen);
|
||||
+ size += ntresplen;
|
||||
|
||||
DEBUG_OUT({
|
||||
fprintf(stderr, "\n ntresp=");
|
||||
--
|
||||
2.17.2
|
||||
|
50
SOURCES/0011-curl-7.61.1-CVE-2019-3823.patch
Normal file
50
SOURCES/0011-curl-7.61.1-CVE-2019-3823.patch
Normal file
@ -0,0 +1,50 @@
|
||||
From d26f1025d0a0a6c602d758a2e0917759492473e9 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Gustafsson <daniel@yesql.se>
|
||||
Date: Sat, 19 Jan 2019 00:42:47 +0100
|
||||
Subject: [PATCH] smtp: avoid risk of buffer overflow in strtol
|
||||
|
||||
If the incoming len 5, but the buffer does not have a termination
|
||||
after 5 bytes, the strtol() call may keep reading through the line
|
||||
buffer until is exceeds its boundary. Fix by ensuring that we are
|
||||
using a bounded read with a temporary buffer on the stack.
|
||||
|
||||
Bug: https://curl.haxx.se/docs/CVE-2019-3823.html
|
||||
Reported-by: Brian Carpenter (Geeknik Labs)
|
||||
CVE-2019-3823
|
||||
|
||||
Upstream-commit: 39df4073e5413fcdbb5a38da0c1ce6f1c0ceb484
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/smtp.c | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/lib/smtp.c b/lib/smtp.c
|
||||
index ecf10a4..1b9f92d 100644
|
||||
--- a/lib/smtp.c
|
||||
+++ b/lib/smtp.c
|
||||
@@ -5,7 +5,7 @@
|
||||
* | (__| |_| | _ <| |___
|
||||
* \___|\___/|_| \_\_____|
|
||||
*
|
||||
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
*
|
||||
* This software is licensed as described in the file COPYING, which
|
||||
* you should have received as part of this distribution. The terms
|
||||
@@ -207,8 +207,12 @@ static bool smtp_endofresp(struct connectdata *conn, char *line, size_t len,
|
||||
Section 4. Examples of RFC-4954 but some e-mail servers ignore this and
|
||||
only send the response code instead as per Section 4.2. */
|
||||
if(line[3] == ' ' || len == 5) {
|
||||
+ char tmpline[6];
|
||||
+
|
||||
result = TRUE;
|
||||
- *resp = curlx_sltosi(strtol(line, NULL, 10));
|
||||
+ memset(tmpline, '\0', sizeof(tmpline));
|
||||
+ memcpy(tmpline, line, (len == 5 ? 5 : 3));
|
||||
+ *resp = curlx_sltosi(strtol(tmpline, NULL, 10));
|
||||
|
||||
/* Make sure real server never sends internal value */
|
||||
if(*resp == 1)
|
||||
--
|
||||
2.17.2
|
||||
|
66
SOURCES/0014-curl-7.61.1-libssh-socket.patch
Normal file
66
SOURCES/0014-curl-7.61.1-libssh-socket.patch
Normal file
@ -0,0 +1,66 @@
|
||||
From 095d4cf3b1c388b2871e3783f8c41b1e01200a25 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Felix=20H=C3=A4dicke?= <felixhaedicke@web.de>
|
||||
Date: Wed, 23 Jan 2019 23:47:55 +0100
|
||||
Subject: [PATCH] libssh: do not let libssh create socket
|
||||
|
||||
By default, libssh creates a new socket, instead of using the socket
|
||||
created by curl for SSH connections.
|
||||
|
||||
Pass the socket created by curl to libssh using ssh_options_set() with
|
||||
SSH_OPTIONS_FD directly after ssh_new(). So libssh uses our socket
|
||||
instead of creating a new one.
|
||||
|
||||
This approach is very similar to what is done in the libssh2 code, where
|
||||
the socket created by curl is passed to libssh2 when
|
||||
libssh2_session_startup() is called.
