diff --git a/backport-0001-CVE-2023-28320.patch b/backport-0001-CVE-2023-28320.patch deleted file mode 100644 index 5cefb16..0000000 --- a/backport-0001-CVE-2023-28320.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 13718030ad4b3209a7583b4f27f683cd3a6fa5f2 Mon Sep 17 00:00:00 2001 -From: Harry Sintonen -Date: Tue, 25 Apr 2023 09:22:26 +0200 -Subject: [PATCH] hostip: add locks around use of global buffer for alarm() - -When building with the sync name resolver and timeout ability we now -require thread-safety to be present to enable it. - -Closes #11030 - -Conflict:NA -Reference:https://github.com/curl/curl/commit/13718030ad4b3209a7583b ---- - lib/hostip.c | 19 +++++++++++++++---- - 1 file changed, 15 insertions(+), 4 deletions(-) - -diff --git a/lib/hostip.c b/lib/hostip.c -index 2381290fdd43e..e410cda69ae6e 100644 ---- a/lib/hostip.c -+++ b/lib/hostip.c -@@ -70,12 +70,19 @@ - #include - #endif - --#if defined(CURLRES_SYNCH) && \ -- defined(HAVE_ALARM) && defined(SIGALRM) && defined(HAVE_SIGSETJMP) -+#if defined(CURLRES_SYNCH) && \ -+ defined(HAVE_ALARM) && \ -+ defined(SIGALRM) && \ -+ defined(HAVE_SIGSETJMP) && \ -+ defined(GLOBAL_INIT_IS_THREADSAFE) - /* alarm-based timeouts can only be used with all the dependencies satisfied */ - #define USE_ALARM_TIMEOUT - #endif - -+#ifdef USE_ALARM_TIMEOUT -+#include "easy_lock.h" -+#endif -+ - #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */ - - /* -@@ -254,11 +261,12 @@ void Curl_hostcache_prune(struct Curl_easy *data) - Curl_share_unlock(data, CURL_LOCK_DATA_DNS); - } - --#ifdef HAVE_SIGSETJMP -+#ifdef USE_ALARM_TIMEOUT - /* Beware this is a global and unique instance. This is used to store the - return address that we can jump back to from inside a signal handler. This - is not thread-safe stuff. */ - sigjmp_buf curl_jmpenv; -+curl_simple_lock curl_jmpenv_lock; - #endif - - /* lookup address, returns entry if found and not stale */ -@@ -832,7 +840,6 @@ enum resolve_t Curl_resolv(struct Curl_easy *data, - static - void alarmfunc(int sig) - { -- /* this is for "-ansi -Wall -pedantic" to stop complaining! (rabe) */ - (void)sig; - siglongjmp(curl_jmpenv, 1); - } -@@ -912,6 +919,8 @@ enum resolve_t Curl_resolv_timeout(struct Curl_easy *data, - This should be the last thing we do before calling Curl_resolv(), - as otherwise we'd have to worry about variables that get modified - before we invoke Curl_resolv() (and thus use "volatile"). */ -+ curl_simple_lock_lock(&curl_jmpenv_lock); -+ - if(sigsetjmp(curl_jmpenv, 1)) { - /* this is coming from a siglongjmp() after an alarm signal */ - failf(data, "name lookup timed out"); -@@ -980,6 +989,8 @@ enum resolve_t Curl_resolv_timeout(struct Curl_easy *data, - #endif - #endif /* HAVE_SIGACTION */ - -+ curl_simple_lock_unlock(&curl_jmpenv_lock); -+ - /* switch back the alarm() to either zero or to what it was before minus - the time we spent until now! */ - if(prev_alarm) { diff --git a/backport-0002-CVE-2023-28320.patch b/backport-0002-CVE-2023-28320.patch deleted file mode 100644 index bff0c30..0000000 --- a/backport-0002-CVE-2023-28320.patch +++ /dev/null @@ -1,79 +0,0 @@ -From f446258f0269a62289cca0210157cb8558d0edc3 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Tue, 16 May 2023 23:40:42 +0200 -Subject: [PATCH 1/1] hostip: include easy_lock.h before using - GLOBAL_INIT_IS_THREADSAFE - -Since that header file is the only place that define can be defined. - -Reported-by: Marc Deslauriers - -Follow-up to 13718030ad4b3209 - -Closes #11121 - -Conflict:context adapt -Reference:https://github.com/curl/curl/commit/f446258f0269a62289cca0210157cb8558d0edc3 ---- - lib/hostip.c | 10 ++++------ - lib/hostip.h | 9 --------- - 2 files changed, 4 insertions(+), 15 deletions(-) - -diff --git a/lib/hostip.c b/lib/hostip.c -index 615f36c16..4ff348436 100644 ---- a/lib/hostip.c -+++ b/lib/hostip.c -@@ -70,6 +70,8 @@ - #include - #endif - -+#include "easy_lock.h" -+ - #if defined(CURLRES_SYNCH) && \ - defined(HAVE_ALARM) && \ - defined(SIGALRM) && \ -@@ -79,10 +81,6 @@ - #define USE_ALARM_TIMEOUT - #endif - --#ifdef USE_ALARM_TIMEOUT --#include "easy_lock.h" --#endif -- - #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */ - - /* -@@ -289,8 +287,8 @@ void Curl_hostcache_prune(struct Curl_easy *data) - /* Beware this is a global and unique instance. This is used to store the - return address that we can jump back to from inside a signal handler. This - is not thread-safe stuff. */ --sigjmp_buf curl_jmpenv; --curl_simple_lock curl_jmpenv_lock; -+static sigjmp_buf curl_jmpenv; -+static curl_simple_lock curl_jmpenv_lock; - #endif - - /* lookup address, returns entry if found and not stale */ -diff --git a/lib/hostip.h b/lib/hostip.h -index 4b5481f65..0dd19e87c 100644 ---- a/lib/hostip.h -+++ b/lib/hostip.h -@@ -186,15 +186,6 @@ Curl_cache_addr(struct Curl_easy *data, struct Curl_addrinfo *addr, - #define CURL_INADDR_NONE INADDR_NONE - #endif - --#ifdef HAVE_SIGSETJMP --/* Forward-declaration of variable defined in hostip.c. Beware this -- * is a global and unique instance. This is used to store the return -- * address that we can jump back to from inside a signal handler. -- * This is not thread-safe stuff. -- */ --extern sigjmp_buf curl_jmpenv; --#endif -- - /* - * Function provided by the resolver backend to set DNS servers to use. - */ --- -2.33.0 - diff --git a/backport-0101-curl-7.32.0-multilib.patch b/backport-0101-curl-7.32.0-multilib.patch index 07d2a31..b4f8e2a 100644 --- a/backport-0101-curl-7.32.0-multilib.patch +++ b/backport-0101-curl-7.32.0-multilib.patch @@ -4,16 +4,16 @@ Date: Fri, 12 Apr 2013 12:04:05 +0200 Subject: [PATCH] prevent multilib conflicts on the curl-config script --- - curl-config.in | 21 +++------------------ - docs/curl-config.1 | 4 +++- - libcurl.pc.in | 1 + - 3 files changed, 7 insertions(+), 19 deletions(-) + curl-config.in | 23 +++++------------------ + docs/curl-config.1 | 4 +++- + libcurl.pc.in | 1 + + 3 files changed, 9 insertions(+), 19 deletions(-) diff --git a/curl-config.in b/curl-config.in index 150004d..95d0759 100644 --- a/curl-config.in +++ b/curl-config.in -@@ -76,7 +76,7 @@ while test $# -gt 0; do +@@ -78,7 +78,7 @@ while test $# -gt 0; do ;; --cc) @@ -22,7 +22,7 @@ index 150004d..95d0759 100644 ;; --prefix) -@@ -155,32 +155,17 @@ while test $# -gt 0; do +@@ -157,32 +157,19 @@ while test $# -gt 0; do ;; --libs) @@ -49,6 +49,8 @@ index 150004d..95d0759 100644 - echo "curl was built with static libraries disabled" >&2 - exit 1 - fi ++ echo "curl was built with static libraries disabled" >&2 ++ exit 1 ;; --configure) @@ -61,7 +63,7 @@ diff --git a/docs/curl-config.1 b/docs/curl-config.1 index 14a9d2b..ffcc004 100644 --- a/docs/curl-config.1 +++ b/docs/curl-config.1 -@@ -70,7 +70,9 @@ no, one or several names. If more than one name, they will appear +@@ -72,7 +72,9 @@ no, one or several names. If more than one name, they will appear comma-separated. (Added in 7.58.0) .IP "--static-libs" Shows the complete set of libs and other linker options you will need in order @@ -76,7 +78,7 @@ diff --git a/libcurl.pc.in b/libcurl.pc.in index 2ba9c39..f8f8b00 100644 --- a/libcurl.pc.in +++ b/libcurl.pc.in -@@ -29,6 +29,7 @@ libdir=@libdir@ +@@ -31,6 +31,7 @@ libdir=@libdir@ includedir=@includedir@ supported_protocols="@SUPPORT_PROTOCOLS@" supported_features="@SUPPORT_FEATURES@" @@ -85,5 +87,5 @@ index 2ba9c39..f8f8b00 100644 Name: libcurl URL: https://curl.se/ -- -2.5.0 +2.26.2 diff --git a/backport-CVE-2023-27533.patch b/backport-CVE-2023-27533.patch deleted file mode 100644 index 035916c..0000000 --- a/backport-CVE-2023-27533.