rpms
/
curl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- update to 7.19.4 (fixes CVE-2009-0037) 

- fix leak in curl_easy* functions, thanks to Kamil Dudka
- drop nss-proxy, sslgen, nss-init patches
- update badsocket patch
This commit is contained in:
Jindrich Novy 2009-03-03 07:29:45 +00:00
parent fbbef35e12
commit 6058796f7c
8 changed files with 60 additions and 176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cvsignore
View File

@ -1 +1 @@
curl-7.18.2.tar.bz2
curl-7.19.4.tar.bz2

24
curl-7.17.1-badsocket.patch
View File

@ -1,13 +1,13 @@
diff -up curl-7.17.1/lib/ftp.c.badsocket curl-7.17.1/lib/ftp.c
--- curl-7.17.1/lib/ftp.c.badsocket 2007-10-27 00:25:19.000000000 +0200
+++ curl-7.17.1/lib/ftp.c 2008-01-08 15:09:03.000000000 +0100
@@ -3228,7 +3228,8 @@ static CURLcode Curl_ftp_done(struct con
/* Note that we keep "use" set to TRUE since that (next) connection is
still requested to use SSL */
diff -ruNp curl-7.19.3.orig/lib/ftp.c curl-7.19.3/lib/ftp.c
--- curl-7.19.3.orig/lib/ftp.c 2009-02-11 10:57:33.334280000 +0100
+++ curl-7.19.3/lib/ftp.c 2009-02-11 10:59:43.957585266 +0100
@@ -3222,7 +3222,8 @@ static CURLcode ftp_done(struct connectd
/* Note that we keep "use" set to TRUE since that (next) connection is
still requested to use SSL */
}
- sclose(conn->sock[SECONDARYSOCKET]);
+ if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET])
+ sclose(conn->sock[SECONDARYSOCKET]);
conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD;
}
- sclose(conn->sock[SECONDARYSOCKET]);
+ if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET])
+ sclose(conn->sock[SECONDARYSOCKET]);
conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD;

10
curl-7.17.1-sslgen.patch
View File

@ -1,10 +0,0 @@
--- curl-7.17.1/lib/sslgen.c.orig 2007-11-16 22:48:48.000000000 -0500
+++ curl-7.17.1/lib/sslgen.c 2007-11-16 22:49:19.000000000 -0500
@@ -243,6 +243,7 @@
#else
#ifdef USE_NSS
*done = TRUE; /* fallback to BLOCKING */
+ conn->ssl[sockindex].use = TRUE;
return Curl_nss_connect(conn, sockindex);
#else
#ifdef USE_QSOSSL

133
curl-7.18.2-nss-init.patch
View File

@ -1,133 +0,0 @@
--- curl-7.18.2/lib/nss.c.orig 2008-12-03 16:39:41.000000000 -0500
+++ curl-7.18.2/lib/nss.c 2008-12-03 18:26:06.000000000 -0500
@@ -73,6 +73,8 @@
PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
+PRLock * nss_initlock = NULL;
+
int initialized = 0;
#define HANDSHAKE_TIMEOUT 30
@@ -229,6 +231,23 @@
}
/*
+ * Get the number of ciphers that are enabled. We use this to determine
+ * if we need to call NSS_SetDomesticPolicy() to enable the default ciphers.
+ */
+static int num_enabled_ciphers() {
+ PRInt32 policy = 0;
+ int count = 0;
+ int i;
+
+ for(i=0; i<ciphernum; i++) {
+ SSL_CipherPolicyGet(cipherlist[i].num, &policy);
+ if(policy)
+ count++;
+ }
+ return count;
+}
+
+/*
* Determine whether the nickname passed in is a filename that needs to
* be loaded as a PEM or a regular NSS nickname.
*
@@ -719,8 +738,11 @@
*/
int Curl_nss_init(void)
{
- if(!initialized)
+ /* curl_global_init() is not thread-safe so this test is ok */
+ if (nss_initlock == NULL) {
PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 256);
+ nss_initlock = PR_NewLock();
+ }
/* We will actually initialize NSS later */
@@ -730,7 +752,17 @@
/* Global cleanup */
void Curl_nss_cleanup(void)
{
- NSS_Shutdown();
+ /* This function isn't required to be threadsafe and this is only done
+ * as a safety feature.
+ */
+ PR_Lock(nss_initlock);
+ if (initialized)
+ NSS_Shutdown();
+ PR_Unlock(nss_initlock);
+
+ PR_DestroyLock(nss_initlock);
+ nss_initlock = NULL;
+
initialized = 0;
}
@@ -801,6 +833,7 @@
#endif
char *certDir = NULL;
int curlerr;
+ int policy;
curlerr = CURLE_SSL_CONNECT_ERROR;
@@ -808,9 +841,8 @@
return CURLE_OK;
/* FIXME. NSS doesn't support multiple databases open at the same time. */
+ PR_Lock(nss_initlock);
if(!initialized) {
- initialized = 1;
-
certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
if(!certDir) {
@@ -822,20 +854,25 @@
}
}
- if(!certDir) {
- rv = NSS_NoDB_Init(NULL);
- }
- else {
- rv = NSS_Initialize(certDir, NULL, NULL, "secmod.db",
- NSS_INIT_READONLY);
- }
- if(rv != SECSuccess) {
- infof(conn->data, "Unable to initialize NSS database\n");
- curlerr = CURLE_SSL_CACERT_BADFILE;
- goto error;
+ if (!NSS_IsInitialized()) {
+ initialized = 1;
+ if(!certDir) {
+ rv = NSS_NoDB_Init(NULL);
+ }
+ else {
+ rv = NSS_Initialize(certDir, NULL, NULL, "secmod.db",
+ NSS_INIT_READONLY);
+ }
+ if(rv != SECSuccess) {
+ infof(conn->data, "Unable to initialize NSS database\n");
+ curlerr = CURLE_SSL_CACERT_BADFILE;
+ PR_Unlock(nss_initlock);
+ initialized = 0;
+ goto error;
+ }
}
-
- NSS_SetDomesticPolicy();
+ if(num_enabled_ciphers() == 0)
+ NSS_SetDomesticPolicy();
#ifdef HAVE_PK11_CREATEGENERICOBJECT
configstring = (char *)malloc(PATH_MAX);
@@ -854,6 +891,7 @@
}
#endif
}
+ PR_Unlock(nss_initlock);
model = PR_NewTCPSocket();
if(!model)