|
||||
|
||||
Fixes #3491
|
||||
Closes #3495
|
||||
|
||||
Upstream-commit: 15c94b310bf9e0c92d71fca5a88eb67a1e2548a6
|
||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||
---
|
||||
lib/ssh-libssh.c | 6 +++++-
|
||||
1 file changed, 5 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/ssh-libssh.c b/lib/ssh-libssh.c
|
||||
index 7d59089..4110be2 100644
|
||||
--- a/lib/ssh-libssh.c
|
||||
+++ b/lib/ssh-libssh.c
|
||||
@@ -549,6 +549,7 @@ static CURLcode myssh_statemach_act(struct connectdata *conn, bool *block)
|
||||
struct Curl_easy *data = conn->data;
|
||||
struct SSHPROTO *protop = data->req.protop;
|
||||
struct ssh_conn *sshc = &conn->proto.sshc;
|
||||
+ curl_socket_t sock = conn->sock[FIRSTSOCKET];
|
||||
int rc = SSH_NO_ERROR, err;
|
||||
char *new_readdir_line;
|
||||
int seekerr = CURL_SEEKFUNC_OK;
|
||||
@@ -792,7 +793,7 @@ static CURLcode myssh_statemach_act(struct connectdata *conn, bool *block)
|
||||
|
||||
Curl_pgrsTime(conn->data, TIMER_APPCONNECT); /* SSH is connected */
|
||||
|
||||
- conn->sockfd = ssh_get_fd(sshc->ssh_session);
|
||||
+ conn->sockfd = sock;
|
||||
conn->writesockfd = CURL_SOCKET_BAD;
|
||||
|
||||
if(conn->handler->protocol == CURLPROTO_SFTP) {
|
||||
@@ -2048,6 +2049,7 @@ static CURLcode myssh_connect(struct connectdata *conn, bool *done)
|
||||
{
|
||||
struct ssh_conn *ssh;
|
||||
CURLcode result;
|
||||
+ curl_socket_t sock = conn->sock[FIRSTSOCKET];
|
||||
struct Curl_easy *data = conn->data;
|
||||
int rc;
|
||||
|
||||
@@ -2076,6 +2078,8 @@ static CURLcode myssh_connect(struct connectdata *conn, bool *done)
|
||||
return CURLE_FAILED_INIT;
|
||||
}
|
||||
|
||||
+ ssh_options_set(ssh->ssh_session, SSH_OPTIONS_FD, &sock);
|
||||
+
|
||||
if(conn->user) {
|
||||
infof(data, "User: %s\n", conn->user);
|
||||
ssh_options_set(ssh->ssh_session, SSH_OPTIONS_USER, conn->user);
|
||||
--
|
||||
2.17.2
|
||||
|
89
SOURCES/0101-curl-7.32.0-multilib.patch
Normal file
89
SOURCES/0101-curl-7.32.0-multilib.patch
Normal file
@ -0,0 +1,89 @@
|
||||
From 2a4754a3a7cf60ecc36d83cbe50b8c337cb87632 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Fri, 12 Apr 2013 12:04:05 +0200
|
||||
Subject: [PATCH] prevent multilib conflicts on the curl-config script
|
||||
|
||||
---
|
||||
curl-config.in | 21 +++------------------
|
||||
docs/curl-config.1 | 4 +++-
|
||||
libcurl.pc.in | 1 +
|
||||
3 files changed, 7 insertions(+), 19 deletions(-)
|
||||
|
||||
diff --git a/curl-config.in b/curl-config.in
|
||||
index 150004d..95d0759 100644
|
||||
--- a/curl-config.in
|
||||
+++ b/curl-config.in
|
||||
@@ -76,7 +76,7 @@ while test $# -gt 0; do
|
||||
;;
|
||||
|
||||
--cc)
|
||||
- echo "@CC@"
|
||||
+ echo "gcc"
|
||||
;;
|
||||
|
||||
--prefix)
|
||||
@@ -143,32 +143,17 @@ while test $# -gt 0; do
|
||||
;;
|
||||
|
||||
--libs)
|
||||
- if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
|
||||
- CURLLIBDIR="-L@libdir@ "
|
||||
- else
|
||||
- CURLLIBDIR=""
|
||||
- fi
|
||||
- if test "X@REQUIRE_LIB_DEPS@" = "Xyes"; then