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 538b1e79a6e7b0bb829ab4cecc828d32105d0684 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Mon, 6 Mar 2023 12:07:33 +0100 -Subject: [PATCH] telnet: only accept option arguments in ascii - -To avoid embedded telnet negotiation commands etc. - -Reported-by: Harry Sintonen -Closes #10728 ---- - lib/telnet.c | 15 +++++++++++++++ - 1 file changed, 15 insertions(+) - ---- a/lib/telnet.c -+++ b/lib/telnet.c -@@ -770,6 +770,17 @@ static void printsub(struct Curl_easy *d - } - } - -+static bool str_is_nonascii(const char *str) -+{ -+ size_t len = strlen(str); -+ while(len--) { -+ if(*str & 0x80) -+ return TRUE; -+ str++; -+ } -+ return FALSE; -+} -+ - static CURLcode check_telnet_options(struct Curl_easy *data) - { - struct curl_slist *head; -@@ -784,6 +795,8 @@ static CURLcode check_telnet_options(str - /* Add the user name as an environment variable if it - was given on the command line */ - if(data->state.aptr.user) { -+ if(str_is_nonascii(data->conn->user)) -+ return CURLE_BAD_FUNCTION_ARGUMENT; - msnprintf(option_arg, sizeof(option_arg), "USER,%s", conn->user); - beg = curl_slist_append(tn->telnet_vars, option_arg); - if(!beg) { -@@ -799,6 +812,9 @@ static CURLcode check_telnet_options(str - if(sscanf(head->data, "%127[^= ]%*[ =]%255s", - option_keyword, option_arg) == 2) { - -+ if(str_is_nonascii(option_arg)) -+ continue; -+ - /* Terminal type */ - if(strcasecompare(option_keyword, "TTYPE")) { - strncpy(tn->subopt_ttype, option_arg, 31); diff --git a/backport-CVE-2023-27534.patch b/backport-CVE-2023-27534.patch deleted file mode 100644 index ece7791..0000000 --- a/backport-CVE-2023-27534.patch +++ /dev/null @@ -1,120 +0,0 @@ -From 4e2b52b5f7a3bf50a0f1494155717b02cc1df6d6 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Thu, 9 Mar 2023 16:22:11 +0100 -Subject: [PATCH] curl_path: create the new path with dynbuf - -Closes #10729 ---- - lib/curl_path.c | 75 +++++++++++++++++++++++-------------------------- - 1 file changed, 35 insertions(+), 40 deletions(-) - -diff --git a/lib/curl_path.c b/lib/curl_path.c -index 2df8687a557ba..977e5336f552c 100644 ---- a/lib/curl_path.c -+++ b/lib/curl_path.c -@@ -32,70 +32,65 @@ - #include "escape.h" - #include "memdebug.h" - -+#define MAX_SSHPATH_LEN 100000 /* arbitrary */ -+ - /* figure out the path to work with in this particular request */ - CURLcode Curl_getworkingpath(struct Curl_easy *data, - char *homedir, /* when SFTP is used */ - char **path) /* returns the allocated - real path to work with */ - { -- char *real_path = NULL; - char *working_path; - size_t working_path_len; -+ struct dynbuf npath; - CURLcode result = - Curl_urldecode(data->state.up.path, 0, &working_path, - &working_path_len, REJECT_ZERO); - if(result) - return result; - -+ /* new path to switch to in case we need to */ -+ Curl_dyn_init(&npath, MAX_SSHPATH_LEN); -+ - /* Check for /~/, indicating relative to the user's home directory */ -- if(data->conn->handler->protocol & CURLPROTO_SCP) { -- real_path = malloc(working_path_len + 1); -- if(!real_path) { -+ if((data->conn->handler->protocol & CURLPROTO_SCP) && -+ (working_path_len > 3) && (!memcmp(working_path, "/~/", 3))) { -+ /* It is referenced to the home directory, so strip the leading '/~/' */ -+ if(Curl_dyn_addn(&npath, &working_path[3], working_path_len - 3)) { - free(working_path); - return CURLE_OUT_OF_MEMORY; - } -- if((working_path_len > 3) && (!memcmp(working_path, "/~/", 3))) -- /* It is referenced to the home directory, so strip the leading '/~/' */ -- memcpy(real_path, working_path + 3, working_path_len - 2); -- else -- memcpy(real_path, working_path, 1 + working_path_len); - } -- else if(data->conn->handler->protocol & CURLPROTO_SFTP) { -- if((working_path_len > 1) && (working_path[1] == '~')) { -- size_t homelen = strlen(homedir); -- real_path = malloc(homelen + working_path_len + 1); -- if(!real_path) { -- free(working_path); -- return CURLE_OUT_OF_MEMORY; -- } -- /* It is referenced to the home directory, so strip the -- leading '/' */ -- memcpy(real_path, homedir, homelen); -- /* Only add a trailing '/' if homedir does not end with one */ -- if(homelen == 0 || real_path[homelen - 1] != '/') { -- real_path[homelen] = '/'; -- homelen++; -- real_path[homelen] = '\0'; -- } -- if(working_path_len > 3) { -- memcpy(real_path + homelen, working_path + 3, -- 1 + working_path_len -3); -- } -+ else if((data->conn->handler->protocol & CURLPROTO_SFTP) && -+ (working_path_len > 2) && !memcmp(working_path, "/~/", 3)) { -+ size_t len; -+ const char *p; -+ int copyfrom = 3; -+ if(Curl_dyn_add(&npath, homedir)) { -+ free(working_path); -+ return CURLE_OUT_OF_MEMORY; - } -- else { -- real_path = malloc(working_path_len + 1); -- if(!real_path) { -- free(working_path); -- return CURLE_OUT_OF_MEMORY; -- } -- memcpy(real_path, working_path, 1 + working_path_len); -+ /* Copy a separating '/' if homedir does not end with one */ -+ len = Curl_dyn_len(&npath); -+ p = Curl_dyn_ptr(&npath); -+ if(len && (p[len-1] != '/')) -+ copyfrom = 2; -+ -+ if(Curl_dyn_addn(&npath, -+ &working_path[copyfrom], working_path_len - copyfrom)) { -+ free(working_path); -+ return CURLE_OUT_OF_MEMORY; - } - } - -- free(working_path); -+ if(Curl_dyn_len(&npath)) { -+ free(working_path); - -- /* store the pointer for the caller to receive */ -- *path = real_path; -+ /* store the pointer for the caller to receive */ -+ *path = Curl_dyn_ptr(&npath); -+ } -+ else -+ *path = working_path; - - return CURLE_OK; - } diff --git a/backport-CVE-2023-27535.patch b/backport-CVE-2023-27535.patch deleted file mode 100644 index 54e669d..0000000 --- a/backport-CVE-2023-27535.patch +++ /dev/null @@ -1,151 +0,0 @@ -From 8f4608468b890dce2dad9f91d5607ee7e9c1aba1 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Thu, 9 Mar 2023 17:47:06 +0100 -Subject: [PATCH] ftp: add more conditions for connection reuse - -Reported-by: Harry Sintonen -Closes #10730 ---- - lib/ftp.c | 28 ++++++++++++++++++++++++++-- - lib/ftp.h | 5 +++++ - lib/setopt.c | 2 +- - lib/url.c | 17 +++++++++++++++-- - lib/urldata.h | 4 ++-- - 5 files changed, 49 insertions(+), 7 deletions(-) - ---- a/lib/ftp.c -+++ b/lib/ftp.c -@@ -4052,6 +4052,8 @@ static CURLcode ftp_disconnect(struct Cu - } - - freedirs(ftpc); -+ Curl_safefree(ftpc->account); -+ Curl_safefree(ftpc->alternative_to_user); - Curl_safefree(ftpc->prevpath); - Curl_safefree(ftpc->server_os); - Curl_pp_disconnect(pp); -@@ -4321,11 +4323,31 @@ static CURLcode ftp_setup_connection(str - char *type; - struct FTP *ftp; - CURLcode result = CURLE_OK; -+ struct ftp_conn *ftpc = &conn->proto.ftpc; - -- data->req.p.ftp = ftp = calloc(sizeof(struct FTP), 1); -+ ftp = calloc(sizeof(struct FTP), 1); - if(!ftp) - return CURLE_OUT_OF_MEMORY; - -+ /* clone connection related data that is FTP specific */ -+ if(data->set.str[STRING_FTP_ACCOUNT]) { -+ ftpc->account = strdup(data->set.str[STRING_FTP_ACCOUNT]); -+ if(!ftpc->account) { -+ free(ftp); -+ return CURLE_OUT_OF_MEMORY; -+ } -+ } -+ if(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]) { -+ ftpc->alternative_to_user = -+ strdup(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]); -+ if(!ftpc->alternative_to_user) { -+ Curl_safefree(ftpc->account); -+ free(ftp); -+ return CURLE_OUT_OF_MEMORY; -+ } -+ } -+ data->req.p.ftp = ftp; -+ - ftp->path = &data->state.up.path[1]; /* don't include the initial slash */ - - /* FTP URLs support an extension like ";type=" that -@@ -4360,7 +4382,9 @@ static CURLcode ftp_setup_connection(str - /* get some initial data into the ftp struct */ - ftp->transfer = PPTRANSFER_BODY; - ftp->downloadsize = 0; -- conn->proto.ftpc.known_filesize = -1; /* unknown size for now */ -+ ftpc->known_filesize = -1; /* unknown size for now */ -+ ftpc->use_ssl = data->set.use_ssl; -+ ftpc->ccc = data->set.ftp_ccc; - - return result; - } ---- a/lib/ftp.h -+++ b/lib/ftp.h -@@ -120,6 +120,8 @@ struct FTP { - struct */ - struct ftp_conn { - struct pingpong pp; -+ char *account; -+ char *alternative_to_user; - char *entrypath; /* the PWD reply when we logged on */ - char *file; /* url-decoded file name (or path) */ - char **dirs; /* realloc()ed array for path components */ -@@ -143,6 +145,9 @@ struct ftp_conn { - ftpstate state; /* always use ftp.c:state() to change state! */ - ftpstate state_saved; /* transfer type saved to be reloaded after data - connection is established */ -+ unsigned char use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or -+ IMAP or POP3 or others! (type: curl_usessl)*/ -+ unsigned char ccc; /* ccc level for this connection */ - BIT(ftp_trying_alternative); - BIT(dont_check); /* Set to TRUE to prevent the final (post-transfer) - file size and 226/250 status check. It should still ---- a/lib/setopt.c -+++ b/lib/setopt.c -@@ -2369,7 +2369,7 @@ CURLcode Curl_vsetopt(struct Curl_easy * - arg = va_arg(param, long); - if((arg < CURLUSESSL_NONE) || (arg >= CURLUSESSL_LAST)) - return CURLE_BAD_FUNCTION_ARGUMENT; -- data->set.use_ssl = (curl_usessl)arg; -+ data->set.use_ssl = (unsigned char)arg; - break; - - case CURLOPT_SSL_OPTIONS: ---- a/lib/url.c -+++ b/lib/url.c -@@ -1299,11 +1299,24 @@ ConnectionExists(struct Curl_easy *data, - || ((check->httpversion >= 30) && - (data->state.httpwant < CURL_HTTP_VERSION_3)))) - continue; -- -- if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) { -+#ifdef USE_SSH -+ else if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) { - if(!ssh_config_matches(needle, check)) - continue; - } -+#endif -+#ifndef CURL_DISABLE_FTP -+ else if(get_protocol_family(needle->handler) & PROTO_FAMILY_FTP) { -+ /* Also match ACCOUNT, ALTERNATIVE-TO-USER, USE_SSL and CCC options */ -+ if(Curl_timestrcmp(needle->proto.ftpc.account, -+ check->proto.ftpc.account) || -+ Curl_timestrcmp(needle->proto.ftpc.alternative_to_user, -+ check->proto.ftpc.alternative_to_user) || -+ (needle->proto.ftpc.use_ssl != check->proto.ftpc.use_ssl) || -+ (needle->proto.ftpc.ccc != check->proto.ftpc.ccc)) -+ continue; -+ } -+#endif - - if((needle->handler->flags&PROTOPT_SSL) - #ifndef CURL_DISABLE_PROXY ---- a/lib/urldata.h -+++ b/lib/urldata.h -@@ -1713,8 +1713,6 @@ struct UserDefined { - #ifndef CURL_DISABLE_NETRC - unsigned char use_netrc; /* enum CURL_NETRC_OPTION values */ - #endif -- curl_usessl use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or -- IMAP or POP3 or others! */ - unsigned int new_file_perms; /* when creating remote files */ - char *str[STRING_LAST]; /* array of strings, pointing to allocated memory */ - struct curl_blob *blobs[BLOB_LAST]; -@@ -1773,6 +1771,8 @@ struct UserDefined { - BIT(mail_rcpt_allowfails); /* allow RCPT TO command to fail for some - recipients */ - #endif -+ unsigned char use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or -+ IMAP or POP3 or others! (type: curl_usessl)*/ - unsigned char connect_only; /* make connection/request, then let - application use the socket */ - BIT(is_fread_set); /* has read callback been set to non-NULL? */ diff --git a/backport-CVE-2023-27536.patch b/backport-CVE-2023-27536.patch deleted file mode 100644 index 3d626fe..0000000 --- a/backport-CVE-2023-27536.patch +++ /dev/null @@ -1,44 +0,0 @@ -From cb49e67303dbafbab1cebf4086e3ec15b7d56ee5 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Fri, 10 Mar 2023 09:22:43 +0100 -Subject: [PATCH] url: only reuse connections with same GSS delegation - -Reported-by: Harry Sintonen -Closes #10731 ---- - lib/url.c | 6 ++++++ - lib/urldata.h | 1 + - 2 files changed, 7 insertions(+) - ---- a/lib/url.c -+++ b/lib/url.c -@@ -1291,6 +1291,11 @@ ConnectionExists(struct Curl_easy *data, - } - } - -+ /* GSS delegation differences do not actually affect every connection -+ and auth method, but this check takes precaution before efficiency */ -+ if(needle->gssapi_delegation != check->gssapi_delegation) -+ continue; -+ - /* If multiplexing isn't enabled on the h2 connection and h1 is - explicitly requested, handle it: */ - if((needle->handler->protocol & PROTO_FAMILY_HTTP) && -@@ -1602,6 +1607,7 @@ static struct connectdata *allocate_conn - conn->fclosesocket = data->set.fclosesocket; - conn->closesocket_client = data->set.closesocket_client; - conn->lastused = Curl_now(); /* used now */ -+ conn->gssapi_delegation = data->set.gssapi_delegation; - - return conn; - error: ---- a/lib/urldata.h -+++ b/lib/urldata.h -@@ -1057,6 +1057,7 @@ struct connectdata { - unsigned char ip_version; /* copied from the Curl_easy at creation time */ - unsigned char httpversion; /* the HTTP version*10 reported by the server */ - unsigned char connect_only; -+ unsigned char gssapi_delegation; /* inherited from set.gssapi_delegation */ - }; - - /* The end of connectdata. */ diff --git a/backport-CVE-2023-27537.patch b/backport-CVE-2023-27537.patch deleted file mode 100644 index 1cffe25..0000000 --- a/backport-CVE-2023-27537.patch +++ /dev/null @@ -1,32 +0,0 @@ -From dca4cdf071be095bcdc7126eaa77a8946ea4790b Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Thu, 9 Mar 2023 18:01:34 +0100 -Subject: [PATCH] CURLSHOPT_SHARE.3: HSTS sharing is not thread-safe - -Reported-by: Hiroki Kurosawa -Closes #10732 ---- - docs/libcurl/opts/CURLSHOPT_SHARE.3 | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - ---- a/docs/libcurl/opts/CURLSHOPT_SHARE.3 -+++ b/docs/libcurl/opts/CURLSHOPT_SHARE.3 -@@ -57,8 +57,7 @@ implemented until 7.23.0. - Put the connection cache in the share object and make all easy handles using - this share object share the connection cache. - --Note that due to a known bug, it is not safe to share connections this way --between multiple concurrent threads. -+It is not supported to share connections between multiple concurrent threads. - - Connections that are used for HTTP/1.1 Pipelining or HTTP/2 multiplexing only - get additional transfers added to them if the existing connection is held by -@@ -82,6 +81,8 @@ multi handle will share PSL cache by def - .IP CURL_LOCK_DATA_HSTS - The in-memory HSTS cache. - -+It is not supported to share the HSTS between multiple concurrent threads. -+ - Added in 7.88.0 - .SH PROTOCOLS - All diff --git a/backport-CVE-2023-27538.patch b/backport-CVE-2023-27538.patch deleted file mode 100644 index bfa2f59..0000000 --- a/backport-CVE-2023-27538.patch +++ /dev/null @@ -1,22 +0,0 @@ -From af369db4d3833272b8ed443f7fcc2e757a0872eb Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Fri, 10 Mar 2023 08:22:51 +0100 -Subject: [PATCH] url: fix the SSH connection reuse check - -Reported-by: Harry Sintonen -Closes #10735 ---- - lib/url.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/lib/url.c -+++ b/lib/url.c -@@ -1300,7 +1300,7 @@ ConnectionExists(struct Curl_easy *data, - (data->state.httpwant < CURL_HTTP_VERSION_3)))) - continue; - -- if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) { -+ if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) { - if(!ssh_config_matches(needle, check)) - continue; - } diff --git a/backport-CVE-2023-28321.patch b/backport-CVE-2023-28321.patch deleted file mode 100644 index 422dada..0000000 --- a/backport-CVE-2023-28321.patch +++ /dev/null @@ -1,297 +0,0 @@ -From 199f2d440d8659b42670c1b796220792b01a97bf Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Mon, 24 Apr 2023 21:07:02 +0200 -Subject: [PATCH] hostcheck: fix host name wildcard checking - -The leftmost "label" of the host name can now only match against single -'*'. Like the browsers have worked for a long time. - -- extended unit test 1397 for this -- move some SOURCE variables from unit/Makefile.am to unit/Makefile.inc - -Reported-by: Hiroki Kurosawa -Closes #11018 ---- - lib/vtls/hostcheck.c | 50 +++++++-------- - tests/data/test1397 | 10 ++- - tests/unit/Makefile.am | 94 ---------------------------- - tests/unit/Makefile.inc | 94 ++++++++++++++++++++++++++++ - tests/unit/unit1397.c | 134 ++++++++++++++++++++++++---------------- - 5 files changed, 202 insertions(+), 180 deletions(-) - -diff --git a/lib/vtls/hostcheck.c b/lib/vtls/hostcheck.c -index e827dc5..d061c63 100644 ---- a/lib/vtls/hostcheck.c -+++ b/lib/vtls/hostcheck.c -@@ -71,7 +71,12 @@ static bool pmatch(const char *hostname, size_t hostlen, - * apparent distinction between a name and an IP. We need to detect the use of - * an IP address and not wildcard match on such names. - * -+ * Only match on "*" being used for the leftmost label, not "a*", "a*b" nor -+ * "*b". -+ * - * Return TRUE on a match. FALSE if not. -+ * -+ * @unittest: 1397 - */ - - static bool hostmatch(const char *hostname, -@@ -79,53 +84,42 @@ static bool hostmatch(const char *hostname, - const char *pattern, - size_t patternlen) - { -- const char *pattern_label_end, *wildcard, *hostname_label_end; -- size_t prefixlen, suffixlen; -+ const char *pattern_label_end; - -- /* normalize pattern and hostname by stripping off trailing dots */ -+ DEBUGASSERT(pattern); - DEBUGASSERT(patternlen); -+ DEBUGASSERT(hostname); -+ DEBUGASSERT(hostlen); -+ -+ /* normalize pattern and hostname by stripping off trailing dots */ - if(hostname[hostlen-1]=='.') - hostlen--; - if(pattern[patternlen-1]=='.') - patternlen--; - -- wildcard = memchr(pattern, '*', patternlen); -- if(!wildcard) -+ if(strncmp(pattern, "*.", 2)) - return pmatch(hostname, hostlen, pattern, patternlen); - - /* detect IP address as hostname and fail the match if so */ -- if(Curl_host_is_ipnum(hostname)) -+ else if(Curl_host_is_ipnum(hostname)) - return FALSE; - - /* We require at least 2 dots in the pattern to avoid too wide wildcard - match. */ - pattern_label_end = memchr(pattern, '.', patternlen); - if(!pattern_label_end || -- (memrchr(pattern, '.', patternlen) == pattern_label_end) || -- strncasecompare(pattern, "xn--", 4)) -+ (memrchr(pattern, '.', patternlen) == pattern_label_end)) - return pmatch(hostname, hostlen, pattern, patternlen); -- -- hostname_label_end = memchr(hostname, '.', hostlen); -- if(!hostname_label_end) -- return FALSE; - else { -- size_t skiphost = hostname_label_end - hostname; -- size_t skiplen = pattern_label_end - pattern; -- if(!pmatch(hostname_label_end, hostlen - skiphost, -- pattern_label_end, patternlen - skiplen)) -- return FALSE; -+ const char *hostname_label_end = memchr(hostname, '.', hostlen); -+ if(hostname_label_end) { -+ size_t skiphost = hostname_label_end - hostname; -+ size_t skiplen = pattern_label_end - pattern; -+ return pmatch(hostname_label_end, hostlen - skiphost, -+ pattern_label_end, patternlen - skiplen); -+ } - } -- /* The wildcard must match at least one character, so the left-most -- label of the hostname is at least as large as the left-most label -- of the pattern. */ -- if(hostname_label_end - hostname < pattern_label_end - pattern) -- return FALSE; -- -- prefixlen = wildcard - pattern; -- suffixlen = pattern_label_end - (wildcard + 1); -- return strncasecompare(pattern, hostname, prefixlen) && -- strncasecompare(wildcard + 1, hostname_label_end - suffixlen, -- suffixlen) ? TRUE : FALSE; -+ return FALSE; - } - - /* -diff --git a/tests/data/test1397 b/tests/data/test1397 -index 84f962a..f31b2c2 100644 ---- a/tests/data/test1397 -+++ b/tests/data/test1397 -@@ -2,8 +2,7 @@ - - - unittest --ssl --wildcard -+Curl_cert_hostcheck - - - -@@ -16,9 +15,8 @@ none - - unittest - -- --Check wildcard certificate matching function Curl_cert_hostcheck -- -+ -+Curl_cert_hostcheck unit tests -+ - -- - -diff --git a/tests/unit/unit1397.c b/tests/unit/unit1397.c -index 2f3d3aa..3ae7561 100644 ---- a/tests/unit/unit1397.c -+++ b/tests/unit/unit1397.c -@@ -23,7 +23,6 @@ - ***************************************************************************/ - #include "curlcheck.h" - --#include "vtls/hostcheck.h" /* from the lib dir */ - - static CURLcode unit_setup(void) - { -@@ -32,63 +31,94 @@ static CURLcode unit_setup(void) - - static void unit_stop(void) - { -- /* done before shutting down and exiting */ - } - --UNITTEST_START -- - /* only these backends define the tested functions */ --#if defined(USE_OPENSSL) || defined(USE_GSKIT) -- -- /* here you start doing things and checking that the results are good */ -+#if defined(USE_OPENSSL) || defined(USE_GSKIT) || defined(USE_SCHANNEL) -+#include "vtls/hostcheck.h" -+struct testcase { -+ const char *host; -+ const char *pattern; -+ bool match; -+}; - --fail_unless(Curl_cert_hostcheck(STRCONST("www.example.com"), -- STRCONST("www.example.com")), "good 1"); --fail_unless(Curl_cert_hostcheck(STRCONST("*.example.com"), -- STRCONST("www.example.com")), -- "good 2"); --fail_unless(Curl_cert_hostcheck(STRCONST("xxx*.example.com"), -- STRCONST("xxxwww.example.com")), "good 3"); --fail_unless(Curl_cert_hostcheck(STRCONST("f*.example.com"), -- STRCONST("foo.example.com")), "good 4"); --fail_unless(Curl_cert_hostcheck(STRCONST("192.168.0.0"), -- STRCONST("192.168.0.0")), "good 5"); -+static struct testcase tests[] = { -+ {"", "", FALSE}, -+ {"a", "", FALSE}, -+ {"", "b", FALSE}, -+ {"a", "b", FALSE}, -+ {"aa", "bb", FALSE}, -+ {"\xff", "\xff", TRUE}, -+ {"aa.aa.aa", "aa.aa.bb", FALSE}, -+ {"aa.aa.aa", "aa.aa.aa", TRUE}, -+ {"aa.aa.aa", "*.aa.bb", FALSE}, -+ {"aa.aa.aa", "*.aa.aa", TRUE}, -+ {"192.168.0.1", "192.168.0.1", TRUE}, -+ {"192.168.0.1", "*.168.0.1", FALSE}, -+ {"192.168.0.1", "*.0.1", FALSE}, -+ {"h.ello", "*.ello", FALSE}, -+ {"h.ello.", "*.ello", FALSE}, -+ {"h.ello", "*.ello.", FALSE}, -+ {"h.e.llo", "*.e.llo", TRUE}, -+ {"h.e.llo", " *.e.llo", FALSE}, -+ {" h.e.llo", "*.e.llo", TRUE}, -+ {"h.e.llo.", "*.e.llo", TRUE}, -+ {"*.e.llo.", "*.e.llo", TRUE}, -+ {"************.e.llo.", "*.e.llo", TRUE}, -+ {"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" -+ "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB" -+ "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC" -+ "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD" -+ "EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE" -+ ".e.llo.", "*.e.llo", TRUE}, -+ {"\xfe\xfe.e.llo.", "*.e.llo", TRUE}, -+ {"h.e.llo.", "*.e.llo.", TRUE}, -+ {"h.e.llo", "*.e.llo.", TRUE}, -+ {".h.e.llo", "*.e.llo.", FALSE}, -+ {"h.e.llo", "*.*.llo.", FALSE}, -+ {"h.e.llo", "h.*.llo", FALSE}, -+ {"h.e.llo", "h.e.*", FALSE}, -+ {"hello", "*.ello", FALSE}, -+ {"hello", "**llo", FALSE}, -+ {"bar.foo.example.com", "*.example.com", FALSE}, -+ {"foo.example.com", "*.example.com", TRUE}, -+ {"baz.example.net", "b*z.example.net", FALSE}, -+ {"foobaz.example.net", "*baz.example.net", FALSE}, -+ {"xn--l8j.example.local", "x*.example.local", FALSE}, -+ {"xn--l8j.example.net", "*.example.net", TRUE}, -+ {"xn--l8j.example.net", "*j.example.net", FALSE}, -+ {"xn--l8j.example.net", "xn--l8j.example.net", TRUE}, -+ {"xn--l8j.example.net", "xn--l8j.*.net", FALSE}, -+ {"xl8j.example.net", "*.example.net", TRUE}, -+ {"fe80::3285:a9ff:fe46:b619", "*::3285:a9ff:fe46:b619", FALSE}, -+ {"fe80::3285:a9ff:fe46:b619", "fe80::3285:a9ff:fe46:b619", TRUE}, -+ {NULL, NULL, FALSE} -+}; - --fail_if(Curl_cert_hostcheck(STRCONST("xxx.example.com"), -- STRCONST("www.example.com")), "bad 1"); --fail_if(Curl_cert_hostcheck(STRCONST("*"), -- STRCONST("www.example.com")),"bad 2"); --fail_if(Curl_cert_hostcheck(STRCONST("*.*.com"), -- STRCONST("www.example.com")), "bad 3"); --fail_if(Curl_cert_hostcheck(STRCONST("*.example.com"), -- STRCONST("baa.foo.example.com")), "bad 4"); --fail_if(Curl_cert_hostcheck(STRCONST("f*.example.com"), -- STRCONST("baa.example.com")), "bad 5"); --fail_if(Curl_cert_hostcheck(STRCONST("*.com"), -- STRCONST("example.com")), "bad 6"); --fail_if(Curl_cert_hostcheck(STRCONST("*fail.com"), -- STRCONST("example.com")), "bad 7"); --fail_if(Curl_cert_hostcheck(STRCONST("*.example."), -- STRCONST("www.example.")), "bad 8"); --fail_if(Curl_cert_hostcheck(STRCONST("*.example."), -- STRCONST("www.example")), "bad 9"); --fail_if(Curl_cert_hostcheck(STRCONST(""), STRCONST("www")), "bad 10"); --fail_if(Curl_cert_hostcheck(STRCONST("*"), STRCONST("www")), "bad 11"); --fail_if(Curl_cert_hostcheck(STRCONST("*.168.0.0"), -- STRCONST("192.168.0.0")), "bad 12"); --fail_if(Curl_cert_hostcheck(STRCONST("www.example.com"), -- STRCONST("192.168.0.0")), "bad 13"); -- --#ifdef ENABLE_IPV6 --fail_if(Curl_cert_hostcheck(STRCONST("*::3285:a9ff:fe46:b619"), -- STRCONST("fe80::3285:a9ff:fe46:b619")), "bad 14"); --fail_unless(Curl_cert_hostcheck(STRCONST("fe80::3285:a9ff:fe46:b619"), -- STRCONST("fe80::3285:a9ff:fe46:b619")), -- "good 6"); --#endif -+UNITTEST_START -+{ -+ int i; -+ for(i = 0; tests[i].host; i++) { -+ if(tests[i].match != Curl_cert_hostcheck(tests[i].pattern, -+ strlen(tests[i].pattern), -+ tests[i].host, -+ strlen(tests[i].host))) { -+ fprintf(stderr, -+ "HOST: %s\n" -+ "PTRN: %s\n" -+ "did %sMATCH\n", -+ tests[i].host, -+ tests[i].pattern, -+ tests[i].match ? "NOT ": ""); -+ unitfail++; -+ } -+ } -+} - --#endif -+UNITTEST_STOP -+#else - -- /* you end the test code like this: */ -+UNITTEST_START - - UNITTEST_STOP -+#endif --- -2.33.0 - diff --git a/backport-CVE-2023-28322.patch b/backport-CVE-2023-28322.patch deleted file mode 100644 index 506b8d7..0000000 --- a/backport-CVE-2023-28322.patch +++ /dev/null @@ -1,434 +0,0 @@ -From 7815647d6582c0a4900be2e1de6c5e61272c496b Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Tue, 25 Apr 2023 08:28:01 +0200 -Subject: [PATCH] lib: unify the upload/method handling - -By making sure we set state.upload based on the set.method value and not -independently as set.upload, we reduce confusion and mixup risks, both -internally and externally. - -Closes #11017 ---- - lib/curl_rtmp.c | 4 ++-- - lib/file.c | 4 ++-- - lib/ftp.c | 8 ++++---- - lib/http.c | 4 ++-- - lib/imap.c | 6 +++--- - lib/rtsp.c | 4 ++-- - lib/setopt.c | 6 ++---- - lib/smb.c | 6 +++--- - lib/smtp.c | 4 ++-- - lib/tftp.c | 8 ++++---- - lib/transfer.c | 4 ++-- - lib/urldata.h | 2 +- - lib/vssh/libssh.c | 6 +++--- - lib/vssh/libssh2.c | 6 +++--- - lib/vssh/wolfssh.c | 2 +- - 15 files changed, 36 insertions(+), 38 deletions(-) - -diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c -index 2679a2c..406fb42 100644 ---- a/lib/curl_rtmp.c -+++ b/lib/curl_rtmp.c -@@ -231,7 +231,7 @@ static CURLcode rtmp_connect(struct Curl_easy *data, bool *done) - /* We have to know if it's a write before we send the - * connect request packet - */ -- if(data->set.upload) -+ if(data->state.upload) - r->Link.protocol |= RTMP_FEATURE_WRITE; - - /* For plain streams, use the buffer toggle trick to keep data flowing */ -@@ -263,7 +263,7 @@ static CURLcode rtmp_do(struct Curl_easy *data, bool *done) - if(!RTMP_ConnectStream(r, 0)) - return CURLE_FAILED_INIT; - -- if(data->set.upload) { -+ if(data->state.upload) { - Curl_pgrsSetUploadSize(data, data->state.infilesize); - Curl_setup_transfer(data, -1, -1, FALSE, FIRSTSOCKET); - } -diff --git a/lib/file.c b/lib/file.c -index 51c5d07..c751e88 100644 ---- a/lib/file.c -+++ b/lib/file.c -@@ -240,7 +240,7 @@ static CURLcode file_connect(struct Curl_easy *data, bool *done) - file->freepath = real_path; /* free this when done */ - - file->fd = fd; -- if(!data->set.upload && (fd == -1)) { -+ if(!data->state.upload && (fd == -1)) { - failf(data, "Couldn't open file %s", data->state.up.path); - file_done(data, CURLE_FILE_COULDNT_READ_FILE, FALSE); - return