From 321dbf8171b5f628e58692259ced3691ba78e6b3 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Tue, 15 Mar 2022 12:53:45 +0100
Subject: [PATCH] openssl: fix incorrect CURLE_OUT_OF_MEMORY error

... on CN check failure, which was breaking the test-suite of pycurl.

Reported-by: Lukas Zaoral
---
 0001-curl-7.82.0-openssl-spurious-oom.patch | 36 +++++++++++++++++++++
 curl.spec                                   |  9 +++++-
 2 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 0001-curl-7.82.0-openssl-spurious-oom.patch

diff --git a/0001-curl-7.82.0-openssl-spurious-oom.patch b/0001-curl-7.82.0-openssl-spurious-oom.patch
new file mode 100644
index 0000000..186134d
--- /dev/null
+++ b/0001-curl-7.82.0-openssl-spurious-oom.patch
@@ -0,0 +1,36 @@
+From 58781adaaff911303f69876236918b9049dde926 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 8 Mar 2022 13:38:13 +0100
+Subject: [PATCH] openssl: fix CN check error code
+
+Due to a missing 'else' this returns error too easily.
+
+Regressed in: d15692ebb
+
+Reported-by: Kristoffer Gleditsch
+Fixes #8559
+Closes #8560
+
+Upstream-commit: 911714d617c106ed5d553bf003e34ec94ab6a136
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ lib/vtls/openssl.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
+index 616a510..1bafe96 100644
+--- a/lib/vtls/openssl.c
++++ b/lib/vtls/openssl.c
+@@ -1808,7 +1808,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
+               memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
+               peer_CN[peerlen] = '\0';
+             }
+-            result = CURLE_OUT_OF_MEMORY;
++            else
++              result = CURLE_OUT_OF_MEMORY;
+           }
+         }
+         else /* not a UTF8 name */
+-- 
+2.34.1
+
diff --git a/curl.spec b/curl.spec
index b3ed447..67f9c9a 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,7 +1,7 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
 Version: 7.82.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: MIT
 Source0: https://curl.se/download/%{name}-%{version}.tar.xz
 Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
@@ -10,6 +10,9 @@ Source1: https://curl.se/download/%{name}-%{version}.tar.xz.asc
 # which points to the GPG key as of April 7th 2016 of https://daniel.haxx.se/mykey.asc
 Source2: mykey.asc
 
+# openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure
+Patch1: 0001-curl-7.82.0-openssl-spurious-oom.patch
+
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
 
@@ -184,6 +187,7 @@ be installed.
 %setup -q
 
 # upstream patches
+%patch1 -p1
 
 # Fedora patches
 %patch101 -p1
@@ -411,6 +415,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
 
 %changelog
+* Tue Mar 15 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-2
+- openssl: fix incorrect CURLE_OUT_OF_MEMORY error on CN check failure
+
 * Sat Mar 05 2022 Kamil Dudka <kdudka@redhat.com> - 7.82.0-1
 - new upstream release