diff options
Diffstat (limited to 'net-misc/curl')
-rw-r--r-- | net-misc/curl/Manifest | 3 | ||||
-rw-r--r-- | net-misc/curl/curl-7.88.1-r2.ebuild (renamed from net-misc/curl/curl-7.88.1.ebuild) | 5 | ||||
-rw-r--r-- | net-misc/curl/files/curl-7.88.1-onion-resolution.patch | 132 |
3 files changed, 139 insertions, 1 deletions
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index ff3ec89424d1..2232664e179f 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -2,6 +2,7 @@ AUX curl-7.30.0-prefix.patch 880 BLAKE2B 5b7552a8339014221864a585d174b02a96ec7dd AUX curl-7.87.0-gnutls-openssl-build.patch 1010 BLAKE2B 716760a38a7a61420e3e508f976c14776d5f3313c4305e8c2fcff9af1744bcaab61bae643546d625448cc613933f8a7137a783e6313a53799485f432d8b9791f SHA512 2a94cf409f33683ca53a347a99faec3c51ba05c4f531be4e784401e4ed977d1142b5d5bc153dd2444311cdeafd3c406ae4a27e515b875f978f5402487d177e9a AUX curl-7.87.0-typecheck-deprecated.patch 2437 BLAKE2B e04b6cf9b9b4073e2d2762f9c0336d35ef58cbc7b754144ea37a8fba73705e035e1b2f5a05987666f2f0f8a34ef0420a7d5977a9202ea5fe026ee536a44a1b0f SHA512 a7abeb4ab1e0381f78da3732c1ab8ab399e7eed1340efe12c6c9038f811b30095c08794b40ec346db27892fea1f6a240d190b6b655981d5262095569bf9ab815 AUX curl-7.88.1-header-dump-segfault.patch 1068 BLAKE2B 208f5ae192b4bda173e2ac20311bc578d9cd09092990ab43a4674b18465a34e5fa5bc2da81cc322a904eed8e70a5398ff46172eb52d0da8f75fec6bba651c490 SHA512 f0dd88eb50a11bcbc39f67a810d274df53760a8b47711b5f79545726bdfe303b73a037d39a59ca8fe0e4d7c7f28cb2437bbcba1fe9fd19f620e772c7fb793f11 +AUX curl-7.88.1-onion-resolution.patch 2952 BLAKE2B 2efa4c74985bf7e2c2d35e97e3edf449349700f432200aa2f6f2f9cb785345cdf77aa44be41d70589552b1f48de426f0e97aa32fed479aa5de57c0dd3691a150 SHA512 6a38ae05d767158cc82bafa78a3249fa4843e1a16818fcdb1dc9ae11ac16bde2b39fb93246203309184185876377738eb27b18f940edd6aa56ffadb85cd85661 AUX curl-7.88.1-pipewait.patch 2265 BLAKE2B 325dd8eb9188014331cd0cfb34b6bea95d9b26f9c8819b03f4d7bd8caa6c5386669b82d5e02c49394b5b57ed6e15867afe3ef448c88ed4e5d2a49263758b7cc2 SHA512 3ed7574194b90504e887f624a0ae5e1fb3694647cdbf31bb414c808fc20c4fcf31f098c3a65648f8778c3705ab20ded8e964197e12d9f64ffc6833f99a2a3199 AUX curl-7.88.1-silent-parallel.patch 564 BLAKE2B ef25cd4baea31a6894d1baf7d17357f512d09d924e50214a40d1ceb8f5d1c3adc292b6d3cb840def19974dc891c720708bf751b2c023fa0d668eddb468f90a1e SHA512 cc4b62ccb7f64482fd07656344ea84a0af07363094cd3b465fcc60f5c8b695369ca11f3eabf0b53ea80ff78753e64395390db06f191c9ec7efb865347497bce8 AUX curl-respect-cflags-3.patch 406 BLAKE2B 1b533144858aff5566150c4a2648ad2e48e8ff29849ae285592edfee4b3332d06e750395dea7190ee6a01d2b5ee2c2c42c10400c2e5defa09963a90a1a10417d SHA512 3219e4e67d534e35012909243fc8d69d58989462db44dd507c502e7aaa299f1d9a01392e2c83797cc2bdb53d503470c5d6e7bf94572a6ccc6e5eafcc0466bc54 @@ -11,5 +12,5 @@ DIST curl-7.88.1.tar.xz 2581032 BLAKE2B