Hello community,
here is the log from the commit of package curl-mini.12965 for
openSUSE:Leap:15.2:Update checked in at 2020-06-27 18:16:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2:Update/curl-mini.12965 (Old)
and /work/SRC/openSUSE:Leap:15.2:Update/.curl-mini.12965.new.3060 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "curl-mini.12965"
Sat Jun 27 18:16:08 2020 rev:1 rq:816849 version:7.66.0
Changes:
--------
New Changes file:
--- /dev/null 2020-06-25 10:56:43.568241769 +0200
+++
/work/SRC/openSUSE:Leap:15.2:Update/.curl-mini.12965.new.3060/curl-mini.changes
2020-06-27 18:16:09.834061547 +0200
@@ -0,0 +1,3821 @@
+-------------------------------------------------------------------
+Wed Jun 17 08:43:40 UTC 2020 - Pedro Monreal Gonzalez
<pmonrealgonza...@suse.com>
+
+- Security fix: [bsc#1173027, CVE-2020-8177]
+ * curl can be tricked my a malicious server to overwrite a local
+ file when using '-J' ('--remote-header-name') and '-i' ('--head')
+ in the same command line.
+- Add curl-CVE-2020-8177.patch
+
+-------------------------------------------------------------------
+Wed Jun 17 08:20:11 UTC 2020 - Pedro Monreal Gonzalez
<pmonrealgonza...@suse.com>
+
+- Security fix: [bsc#1173026, CVE-2020-8169]
+ * Partial password leak over DNS on HTTP redirect
+- Add curl-CVE-2020-8169.patch
+
+-------------------------------------------------------------------
+Thu Nov 14 16:55:18 UTC 2019 - Pedro Monreal Gonzalez
<pmonrealgonza...@suse.com>
+
+- Fix segfault in zypper ref: [bsc#1156481]
+ * remove_handle: clear expire timers after multi_done()
+ * Add patch curl-expire-clear.patch
+
+-------------------------------------------------------------------
+Wed Sep 11 08:17:06 UTC 2019 - Pedro Monreal Gonzalez
<pmonrealgonza...@suse.com>
+
+- Update to 7.66.0 [bsc#1149496, CVE-2019-5482][bsc#1149495, CVE-2019-5481]
+ [bsc#1149604, bsc#1149572, jsc#SLE-9295]
+ * Changes:
+ - CURLINFO_RETRY_AFTER: parse the Retry-After header value
+ - HTTP3: initial (experimental still not working) support
+ - curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
+ - curl: support parallel transfers with -Z
+ - curl_multi_poll: a sister to curl_multi_wait() that waits more
+ - sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
+ * Bugfixes:
+ - CVE-2019-5481: FTP-KRB double-free
+ - CVE-2019-5482: TFTP small blocksize heap buffer overflow
+ - CMake: remove needless newlines at end of gss variables
+ - CMake: use platform dependent name for dlopen() library
+ - CURLINFO docs: mention that in redirects times are added
+ - CURLOPT_ALTSVC.3: use a "" file name to not load from a file
+ - CURLOPT_ALTSVC_CTRL.3: remove CURLALTSVC_ALTUSED
+ - CURLOPT_HEADERFUNCTION.3: clarify
+ - CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
+ - CURLOPT_READFUNCTION.3: provide inline example
+ - CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
+ - Curl_addr2string: take an addrlen argument too
+ - Curl_fillreadbuffer: avoid double-free trailer buf on error
+ - HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
+ - alt-svc: add protocol version selection masking
+ - alt-svc: fix removal of expired cache entry
+ - alt-svc: make it use h3-22 with ngtcp2 as well
+ - alt-svc: more liberal ALPN name parsing
+ - alt-svc: send Alt-Used: in redirected requests
+ - alt-svc: with quiche, use the quiche h3 alpn string
+ - asyn-thread: create a socketpair to wait on
+ - cleanup: move functions out of url.c and make them static
+ - cleanup: remove the 'numsocks' argument used in many places
+ - configure: avoid undefined check_for_ca_bundle
+ - curl.h: add CURL_HTTP_VERSION_3 to the version enum
