Hello community, here is the log from the commit of package curl for openSUSE:Factory checked in at 2017-02-08 11:01:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/curl (Old) and /work/SRC/openSUSE:Factory/.curl.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "curl" Changes: -------- --- /work/SRC/openSUSE:Factory/curl/curl.changes 2016-12-26 21:38:19.223738242 +0100 +++ /work/SRC/openSUSE:Factory/.curl.new/curl.changes 2017-02-08 11:01:52.604084181 +0100 @@ -1,0 +2,9 @@ +Sun Feb 5 22:33:33 UTC 2017 - [email protected] + +- build with libidn2 for IDNA2008 support + FATE#321897 CVE-2016-8625 bsc#1005649 + add curl-7.52.1-idn-fixes.patch to fix test, among other things +- re-enable tests that are no longer failing, + remove curl-disable_failing_tests.patch + +------------------------------------------------------------------- Old: ---- curl-disable_failing_tests.patch New: ---- curl-7.52.1-idn-fixes.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ curl.spec ++++++ --- /var/tmp/diff_new_pack.nWwMCb/_old 2017-02-08 11:01:53.895904091 +0100 +++ /var/tmp/diff_new_pack.nWwMCb/_new 2017-02-08 11:01:53.903902976 +0100 @@ -1,7 +1,7 @@ # # spec file for package curl # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -33,14 +33,14 @@ Patch0: libcurl-ocloexec.patch Patch1: dont-mess-with-rpmoptflags.diff Patch3: curl-secure-getenv.patch -Patch4: curl-disable_failing_tests.patch +Patch5: curl-7.52.1-idn-fixes.patch BuildRequires: groff BuildRequires: krb5-mini-devel +BuildRequires: libidn2-devel BuildRequires: libtool BuildRequires: lzma BuildRequires: openldap2-devel BuildRequires: pkgconfig -BuildRequires: pkgconfig(libidn) BuildRequires: pkgconfig(libmetalink) BuildRequires: pkgconfig(libnghttp2) BuildRequires: pkgconfig(libpsl) @@ -98,7 +98,7 @@ %patch0 %patch1 %patch3 -%patch4 -p1 +%patch5 -p1 %build # curl complains if macro definition is contained in CFLAGS ++++++ curl-7.52.1-idn-fixes.patch ++++++ >From 0bc24d6f9d15a2cc5898cae4f214487200e78f44 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg <[email protected]> Date: Sun, 25 Dec 2016 01:13:12 +0100 Subject: [PATCH] configure: accept --with-libidn2 instead ... which the help text already implied since we switched to libidn2 from libidn in commit 9c91ec778104ae3b back in October 2016. Reported-by: Christian Weisgerber Bug: https://curl.haxx.se/mail/lib-2016-12/0110.html --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 91028458f..65dac55bc 100644 --- a/configure.ac +++ b/configure.ac @@ -2830,7 +2830,7 @@ dnl ********************************************************************** AC_MSG_CHECKING([whether to build with libidn2]) OPT_IDN="default" -AC_ARG_WITH(libidn, +AC_ARG_WITH(libidn2, AC_HELP_STRING([--with-libidn2=PATH],[Enable libidn2 usage]) AC_HELP_STRING([--without-libidn2],[Disable libidn2 usage]), [OPT_IDN=$withval]) -- 2.11.1 >From f30cbcac11f5a627992f0c48cff91135808fa70f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20R=C3=BChsen?= <[email protected]> Date: Fri, 13 Jan 2017 09:36:33 +0100 Subject: [PATCH] IDN: Use TR46 'transitional' for toASCII translations References: http://unicode.org/faq/idn.html http://unicode.org/reports/tr46 Closes #1206 --- lib/url.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/url.c b/lib/url.c index c7a91a4f7..29beb3853 100644 --- a/lib/url.c +++ b/lib/url.c @@ -4010,7 +4010,12 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host) #ifdef USE_LIBIDN2 if(idn2_check_version(IDN2_VERSION)) { char *ace_hostname = NULL; - int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, 0); +#ifdef IDN2_TRANSITIONAL + int flags = IDN2_NFC_INPUT | IDN2_TRANSITIONAL; +#else + int flags = IDN2_NFC_INPUT; +#endif + int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags); if(rc == IDN2_OK) { host->encalloc = (char *)ace_hostname; /* change the name pointer to point to the encoded hostname */ -- 2.11.1 >From ba315745f7f4ddfedd0763833c22f019817535cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20R=C3=BChsen?