rpms/curl/devel curl-7.19.7-modelfree.patch, NONE, 1.1 curl-7.19.7-ssl-retry.patch, 1.1, 1.2 curl.spec, 1.124, 1.125
Kamil Dudka
kdudka at fedoraproject.org
Thu Nov 12 12:00:35 UTC 2009
Author: kdudka
Update of /cvs/extras/rpms/curl/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv27000
Modified Files:
curl-7.19.7-ssl-retry.patch curl.spec
Added Files:
curl-7.19.7-modelfree.patch
Log Message:
- fix crash on doubly closed NSPR descriptor, patch contributed
by Kevin Baughman (#534176)
- new version of patch for broken TLS servers (#525496, #527771)
curl-7.19.7-modelfree.patch:
nss.c | 1 +
1 file changed, 1 insertion(+)
--- NEW FILE curl-7.19.7-modelfree.patch ---
diff --git a/lib/nss.c b/lib/nss.c
index f5c69e6..d1a9d1a 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -1265,6 +1265,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
if(!connssl->handle)
goto error;
PR_Close(model); /* We don't need this any more */
+ model = NULL;
/* This is the password associated with the cert that we're using */
if (data->set.str[STRING_KEY_PASSWD]) {
curl-7.19.7-ssl-retry.patch:
nss.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++++-
transfer.c | 5 +++--
urldata.h | 3 +++
3 files changed, 55 insertions(+), 3 deletions(-)
Index: curl-7.19.7-ssl-retry.patch
===================================================================
RCS file: /cvs/extras/rpms/curl/devel/curl-7.19.7-ssl-retry.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- curl-7.19.7-ssl-retry.patch 4 Nov 2009 14:05:38 -0000 1.1
+++ curl-7.19.7-ssl-retry.patch 12 Nov 2009 12:00:33 -0000 1.2
@@ -1,5 +1,5 @@
diff --git a/lib/nss.c b/lib/nss.c
-index 6e8d242..93dfe16 100644
+index 6e8d242..f5c69e6 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -844,6 +844,36 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock,
@@ -52,13 +52,8 @@ index 6e8d242..93dfe16 100644
break;
case CURL_SSLVERSION_TLSv1:
tlsv1 = PR_TRUE;
-@@ -1101,9 +1135,13 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
- if(SSL_OptionSet(model, SSL_ENABLE_TLS, tlsv1) != SECSuccess)
- goto error;
-
-- if(SSL_OptionSet(model, SSL_V2_COMPATIBLE_HELLO, ssl2) != SECSuccess)
-+ if(SSL_OptionSet(model, SSL_V2_COMPATIBLE_HELLO, ssl2
-+ || data->state.ssl_connect_retry) != SECSuccess)
+@@ -1104,6 +1138,9 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+ if(SSL_OptionSet(model, SSL_V2_COMPATIBLE_HELLO, ssl2) != SECSuccess)
goto error;
+ /* reset the flag to avoid an infinite loop */
@@ -67,7 +62,7 @@ index 6e8d242..93dfe16 100644
/* enable all ciphers from enable_ciphers_by_default */
cipher_to_enable = enable_ciphers_by_default;
while (SSL_NULL_WITH_NULL_NULL != *cipher_to_enable) {
-@@ -1280,10 +1318,21 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
+@@ -1280,10 +1317,21 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
return CURLE_OK;
error:
Index: curl.spec
===================================================================
RCS file: /cvs/extras/rpms/curl/devel/curl.spec,v
retrieving revision 1.124
retrieving revision 1.125
diff -u -p -r1.124 -r1.125
--- curl.spec 4 Nov 2009 14:12:48 -0000 1.124
+++ curl.spec 12 Nov 2009 12:00:33 -0000 1.125
@@ -1,13 +1,14 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.19.7
-Release: 2%{?dist}
+Release: 3%{?dist}
License: MIT
Group: Applications/Internet
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
Source2: curlbuild.h
Patch1: curl-7.19.7-nss-nonblock.patch
Patch2: curl-7.19.7-ssl-retry.patch
+Patch3: curl-7.19.7-modelfree.patch
Patch101: curl-7.15.3-multilib.patch
Patch102: curl-7.16.0-privlibs.patch
Patch103: curl-7.19.4-debug.patch
@@ -69,9 +70,10 @@ use cURL's capabilities internally.
%prep
%setup -q
-# upstream patches (not yet applied)
+# upstream patches (already applied)
%patch1 -p1
%patch2 -p1
+%patch3 -p1
# Fedora patches
%patch101 -p1
@@ -102,7 +104,7 @@ make %{?_smp_mflags}
%check
export LD_LIBRARY_PATH=$RPM_BUILD_ROOT%{_libdir}
make %{?_smp_mflags} -C tests
-cd tests && ./runtests.pl -k -p -v
+cd tests && ./runtests.pl -a -k -p -v
%install
rm -rf $RPM_BUILD_ROOT
@@ -160,6 +162,12 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/aclocal/libcurl.m4
%changelog
+* Thu Nov 12 2009 Kamil Dudka <kdudka at redhat.com> 7.19.7-3
+- fix crash on doubly closed NSPR descriptor, patch contributed
+ by Kevin Baughman (#534176)
+- new version of patch for broken TLS servers (#525496, #527771)
+
+
* Wed Nov 04 2009 Kamil Dudka <kdudka at redhat.com> 7.19.7-2
- increased release number (CVS problem)
More information about the fedora-extras-commits
mailing list