+ - curl: cap the maximum allowed values for retry time arguments
+ - curl: handle a libcurl build without netrc support
+ - curl: make use of CURLINFO_RETRY_AFTER when retrying
+ - curl: use CURLINFO_PROTOCOL to check for HTTP(s)
+ - curl_global_init_mem.3: mention it was added in 7.12.0
+ - curl_version: bump string buffer size to 250
+ - curl_version_info.3: mentioned ALTSVC and HTTP3
+ - curl_version_info: offer quic (and h3) library info
+ - curl_version_info: provide nghttp2 details
+ - defines: avoid underscore-prefixed defines
+ - docs/ALTSVC: remove what works and the experimental explanation
+ - docs/EXPERIMENTAL: explain what it means and what's experimental now
+ - docs/MANUAL.md: converted to markdown from plain text
+ - docs/examples/curlx: fix errors
+ - docs: s/curl_debug/curl_dbg_debug in comments and docs
+ - easy: resize receive buffer on easy handle reset
+ - examples: Avoid reserved names in hiperfifo examples
+ - examples: add http3.c, altsvc.c and http3-present.c
+ - http09: disable HTTP/0.9 by default in both tool and library
+ - http2: when marked for closure and wanted to close == OK
+ - http2_recv: trigger another read when the last data is returned
+ - http: fix use of credentials from URL when using HTTP proxy
+ - http_negotiate: improve handling of gss_init_sec_context() failures
+ - md4: Use our own MD4 when no crypto libraries are available
+ - multi: call detach_connection before Curl_disconnect
+ - nss: use TLSv1.3 as default if supported
+ - openssl: build warning free with boringssl
+ - openssl: use SSL_CTX_set__proto_version() when available
+ - plan9: add support for running on Plan 9
+ - progress: reset download/uploaded counter between transfers
+ - readwrite_data: repair setting the TIMER_STARTTRANSFER stamp
+ - scp: fix directory name length used in memcpy
+ - smb: init *msg to NULL in smb_send_and_recv()
+ - smtp: check for and bail out on too short EHLO response
+ - source: remove names from source comments
+ - spnego_sspi: add typecast to fix build warning
+ - src/makefile: fix uncompressed hugehelp.c generation
+ - ssh-libssh: do not specify O_APPEND when not in append mode
+ - ssh: move code into vssh for SSH backends
+ - sspi: fix memory leaks
+ - tests: Replace outdated test case numbering documentation
+ - tftp: return error when packet is too small for options
+ - timediff: make it 64 bit (if possible) even with 32 bit time_t
+ - travis: reduce number of torture tests in 'coverage'
+ - url: make use of new HTTP version if alt-svc has one
+ - urlapi: verify the IPv6 numerical address
+ - urldata: avoid 'generic', use dedicated pointers
+ - vauth: Use CURLE_AUTH_ERROR for auth function errors
+* Removed patches:
+ - curl-CVE-2018-0500.patch
+ - curl-CVE-2018-14618.patch
+ - curl-CVE-2018-16839.patch
+ - curl-CVE-2018-16840.patch
+ - curl-CVE-2018-16842.patch
+ - curl-CVE-2018-16890.patch
+ - curl-CVE-2019-3822.patch
+ - curl-CVE-2019-3823.patch
+ - curl-CVE-2019-5436.patch
+ - curl-CVE-2019-5481.patch
+ - curl-CVE-2019-5482.patch
+
+-------------------------------------------------------------------
+Thu Sep 5 11:20:01 UTC 2019 - Pedro Monreal Gonzalez
<pmonrealgonza...@suse.com>
+
+- Security fix: [bsc#1149496,CVE-2019-5482]
+ * TFTP small blocksize heap buffer overflow
+ * Added curl-CVE-2019-5482.patch
+
+-------------------------------------------------------------------
+Thu Sep 5 11:17:53 UTC 2019 - Pedro Monreal Gonzalez
<pmonrealgonza...@suse.com>
+
+- Security fix: [bsc#1149495,CVE-2019-5481]
+ * FTP-KRB: double-free during kerberos FTP data transfer
+ * Added curl-CVE-2019-5481.patch
+
+-------------------------------------------------------------------
