rpms/curl
8
0
Fork 1
Code Issues Pull Requests Releases Activity

do not treat failure of gss_init_sec_context() with --negotiate as fatal

Browse Source 
This commit fixes a major incompatibility introduced in curl-7.64.1.

Bug: https://github.com/curl/curl/issues/3726
This commit is contained in:
Kamil Dudka 2019-05-09 09:59:31 +02:00
parent 8fd906c559
commit 9dd5d73f3b
2 changed files with 76 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
0001-curl-7.64.1-negotiate-without-ticket.patch Normal file
View File

@ -0,0 +1,68 @@
From f7c66081721ac54f68457f07994487f416db383f Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 6 May 2019 14:16:35 +0200
Subject: [PATCH] spnego_gssapi: fix return code on gss_init_sec_context()
failure
Fixes #3726
Closes #3849
Upstream-commit: f65845c1eccc02385cdfb22bf2e521e670f7b295
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
lib/vauth/spnego_gssapi.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index 7c4bd4b59..de8bde2ba 100644
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -170,7 +170,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
Curl_gss_log_error(data, "gss_init_sec_context() failed: ",
major_status, minor_status);
- return CURLE_OUT_OF_MEMORY;
+ return CURLE_LOGIN_DENIED;
}
if(!output_token.value || !output_token.length) {
--
2.20.1
From ce0dbcf6f028c84adf4ff3704c04a09d4450a596 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 6 May 2019 14:32:00 +0200
Subject: [PATCH] http_negotiate: do not treat failure of
gss_init_sec_context() as fatal
Fixes #3726
Closes #3849
Upstream-commit: f4603708af08f454bca8b74095d0af40a4516512
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
lib/http_negotiate.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 9415236fb..201c3a785 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -143,7 +143,13 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
}
if(!neg_ctx->context) {
result = Curl_input_negotiate(conn, proxy, "Negotiate");
- if(result)
+ if(result == CURLE_LOGIN_DENIED) {
+ /* negotiate auth failed, let's continue unauthenticated to stay
+ * compatible with the behavior before curl-7_64_0-158-g6c6035532 */
+ conn->data->state.authproblem = TRUE;
+ return CURLE_OK;
+ }
+ else if(result)
return result;
}
--
2.20.1

9
curl.spec
View File

@ -1,10 +1,13 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl Name: curl
Version: 7.64.1 Version: 7.64.1
Release: 1%{?dist} Release: 2%{?dist}
License: MIT License: MIT
Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz Source: https://curl.haxx.se/download/%{name}-%{version}.tar.xz
# do not treat failure of gss_init_sec_context() with --negotiate as fatal
Patch1: 0001-curl-7.64.1-negotiate-without-ticket.patch
# patch making libcurl multilib ready # patch making libcurl multilib ready
Patch101: 0101-curl-7.32.0-multilib.patch Patch101: 0101-curl-7.32.0-multilib.patch
@ -171,6 +174,7 @@ be installed.
%setup -q %setup -q
# upstream patches # upstream patches
%patch1 -p1
# Fedora patches # Fedora patches
%patch101 -p1 %patch101 -p1
@ -346,6 +350,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog %changelog
* Thu May 09 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.1-2
- do not treat failure of gss_init_sec_context() with --negotiate as fatal
* Wed Mar 27 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.1-1 * Wed Mar 27 2019 Kamil Dudka <kdudka@redhat.com> - 7.64.1-1
- new upstream release - new upstream release