257 lines
8.5 KiB
RPMSpec
257 lines
8.5 KiB
RPMSpec
#Global macro or variable
|
|
%global libpsl_version %(pkg-config --modversion libpsl 2>/dev/null || echo 0)
|
|
%global libssh_version %(pkg-config --modversion libssh 2>/dev/null || echo 0)
|
|
%global openssl_version %(pkg-config --modversion openssl 2>/dev/null || echo 0)
|
|
%global _configure ../configure
|
|
|
|
#Basic Information
|
|
Name: curl
|
|
Version: 7.61.1
|
|
Release: 4
|
|
Summary: curl is used in command lines or scripts to transfer data
|
|
License: MIT
|
|
URL: https://curl.haxx.se/
|
|
Source: https://curl.haxx.se/download/curl-%{version}.tar.xz
|
|
|
|
Patch1: 0001-curl-7.61.1-test320-gnutls.patch
|
|
Patch101: 0101-curl-7.32.0-multilib.patch
|
|
Patch102: 0102-curl-7.36.0-debug.patch
|
|
Patch103: 0103-curl-7.59.0-python3.patch
|
|
Patch104: 0104-curl-7.19.7-localhost6.patch
|
|
|
|
Patch6000: fix-leak-when-writing-cookies-to-file.patch
|
|
Patch6001: fix-gcc8-warning.patch
|
|
Patch6002: fix-gcc8-warning-on-Windows.patch
|
|
Patch6003: fix-compiler-warning-on-64-bit-Windows.patch
|
|
Patch6004: urlglob-improve-error-message.patch
|
|
Patch6005: krb5-fix-memory-leak-in-krb_auth.patch
|
|
Patch6006: secure-Openwall-URLs.patch
|
|
Patch6007: http2-fix-memory-leaks-on-error-path.patch
|
|
Patch6008: memory-add-missing-curl_printf-header.patch
|
|
Patch6009: examples-Fix-memory-leaks-from-realloc-errors.patch
|
|
Patch6010: darwinssl-Fix-realloc-memleak.patch
|
|
Patch6011: nss-try-to-connect-even-if-libnssckbi.so-fails-to-lo.patch
|
|
Patch6012: Curl_saferealloc-Fixed-typo-in-docblock.patch
|
|
Patch6013: Curl_dedotdotify-always-nul-terminate-returned-strin.patch
|
|
Patch6014: Curl_retry_request-fix-memory-leak.patch
|
|
Patch6015: http-fix-memleak-in-rewind-error-path.patch
|
|
Patch6016: Curl_http2_done-fix-memleak-in-error-path.patch
|
|
Patch6017: multi-fix-location-URL-memleak-in-error-path.patch
|
|
Patch6018: multi-fix-memory-leak-in-content-encoding-related-er.patch
|
|
Patch6019: memory-ensure-to-check-allocation-results.patch
|
|
Patch6020: hostip-fix-check-on-Curl_shuffle_addr-return-value.patch
|
|
Patch6021: nonblock-fix-unused-parameter-warning.patch
|
|
Patch6022: tool_cb_hdr-handle-failure-of-rename.patch
|
|
Patch6023: multi-avoid-double-free.patch
|
|
Patch6024: netrc-free-temporary-strings-if-memory-allocation-fa.patch
|
|
Patch6025: ssh-free-the-session-on-init-failures.patch
|
|
Patch6026: multi-Fix-error-handling-in-the-SENDPROTOCONNECT-sta.patch
|
|
Patch6027: CVE-2018-16840-Curl_close-clear-data-multi_easy-on-free-to-avoid-us.patch
|
|
Patch6028: CVE-2018-16839-Curl_auth_create_plain_message-fix-too-large-input-c.patch
|
|
Patch6029: CVE-2018-16842-voutf-fix-bad-arethmetic-when-outputting-warnings-to.patch
|
|
Patch6030: curl_multibyte-fix-a-malloc-overcalculation.patch
|
|
Patch6031: curl_easy_perform-fix-timeout-handling.patch
|
|
Patch6032: configure-include-all-libraries-in-ssl-libs-fetch.patch
|
|