+Fri Jul 19 13:51:15 UTC 2019 - Pedro Monreal Gonzalez
<pmonrealgonza...@suse.com>
+
+- Update to 7.65.3
+ * progress: make the progress meter appear again
+
+-------------------------------------------------------------------
+Wed Jul 17 09:07:25 UTC 2019 - Pedro Monreal Gonzalez
<pmonrealgonza...@suse.com>
+
+- Update to 7.65.2
+ * Bugfixes:
+ - CIPHERS.md: Explain Schannel error SEC_E_ALGORITHM_MISMATCH
+ - CMake: Fix finding Brotli on case-sensitive file systems
+ - CURLOPT_RANGE.3: Caution against using it for HTTP PUT
+ - CURLOPT_SEEKDATA.3: fix variable name
+ - bindlocal: detect and avoid IP version mismatches in bind()
+ - build: fix Codacy warnings
+ - c-ares: honor port numbers in CURLOPT_DNS_SERVERS
+ - config-os400: add getpeername and getsockname defines
+ - configure: --disable-progress-meter
+ - configure: fix --disable-code-coverage
+ - configure: more --disable switches to toggle off individual features
+ - configure: remove CURL_DISABLE_TLS_SRP
+ - conn_maxage: move the check to prune_dead_connections()
+ - curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds
+ - docs: Explain behavior change in --tlsv1. options since 7.54
+ - docs: Fix links to OpenSSL docs
+ - docs: fix string suggesting HTTP/2 is not the default
+ - headers: Remove no longer exported functions
+ - http2: call done_sending on end of upload
+ - http2: don't call stream-close on already closed streams
+ - http2: remove CURL_DISABLE_TYPECHECK define
+ - http: allow overriding timecond with custom header
+ - http: clarify header buffer size calculation
+ - krb5: fix compiler warning
+ - lib: Use UTF-8 encoding in comments
+ - libcurl: Restrict redirect schemes to HTTP, HTTPS, FTP and FTPS
+ - multi: enable multiplexing by default (again)
+ - multi: fix the transfer hashes in the socket hash entries
+ - multi: make sure 'data' can present in several sockhash entries
+ - netrc: Return the correct error code when out of memory
+ - nss: don't set unused parameter
+ - nss: inspect returnvalue of token check
+ - nss: only cache valid CRL entries
+ - openssl: define HAVE_SSL_GET_SHUTDOWN based on version number
+ - openssl: disable engine if OPENSSL_NO_UI_CONSOLE is defined
+ - openssl: fix pubkey/signature algorithm detection in certinfo
+ - os400: make vsetopt() non-static as Curl_vsetopt() for os400 support
+ - quote.d: asterisk prefix works for SFTP as well
+ - runtests: keep logfiles around by default
+ - runtests: report single test time + total duration
+ - test1165: verify that CURL_DISABLE_ symbols are in sync
+ - test1521: adapt to SLISTPOINT
+ - test1523: test CURLOPT_LOW_SPEED_LIMIT
+ - test153: fix content-length to avoid occasional hang
+ - test188/189: fix Content-Length
+ - tests: have runtests figure out disabled features
+ - tests: support non-localhost HOSTIP for dict/smb servers
+ - tests: update fixed IP for hostip/clientip split
+ - tool_cb_prg: Fix integer overflow in progress bar
+ - typecheck: CURLOPT_CONNECT_TO takes an slist too
++++ 3624 more lines (skipped)
++++ between /dev/null
++++ and
/work/SRC/openSUSE:Leap:15.2:Update/.curl-mini.12965.new.3060/curl-mini.changes
New Changes file:
curl.changes: same change
New:
----
baselibs.conf
curl-7.66.0.tar.xz
curl-7.66.0.tar.xz.asc
curl-CVE-2020-8169.patch
curl-CVE-2020-8177.patch
curl-disabled-redirect-protocol-message.patch
curl-expire-clear.patch
curl-mini.changes
curl-mini.spec
curl-secure-getenv.patch
curl-use_OPENSSL_config.patch
curl.changes
curl.keyring
curl.spec
dont-mess-with-rpmoptflags.diff
ignore_runtests_failure.patch
libcurl-ocloexec.patch
pre_checkin.sh
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ curl-mini.spec ++++++
