new upstream release - 7.21.5

.gitignore

@@ -1,3 +1,4 @@
 curl-7.21.2.tar.lzma
 /curl-7.21.3.tar.lzma
 /curl-7.21.4.tar.lzma
+/curl-7.21.5.tar.lzma

0001-curl-7.21.4-a40f58d.patch

@@ -1,46 +0,0 @@
-From 292debd50217ca5e548d8e4b5b2ce93014884f6d Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Thu, 17 Feb 2011 17:37:24 +0100
-Subject: [PATCH] nss: avoid memory leak on SSL connection failure
-
----
- lib/nss.c |    9 ++++++++-
- 1 files changed, 8 insertions(+), 1 deletions(-)
-
-diff --git a/lib/nss.c b/lib/nss.c
-index e115ac9..d26ad5b 100644
---- a/lib/nss.c
-+++ b/lib/nss.c
-@@ -1058,6 +1058,7 @@ void Curl_nss_close(struct connectdata *conn, int sockindex)
- #ifdef HAVE_PK11_CREATEGENERICOBJECT
-     /* destroy all NSS objects in order to avoid failure of NSS shutdown */
-     Curl_llist_destroy(connssl->obj_list, NULL);
-+    connssl->obj_list = NULL;
- #endif
-     connssl->handle = NULL;
-   }
-@@ -1216,7 +1217,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
-   /* make the socket nonblocking */
-   sock_opt.option = PR_SockOpt_Nonblocking;
-   sock_opt.value.non_blocking = PR_TRUE;
--  if(PR_SetSocketOption(model, &sock_opt) != SECSuccess)
-+  if(PR_SetSocketOption(model, &sock_opt) != PR_SUCCESS)
-     goto error;
- 
-   if(SSL_OptionSet(model, SSL_SECURITY, PR_TRUE) != SECSuccess)
-@@ -1407,6 +1408,12 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
-   if(model)
-     PR_Close(model);
- 
-+#ifdef HAVE_PK11_CREATEGENERICOBJECT
-+    /* cleanup on connection failure */
-+    Curl_llist_destroy(connssl->obj_list, NULL);
-+    connssl->obj_list = NULL;
-+#endif
-+
-   if (ssl3 && tlsv1 && isTLSIntoleranceError(err)) {
-     /* schedule reconnect through Curl_retry_request() */
-     data->state.ssl_connect_retry = TRUE;
--- 
-1.7.4
-

0002-curl-7.21.4-7aa2d10.patch

@@ -1,44 +0,0 @@
-From 1f009bb739514d08efef093adf5e1813db6333ec Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Tue, 22 Feb 2011 13:13:53 +0100
-Subject: [PATCH] nss: do not ignore failure of SSL handshake
-
-Flaw introduced in fc77790 and present in curl-7.21.4.
-Bug: https://bugzilla.redhat.com/669702#c16
----
- lib/nss.c |   12 ++++++++----
- 1 files changed, 8 insertions(+), 4 deletions(-)
-
-diff --git a/lib/nss.c b/lib/nss.c
-index d26ad5b..be26253 100644
---- a/lib/nss.c
-+++ b/lib/nss.c
-@@ -1157,7 +1157,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
-   struct SessionHandle *data = conn->data;
-   curl_socket_t sockfd = conn->sock[sockindex];
-   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
--  int curlerr;
-+  CURLcode curlerr;
-   const int *cipher_to_enable;
-   PRSocketOptionData sock_opt;
-   long time_left;
-@@ -1289,9 +1289,13 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
-                            NULL) != SECSuccess)
-     goto error;
- 
--  if(data->set.ssl.verifypeer && (CURLE_OK !=
--        (curlerr = nss_load_ca_certificates(conn, sockindex))))
--    goto error;
-+  if(data->set.ssl.verifypeer) {
-+    const CURLcode rv = nss_load_ca_certificates(conn, sockindex);
-+    if(CURLE_OK != rv) {
-+      curlerr = rv;
-+      goto error;
-+    }
-+  }
- 
-   if (data->set.ssl.CRLfile) {
-     if(SECSuccess != nss_load_crl(data->set.ssl.CRLfile)) {
--- 
-1.7.4
-

0102-curl-7.21.2-debug.patch

@@ -6,7 +6,7 @@ diff --git a/configure b/configure
 index d3ecf69..6d8f085 100755
 --- a/configure
 +++ b/configure
-@@ -14204,18 +14204,11 @@ $as_echo "yes" >&6; }
+@@ -14222,18 +14222,11 @@ $as_echo "yes" >&6; }
      gccvhi=`echo $gccver | cut -d . -f1`
      gccvlo=`echo $gccver | cut -d . -f2`
      compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`

0105-curl-7.21.3-disable-test1112.patch

@@ -19,7 +19,7 @@ diff --git a/tests/data/Makefile.in b/tests/data/Makefile.in
 index 435b126..1d71c4e 100644
 --- a/tests/data/Makefile.in
 +++ b/tests/data/Makefile.in
-@@ -304,7 +304,7 @@ EXTRA_DIST = test1 test108 test117 test1
+@@ -307,7 +307,7 @@ EXTRA_DIST = test1 test108 test117 test1
   test561 test1098 test1099 test562 test563 test1100 test564 test1101	   \
   test1102 test1103 test1104 test299 test310 test311 test312 test1105	   \
   test565 test800 test1106 test801 test566 test802 test803 test1107	   \

curl-7.21.4.tar.lzma.asc

@@ -1,7 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.10 (GNU/Linux)
-
-iEYEABECAAYFAk1dEroACgkQeOEcayedXJGnzwCeJ5QDI1+tKSme9fnZDRAetcQ5
-KpkAoOqmXiQVgqVLJWWIS9wbhUt+tNcL
-=2k/t
------END PGP SIGNATURE-----

curl-7.21.5.tar.lzma.asc

@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iEYEABECAAYFAk2rWlwACgkQeOEcayedXJGj9QCgwoc5sTOksar5Kp6ubovsI7Rg
+/hwAnRgipolUHWrR4J0QhxDX3FzuAib3
+=AjpZ
+-----END PGP SIGNATURE-----

curl.spec

@@ -1,19 +1,13 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.21.4
-Release: 4%{?dist}
+Version: 7.21.5
+Release: 1%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
 Source2: curlbuild.h
 Source3: hide_selinux.c
 
-# avoid memory leak on SSL connection failure
-Patch1: 0001-curl-7.21.4-a40f58d.patch
-
-# do not ignore failure of SSL handshake
-Patch2: 0002-curl-7.21.4-7aa2d10.patch
-
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.21.1-multilib.patch
 
@@ -112,10 +106,6 @@ for f in CHANGES README; do
     mv -f ${f}.utf8 ${f}
 done
 
-# upstream patches (already applied)
-%patch1 -p1
-%patch2 -p1
-
 # Fedora patches
 %patch101 -p1
 %patch102 -p1
@@ -228,6 +218,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4
 
 %changelog
+* Mon Apr 18 2011 Kamil Dudka <kdudka@redhat.com> 7.21.5-1
+- new upstream release
+
 * Sat Apr 16 2011 Peter Robinson <pbrobinson@gmail.com> 7.21.4-4
 - no valgrind on ARMv5 arches
 

sources

@@ -1 +1 @@
-074fa396afe3dbf10163c05756a5a85d  curl-7.21.4.tar.lzma
+decd5586c2bd0496ca562dc8a7244e24  curl-7.21.5.tar.lzma