= <[email protected]> Date: Fri, 13 Jan 2017 11:50:01 +0100 Subject: [PATCH] IDN: Fix compile time detection of linidn2 TR46 Follow-up to f30cbcac1 Closes #1207 --- lib/url.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/url.c b/lib/url.c index 1f6e5bed9..9112baee0 100644 --- a/lib/url.c +++ b/lib/url.c @@ -4010,7 +4010,7 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host) #ifdef USE_LIBIDN2 if(idn2_check_version(IDN2_VERSION)) { char *ace_hostname = NULL; -#ifdef IDN2_TRANSITIONAL +#if IDN2_VERSION_NUMBER >= 0x00140000 int flags = IDN2_NFC_INPUT | IDN2_TRANSITIONAL; #else int flags = IDN2_NFC_INPUT; -- 2.11.1 >From ee357664df9bbb301e3bc1070a855e6b13303a5d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg <[email protected]> Date: Fri, 13 Jan 2017 14:31:40 +0100 Subject: [PATCH] IDN: revert use of the transitional option MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It made the german ß get converted to ss, IDNA2003 style, and we can't have that for the .de TLD - a primary reason for our switch to IDNA2008. Test 165 verifies. --- lib/url.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/lib/url.c b/lib/url.c index 9112baee0..b088b61e3 100644 --- a/lib/url.c +++ b/lib/url.c @@ -4010,12 +4010,8 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host) #ifdef USE_LIBIDN2 if(idn2_check_version(IDN2_VERSION)) { char *ace_hostname = NULL; -#if IDN2_VERSION_NUMBER >= 0x00140000 - int flags = IDN2_NFC_INPUT | IDN2_TRANSITIONAL; -#else - int flags = IDN2_NFC_INPUT; -#endif - int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags); + int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, + IDN2_NFC_INPUT); if(rc == IDN2_OK) { host->encalloc = (char *)ace_hostname; /* change the name pointer to point to the encoded hostname */ -- 2.11.1 >From 7d6e3f8cfa5c8de1ecb4ab63ed0c0660cce7acdc Mon Sep 17 00:00:00 2001 From: Daniel Stenberg <[email protected]> Date: Fri, 13 Jan 2017 14:49:11 +0100 Subject: [PATCH] IDN: Use TR46 non-transitional MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Assisted-by: Tim Rühsen --- lib/url.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/lib/url.c b/lib/url.c index b088b61e3..074289ed4 100644 --- a/lib/url.c +++ b/lib/url.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2016, Daniel Stenberg, <[email protected]>, et al. + * Copyright (C) 1998 - 2017, Daniel Stenberg, <[email protected]>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -4010,8 +4010,15 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host) #ifdef USE_LIBIDN2 if(idn2_check_version(IDN2_VERSION)) { char *ace_hostname = NULL; - int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, - IDN2_NFC_INPUT); +#if IDN2_VERSION_NUMBER >= 0x00140000 + /* IDN2_NFC_INPUT: Normalize input string using normalization form C. + IDN2_NONTRANSITIONAL: Perform Unicode TR46 non-transitional + processing. */ + int flags = IDN2_NFC_INPUT | IDN2_NONTRANSITIONAL; +#else + int flags = IDN2_NFC_INPUT; +#endif + int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags); if(rc == IDN2_OK) { host->encalloc = (char *)ace_hostname; /* change the name pointer to point to the encoded hostname */ -- 2.11.1 >From b135cd255b6aa7d051ea906693bf67580153ed76 Mon Sep 17 00:00:00 2001 From: Alessandro Ghedini <[email protected]> Date: Sat, 14 Jan 2017 16:16:56 +0000 Subject: [PATCH] url: assume UTF-8 when doing idn2 lookup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Thanks to Tim Rühsen for the suggestion. --- lib/url.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/url.c b/lib/url.c index edae1e3f3..49ed4f669 100644 --- a/lib/url.c +++ b/lib/url.c @@ -4026,7 +4026,8 @@ static void fix_hostname(struct connectdata *conn, struct hostname *host) #else int flags = IDN2_NFC_INPUT; #endif - int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags); + int rc = idn2_lookup_u8((const uint8_t *)host->name, + (uint8_t **)&ace_hostname, flags); if(rc == IDN2_OK) { host->encalloc = (char *)ace_hostname; /* change the name pointer to point to the encoded hostname */ -- 2.11.1