#
# spec file for package curl-mini
#
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
##### WARNING: please do not edit this auto generated spec file. Use the
curl.spec! #####
%define bootstrap 1
##### WARNING: please do not edit this auto generated spec file. Use the
curl.spec! #####
%define mini -mini
%if 0%{?bootstrap}
%bcond_with testsuite
%else
%bcond_without testsuite
%endif
%bcond_with mozilla_nss
# need ssl always for python-pycurl
%bcond_without openssl
Name: curl-mini
Version: 7.66.0
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl
Group: Productivity/Networking/Web/Utilities
URL: https://curl.haxx.se/
Source: https://curl.haxx.se/download/curl-%{version}.tar.xz
Source2: https://curl.haxx.se/download/curl-%{version}.tar.xz.asc
Source3: baselibs.conf
Source4: https://daniel.haxx.se/mykey.asc#/curl.keyring
Patch0: libcurl-ocloexec.patch
Patch1: dont-mess-with-rpmoptflags.diff
Patch2: curl-secure-getenv.patch
Patch3: ignore_runtests_failure.patch
# PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch4: curl-disabled-redirect-protocol-message.patch
Patch5: curl-use_OPENSSL_config.patch
# PATCH-FIX-UPSTREAM bsc#1156481
Patch6: curl-expire-clear.patch
# PATCH-FIX-UPSTREAM bsc#1173026 CVE-2020-8169 Partial password leak over DNS
on HTTP redirect
Patch7: curl-CVE-2020-8169.patch
# PATCH-FIX-UPSTREAM bsc#1173027 CVE-2020-8177 Curl overwrites local files when
using -J with -i
Patch8: curl-CVE-2020-8177.patch
BuildRequires: libtool
BuildRequires: pkgconfig
Requires: libcurl4%{?mini} = %{version}
%if !0%{?bootstrap}
BuildRequires: groff
BuildRequires: krb5-mini-devel
BuildRequires: libidn2-devel
BuildRequires: lzma
BuildRequires: openldap2-devel
BuildRequires: pkgconfig(libmetalink)
BuildRequires: pkgconfig(libnghttp2)
BuildRequires: pkgconfig(libpsl)
BuildRequires: pkgconfig(libssh)
BuildRequires: pkgconfig(zlib)
# avoid our own libcurl4 pulled in by cmake
#!BuildRequires: libcurl4-mini
%else
Requires: this-is-only-for-build-envs
Conflicts: curl
# The -mini package is sufficient for the build hosts
Provides: curl = %{version}
%endif
%if %{with openssl}
BuildRequires: pkgconfig(libssl)
%endif
%if %{with mozilla_nss}
BuildRequires: mozilla-nss-devel
%endif
#BuildRequires: openssh
%if 0%{?_with_stunnel:1}
# used by the testsuite
BuildRequires: stunnel
%endif
%description
Curl is a client to get documents and files from or send documents to a
server using any of the supported protocols (HTTP, HTTPS, FTP, FTPS,
TFTP, DICT, TELNET, LDAP, or FILE). The command is designed to work
without user interaction or any kind of interactivity.
%package -n libcurl4%{?mini}
Summary: Library for transferring data from URLs
Group: Productivity/Networking/Web/Utilities
%if 0%{?bootstrap}
Provides: libcurl4 = %{version}
Requires: this-is-only-for-build-envs
Conflicts: libcurl4
%endif
%description -n libcurl4%{?mini}
The cURL shared library for accessing data using different
network protocols.
%package -n libcurl%{?mini}-devel
Summary: Development files for the curl library
Group: Development/Libraries/C and C++
Requires: glibc-devel
Requires: libcurl4%{?mini} = %{version}
# curl-devel (v 7.15.5) was last used in 10.2
Provides: curl-devel <= 7.15.5
Obsoletes: curl-devel < 7.16.2
%if 0%{?bootstrap}
Requires: this-is-only-for-build-envs
Conflicts: libcurl-devel
Provides: libcurl-devel = %{version}-%{release}
%endif
%description -n libcurl%{?mini}-devel
Curl is a client to get documents and files from or send documents to a
server using any of the supported protocols (HTTP, HTTPS, FTP, GOPHER,
DICT, TELNET, LDAP, or FILE). The command is designed to work without
user interaction or any kind of interactivity.