|
||||
- echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@
|
||||
- else
|
||||
- echo ${CURLLIBDIR}-lcurl
|
||||
- fi
|
||||
+ echo -lcurl
|
||||
;;
|
||||
--ssl-backends)
|
||||
echo "@SSL_BACKENDS@"
|
||||
;;
|
||||
|
||||
--static-libs)
|
||||
- if test "X@ENABLE_STATIC@" != "Xno" ; then
|
||||
- echo @libdir@/libcurl.@libext@ @LDFLAGS@ @LIBCURL_LIBS@
|
||||
- else
|
||||
- echo "curl was built with static libraries disabled" >&2
|
||||
- exit 1
|
||||
- fi
|
||||
;;
|
||||
|
||||
--configure)
|
||||
- echo @CONFIGURE_OPTIONS@
|
||||
+ pkg-config libcurl --variable=configure_options | sed 's/^"//;s/"$//'
|
||||
;;
|
||||
|
||||
*)
|
||||
diff --git a/docs/curl-config.1 b/docs/curl-config.1
|
||||
index 14a9d2b..ffcc004 100644
|
||||
--- a/docs/curl-config.1
|
||||
+++ b/docs/curl-config.1
|
||||
@@ -70,7 +70,9 @@ no, one or several names. If more than one name, they will appear
|
||||
comma-separated. (Added in 7.58.0)
|
||||
.IP "--static-libs"
|
||||
Shows the complete set of libs and other linker options you will need in order
|
||||
-to link your application with libcurl statically. (Added in 7.17.1)
|
||||
+to link your application with libcurl statically. Note that Fedora/RHEL libcurl
|
||||
+packages do not provide any static libraries, thus cannot be linked statically.
|
||||
+(Added in 7.17.1)
|
||||
.IP "--version"
|
||||
Outputs version information about the installed libcurl.
|
||||
.IP "--vernum"
|
||||
diff --git a/libcurl.pc.in b/libcurl.pc.in
|
||||
index 2ba9c39..f8f8b00 100644
|
||||
--- a/libcurl.pc.in
|
||||
+++ b/libcurl.pc.in
|
||||
@@ -29,6 +29,7 @@ libdir=@libdir@
|
||||
includedir=@includedir@
|
||||
supported_protocols="@SUPPORT_PROTOCOLS@"
|
||||
supported_features="@SUPPORT_FEATURES@"
|
||||
+configure_options=@CONFIGURE_OPTIONS@
|
||||
|
||||
Name: libcurl
|
||||
URL: https://curl.haxx.se/
|
||||
--
|
||||
2.5.0
|
||||
|
65
SOURCES/0102-curl-7.36.0-debug.patch
Normal file
65
SOURCES/0102-curl-7.36.0-debug.patch
Normal file
@ -0,0 +1,65 @@
|
||||
From 6710648c2b270c9ce68a7d9f1bba1222c7be8b58 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Wed, 31 Oct 2012 11:38:30 +0100
|
||||
Subject: [PATCH] prevent configure script from discarding -g in CFLAGS (#496778)
|
||||
|
||||
---
|
||||
configure | 13 +++----------
|
||||
m4/curl-compilers.m4 | 13 +++----------
|
||||
2 files changed, 6 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/configure b/configure
|
||||
index 8f079a3..53b4774 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -16414,18 +16414,11 @@ $as_echo "yes" >&6; }
|
||||
gccvhi=`echo $gccver | cut -d . -f1`
|
||||
gccvlo=`echo $gccver | cut -d . -f2`
|
||||
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
|
||||
- flags_dbg_all="-g -g0 -g1 -g2 -g3"
|
||||
- flags_dbg_all="$flags_dbg_all -ggdb"
|
||||
- flags_dbg_all="$flags_dbg_all -gstabs"
|
||||
- flags_dbg_all="$flags_dbg_all -gstabs+"
|
||||
- flags_dbg_all="$flags_dbg_all -gcoff"
|
||||