13
curl-7.18.2-nssproxy.patch
View File

@ -1,13 +0,0 @@
diff -up curl-7.18.2/lib/nss.c.nssproxy curl-7.18.2/lib/nss.c
--- curl-7.18.2/lib/nss.c.nssproxy 2008-05-26 17:02:49.000000000 +0200
+++ curl-7.18.2/lib/nss.c 2008-06-18 07:59:52.000000000 +0200
@@ -804,6 +804,9 @@ CURLcode Curl_nss_connect(struct connect
curlerr = CURLE_SSL_CONNECT_ERROR;
+ if (connssl->state == ssl_connection_complete)
+ return CURLE_OK;
+
/* FIXME. NSS doesn't support multiple databases open at the same time. */
if(!initialized) {
initialized = 1;

36
curl-7.19.4-easy-leak.patch Normal file
View File

@ -0,0 +1,36 @@
diff -up curl-7.19.4/lib/easy.c.easy-leak curl-7.19.4/lib/easy.c
--- curl-7.19.4/lib/easy.c.easy-leak 2009-01-29 21:41:51.000000000 +0100
+++ curl-7.19.4/lib/easy.c 2009-03-03 07:54:58.000000000 +0100
@@ -352,13 +352,11 @@ CURL *curl_easy_init(void)
struct SessionHandle *data;
/* Make sure we inited the global SSL stuff */
- if(!initialized) {
- res = curl_global_init(CURL_GLOBAL_DEFAULT);
- if(res) {
- /* something in the global init failed, return nothing */
- DEBUGF(fprintf(stderr, "Error: curl_global_init failed\n"));
- return NULL;
- }
+ res = curl_global_init(CURL_GLOBAL_DEFAULT);
+ if(res) {
+ /* something in the global init failed, return nothing */
+ DEBUGF(fprintf(stderr, "Error: curl_global_init failed\n"));
+ return NULL;
}
/* We use curl_open() with undefined URL so far */
@@ -549,10 +547,10 @@ void curl_easy_cleanup(CURL *curl)
{
struct SessionHandle *data = (struct SessionHandle *)curl;
- if(!data)
- return;
+ if(data)
+ Curl_close(data);
- Curl_close(data);
+ curl_global_cleanup();
}
/*

16
curl.spec
View File

@ -1,15 +1,14 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.18.2
Release: 9%{?dist}
Version: 7.19.4
Release: 1%{?dist}
License: MIT
Group: Applications/Internet
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.bz2
Patch1: curl-7.15.3-multilib.patch
Patch2: curl-7.16.0-privlibs.patch
Patch3: curl-7.17.1-badsocket.patch
Patch4: curl-7.18.2-nssproxy.patch
Patch5: curl-7.18.2-nss-init.patch
Patch4: curl-7.19.4-easy-leak.patch
Provides: webclient
URL: http://curl.haxx.se/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -50,8 +49,7 @@ use cURL's capabilities internally.
%patch1 -p1 -b .multilib
%patch2 -p1 -b .privlibs
%patch3 -p1 -b .badsocket
%patch4 -p1 -b .nssproxy
%patch5 -p1 -b .nssinit
%patch4 -p1 -b .easy-leak
# Convert docs to UTF-8
for f in CHANGES README; do
@ -120,6 +118,12 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/aclocal/libcurl.m4
%changelog
* Tue Mar 03 2009 Jindrich Novy <jnovy@redhat.com> 7.19.4-1
- update to 7.19.4 (fixes CVE-2009-0037)
- fix leak in curl_easy* functions, thanks to Kamil Dudka
- drop nss-proxy, sslgen, nss-init patches
- update badsocket patch
* Mon Dec 15 2008 Jindrich Novy <jnovy@redhat.com> 7.18.2-9
- release++ because of tag conflict caused by f10/rawhide branch split

2
sources
View File

@ -1 +1 @@
c389be5b0525276e58865956b7465562 curl-7.18.2.tar.bz2
2734167c1e5f7ce6be99b75d2d371d85 curl-7.19.4.tar.bz2