From d996cc71376e50276e89367bba4c2c48a84ff6a3 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Wed, 16 Jul 2014 17:48:56 +0200
Subject: [PATCH] new upstream release - 7.37.1

---
 0001-curl-7.37.0-7c215585.patch | 136 --------------------------------
 curl-7.37.0.tar.lzma.asc        |   7 --
 curl-7.37.1.tar.lzma.asc        |   7 ++
 curl.spec                       |  11 ++-
 sources                         |   2 +-
 5 files changed, 13 insertions(+), 150 deletions(-)
 delete mode 100644 0001-curl-7.37.0-7c215585.patch
 delete mode 100644 curl-7.37.0.tar.lzma.asc
 create mode 100644 curl-7.37.1.tar.lzma.asc

diff --git a/0001-curl-7.37.0-7c215585.patch b/0001-curl-7.37.0-7c215585.patch
deleted file mode 100644
index abad04d..0000000
--- a/0001-curl-7.37.0-7c215585.patch
+++ /dev/null
@@ -1,136 +0,0 @@
-From e5a68a65cd567b74573e686bb5f773b482997397 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Wed, 2 Jul 2014 17:37:43 +0200
-Subject: [PATCH 1/3] nss: do not abort on connection failure
-
-... due to calling SSL_VersionRangeGet() with NULL file descriptor
-
-reported-by: upstream tests 305 and 404
-
-[upstream commit 7c21558503cbb10595c345acc7820cb9dc8741d6]
-
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
----
- lib/vtls/nss.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
-index c1eec41..1e41795 100644
---- a/lib/vtls/nss.c
-+++ b/lib/vtls/nss.c
-@@ -1396,7 +1396,8 @@ static CURLcode nss_fail_connect(struct ssl_connect_data *connssl,
-   Curl_llist_destroy(connssl->obj_list, NULL);
-   connssl->obj_list = NULL;
- 
--  if((SSL_VersionRangeGet(connssl->handle, &sslver) == SECSuccess)
-+  if(connssl->handle
-+      && (SSL_VersionRangeGet(connssl->handle, &sslver) == SECSuccess)
-       && (sslver.min == SSL_LIBRARY_VERSION_3_0)
-       && (sslver.max == SSL_LIBRARY_VERSION_TLS_1_0)
-       && isTLSIntoleranceError(err)) {
--- 
-1.9.3
-
-
-From b86de77eda043787edae78c07179f1c06c8c5060 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Wed, 2 Jul 2014 17:49:37 +0200
-Subject: [PATCH 2/3] nss: make the fallback to SSLv3 work again
-
-This feature was unintentionally disabled by commit ff92fcfb.
-
-[upstream commit 7581dee10aedeb96231dd24e187ff5426fc72469]
-
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
----
- lib/vtls/nss.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
-index 1e41795..3613b40 100644
---- a/lib/vtls/nss.c
-+++ b/lib/vtls/nss.c
-@@ -1315,6 +1315,7 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver,
-   switch (data->set.ssl.version) {
-   default:
-   case CURL_SSLVERSION_DEFAULT:
-+    sslver->min = SSL_LIBRARY_VERSION_3_0;
-     if(data->state.ssl_connect_retry) {
-       infof(data, "TLS disabled due to previous handshake failure\n");
-       sslver->max = SSL_LIBRARY_VERSION_3_0;
-@@ -1323,7 +1324,6 @@ static CURLcode nss_init_sslver(SSLVersionRange *sslver,
-   /* intentional fall-through to default to highest TLS version if possible */
- 
-   case CURL_SSLVERSION_TLSv1:
--    sslver->min = SSL_LIBRARY_VERSION_TLS_1_0;
- #ifdef SSL_LIBRARY_VERSION_TLS_1_2
-     sslver->max = SSL_LIBRARY_VERSION_TLS_1_2;
- #elif defined SSL_LIBRARY_VERSION_TLS_1_1
-@@ -1399,7 +1399,7 @@ static CURLcode nss_fail_connect(struct ssl_connect_data *connssl,
-   if(connssl->handle
-       && (SSL_VersionRangeGet(connssl->handle, &sslver) == SECSuccess)
-       && (sslver.min == SSL_LIBRARY_VERSION_3_0)
--      && (sslver.max == SSL_LIBRARY_VERSION_TLS_1_0)
-+      && (sslver.max != SSL_LIBRARY_VERSION_3_0)
-       && isTLSIntoleranceError(err)) {