%prep
%setup -q -n curl-%{version}
%patch0 -p1
%patch1
%patch2
%ifarch ppc ppc64 ppc64le
%patch3 -p1
%endif
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
# disable new failing test 1165
echo "1165" >> tests/data/DISABLED
%build
# curl complains if macro definition is contained in CFLAGS
# see m4/xc-val-flgs.m4
CPPFLAGS="-D_FORTIFY_SOURCE=2"
CFLAGS=$(echo "%{optflags}" | sed -e 's/-D_FORTIFY_SOURCE=2//')
export CPPFLAGS CFLAGS
export CFLAGS="$CFLAGS -fPIE"
export LDFLAGS="$LDFLAGS -pie"
autoreconf -fiv
# local hack to make curl-config --libs stop printing libraries it depends on
# (currently, libtool sets link_all_deplibs=(yes|unknown) everywhere,
# will hopefully change in the future)
sed -i 's/\(link_all_deplibs=\)unknown/\1no/' configure
%configure \
--enable-ipv6 \
%if %{with openssl}
--with-ssl \
--with-ca-fallback \
--without-ca-path \
--without-ca-bundle \
%else
--without-ssl \
%if %{with mozilla_nss}
--with-nss \
%endif
%endif
%if !0%{?bootstrap}
--with-gssapi=%{_libexecdir}/mit \
--with-libidn2 \
--with-libssh \
--with-libmetalink \
%endif
--enable-hidden-symbols \
--disable-static \
--enable-threaded-resolver
# if this fails, the above sed hack did not work
./libtool --config | grep -q link_all_deplibs=no
# enable-hidden-symbols needs gcc4 and causes that curl exports only its API
make %{?_smp_mflags} V=1
%if %{with testsuite}
%check
pushd tests
make %{?_smp_mflags}
# make sure the testsuite runs don't race on MP machines in autobuild
if test -z "$BUILD_INCARNATION" -a -r /.buildenv; then
. /.buildenv
fi
if test -z "$BUILD_INCARNATION"; then
BUILD_INCARNATION=0
fi
base=$((8990 + $BUILD_INCARNATION * 20))
# bug940009 do not run flaky tests for any architecture
# at least test 1510 do fail for i586 and ppc64le
perl ./runtests.pl -a -b$base '!flaky' || exit
popd
%endif
%install
%make_install
rm -f %{buildroot}%{_libdir}/libcurl.la
install -Dm 0644 docs/libcurl/libcurl.m4
%{buildroot}%{_datadir}/aclocal/libcurl.m4
pushd scripts
%make_install
popd
%post -n libcurl4%{?mini} -p /sbin/ldconfig
%postun -n libcurl4%{?mini} -p /sbin/ldconfig
%files
%doc README RELEASE-NOTES
%doc docs/{BUGS,FAQ,FEATURES,MANUAL,RESOURCES,TODO,TheArtOfHttpScripting}
%{_bindir}/curl
%{_datadir}/zsh/site-functions/_curl
%{_mandir}/man1/curl.1%{ext_man}
%dir %{_datadir}/zsh
%dir %{_datadir}/zsh/site-functions
%dir %{_datadir}/fish/
%dir %{_datadir}/fish/vendor_completions.d/
%{_datadir}/fish/vendor_completions.d/curl.fish
%files -n libcurl4%{?mini}
%license COPYING
%{_libdir}/libcurl.so.4*
%files -n libcurl%{?mini}-devel
%{_bindir}/curl-config
%{_includedir}/curl
%dir %{_datadir}/aclocal/
%{_datadir}/aclocal/libcurl.m4
%{_libdir}/libcurl.so
%{_libdir}/pkgconfig/libcurl.pc
%{_mandir}/man1/curl-config.1%{ext_man}
%{_mandir}/man3/*
%doc docs/libcurl/symbols-in-versions
%changelog
++++++ curl.spec ++++++
#
# spec file for package curl
#
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define bootstrap 0
%define mini %{nil}
%if 0%{?bootstrap}
%bcond_with testsuite
%else
%bcond_without testsuite
%endif
%bcond_with mozilla_nss
# need ssl always for python-pycurl
%bcond_without openssl
Name: curl
Version: 7.66.0
Release: 0
Summary: A Tool for Transferring Data from URLs
License: curl
Group: Productivity/Networking/Web/Utilities
URL: https://curl.haxx.se/
Source: https://curl.haxx.se/download/curl-%{version}.tar.xz
Source2: https://curl.haxx.se/download/curl-%{version}.tar.xz.asc
Source3: baselibs.conf
Source4: https://daniel.haxx.se/mykey.asc#/curl.keyring
Patch0: libcurl-ocloexec.patch
Patch1: dont-mess-with-rpmoptflags.diff
Patch2: curl-secure-getenv.patch
Patch3: ignore_runtests_failure.patch
# PATCH-FIX-OPENSUSE bsc#1076446 protocol redirection not supported or disabled
Patch4: curl-disabled-redirect-protocol-message.patch
Patch5: curl-use_OPENSSL_config.patch
# PATCH-FIX-UPSTREAM bsc#1156481
Patch6: curl-expire-clear.patch
