cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SECURITY update to 7.53.1:

Browse Source 
CVE-2017-2629: make SSL_VERIFYSTATUS work again
Also numerous other bug fixes.
This commit is contained in:
naddy 2017-02-24 21:08:28 +00:00
parent 064d617c83
commit 88f6e1ca3c
5 changed files with 8 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
net/curl/Makefile
View File

@ -1,11 +1,10 @@
# $OpenBSD: Makefile,v 1.123 2017/01/05 20:46:00 naddy Exp $
# $OpenBSD: Makefile,v 1.124 2017/02/24 21:08:28 naddy Exp $
COMMENT= get files from FTP, Gopher, HTTP or HTTPS servers
VERSION= 7.52.1
VERSION= 7.53.1
DISTNAME= curl-${VERSION}
REVISION= 0
SHARED_LIBS= curl 25.8 # 8.0
SHARED_LIBS= curl 25.9 # 8.0
CATEGORIES= net
HOMEPAGE= https://curl.haxx.se/
@ -24,7 +23,7 @@ WANTLIB= c crypto nghttp2 ssl z
SEPARATE_BUILD= Yes
CONFIGURE_STYLE=gnu
CONFIGURE_ARGS= --with-ca-bundle=/etc/ssl/cert.pem \
--without-libidn \
--without-libidn2 \
--without-libpsl \
--without-libssh2
CONFIGURE_ENV= ac_cv_path_NROFF="/usr/bin/mandoc -Tascii"

4
net/curl/distinfo
View File

@ -1,2 +1,2 @@
SHA256 (curl-7.52.1.tar.lzma) = RChtS4JZNuJDD8RK1zDOiZr7c2pdMoy7i11CRi8/I2U=
SIZE (curl-7.52.1.tar.lzma) = 2068290
SHA256 (curl-7.53.1.tar.lzma) = SxJP9ZhPK1N3kKj1Db89RNqJ5X0FBbpWcShTWiQm9eI=
SIZE (curl-7.53.1.tar.lzma) = 2076935

24
net/curl/patches/patch-lib_vtls_vtls_c
View File

@ -1,24 +0,0 @@
$OpenBSD: patch-lib_vtls_vtls_c,v 1.2 2017/01/05 20:46:00 naddy Exp $
https://github.com/curl/curl/commit/a7b38c9dc98481e4a5fc37e51a8690337c674dfb
--- lib/vtls/vtls.c.orig Mon Dec 19 08:27:56 2016
+++ lib/vtls/vtls.c Thu Jan 5 21:31:38 2017
@@ -484,7 +484,7 @@ void Curl_ssl_close_all(struct Curl_easy *data)
curlssl_close_all(data);
}
-#if defined(USE_SSLEAY) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
+#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \
defined(USE_DARWINSSL) || defined(USE_NSS)
/* This function is for OpenSSL, GnuTLS, darwinssl, and schannel only. */
int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks,
@@ -518,7 +518,7 @@ int Curl_ssl_getsock(struct connectdata *conn,
(void)numsocks;
return GETSOCK_BLANK;
}
-/* USE_SSLEAY || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
+/* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */
#endif
void Curl_ssl_close(struct connectdata *conn, int sockindex)

28
net/curl/patches/patch-tests_server_sws_c
View File

@ -1,28 +0,0 @@
$OpenBSD: patch-tests_server_sws_c,v 1.1 2017/01/09 23:27:20 naddy Exp $
https://github.com/curl/curl/commit/62e67c77722d3bb936201a813fa318c4304db794
--- tests/server/sws.c.orig Mon Dec 19 08:27:56 2016
+++ tests/server/sws.c Tue Jan 10 00:14:40 2017
@@ -1200,14 +1200,21 @@ static int send_doc(curl_socket_t sock, struct httpreq
size_t num = count;
if(num > 200)
num = 200;
+
+ retry:
written = swrite(sock, buffer, num);
if(written < 0) {
+ if((EWOULDBLOCK == errno) || (EAGAIN == errno)) {
+ wait_ms(10);
+ goto retry;
+ }
sendfailure = TRUE;
break;
}
else {
logmsg("Sent off %zd bytes", written);
}
+
/* write to file as well */
fwrite(buffer, 1, (size_t)written, dump);

3
net/curl/pkg/PLIST
View File

@ -1,4 +1,4 @@
@comment $OpenBSD: PLIST,v 1.41 2017/01/04 20:28:56 naddy Exp $
@comment $OpenBSD: PLIST,v 1.42 2017/02/24 21:08:28 naddy Exp $
@bin bin/curl
bin/curl-config
include/curl/
@ -81,6 +81,7 @@ lib/pkgconfig/libcurl.pc
@man man/man3/CURLMOPT_SOCKETFUNCTION.3
@man man/man3/CURLMOPT_TIMERDATA.3
@man man/man3/CURLMOPT_TIMERFUNCTION.3
@man man/man3/CURLOPT_ABSTRACT_UNIX_SOCKET.3
@man man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3
@man man/man3/CURLOPT_ACCEPT_ENCODING.3
@man man/man3/CURLOPT_ADDRESS_SCOPE.3