- flags_dbg_all="$flags_dbg_all -gxcoff"
|
||||
- flags_dbg_all="$flags_dbg_all -gdwarf-2"
|
||||
- flags_dbg_all="$flags_dbg_all -gvms"
|
||||
+ flags_dbg_all=""
|
||||
flags_dbg_yes="-g"
|
||||
flags_dbg_off=""
|
||||
- flags_opt_all="-O -O0 -O1 -O2 -O3 -Os -Og -Ofast"
|
||||
- flags_opt_yes="-O2"
|
||||
+ flags_opt_all=""
|
||||
+ flags_opt_yes=""
|
||||
flags_opt_off="-O0"
|
||||
|
||||
OLDCPPFLAGS=$CPPFLAGS
|
||||
diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4
|
||||
index 0cbba7a..9175b5b 100644
|
||||
--- a/m4/curl-compilers.m4
|
||||
+++ b/m4/curl-compilers.m4
|
||||
@@ -157,18 +157,11 @@ AC_DEFUN([CURL_CHECK_COMPILER_GNU_C], [
|
||||
gccvhi=`echo $gccver | cut -d . -f1`
|
||||
gccvlo=`echo $gccver | cut -d . -f2`
|
||||
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
|
||||
- flags_dbg_all="-g -g0 -g1 -g2 -g3"
|
||||
- flags_dbg_all="$flags_dbg_all -ggdb"
|
||||
- flags_dbg_all="$flags_dbg_all -gstabs"
|
||||
- flags_dbg_all="$flags_dbg_all -gstabs+"
|
||||
- flags_dbg_all="$flags_dbg_all -gcoff"
|
||||
- flags_dbg_all="$flags_dbg_all -gxcoff"
|
||||
- flags_dbg_all="$flags_dbg_all -gdwarf-2"
|
||||
- flags_dbg_all="$flags_dbg_all -gvms"
|
||||
+ flags_dbg_all=""
|
||||
flags_dbg_yes="-g"
|
||||
flags_dbg_off=""
|
||||
- flags_opt_all="-O -O0 -O1 -O2 -O3 -Os -Og -Ofast"
|
||||
- flags_opt_yes="-O2"
|
||||
+ flags_opt_all=""
|
||||
+ flags_opt_yes=""
|
||||
flags_opt_off="-O0"
|
||||
CURL_CHECK_DEF([_WIN32], [], [silent])
|
||||
else
|
||||
--
|
||||
1.7.1
|
||||
|
140
SOURCES/0103-curl-7.59.0-python3.patch
Normal file
140
SOURCES/0103-curl-7.59.0-python3.patch
Normal file
@ -0,0 +1,140 @@
|
||||
From bdba7b54224814055185513de1e7ff6619031553 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Thu, 15 Mar 2018 13:21:40 +0100
|
||||
Subject: [PATCH 1/2] tests/http_pipe.py: migrate to Python 3
|
||||
|
||||
---
|
||||
tests/http_pipe.py | 4 ++--
|
||||
tests/runtests.pl | 2 +-
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/tests/http_pipe.py b/tests/http_pipe.py
|
||||
index bc32173..75ac165 100755
|
||||
--- a/tests/http_pipe.py
|
||||
+++ b/tests/http_pipe.py
|
||||
@@ -383,13 +383,13 @@ class PipelineRequestHandler(socketserver.BaseRequestHandler):
|
||||
self.request.setblocking(True)
|
||||
if not new_data:
|
||||
return
|
||||
- new_requests = self._request_parser.ParseAdditionalData(new_data)
|
||||
+ new_requests = self._request_parser.ParseAdditionalData(new_data.decode('utf8'))
|
||||
self._response_builder.QueueRequests(
|
||||
new_requests, self._request_parser.were_all_requests_http_1_1)
|
||||
self._num_queued += len(new_requests)
|
||||
self._last_queued_time = time.time()
|
||||
elif fileno in wlist:
|
||||
- num_bytes_sent = self.request.send(self._send_buffer[0:4096])
|
||||
+ num_bytes_sent = self.request.send(self._send_buffer[0:4096].encode('utf8'))
|
||||
self._send_buffer = self._send_buffer[num_bytes_sent:]
|
||||
time.sleep(0.05)
|
||||
|
||||
diff --git a/tests/runtests.pl b/tests/runtests.pl