ed7e7aa29efb02fd89a53d5c8d0ec79b4d17612e DIST curl-7.88.1.tar.xz.asc 488 BLAKE2B ea90d840846fca3f0b17838a84431cb44d6e3f8d2b42c3eced1fb1c929a58e8899b303c93d27ca3cafcaa52e7269ac440e7102191d6b2c2751729a6c4116e82f SHA512 d6dc720533004c4d533cc4fb3dd33ac28d95e114f440ec011e4b58f65d1f4c40cfa10ba26d2e2f2f1f9de99511632578b4758c5e79593c7c30d29788fdf1cbb6 EBUILD curl-7.87.0-r2.ebuild 8660 BLAKE2B ce66897406af36dfd872020b5db67428a65954392393529da1678d0b9dec061d05bf52c7debe03d7dab8c051936ab7634f73dea443e094048cd052c76a0f89cb SHA512 b3a9805fab31995d9162f1bdb6159af9f69532c48c6a966be1b08c8a3c21ac3e7ff7f0513a8c33d2973173e1e5400d6e34abca1aa79581fad178e6a98c375adf EBUILD curl-7.88.1-r1.ebuild 8921 BLAKE2B 87313b0462d84f49ac2aaa6dd2627980701c4ad915a95a79639394cc56c8b59060be6c00c5a23cc77e1370142e7e4ec2df898c051fa755c19372e88c598fcf67 SHA512 e5f63f9ab209d6b3524819c1a8900f2be82b67fa4a5dbcaa311f45bfb198d79155d0239de4c304ec7e93393e7cce4ea882d70a950bf12dd00a4245e245958cff -EBUILD curl-7.88.1.ebuild 8795 BLAKE2B 9b433087de129c545c8b7546c33544e0c3ff77cb9c3ffc62237b06fc449f9199c6fe4631702ef5847495f3c32cdcc7260dfabd8a51e7244c5165c2b28da249d9 SHA512 8a1562b11c696d4fa31e19bbfa9e380442b53404238786053b7c7df24991a43241b1c9cbd44b34115b983897b048dbc08e448d8f909cf0d7b297ec2310a41b16 +EBUILD curl-7.88.1-r2.ebuild 8963 BLAKE2B bee346613f8a3cd17e5aeadd2e7d7f5c3dbda118391897cc0b921ab5ba32a861d1cd2bdf4fd50fe40ec2d3651a43bb96dacd9a50bec9a078e8ac1e09cd2eb433 SHA512 592f438871c47c80880897d3af77b2a079ed93c91a9b9a63df75f37ca03e36537470b28a9e53c3ac35bf79a1affabc989b1468f2c6eb948188da1ee458efb112 MISC metadata.xml 2289 BLAKE2B a351f315d1913abff2fec9c559b2b74ddc0a60bfb293d20a62e20a2072e820f88295dc88ab32a622855cd962b90b739b0270ba88e097ca6b41c21f7f4f72987b SHA512 45cafa3eac6aaf777de55e025ef64ac039e6d300a760fc86b2eb1b77153f5242181a09082e443e525923e30e804a9ae90e902fb7f252a24214ac88929c3b89fe diff --git a/net-misc/curl/curl-7.88.1.ebuild b/net-misc/curl/curl-7.88.1-r2.ebuild index 74340e55cd1f..d1a2c5b2213a 100644 --- a/net-misc/curl/curl-7.88.1.ebuild +++ b/net-misc/curl/curl-7.88.1-r2.ebuild @@ -93,6 +93,11 @@ MULTILIB_CHOST_TOOLS=( PATCHES=( "${FILESDIR}"/${PN}-7.30.0-prefix.patch "${FILESDIR}"/${PN}-respect-cflags-3.patch + + "${FILESDIR}"/${P}-header-dump-segfault.patch + "${FILESDIR}"/${P}-onion-resolution.patch + "${FILESDIR}"/${P}-pipewait.patch + "${FILESDIR}"/${P}-silent-parallel.patch ) src_prepare() { diff --git a/net-misc/curl/files/curl-7.88.1-onion-resolution.patch b/net-misc/curl/files/curl-7.88.1-onion-resolution.patch new file mode 100644 index 000000000000..05519884653c --- /dev/null +++ b/net-misc/curl/files/curl-7.88.1-onion-resolution.patch @@ -0,0 +1,132 @@ +https://github.com/curl/curl/pull/10705 +From: Matt Jolly <Matt.Jolly@footclan.ninja> +Date: Wed, 8 Mar 2023 02:16:45 +1100 +Subject: [PATCH] Refuse to resolve the .onion TLD. + +RFC 