From c3d90560213a87ca975bc73663d85fbc987ede20 Mon Sep 17 00:00:00 2001 From: Britney Fransen Date: Sat, 23 Feb 2019 21:13:36 +0000 Subject: curl: update to 7.64.0 --- ...check-restore-original-conn-data-after-th.patch | 77 ++++++++++++++++++++++ ...check-set-data-to-the-transfer-doing-the-.patch | 31 +++++++++ ...1-multi-remove-verbose-Expire-in-messages.patch | 26 ++++++++ ...inglesocket-fix-the-sincebefore-placement.patch | 52 +++++++++++++++ abs/core/curl/PKGBUILD | 43 ++++++++---- 5 files changed, 218 insertions(+), 11 deletions(-) create mode 100644 abs/core/curl/0001-connection_check-restore-original-conn-data-after-th.patch create mode 100644 abs/core/curl/0001-connection_check-set-data-to-the-transfer-doing-the-.patch create mode 100644 abs/core/curl/0001-multi-remove-verbose-Expire-in-messages.patch create mode 100644 abs/core/curl/0001-singlesocket-fix-the-sincebefore-placement.patch diff --git a/abs/core/curl/0001-connection_check-restore-original-conn-data-after-th.patch b/abs/core/curl/0001-connection_check-restore-original-conn-data-after-th.patch new file mode 100644 index 0000000..e5ed809 --- /dev/null +++ b/abs/core/curl/0001-connection_check-restore-original-conn-data-after-th.patch @@ -0,0 +1,77 @@ +From 4015fae044ce52a639c9358e22a9e948f287c89f Mon Sep 17 00:00:00 2001 +Message-Id: <4015fae044ce52a639c9358e22a9e948f287c89f.1550326608.git.jan.steffens@gmail.com> +From: Jay Satiro +Date: Mon, 11 Feb 2019 23:00:00 -0500 +Subject: [PATCH] connection_check: restore original conn->data after the check + +- Save the original conn->data before it's changed to the specified + data transfer for the connection check and then restore it afterwards. + +This is a follow-up to 38d8e1b 2019-02-11. + +History: + +It was discovered a month ago that before checking whether to extract a +dead connection that that connection should be associated with a "live" +transfer for the check (ie original conn->data ignored and set to the +passed in data). A fix was landed in 54b201b which did that and also +cleared conn->data after the check. The original conn->data was not +restored, so presumably it was thought that a valid conn->data was no +longer needed. + +Several days later it was discovered that a valid conn->data was needed +after the check and follow-up fix was landed in bbae24c which partially +reverted the original fix and attempted to limit the scope of when +conn->data was changed to only when pruning dead connections. In that +case conn->data was not cleared and the original conn->data not +restored. + +A month later it was discovered that the original fix was somewhat +correct; a "live" transfer is needed for the check in all cases +because original conn->data could be null which could cause a bad deref +at arbitrary points in the check. A fix was landed in 38d8e1b which +expanded the scope to all cases. conn->data was not cleared and the +original conn->data not restored. + +A day later it was discovered that not restoring the original conn->data +may lead to busy loops in applications that use the event interface, and +given this observation it's a pretty safe assumption that there is some +code path that still needs the original conn->data. This commit is the +follow-up fix for that, it restores the original conn->data after the +connection check. + +Assisted-by: tholin@users.noreply.github.com +Reported-by: tholin@users.noreply.github.com + +Fixes https://github.com/curl/curl/issues/3542 +Closes #3559 +--- + lib/url.