CURLE_FILE_COULDNT_READ_FILE; -@@ -422,7 +422,7 @@ static CURLcode file_do(struct Curl_easy *data, bool *done) - - Curl_pgrsStartNow(data); - -- if(data->set.upload) -+ if(data->state.upload) - return file_upload(data); - - file = data->req.p.file; -diff --git a/lib/ftp.c b/lib/ftp.c -index 601f603..6e8be09 100644 ---- a/lib/ftp.c -+++ b/lib/ftp.c -@@ -1344,7 +1344,7 @@ static CURLcode ftp_state_prepare_transfer(struct Curl_easy *data) - data->set.str[STRING_CUSTOMREQUEST]? - data->set.str[STRING_CUSTOMREQUEST]: - (data->state.list_only?"NLST":"LIST")); -- else if(data->set.upload) -+ else if(data->state.upload) - result = Curl_pp_sendf(data, &ftpc->pp, "PRET STOR %s", - conn->proto.ftpc.file); - else -@@ -3346,7 +3346,7 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status, - /* the response code from the transfer showed an error already so no - use checking further */ - ; -- else if(data->set.upload) { -+ else if(data->state.upload) { - if((-1 != data->state.infilesize) && - (data->state.infilesize != data->req.writebytecount) && - !data->set.crlf && -@@ -3602,7 +3602,7 @@ static CURLcode ftp_do_more(struct Curl_easy *data, int *completep) - connected back to us */ - } - } -- else if(data->set.upload) { -+ else if(data->state.upload) { - result = ftp_nb_type(data, conn, data->state.prefer_ascii, - FTP_STOR_TYPE); - if(result) -@@ -4191,7 +4191,7 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data) - ftpc->file = NULL; /* instead of point to a zero byte, - we make it a NULL pointer */ - -- if(data->set.upload && !ftpc->file && (ftp->transfer == PPTRANSFER_BODY)) { -+ if(data->state.upload && !ftpc->file && (ftp->transfer == PPTRANSFER_BODY)) { - /* We need a file name when uploading. Return error! */ - failf(data, "Uploading to a URL without a file name"); - free(rawPath); -diff --git a/lib/http.c b/lib/http.c -index cb585e7..b9a441e 100644 ---- a/lib/http.c -+++ b/lib/http.c -@@ -1962,7 +1962,7 @@ void Curl_http_method(struct Curl_easy *data, struct connectdata *conn, - Curl_HttpReq httpreq = (Curl_HttpReq)data->state.httpreq; - const char *request; - if((conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_FTP)) && -- data->set.upload) -+ data->state.upload) - httpreq = HTTPREQ_PUT; - - /* Now set the 'request' pointer to the proper request string */ -@@ -2279,7 +2279,7 @@ CURLcode Curl_http_body(struct Curl_easy *data, struct connectdata *conn, - if((conn->handler->protocol & PROTO_FAMILY_HTTP) && - (((httpreq == HTTPREQ_POST_MIME || httpreq == HTTPREQ_POST_FORM) && - http->postsize < 0) || -- ((data->set.upload || httpreq == HTTPREQ_POST) && -+ ((data->state.upload || httpreq == HTTPREQ_POST) && - data->state.infilesize == -1))) { - if(conn->bits.authneg) - /* don't enable chunked during auth neg */ -diff --git a/lib/imap.c b/lib/imap.c -index c2f675d..1952e66 100644 ---- a/lib/imap.c -+++ b/lib/imap.c -@@ -1511,11 +1511,11 @@ static CURLcode imap_done(struct Curl_easy *data, CURLcode status, - result = status; /* use the already set error code */ - } - else if(!data->set.connect_only && !imap->custom && -- (imap->uid || imap->mindex || data->set.upload || -+ (imap->uid || imap->mindex || data->state.upload || - data->set.mimepost.kind != MIMEKIND_NONE)) { - /* Handle responses after FETCH or APPEND transfer has finished */ - -- if(!data->set.upload && data->set.mimepost.kind == MIMEKIND_NONE) -+ if(!data->state.upload && data->set.mimepost.kind == MIMEKIND_NONE) - state(data, IMAP_FETCH_FINAL); - else { - /* End the APPEND command first by sending an empty line */ -@@ -1581,7 +1581,7 @@ static CURLcode imap_perform(struct Curl_easy *data, bool *connected, - selected = TRUE; - - /* Start the first command in the DO phase */ -- if(data->set.upload || data->set.mimepost.kind != MIMEKIND_NONE) -+ if(data->state.upload || data->set.mimepost.kind != MIMEKIND_NONE) - /* APPEND can be executed directly */ - result = imap_perform_append(data); - else if(imap->custom && (selected || !imap->mailbox)) -diff --git a/lib/rtsp.c b/lib/rtsp.c -index 9d27929..9639d93 100644 ---- a/lib/rtsp.c -+++ b/lib/rtsp.c -@@ -494,7 +494,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) - rtspreq == RTSPREQ_SET_PARAMETER || - rtspreq == RTSPREQ_GET_PARAMETER) { - -- if(data->set.upload) { -+ if(data->state.upload) { - putsize = data->state.infilesize; - data->state.httpreq = HTTPREQ_PUT; - -@@ -513,7 +513,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done) - result = - Curl_dyn_addf(&req_buffer, - "Content-Length: %" CURL_FORMAT_CURL_OFF_T"\r\n", -- (data->set.upload ? putsize : postsize)); -+ (data->state.upload ? putsize : postsize)); - if(result) - return result; - } -diff --git a/lib/setopt.c b/lib/setopt.c -index eae6a4c..d757220 100644 ---- a/lib/setopt.c -+++ b/lib/setopt.c -@@ -329,8 +329,8 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) - * We want to sent data to the remote host. If this is HTTP, that equals - * using the PUT request. - */ -- data->set.upload = (0 != va_arg(param, long)) ? TRUE : FALSE; -- if(data->set.upload) { -+ arg = va_arg(param, long); -+ if(arg) { - /* If this is HTTP, PUT is what's needed to "upload" */ - data->set.method = HTTPREQ_PUT; - data->set.opt_no_body = FALSE; /* this is implied */ -@@ -660,7 +660,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) - } - else - data->set.method = HTTPREQ_GET; -- data->set.upload = FALSE; - break; - - #ifndef CURL_DISABLE_MIME -@@ -884,7 +883,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) - */ - if(va_arg(param, long)) { - data->set.method = HTTPREQ_GET; -- data->set.upload = FALSE; /* switch off upload */ - data->set.opt_no_body = FALSE; /* this is implied */ - } - break; -diff --git a/lib/smb.c b/lib/smb.c -index dc0abe7..097874b 100644 ---- a/lib/smb.c -+++ b/lib/smb.c -@@ -531,7 +531,7 @@ static CURLcode smb_send_open(struct Curl_easy *data) - byte_count = strlen(req->path); - msg.name_length = smb_swap16((unsigned short)byte_count); - msg.share_access = smb_swap32(SMB_FILE_SHARE_ALL); -- if(data->set.upload) { -+ if(data->state.upload) { - msg.access = smb_swap32(SMB_GENERIC_READ | SMB_GENERIC_WRITE); - msg.create_disposition = smb_swap32(SMB_FILE_OVERWRITE_IF); - } -@@ -763,7 +763,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done) - void *msg = NULL; - const struct smb_nt_create_response *smb_m; - -- if(data->set.upload && (data->state.infilesize < 0)) { -+ if(data->state.upload && (data->state.infilesize < 0)) { - failf(data, "SMB upload needs to know the size up front"); - return CURLE_SEND_ERROR; - } -@@ -814,7 +814,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done) - smb_m = (const struct smb_nt_create_response*) msg; - req->fid = smb_swap16(smb_m->fid); - data->req.offset = 0; -- if(data->set.upload) { -+ if(data->state.upload) { - data->req.size = data->state.infilesize; - Curl_pgrsSetUploadSize(data, data->req.size); - next_state = SMB_UPLOAD; -diff --git a/lib/smtp.c