Patch6033: curl-fix-memory-leak-reading-writeout-from-file.patch
|
|
Patch6034: OS400-handle-memory-error-in-list-conversion.patch
|
|
Patch6035: smb-fix-incorrect-path-in-request-if-connection-reus.patch
|
|
Patch6036: wolfssl-Perform-cleanup.patch
|
|
Patch6037: libssh-free-sftp_canonicalize_path-data-correctly.patch
|
|
Patch6038: openvms-fix-OpenSSL-discovery-on-VAX.patch
|
|
Patch6039: timediff-fix-math-for-unsigned-time_t.patch
|
|
Patch6040: tool_cb_prg-avoid-integer-overflow.patch
|
|
Patch6041: openssl-fix-the-SSL_get_tlsext_status_ocsp_resp-call.patch
|
|
Patch6042: ssh-log-the-libssh2-error-message-when-ssh-session-s.patch
|
|
Patch6043: schannel-on-connection-close-there-might-not-be-a-tr.patch
|
|
Patch6044: CVE-2018-16890-NTLM-fix-size-check-condition-for-type2-received-dat.patch
|
|
Patch6045: CVE-2019-3822-ntlm-fix-_type3_message-size-check-to-avoid-buffer-o.patch
|
|
Patch6046: CVE-2019-3823-smtp-avoid-risk-of-buffer-overflow-in-strtol.patch
|
|
Patch6047: zsh.pl-escape-character.patch
|
|
Patch6048: examples-postinmemory-Potential-leak-of-memory-point.patch
|
|
Patch6049: mbedtls-release-sessionid-resources-on-error.patch
|
|
Patch6050: CVE-2019-5436.patch
|
|
Patch6051: CVE-2019-5481.patch
|
|
Patch6052: CVE-2019-5482.patch
|
|
Patch9000: 0001-fix-double-free-when-multi-perform.patch
|
|
|
|
Provides: curl-full = %{version}-%{release} libcurl-full = %{version}-%{release}
|
|
Provides: webclient libcurl = %{version}-%{release}
|
|
Obsoletes: libcurl
|
|
|
|
BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel libidn2-devel libmetalink-devel
|
|
BuildRequires: libnghttp2-devel libpsl-devel libssh-devel make openldap-devel openssh-clients
|
|
BuildRequires: openssh-server openssl-devel pkgconfig python3-devel sed stunnel zlib-devel
|
|
BuildRequires: gnutls-utils nghttp2 perl(Cwd) perl(Digest::MD5) perl(Exporter) perl(File::Basename)
|
|
BuildRequires: perl(File::Copy) perl(File::Spec) perl(IPC::Open2) perl(MIME::Base64) perl(strict)
|
|
BuildRequires: perl(Time::Local) perl(Time::HiRes) perl(warnings) perl(vars)
|
|
|
|
%ifarch x86_64
|
|
BuildRequires: valgrind
|
|
%endif
|
|
|
|
Requires: libpsl >= %{libpsl_version}
|
|
Requires: libssh >= %{libssh_version} openssl-libs >= 1:%{openssl_version}
|
|
|
|
%description
|
|
cURL is a computer software project providing a library (libcurl) and
|
|
command-line tool (curl) for transferring data using various protocols.
|
|
|
|
%package devel
|
|
Summary: Files needed for building applications with libcurl
|
|
Requires: curl = %{version}-%{release}
|
|
Provides: curl-devel = %{version}-%{release}
|
|
Provides: libcurl-devel = %{version}-%{release}
|
|
Obsoletes: curl-devel < %{version}-%{release} libcurl-devel
|
|
|
|
%description devel
|
|
The curl-devel package includes header files and libraries necessary for developing programs.
|
|
|
|
|
|
%package help
|
|
Summary: Documents for autogen
|
|
Buildarch: noarch
|
|
|
|
%description help
|
|
Man pages and other related documents.