# PATCH-FIX-UPSTREAM bsc#1173026 CVE-2020-8169 Partial password leak over DNS
on HTTP redirect
Patch7: curl-CVE-2020-8169.patch
# PATCH-FIX-UPSTREAM bsc#1173027 CVE-2020-8177 Curl overwrites local files when
using -J with -i
Patch8: curl-CVE-2020-8177.patch
BuildRequires: libtool
BuildRequires: pkgconfig
Requires: libcurl4%{?mini} = %{version}
%if !0%{?bootstrap}
BuildRequires: groff
BuildRequires: krb5-mini-devel
BuildRequires: libidn2-devel
BuildRequires: lzma
BuildRequires: openldap2-devel
BuildRequires: pkgconfig(libmetalink)
BuildRequires: pkgconfig(libnghttp2)
BuildRequires: pkgconfig(libpsl)
BuildRequires: pkgconfig(libssh)
BuildRequires: pkgconfig(zlib)
# avoid our own libcurl4 pulled in by cmake
#!BuildRequires: libcurl4-mini
%else
Requires: this-is-only-for-build-envs
Conflicts: curl
# The -mini package is sufficient for the build hosts
Provides: curl = %{version}
%endif
%if %{with openssl}
BuildRequires: pkgconfig(libssl)
%endif
%if %{with mozilla_nss}
BuildRequires: mozilla-nss-devel
%endif
#BuildRequires: openssh
%if 0%{?_with_stunnel:1}
# used by the testsuite
BuildRequires: stunnel
%endif
%description
Curl is a client to get documents and files from or send documents to a
server using any of the supported protocols (HTTP, HTTPS, FTP, FTPS,
TFTP, DICT, TELNET, LDAP, or FILE). The command is designed to work
without user interaction or any kind of interactivity.
%package -n libcurl4%{?mini}
Summary: Library for transferring data from URLs
Group: Productivity/Networking/Web/Utilities
%if 0%{?bootstrap}
Provides: libcurl4 = %{version}
Requires: this-is-only-for-build-envs
Conflicts: libcurl4
%endif
%description -n libcurl4%{?mini}
The cURL shared library for accessing data using different
network protocols.
%package -n libcurl%{?mini}-devel
Summary: Development files for the curl library
Group: Development/Libraries/C and C++
Requires: glibc-devel
Requires: libcurl4%{?mini} = %{version}
# curl-devel (v 7.15.5) was last used in 10.2
Provides: curl-devel <= 7.15.5
Obsoletes: curl-devel < 7.16.2
%if 0%{?bootstrap}
Requires: this-is-only-for-build-envs
Conflicts: libcurl-devel
Provides: libcurl-devel = %{version}-%{release}
%endif
%description -n libcurl%{?mini}-devel
Curl is a client to get documents and files from or send documents to a
server using any of the supported protocols (HTTP, HTTPS, FTP, GOPHER,
DICT, TELNET, LDAP, or FILE). The command is designed to work without
user interaction or any kind of interactivity.
%prep
%setup -q -n curl-%{version}
%patch0 -p1
%patch1
%patch2
%ifarch ppc ppc64 ppc64le
%patch3 -p1
%endif
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
# disable new failing test 1165
echo "1165" >> tests/data/DISABLED
%build
# curl complains if macro definition is contained in CFLAGS
# see m4/xc-val-flgs.m4
CPPFLAGS="-D_FORTIFY_SOURCE=2"
CFLAGS=$(echo "%{optflags}" | sed -e 's/-D_FORTIFY_SOURCE=2//')
export CPPFLAGS CFLAGS
export CFLAGS="$CFLAGS -fPIE"
export LDFLAGS="$LDFLAGS -pie"
autoreconf -fiv
# local hack to make curl-config --libs stop printing libraries it depends on
# (currently, libtool sets link_all_deplibs=(yes|unknown) everywhere,
# will hopefully change in the future)
sed -i 's/\(link_all_deplibs=\)unknown/\1no/' configure
%configure \
--enable-ipv6 \
%if %{with openssl}
--with-ssl \
--with-ca-fallback \
--without-ca-path \
--without-ca-bundle \
%else
--without-ssl \
%if %{with mozilla_nss}
--with-nss \
%endif
%endif
%if !0%{?bootstrap}
--with-gssapi=%{_libexecdir}/mit \
--with-libidn2 \
--with-libssh \
--with-libmetalink \
%endif
--enable-hidden-symbols \
--disable-static \
--enable-threaded-resolver
# if this fails, the above sed hack did not work
./libtool --config | grep -q link_all_deplibs=no
# enable-hidden-symbols needs gcc4 and causes that curl exports only its API
make %{?_smp_mflags} V=1
%if %{with testsuite}
%check
pushd tests
make %{?_smp_mflags}