b/lib/smtp.c -index 7a03030..c182cac 100644 ---- a/lib/smtp.c -+++ b/lib/smtp.c -@@ -1419,7 +1419,7 @@ static CURLcode smtp_done(struct Curl_easy *data, CURLcode status, - result = status; /* use the already set error code */ - } - else if(!data->set.connect_only && data->set.mail_rcpt && -- (data->set.upload || data->set.mimepost.kind)) { -+ (data->state.upload || data->set.mimepost.kind)) { - /* Calculate the EOB taking into account any terminating CRLF from the - previous line of the email or the CRLF of the DATA command when there - is "no mail data". RFC-5321, sect. 4.1.1.4. -@@ -1511,7 +1511,7 @@ static CURLcode smtp_perform(struct Curl_easy *data, bool *connected, - smtp->eob = 2; - - /* Start the first command in the DO phase */ -- if((data->set.upload || data->set.mimepost.kind) && data->set.mail_rcpt) -+ if((data->state.upload || data->set.mimepost.kind) && data->set.mail_rcpt) - /* MAIL transfer */ - result = smtp_perform_mail(data); - else -diff --git a/lib/tftp.c b/lib/tftp.c -index 164d3c7..8ed1b88 100644 ---- a/lib/tftp.c -+++ b/lib/tftp.c -@@ -370,7 +370,7 @@ static CURLcode tftp_parse_option_ack(struct tftp_state_data *state, - - /* tsize should be ignored on upload: Who cares about the size of the - remote file? */ -- if(!data->set.upload) { -+ if(!data->state.upload) { - if(!tsize) { - failf(data, "invalid tsize -:%s:- value in OACK packet", value); - return CURLE_TFTP_ILLEGAL; -@@ -451,7 +451,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state, - return result; - } - -- if(data->set.upload) { -+ if(data->state.upload) { - /* If we are uploading, send an WRQ */ - setpacketevent(&state->spacket, TFTP_EVENT_WRQ); - state->data->req.upload_fromhere = -@@ -486,7 +486,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state, - if(!data->set.tftp_no_options) { - char buf[64]; - /* add tsize option */ -- if(data->set.upload && (data->state.infilesize != -1)) -+ if(data->state.upload && (data->state.infilesize != -1)) - msnprintf(buf, sizeof(buf), "%" CURL_FORMAT_CURL_OFF_T, - data->state.infilesize); - else -@@ -540,7 +540,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state, - break; - - case TFTP_EVENT_OACK: -- if(data->set.upload) { -+ if(data->state.upload) { - result = tftp_connect_for_tx(state, event); - } - else { -diff --git a/lib/transfer.c b/lib/transfer.c -index 69df214..6da96a0 100644 ---- a/lib/transfer.c -+++ b/lib/transfer.c -@@ -1287,6 +1287,7 @@ void Curl_init_CONNECT(struct Curl_easy *data) - { - data->state.fread_func = data->set.fread_func_set; - data->state.in = data->set.in_set; -+ data->state.upload = (data->state.httpreq == HTTPREQ_PUT); - } - - /* -@@ -1715,7 +1716,6 @@ CURLcode Curl_follow(struct Curl_easy *data, - data->state.httpreq != HTTPREQ_POST_MIME) || - !(data->set.keep_post & CURL_REDIR_POST_303))) { - data->state.httpreq = HTTPREQ_GET; -- data->set.upload = false; - infof(data, "Switch to %s", - data->req.no_body?"HEAD":"GET"); - } -@@ -1753,7 +1753,7 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url) - - /* if we're talking upload, we can't do the checks below, unless the protocol - is HTTP as when uploading over HTTP we will still get a response */ -- if(data->set.upload && -+ if(data->state.upload && - !(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP))) - return CURLE_OK; - -diff --git a/lib/urldata.h b/lib/urldata.h -index 6a63947..069ffb2 100644 ---- a/lib/urldata.h -+++ b/lib/urldata.h -@@ -1442,6 +1442,7 @@ struct UrlState { - BIT(rewindbeforesend);/* TRUE when the sending couldn't be stopped even - though it will be discarded. We must call the data - rewind callback before trying to send again. */ -+ BIT(upload); /* upload request */ - }; - - /* -@@ -1817,7 +1818,6 @@ struct UserDefined { - BIT(http_auto_referer); /* set "correct" referer when following - location: */ - BIT(opt_no_body); /* as set with CURLOPT_NOBODY */ -- BIT(upload); /* upload request */ - BIT(verbose); /* output verbosity */ - BIT(krb); /* Kerberos connection requested */ - BIT(reuse_forbid); /* forbidden to be reused, close after use */ -diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c -index 1115318..19804c2 100644 ---- a/lib/vssh/libssh.c -+++ b/lib/vssh/libssh.c -@@ -1210,7 +1210,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block) - } - - case SSH_SFTP_TRANS_INIT: -- if(data->set.upload) -+ if(data->state.upload) - state(data, SSH_SFTP_UPLOAD_INIT); - else { - if(protop->path[strlen(protop->path)-1] == '/') -@@ -1823,7 +1823,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block) - /* Functions from the SCP subsystem cannot handle/return SSH_AGAIN */ - ssh_set_blocking(sshc->ssh_session, 1); - -- if(data->set.upload) { -+ if(data->state.upload) { - if(data->state.infilesize < 0) { - failf(data, "SCP requires a known file size for upload"); - sshc->actualcode = CURLE_UPLOAD_FAILED; -@@ -1928,7 +1928,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block) - break; - } - case SSH_SCP_DONE: -- if(data->set.upload) -+ if(data->state.upload) - state(data, SSH_SCP_SEND_EOF); - else - state(data, SSH_SCP_CHANNEL_FREE); -diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c -index 4703eb5..48ff4de 100644 ---- a/lib/vssh/libssh2.c -+++ b/lib/vssh/libssh2.c -@@ -2014,7 +2014,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) - } - - case SSH_SFTP_TRANS_INIT: -- if(data->set.upload) -+ if(data->state.upload) - state(data, SSH_SFTP_UPLOAD_INIT); - else { - if(sshp->path[strlen(sshp->path)-1] == '/') -@@ -2687,7 +2687,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) - break; - } - -- if(data->set.upload) { -+ if(data->state.upload) { - if(data->state.infilesize < 0) { - failf(data, "SCP requires a known file size for upload"); - sshc->actualcode = CURLE_UPLOAD_FAILED; -@@ -2827,7 +2827,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) - break; - - case SSH_SCP_DONE: -- if(data->set.upload) -+ if(data->state.upload) - state(data, SSH_SCP_SEND_EOF); - else - state(data, SSH_SCP_CHANNEL_FREE); -diff --git a/lib/vssh/wolfssh.c b/lib/vssh/wolfssh.c -index 17d59ec..2ca91b7 100644 ---- a/lib/vssh/wolfssh.c -+++ b/lib/vssh/wolfssh.c -@@ -557,7 +557,7 @@ static CURLcode wssh_statemach_act(struct Curl_easy *data, bool *block) - } - break; - case SSH_SFTP_TRANS_INIT: -- if(data->set.upload) -+ if(data->state.upload) - state(data, SSH_SFTP_UPLOAD_INIT); - else { - if(sftp_scp->path[strlen(sftp_scp->path)-1] == '/') --- -2.33.0 - diff --git a/backport-curl-7.84.0-test3026.patch b/backport-curl-7.84.0-test3026.patch index a830587..1098583 100644 --- a/backport-curl-7.84.0-test3026.patch +++ b/backport-curl-7.84.0-test3026.patch @@ -2,7 +2,7 @@ From 279b990727a1fd3e2828fbbd80581777e4200b67 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Mon, 27 Jun 2022 16:50:57 +0200 Subject: [PATCH] test3026: disable valgrind - + It fails on x86_64 with: ``` Use --max-threads=INT to specify a larger number of threads @@ -33,13 +33,11 @@ It fails on x86_64 with: valgrind stack range: [0x1002BAA000 0x1002CA9FFF] top usage: 11728 of 1048576 [...] ``` -Conflict: NA -Reference: https://src.fedoraproject.org/rpms/curl/blob/rawhide/f/0102-curl-7.84.0-test3026.patch --- tests/data/test3026 | 3 +++ tests/libtest/lib3026.c | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) - + diff --git a/tests/data/test3026 b/tests/data/test3026 index fb80cc8..01f2ba5 100644 --- a/tests/data/test3026 @@ -57,7 +55,7 @@ diff --git a/tests/libtest/lib3026.c b/tests/libtest/lib3026.c index 43fe335..70cd7a4 100644 --- a/tests/libtest/lib3026.c +++ b/tests/libtest/lib3026.c -@@ -139,8 +139,8 @@ int test(char *URL) +@@ -147,8 +147,8 @@ int test(char *URL) results[i] = CURL_LAST; /* initialize with invalid value */ res = pthread_create(&tids[i], NULL, run_thread, &results[i]); if(res) { @@ -70,3 +68,4 @@ index 43fe335..70cd7a4 100644 goto cleanup; -- 2.37.1 + diff --git a/backport-curl-7.87.0-test3012.patch b/backport-curl-7.87.0-test3012.patch deleted file mode 100644 index 94573ce..0000000 --- a/backport-curl-7.87.0-test3012.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 0d0a256c8e7f6261d49e1bdd583c04c0e5dfe706 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Wed, 11 Jan 2023 08:53:05 +0100 -Subject: [PATCH] test3012: disable valgrind - -valgrind reports a call to memcpy() with overlapping blocks by mistake: -``` -test 3012...[--output-dir with -J] -../libtool --mode=execute /usr/bin/valgrind --tool=memcheck --quiet --leak-check=yes --suppressions=../../tests/valgrind.supp --num-callers=16 --log-file=log/valgrind3012 ../src/curl --trace-ascii log/trace3012 --trace-time http://127.0.0.1:35981/this/is/the/3012 -OJ --output-dir /root/rpmbuild/BUILD/curl-7.86.0/build-minimal/tests/log >log/stdout3012 2>log/stderr3012 -CMD (0): ../libtool --mode=execute /usr/bin/valgrind --tool=memcheck --quiet --leak-check=yes --suppressions=../../tests/valgrind.supp --num-callers=16 --log-file=log/valgrind3012 ../src/curl --trace-ascii log/trace3012 --trace-time http://127.0.0.1:35981/this/is/the/3012 -OJ --output-dir /root/rpmbuild/BUILD/curl-7.86.0/build-minimal/tests/log >log/stdout3012 2>log/stderr3012 - valgrind ERROR ==496584== Source and destination overlap in memcpy_chk(0x54ad1a0, 0x54ad1a1, 11) -==496584== at 0x484C332: __memcpy_chk (vg_replace_strmem.c:1741) -==496584== by 0x118FDB: UnknownInlinedFun (string_fortified.h:36) -==496584== by 0x118FDB: UnknownInlinedFun (tool_cb_hdr.c:301) -==496584== by 0x118FDB: tool_header_cb (tool_cb_hdr.c:173) -==496584== by 0x489907B: chop_write.lto_priv.0 (sendf.c:620) -==496584== by 0x489CDD1: UnknownInlinedFun (http.c:4449) -==496584== by 0x489CDD1: UnknownInlinedFun (transfer.c:633) -==496584== by 0x489CDD1: Curl_readwrite (transfer.c:1219) -==496584== by 0x488C116: multi_runsingle (multi.c:2404) -==496584== by 0x488F491: curl_multi_perform (multi.c:2682) -==496584== by 0x486A9DA: UnknownInlinedFun (easy.c:663) -==496584== by 0x486A9DA: UnknownInlinedFun (easy.c:753) -==496584== by 0x486A9DA: curl_easy_perform (easy.c:772) -==496584== by 0x114B28: UnknownInlinedFun (tool_operate.c:2406) -==496584== by 0x114B28: UnknownInlinedFun (tool_operate.c:2594) -==496584== by 0x114B28: UnknownInlinedFun (tool_operate.c:2706) -==496584== by 0x114B28: main (tool_main.c:284) -``` - -Bug: https://bugzilla.redhat.com/2143040 ---- - tests/data/test3012 | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/tests/data/test3012 b/tests/data/test3012 -index 1889c93..ea43a49 100644 ---- a/tests/data/test3012 -+++ b/tests/data/test3012 -@@ -56,5 +56,9 @@ Accept: */* - - -foo- - -+ -+ -+disable -+ - - --- -2.39.0 \ No newline at end of file diff --git a/backport-curl-7.88.0-tests-warnings.patch b/backport-curl-7.88.0-tests-warnings.patch index 227d739..04b2ba2 100644 --- a/backport-curl-7.88.0-tests-warnings.patch +++ b/backport-curl-7.88.0-tests-warnings.patch @@ -2,28 +2,29 @@ From d506d885aa16b4a87acbac082eea41dccdc7b69f Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Wed, 15 Feb 2023 10:42:38 +0100 Subject: [PATCH] Revert "runtests: consider warnings fatal and error on them" - + While it might be useful for upstream developers, it is not so useful for downstream consumers. - + This reverts upstream commit 22f795c834cfdbacbb1b55426028a581e3cf67a8. --- tests/runtests.pl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) - + diff --git a/tests/runtests.pl b/tests/runtests.pl index 71644ad18..0cf85c3fe 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl -@@ -75,8 +75,7 @@ BEGIN { - } +@@ -55,8 +55,7 @@ + # given, this won't be a problem. use strict; -# Promote all warnings to fatal -use warnings FATAL => 'all'; +use warnings; - use Cwd; - use Digest::MD5 qw(md5); - use MIME::Base64; + use 5.006; + + # These should be the only variables that might be needed to get edited: -- -2.39.1 \ No newline at end of file +2.39.1 + diff --git a/curl-7.88.1.tar.xz b/curl-7.88.1.tar.xz deleted file mode 100644 index fe94b69..0000000 Binary files a/curl-7.88.1.tar.xz and /dev/null differ diff --git a/curl-8.1.2.tar.xz b/curl-8.1.2.tar.xz new file mode 100644 index 0000000..df364de Binary files /dev/null and b/curl-8.1.2.tar.xz differ diff --git a/curl.spec b/curl.spec index 6f2b687..d22d3d0 100644 --- a/curl.spec +++ b/curl.spec @@ -5,27 +5,16 @@ %global _configure ../configure Name: curl -Version: 7.88.1 -Release: 4 +Version: 8.1.2 +Release: 1 Summary: Curl is used in command lines or scripts to transfer data -License: MIT -URL: https://curl.haxx.se/ -Source: https://curl.haxx.se/download/curl-%{version}.tar.xz +License: curl +URL: https://curl.se/ +Source: https://curl.se/download/curl-%{version}.tar.xz Patch1: backport-0101-curl-7.32.0-multilib.patch Patch2: backport-curl-7.84.0-test3026.patch -Patch3: backport-curl-7.87.0-test3012.patch Patch4: backport-curl-7.88.0-tests-warnings.patch -Patch5: backport-CVE-2023-27533.patch -Patch6: backport-CVE-2023-27534.patch -Patch7: backport-CVE-2023-27538.patch -Patch8: backport-CVE-2023-27535.patch -Patch9: backport-CVE-2023-27536.patch -Patch10: backport-CVE-2023-27537.patch -Patch11: backport-0001-CVE-2023-28320.patch -Patch12: backport-0002-CVE-2023-28320.patch -Patch13: backport-CVE-2023-28321.patch -Patch14: backport-CVE-2023-28322.patch BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel BuildRequires: libidn2-devel libnghttp2-devel libpsl-devel @@ -72,7 +61,7 @@ Header files for libcurl. %prep %autosetup -n %{name}-%{version} -p1 -printf "1112\n1455\n1184\n1801\n1592\n3000\n3001\n" >> tests/data/DISABLED +echo "1801" >> tests/data/DISABLED # adapt test 323 for updated OpenSSL sed -e 's/^35$/35,52/' -i tests/data/test323 @@ -210,6 +199,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la %{_mandir}/man3/* %changelog +* Sat Jul 15 2023 gaihuiying - 8.1.2-1 +- Type:requirement +- CVE:NA +- SUG:NA +- DESC:update to curl 8.1.2 + * Sat Jun 10 2023 zhouyihang - 7.88.1-4 - Type:bugfix - CVE:NA