|
|
|
|
%prep
|
|
%autosetup -n %{name}-%{version} -p1
|
|
|
|
# make tests/*.py use Python 3
|
|
sed -e '1 s|^#!/.*python|#!%{__python3}|' -i tests/*.py
|
|
|
|
# regenerate Makefile.in files
|
|
aclocal -I m4
|
|
automake
|
|
|
|
printf "1112\n1455\n1801\n1900\n" >> tests/data/DISABLED
|
|
|
|
# adapt test 323 for updated OpenSSL
|
|
sed -e 's/^35$/35,52/' -i tests/data/test323
|
|
|
|
%build
|
|
install -d build-{full,minimal}
|
|
export common_configure_opts=" \
|
|
--cache-file=../config.cache \
|
|
--disable-static \
|
|
--enable-symbol-hiding \
|
|
--enable-ipv6 \
|
|
--enable-threaded-resolver \
|
|
--with-gssapi \
|
|
--with-nghttp2 \
|
|
--with-ssl --with-ca-bundle=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt"
|
|
|
|
# configure minimal build
|
|
(
|
|
cd build-minimal
|
|
%configure $common_configure_opts \
|
|
--disable-ldap \
|
|
--disable-ldaps \
|
|
--disable-manual \
|
|
--without-brotli \
|
|
--without-libidn2 \
|
|
--without-libmetalink \
|
|
--without-libpsl \
|
|
--without-libssh
|
|
)
|
|
|
|
# configure full build
|
|
(
|
|
cd build-full
|
|
%configure $common_configure_opts \
|
|
--enable-ldap \
|
|
--enable-ldaps \
|
|
--enable-manual \
|
|
--with-brotli \
|
|
--with-libidn2 \
|
|
--with-libmetalink \
|
|
--with-libpsl \
|
|
--with-libssh
|
|
)
|
|
|
|
sed -e 's/^runpath_var=.*/runpath_var=/' \
|
|
-e 's/^hardcode_libdir_flag_spec=".*"$/hardcode_libdir_flag_spec=""/' \
|
|
-i build-{full,minimal}/libtool
|
|
|
|
%make_build V=1 -C build-minimal
|
|
%make_build V=1 -C build-full
|
|
|
|
%check
|
|
|
|
%install
|
|
# curl-minimal files install
|
|
%make_install -C build-minimal
|
|
for i in ${RPM_BUILD_ROOT}%{_libdir}/*; do
|
|
mv -v $i $i.minimal
|
|
done
|
|
mv -v ${RPM_BUILD_ROOT}%{_bindir}/curl{,.minimal}
|
|
|
|
# install libcurl.m4 for devel
|
|
install -D -m 644 docs/libcurl/libcurl.m4 $RPM_BUILD_ROOT%{_datadir}/aclocal/libcurl.m4
|
|
|
|
# curl file install
|
|
cd build-full
|
|
%make_install
|
|
|
|
# install zsh completion for curl
|
|
LD_LIBRARY_PATH="$RPM_BUILD_ROOT%{_libdir}:$LD_LIBRARY_PATH" %make_install -C scripts
|
|
|
|
%pre
|
|
|
|
%preun
|
|
|
|
%post
|
|
/sbin/ldconfig
|
|
|
|
|
|
%postun
|
|
/sbin/ldconfig
|
|
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%license COPYING
|
|
|
|
%{_bindir}/curl
|
|
%{_datadir}/zsh/site-functions
|
|
%{_libdir}/libcurl.so.4
|
|
%{_libdir}/libcurl.so.4.[0-9].[0-9]
|
|
%exclude %{_libdir}/libcurl.la
|
|
|
|
%exclude %{_bindir}/curl.minimal
|
|
%exclude %{_libdir}/libcurl.so.4.minimal
|
|
%exclude %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
|
%exclude %{_libdir}/pkgconfig.minimal
|
|
%exclude %{_libdir}/libcurl.la.minimal
|
|
%exclude %{_libdir}/libcurl.so.minimal
|
|
|
|
|
|
%files devel
|
|
%doc docs/examples/*.c docs/examples/Makefile.example docs/INTERNALS.md
|
|
%doc docs/CONTRIBUTE.md docs/libcurl/ABI
|
|
%{_bindir}/curl-config*
|
|
%{_includedir}/curl
|
|
%{_libdir}/*.so
|
|
%{_libdir}/pkgconfig/*.pc
|
|
%{_datadir}/aclocal/libcurl.m4
|
|
|
|
%files help
|
|
%{_mandir}/man1/curl.1*
|
|
%{_mandir}/man1/curl-config.1*
|
|
%{_mandir}/man3/*
|
|
|
|
%doc CHANGES README*
|
|
%doc docs/BUGS docs/FAQ docs/FEATURES
|
|
%doc docs/MANUAL docs/RESOURCES
|
|
%doc docs/TheArtOfHttpScripting docs/TODO
|
|
|
|
%changelog
|
|
* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 7.61.1-4
|
|
- Type:cves
|
|
- ID:CVE-2019-5481 CVE-2019-5482
|
|
- SUG:NA
|
|
- DESC:fix CVE-2019-5481 CVE-2019-5482
|
|
|
|
* Wed Sep 18 2019 guanyanjie <guanyanjie@huawei.com> - 7.61.1-3
|
|
- Init for openEuler
|