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/url.c b/lib/url.c +index bc47685db..46c8fb5fb 100644 +--- a/lib/url.c ++++ b/lib/url.c +@@ -964,8 +964,10 @@ static bool extract_if_dead(struct connectdata *conn, + /* The protocol has a special method for checking the state of the + connection. Use it to check if the connection is dead. */ + unsigned int state; ++ struct Curl_easy *olddata = conn->data; + conn->data = data; /* use this transfer for now */ + state = conn->handler->connection_check(conn, CONNCHECK_ISDEAD); ++ conn->data = olddata; + dead = (state & CONNRESULT_DEAD); + } + else { +@@ -994,7 +996,6 @@ struct prunedead { + static int call_extract_if_dead(struct connectdata *conn, void *param) + { + struct prunedead *p = (struct prunedead *)param; +- conn->data = p->data; /* transfer to use for this check */ + if(extract_if_dead(conn, p->data)) { + /* stop the iteration here, pass back the connection that was extracted */ + p->extracted = conn; +-- +2.20.1 + diff --git a/abs/core/curl/0001-connection_check-set-data-to-the-transfer-doing-the-.patch b/abs/core/curl/0001-connection_check-set-data-to-the-transfer-doing-the-.patch new file mode 100644 index 0000000..cf486db --- /dev/null +++ b/abs/core/curl/0001-connection_check-set-data-to-the-transfer-doing-the-.patch @@ -0,0 +1,31 @@ +From 38d8e1bd4ed1ae52930ae466ecbac78e888b142f Mon Sep 17 00:00:00 2001 +Message-Id: <38d8e1bd4ed1ae52930ae466ecbac78e888b142f.1550283194.git.jan.steffens@gmail.com> +From: Daniel Stenberg +Date: Mon, 11 Feb 2019 07:56:00 +0100 +Subject: [PATCH] connection_check: set ->data to the transfer doing the check + +The http2 code for connection checking needs a transfer to use. Make +sure a working one is set before handler->connection_check() is called. + +Reported-by: jnbr on github +Fixes #3541 +Closes #3547 +--- + lib/url.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/url.c b/lib/url.c +index bdb472999..bc47685db 100644 +--- a/lib/url.c ++++ b/lib/url.c +@@ -964,6 +964,7 @@ static bool extract_if_dead(struct connectdata *conn, + /* The protocol has a special method for checking the state of the + connection. Use it to check if the connection is dead. */ + unsigned int state; ++ conn->data = data; /* use this transfer for now */ + state = conn->handler->connection_check(conn, CONNCHECK_ISDEAD); + dead = (state & CONNRESULT_DEAD); + } +-- +2.20.1 + diff --git a/abs/core/curl/0001-multi-remove-verbose-Expire-in-messages.patch b/abs/core/curl/0001-multi-remove-verbose-Expire-in-messages.patch new file mode 100644 index 0000000..9677787 --- /dev/null +++ b/abs/core/curl/0001-multi-remove-verbose-Expire-in-messages.patch @@ -0,0 +1,26 @@ +From aabc7ae5ecf70973add429b5acbc86d6a57e4da5 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Mon, 11 Feb 2019 22:57:33 +0100 +Subject: [PATCH] multi: remove verbose "Expire in" ... messages + +Reported-by: James Brown +Bug: https://curl.haxx.se/mail/archive-2019-02/0013.html +Closes #3558 +--- + lib/multi.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/lib/multi.c b/lib/multi.c +index 6b891620f6..cd9d758ca4 100644 +--- a/lib/multi.c ++++ b/lib/multi.c +@@ -3032,9 +3032,6 @@ void Curl_expire(struct Curl_easy *data, time_t milli, expire_id id) + + DEBUGASSERT(id < EXPIRE_LAST); + +- infof(data, "Expire in %ld ms for %x (transfer %p)\n", +- (long)milli, id, data); +- + set = Curl_now(); + set.tv_sec += milli/1000; + set.tv_usec += (unsigned int)(milli%1000)*1000; diff --git a/abs/core/curl/0001-singlesocket-fix-the-sincebefore-placement.patch b/abs/core/curl/0001-singlesocket-fix-the-sincebefore-placement.patch new file mode 100644 index 0000000..ecbed62 --- /dev/null +++ b/abs/core/curl/0001-singlesocket-fix-the-sincebefore-placement.patch @@ -0,0 +1,52 @@ +From b7753be57d7bdb6b909f1a0a4207950e18100d79 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Daniel Stenberg +Date: Tue, 19 Feb 2019 15:56:54 +0100 +Subject: [PATCH] singlesocket: fix the 'sincebefore' placement + +The variable wasn't properly reset within the loop and thus could remain +set for sockets that hadn't been set before and thus missed notifying +the app. + +Detected-by: Jan Alexander Steffens +Fixes #3585 +--- + lib/multi.