# make sure the testsuite runs don't race on MP machines in autobuild
if test -z "$BUILD_INCARNATION" -a -r /.buildenv; then
. /.buildenv
fi
if test -z "$BUILD_INCARNATION"; then
BUILD_INCARNATION=0
fi
base=$((8990 + $BUILD_INCARNATION * 20))
# bug940009 do not run flaky tests for any architecture
# at least test 1510 do fail for i586 and ppc64le
perl ./runtests.pl -a -b$base '!flaky' || exit
popd
%endif
%install
%make_install
rm -f %{buildroot}%{_libdir}/libcurl.la
install -Dm 0644 docs/libcurl/libcurl.m4
%{buildroot}%{_datadir}/aclocal/libcurl.m4
pushd scripts
%make_install
popd
%post -n libcurl4%{?mini} -p /sbin/ldconfig
%postun -n libcurl4%{?mini} -p /sbin/ldconfig
%files
%doc README RELEASE-NOTES
%doc docs/{BUGS,FAQ,FEATURES,MANUAL,RESOURCES,TODO,TheArtOfHttpScripting}
%{_bindir}/curl
%{_datadir}/zsh/site-functions/_curl
%{_mandir}/man1/curl.1%{ext_man}
%dir %{_datadir}/zsh
%dir %{_datadir}/zsh/site-functions
%dir %{_datadir}/fish/
%dir %{_datadir}/fish/vendor_completions.d/
%{_datadir}/fish/vendor_completions.d/curl.fish
%files -n libcurl4%{?mini}
%license COPYING
%{_libdir}/libcurl.so.4*
%files -n libcurl%{?mini}-devel
%{_bindir}/curl-config
%{_includedir}/curl
%dir %{_datadir}/aclocal/
%{_datadir}/aclocal/libcurl.m4
%{_libdir}/libcurl.so
%{_libdir}/pkgconfig/libcurl.pc
%{_mandir}/man1/curl-config.1%{ext_man}
%{_mandir}/man3/*
%doc docs/libcurl/symbols-in-versions
%changelog
++++++ baselibs.conf ++++++
libcurl4
obsoletes "curl-<targettype> <= <version>"
provides "curl-<targettype> = <version>"
libcurl-devel
requires -curl-<targettype>
requires "libcurl4-<targettype> = <version>"
++++++ curl-CVE-2020-8169.patch ++++++
>From 600a8cded447cd7118ed50142c576567c0cf5158 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <dan...@haxx.se>
Date: Thu, 14 May 2020 14:37:12 +0200
Subject: [PATCH] url: make the updated credentials URL-encoded in the URL
Found-by: Gregory Jefferis
Reported-by: Jeroen Ooms
Added test 1168 to verify. Bug spotted when doing a redirect.
Bug: https://github.com/jeroen/curl/issues/224
Closes #5400
---
lib/url.c | 6 ++--
tests/data/Makefile.inc | 1 +
tests/data/test1168 | 78 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 83 insertions(+), 2 deletions(-)
create mode 100644 tests/data/test1168
Index: curl-7.66.0/lib/url.c
===================================================================
--- curl-7.66.0.orig/lib/url.c
+++ curl-7.66.0/lib/url.c
@@ -2716,12 +2716,14 @@ static CURLcode override_login(struct Cu
/* for updated strings, we update them in the URL */
if(user_changed) {
- uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp, 0);
+ uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp,
+ CURLU_URLENCODE);
if(uc)
return Curl_uc_to_curlcode(uc);
}
if(passwd_changed) {
- uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp, 0);
+ uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp,
+ CURLU_URLENCODE);
if(uc)
return Curl_uc_to_curlcode(uc);
}
Index: curl-7.66.0/tests/data/Makefile.inc
===================================================================
--- curl-7.66.0.orig/tests/data/Makefile.inc
+++ curl-7.66.0/tests/data/Makefile.inc
@@ -129,7 +129,7 @@ test1128 test1129 test1130 test1131 test
test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \
test1144 test1145 test1146 test1147 test1148 test1149 test1150 test1151 \
test1152 test1153 test1154 test1155 test1156 test1157 test1158 test1159 \
-test1160 test1161 test1162 test1163 test1164 test1165 \
+test1160 test1161 test1162 test1163 test1164 test1165 test1168 \
test1170 test1171 test1172 test1173 test1174 \
\
test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
Index: curl-7.66.0/tests/data/test1168
===================================================================
--- /dev/null
+++ curl-7.66.0/tests/data/test1168
@@ -0,0 +1,78 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+followlocation