-     /* schedule reconnect through Curl_retry_request() */
-     data->state.ssl_connect_retry = TRUE;
-@@ -1437,7 +1437,7 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
-   CURLcode curlerr;
- 
-   SSLVersionRange sslver = {
--    SSL_LIBRARY_VERSION_3_0,      /* min */
-+    SSL_LIBRARY_VERSION_TLS_1_0,  /* min */
-     SSL_LIBRARY_VERSION_TLS_1_0   /* max */
-   };
- 
--- 
-1.9.3
-
-
-From dd54a5dad0b91c6a626912cc83123f103fa63746 Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Wed, 2 Jul 2014 16:34:48 +0200
-Subject: [PATCH 3/3] tool: call PR_Cleanup() on exit if NSPR is used
-
-This prevents valgrind from reporting possibly lost memory that NSPR
-uses for file descriptor cache and other globally allocated internal
-data structures.
-
-[upstream commit 24c3cdce88f39731506c287cb276e8bf4a1ce393]
-
-Signed-off-by: Kamil Dudka <kdudka@redhat.com>
----
- src/tool_main.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/src/tool_main.c b/src/tool_main.c
-index ef96dc3..dc980e0 100644
---- a/src/tool_main.c
-+++ b/src/tool_main.c
-@@ -27,6 +27,10 @@
- #include <signal.h>
- #endif
- 
-+#ifdef USE_NSS
-+#include <nspr.h>
-+#endif
-+
- #define ENABLE_CURLX_PRINTF
- /* use our own printf() functions */
- #include "curlx.h"
-@@ -205,6 +209,11 @@ static void main_free(struct GlobalConfig *config)
-   curl_global_cleanup();
-   convert_cleanup();
-   metalink_cleanup();
-+#ifdef USE_NSS
-+  if(PR_Initialized())
-+    /* prevent valgrind from reporting possibly lost memory (fd cache, ...) */
-+    PR_Cleanup();
-+#endif
-   free_config_fields(config);
- 
-   /* Free the config structures */
--- 
-1.9.3
-
diff --git a/curl-7.37.0.tar.lzma.asc b/curl-7.37.0.tar.lzma.asc
deleted file mode 100644
index 7fa17d3..0000000
--- a/curl-7.37.0.tar.lzma.asc
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iEYEABECAAYFAlN8QMkACgkQeOEcayedXJE24wCgr1aAWOegokq2WJQVLDIrW32n
-je4AoPKSxcgo3RY8MW8SLPvmtGFSDVdz
-=jHo4
------END PGP SIGNATURE-----
diff --git a/curl-7.37.1.tar.lzma.asc b/curl-7.37.1.tar.lzma.asc
new file mode 100644
index 0000000..865715f
--- /dev/null
+++ b/curl-7.37.1.tar.lzma.asc
@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iEYEABECAAYFAlPGjoIACgkQeOEcayedXJEelACg3KLWyIN61do2wGJDBbD7OuKE
+BvUAoLM3qS3woSWA33C4+eWHxESUBJhX
+=4sUq
+-----END PGP SIGNATURE-----
diff --git a/curl.spec b/curl.spec
index 90c2029..feaf4e5 100644
--- a/curl.spec
+++ b/curl.spec
@@ -1,15 +1,12 @@
 Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
 Name: curl
-Version: 7.37.0
-Release: 4%{?dist}
+Version: 7.37.1
+Release: 1%{?dist}
 License: MIT
 Group: Applications/Internet
 Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
 Source2: curlbuild.h
 
-# various SSL-related fixes (mainly crash on connection failure)
-Patch1: 0001-curl-7.37.0-7c215585.patch
-
 # patch making libcurl multilib ready
 Patch101: 0101-curl-7.32.0-multilib.patch
 
@@ -122,7 +119,6 @@ documentation of the library, too.
 %setup -q
 
 # upstream patches
-%patch1 -p1
 
 # Fedora patches
 %patch101 -p1
@@ -246,6 +242,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/aclocal/libcurl.m4
 
 %changelog
+* Wed Jul 16 2014 Kamil Dudka <kdudka@redhat.com> 7.37.1-1
+- new upstream release
+
 * Fri Jul 11 2014 Tom Callaway <spot@fedoraproject.org> 7.37.0-4
 - fix license handling
 
diff --git a/sources b/sources
index 7139084..efeb684 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-54bfd1eb5214f604186d6f5ac61c7781  curl-7.37.0.tar.lzma
+71c313865ce687b0d3f05035fad4dfa5  curl-7.37.1.tar.lzma