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/multi.c b/lib/multi.c +index aaae8b978..521262b2b 100644 +--- a/lib/multi.c ++++ b/lib/multi.c +@@ -2349,26 +2349,26 @@ static CURLMcode singlesocket(struct Curl_multi *multi, + int num; + unsigned int curraction; + int actions[MAX_SOCKSPEREASYHANDLE]; +- unsigned int comboaction; +- bool sincebefore = FALSE; + + for(i = 0; i< MAX_SOCKSPEREASYHANDLE; i++) + socks[i] = CURL_SOCKET_BAD; + + /* Fill in the 'current' struct with the state as it is now: what sockets to + supervise and for what actions */ + curraction = multi_getsock(data, socks, MAX_SOCKSPEREASYHANDLE); + + /* We have 0 .. N sockets already and we get to know about the 0 .. M + sockets we should have from now on. Detect the differences, remove no + longer supervised ones and add new ones */ + + /* walk over the sockets we got right now */ + for(i = 0; (i< MAX_SOCKSPEREASYHANDLE) && + (curraction & (GETSOCK_READSOCK(i) | GETSOCK_WRITESOCK(i))); + i++) { + unsigned int action = CURL_POLL_NONE; + unsigned int prevaction = 0; ++ unsigned int comboaction; ++ bool sincebefore = FALSE; + + s = socks[i]; + +-- +2.20.1 + diff --git a/abs/core/curl/PKGBUILD b/abs/core/curl/PKGBUILD index fed52a2..afa6928 100644 --- a/abs/core/curl/PKGBUILD +++ b/abs/core/curl/PKGBUILD @@ -1,4 +1,3 @@ -# $Id$ # Maintainer: Dave Reisner # Contributor: Angel Velasquez # Contributor: Eric Belanger @@ -6,20 +5,41 @@ # Contributor: Daniel J Griffiths pkgname=curl -pkgver=7.58.0 -pkgrel=2 +pkgver=7.64.0 +pkgrel=9 pkgdesc="An URL retrieval utility and library" arch=('x86_64') url="https://curl.haxx.se" license=('MIT') -depends=('ca-certificates' 'krb5' 'libssh2' 'openssl' 'zlib' 'libpsl' 'libnghttp2') +depends=('ca-certificates' 'krb5' 'libssh2' 'openssl' 'zlib' 'libpsl' 'libnghttp2' + 'libidn2' 'libidn2.so') provides=('libcurl.so') -options=('strip' 'debug') -source=("https://curl.haxx.se/download/$pkgname-$pkgver.tar.gz"{,.asc}) -sha512sums=('7b12b79107558bb266672d6e128615fe5a8149c37f4ae540197e3298f5d312beb2d78fbb23e3ea84ea7afc41549898a1e5cd38509f0388b11707b48d5efb8ca3' - 'SKIP') -validpgpkeys=('27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2' # Daniel Stenberg - '914C533DF9B2ADA2204F586D78E11C6B279D5C91') # Daniel Stenberg (old key) +source=("https://curl.haxx.se/download/$pkgname-$pkgver.tar.gz"{,.asc} + "0001-connection_check-set-data-to-the-transfer-doing-the-.patch" + "0001-connection_check-restore-original-conn-data-after-th.patch" + "0001-singlesocket-fix-the-sincebefore-placement.patch" + "0001-multi-remove-verbose-Expire-in-messages.patch") +sha512sums=('ea0e68f9cbf2eb4f235d8506962dcc7709f769ef3526c0e4c130fdaf7186a1a13b303c6ce919cb9125bbf7c64ddf4f8efb3d9269b906f856e6d7b3def027fb81' + 'SKIP' + 'e9fdd70ec6798f48080582e4cb554fc4cd247075c293c66dcf8b27cab151def1c709c306e4dc8a1439b9843f31fe51248b5d6c7f5183e4af65819a084fddcb1f' + 'adcbf6309e5d69ede876966790dd504da3097a9e03fedf77d44e10fddcb24a5eaa29b4c9229c813d54bd0c2141211e46b50ca58d89608f7c391434e469316cbd' + '17c8c19e874bfed0736d579300be5a94f87467d1a2c346fe4dca1698fb73c05d02639cf712c95125f32bbd869457d60be4a1ca0f3d5cbc8b091bb35eb2594b15' + 'f09b63c36bd958c35bf6e3885efe46fea75fa2780510cac66220bfc1d771de9040560586e0672dac5eb7db7acf67051cf74e56518a8ada6f691c6d8f9dc84fa4') +validpgpkeys=('27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2') # Daniel Stenberg + +prepare() { + cd "$pkgname-$pkgver" + + patch -Np1 < ../0001-multi-remove-verbose-Expire-in-messages.patch + + # Crash in cargo: + # https://github.com/curl/curl/issues/3541 + patch -Np1 < ../0001-connection_check-set-data-to-the-transfer-doing-the-.patch + patch -Np1 < ../0001-connection_check-restore-original-conn-data-after-th.patch + + # https://bugs.archlinux.org/task/61688 + patch -Np1 < ../0001-singlesocket-fix-the-sincebefore-placement.patch +} build() { cd "$pkgname-$pkgver" @@ -34,6 +54,7 @@ build() { --enable-versioned-symbols \ --enable-threaded-resolver \ --with-gssapi \ + --with-libssh2 \ --with-random=/dev/urandom \ --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt @@ -47,5 +68,5 @@ package() { make DESTDIR="$pkgdir" install -C scripts # license - install -Dm644 COPYING "$pkgdir/usr/share/licenses/$pkgname/COPYING" + install -Dt "$pkgdir/usr/share/licenses/$pkgname" -m644 COPYING } -- cgit v0.12