|
||||
index d6aa5ca..4d395ef 100755
|
||||
--- a/tests/runtests.pl
|
||||
+++ b/tests/runtests.pl
|
||||
@@ -1439,7 +1439,7 @@ sub runhttpserver {
|
||||
elsif($alt eq "pipe") {
|
||||
# basically the same, but another ID
|
||||
$idnum = 3;
|
||||
- $exe = "python $srcdir/http_pipe.py";
|
||||
+ $exe = "python3 $srcdir/http_pipe.py";
|
||||
$verbose_flag .= "1 ";
|
||||
}
|
||||
elsif($alt eq "unix") {
|
||||
--
|
||||
2.14.3
|
||||
|
||||
|
||||
From 3c4c7340e455b7256c0786759422f34ec3e2d440 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Thu, 15 Mar 2018 14:49:56 +0100
|
||||
Subject: [PATCH 2/2] tests/{negtelnet,smb}server.py: migrate to Python 3
|
||||
|
||||
Unfortunately, smbserver.py does not work with Python 3 because
|
||||
there is no 'impacket' module available for Python 3:
|
||||
|
||||
https://github.com/CoreSecurity/impacket/issues/61
|
||||
---
|
||||
tests/negtelnetserver.py | 12 ++++++------
|
||||
tests/smbserver.py | 4 ++--
|
||||
2 files changed, 8 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/tests/negtelnetserver.py b/tests/negtelnetserver.py
|
||||
index 8cfd409..72ee771 100755
|
||||
--- a/tests/negtelnetserver.py
|
||||
+++ b/tests/negtelnetserver.py
|
||||
@@ -23,7 +23,7 @@ IDENT = "NTEL"
|
||||
|
||||
# The strings that indicate the test framework is checking our aliveness
|
||||
VERIFIED_REQ = b"verifiedserver"
|
||||
-VERIFIED_RSP = b"WE ROOLZ: {pid}"
|
||||
+VERIFIED_RSP = "WE ROOLZ: {pid}"
|
||||
|
||||
|
||||
def telnetserver(options):
|
||||
@@ -34,7 +34,7 @@ def telnetserver(options):
|
||||
if options.pidfile:
|
||||
pid = os.getpid()
|
||||
with open(options.pidfile, "w") as f:
|
||||
- f.write(b"{0}".format(pid))
|
||||
+ f.write("{0}".format(pid))
|
||||
|
||||
local_bind = (HOST, options.port)
|
||||
log.info("Listening on %s", local_bind)
|
||||
@@ -73,11 +73,11 @@ class NegotiatingTelnetHandler(socketserver.BaseRequestHandler):
|
||||
response_data = VERIFIED_RSP.format(pid=os.getpid())
|
||||
else:
|
||||
log.debug("Received normal request - echoing back")
|
||||
- response_data = data.strip()
|
||||
+ response_data = data.decode('utf8').strip()
|
||||
|
||||
if response_data:
|
||||
log.debug("Sending %r", response_data)
|
||||
- self.request.sendall(response_data)
|
||||
+ self.request.sendall(response_data.encode('utf8'))
|
||||
|
||||
except IOError:
|
||||
log.exception("IOError hit during request")
|
||||
@@ -132,7 +132,7 @@ class Negotiator(object):
|
||||
return buffer
|
||||
|
||||
def byte_to_int(self, byte):
|
||||
- return struct.unpack(b'B', byte)[0]
|
||||
+ return int(byte)
|
||||
|
||||
def no_neg(self, byte, byte_int, buffer):
|
||||
# Not negotiating anything thus far. Check to see if we
|
||||
@@ -197,7 +197,7 @@ class Negotiator(object):
|
||||
self.tcp.sendall(packed_message)
|
||||
|
||||
def pack(self, arr):
|
||||
- return struct.pack(b'{0}B'.format(len(arr)), *arr)
|
||||
+ return struct.pack('{0}B'.format(len(arr)), *arr)
|
||||
|
||||
def send_iac(self, arr):