7686 states that: + +> Applications that do not implement the Tor +> protocol SHOULD generate an error upon the use of .onion and +> SHOULD NOT perform a DNS lookup. + +Let's do that. + +See curl/curl#543 +https://www.rfc-editor.org/rfc/rfc7686#section-2 +--- a/lib/hostip.c ++++ b/lib/hostip.c +@@ -652,6 +652,14 @@ enum resolve_t Curl_resolv(struct Curl_easy *data, + CURLcode result; + enum resolve_t rc = CURLRESOLV_ERROR; /* default to failure */ + struct connectdata *conn = data->conn; ++ /* We should intentionally error and not resolve .onion TLDs */ ++ size_t hostname_len = strlen(hostname); ++ if(hostname_len >= 7 && ++ (curl_strequal(&hostname[hostname_len-6], ".onion") || ++ curl_strequal(&hostname[hostname_len-7], ".onion."))) { ++ failf(data, "Not resolving .onion address (RFC 7686)"); ++ return CURLRESOLV_ERROR; ++ } + *entry = NULL; + #ifndef CURL_DISABLE_DOH + conn->bits.doh = FALSE; /* default is not */ +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -186,8 +186,8 @@ test1432 test1433 test1434 test1435 test1436 test1437 test1438 test1439 \ + test1440 test1441 test1442 test1443 test1444 test1445 test1446 test1447 \ + test1448 test1449 test1450 test1451 test1452 test1453 test1454 test1455 \ + test1456 test1457 test1458 test1459 test1460 test1461 test1462 test1463 \ +-test1464 test1465 test1466 test1467 test1468 test1469 \ +-\ ++test1464 test1465 test1466 test1467 test1468 test1469 test1471 \ ++test1472 \ + test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \ + test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \ + test1516 test1517 test1518 test1519 test1520 test1521 test1522 test1523 \ +--- /dev/null ++++ b/tests/data/test1471 +@@ -0,0 +1,39 @@ ++<testcase> ++<info> ++<keywords> ++Onion ++Tor ++FAILURE ++</keywords> ++</info> ++# ++# Server-side ++<reply> ++</reply> ++ ++# ++# Client-side ++<client> ++<server> ++none ++</server> ++<name> ++Fail to resolve .onion TLD ++</name> ++<command> ++red.onion ++</command> ++</client> ++ ++# ++# Verify data after the test has been "shot" ++<verify> ++# Couldn't resolve host name ++<errorcode> ++6 ++</errorcode> ++<stderr mode="text"> ++curl: (6) Not resolving .onion address (RFC 7686) ++</stderr> ++</verify> ++</testcase> +--- /dev/null ++++ b/tests/data/test1472 +@@ -0,0 +1,39 @@ ++<testcase> ++<info> ++<keywords> ++Onion ++Tor ++FAILURE ++</keywords> ++</info> ++# ++# Server-side ++<reply> ++</reply> ++ ++# ++# Client-side ++<client> ++<server> ++none ++</server> ++<name> ++Fail to resolve .onion. TLD ++</name> ++<command> ++tasty.onion. ++</command> ++</client> ++ ++# ++# Verify data after the test has been "shot" ++<verify> ++# Couldn't resolve host name ++<errorcode> ++6 ++</errorcode> ++<stderr mode="text"> ++curl: (6) Not resolving .onion address (RFC 7686) ++</stderr> ++</verify> ++</testcase> +-- +2.39.2 + |