|
||||
message = [NegTokens.IAC]
|
||||
diff --git a/tests/smbserver.py b/tests/smbserver.py
|
||||
index 195ae39..b09cd44 100755
|
||||
--- a/tests/smbserver.py
|
||||
+++ b/tests/smbserver.py
|
||||
@@ -24,7 +24,7 @@
|
||||
from __future__ import (absolute_import, division, print_function)
|
||||
# unicode_literals)
|
||||
import argparse
|
||||
-import ConfigParser
|
||||
+import configparser
|
||||
import os
|
||||
import sys
|
||||
import logging
|
||||
@@ -58,7 +58,7 @@ def smbserver(options):
|
||||
f.write("{0}".format(pid))
|
||||
|
||||
# Here we write a mini config for the server
|
||||
- smb_config = ConfigParser.ConfigParser()
|
||||
+ smb_config = configparser.ConfigParser()
|
||||
smb_config.add_section("global")
|
||||
smb_config.set("global", "server_name", "SERVICE")
|
||||
smb_config.set("global", "server_os", "UNIX")
|
||||
--
|
||||
2.14.3
|
||||
|
51
SOURCES/0104-curl-7.19.7-localhost6.patch
Normal file
51
SOURCES/0104-curl-7.19.7-localhost6.patch
Normal file
@ -0,0 +1,51 @@
|
||||
diff --git a/tests/data/test1083 b/tests/data/test1083
|
||||
index e441278..b0958b6 100644
|
||||
--- a/tests/data/test1083
|
||||
+++ b/tests/data/test1083
|
||||
@@ -33,13 +33,13 @@ ipv6
|
||||
http-ipv6
|
||||
</server>
|
||||
<name>
|
||||
-HTTP-IPv6 GET with ip6-localhost --interface
|
||||
+HTTP-IPv6 GET with localhost6 --interface
|
||||
</name>
|
||||
<command>
|
||||
--g "http://%HOST6IP:%HTTP6PORT/1083" --interface ip6-localhost
|
||||
+-g "http://%HOST6IP:%HTTP6PORT/1083" --interface localhost6
|
||||
</command>
|
||||
<precheck>
|
||||
-perl -e "if ('%CLIENT6IP' ne '[::1]') {print 'Test requires default test server host address';} else {exec './server/resolve --ipv6 ip6-localhost'; print 'Cannot run precheck resolve';}"
|
||||
+perl -e "if ('%CLIENT6IP' ne '[::1]') {print 'Test requires default test server host address';} else {exec './server/resolve --ipv6 localhost6'; print 'Cannot run precheck resolve';}"
|
||||
</precheck>
|
||||
</client>
|
||||
|
||||
diff --git a/tests/data/test241 b/tests/data/test241
|
||||
index 46eae1f..4e1632c 100644
|
||||
--- a/tests/data/test241
|
||||
+++ b/tests/data/test241
|
||||
@@ -30,13 +30,13 @@ ipv6
|
||||
http-ipv6
|
||||
</server>
|
||||
<name>
|
||||
-HTTP-IPv6 GET (using ip6-localhost)
|
||||
+HTTP-IPv6 GET (using localhost6)
|
||||
</name>
|
||||
<command>
|
||||
--g "http://ip6-localhost:%HTTP6PORT/241"
|
||||
+-g "http://localhost6:%HTTP6PORT/241"
|
||||
</command>
|
||||
<precheck>
|
||||
-./server/resolve --ipv6 ip6-localhost
|
||||
+./server/resolve --ipv6 localhost6
|
||||
</precheck>
|
||||
</client>
|
||||
|
||||
@@ -48,7 +48,7 @@ HTTP-IPv6 GET (using ip6-localhost)
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /241 HTTP/1.1
|
||||
-Host: ip6-localhost:%HTTP6PORT
|
||||
+Host: localhost6:%HTTP6PORT
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
1732
SPECS/curl.spec
Normal file
1732
SPECS/curl.spec
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user