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 301 This is a weirdo text message swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Location: /data/11680002.txt
+Connection: close
+
+This server reply is for testing a simple Location: following
+
+</data>
+<data2>
+HTTP/1.1 200 Followed here fine swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 52
+
+If this is received, the location following worked
+
+</data2>
+<datacheck>
+HTTP/1.1 301 This is a weirdo text message swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Location: /data/11680002.txt
+Connection: close
+
+HTTP/1.1 200 Followed here fine swsclose
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 52
+
+If this is received, the location following worked
+
+</datacheck>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP redirect with credentials using # in user and password
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/want/1168 -L -u "catmai#d:#DZaRJYrixKE*gFY"
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /want/1168 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic Y2F0bWFpI2Q6I0RaYVJKWXJpeEtFKmdGWQ==
+Accept: */*
+
+GET /data/11680002.txt HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Basic Y2F0bWFpI2Q6I0RaYVJKWXJpeEtFKmdGWQ==
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
++++++ curl-CVE-2020-8177.patch ++++++
>From 3b884d1cc588c6cfede9d2f124d43c93e93226e8 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <dan...@haxx.se>
Date: Sun, 31 May 2020 23:09:59 +0200
Subject: [PATCH] tool_getparam: -i is not OK if -J is used
Reported-by: sn on hackerone
Bug: https://curl.haxx.se/docs/CVE-2020-8177.html
---
src/tool_cb_hdr.c | 22 ++++------------------
src/tool_getparam.c | 5 +++++
2 files changed, 9 insertions(+), 18 deletions(-)
Index: curl-7.66.0/src/tool_cb_hdr.c
===================================================================
--- curl-7.66.0.orig/src/tool_cb_hdr.c
+++ curl-7.66.0/src/tool_cb_hdr.c
@@ -134,25 +134,11 @@ size_t tool_header_cb(char *ptr, size_t
filename = parse_filename(p, len);
if(filename) {
if(outs->stream) {
- int rc;
- /* already opened and possibly written to */
- if(outs->fopened)
- fclose(outs->stream);
- outs->stream = NULL;
-
- /* rename the initial file name to the new file name */
- rc = rename(outs->filename, filename);
- if(rc != 0) {
- warnf(outs->config->global, "Failed to rename %s -> %s: %s\n",
- outs->filename, filename, strerror(errno));
- }
- if(outs->alloc_filename)
- Curl_safefree(outs->filename);
- if(rc != 0) {
- free(filename);
- return failure;
- }
+ /* indication of problem, get out! */
+ free(filename);
+ return failure;
}
+
outs->is_cd_filename = TRUE;
outs->s_isreg = TRUE;
outs->fopened = FALSE;
Index: curl-7.66.0/src/tool_getparam.c
===================================================================
--- curl-7.66.0.orig/src/tool_getparam.c
+++ curl-7.66.0/src/tool_getparam.c
@@ -1784,6 +1784,11 @@ ParameterError getparameter(const char *
}
break;
case 'i':
+ if(config->content_disposition) {
+ warnf(global,
+ "--include and --remote-header-name cannot be combined.\n");
+ return PARAM_BAD_USE;
+ }
config->show_headers = toggle; /* show the headers as well in the
general output stream */
break;
++++++ curl-disabled-redirect-protocol-message.patch ++++++
Index: curl-7.63.0/lib/url.c
===================================================================
--- curl-7.63.0.orig/lib/url.c
+++ curl-7.63.0/lib/url.c
@@ -1976,9 +1976,13 @@ static CURLcode findprotocol(struct Curl
/* it is allowed for "normal" request, now do an extra check if this is
the result of a redirect */
if(data->state.this_is_a_follow &&
- !(data->set.redir_protocols & p->protocol))
+ !(data->set.redir_protocols & p->protocol)) {
/* nope, get out */
- ;
+ failf(data, "Redirect to protocol \"%s\" not supported or disabled in "
LIBCURL_NAME,
+ protostr);
+
+ return CURLE_UNSUPPORTED_PROTOCOL;
+ }
else {
/* Perform setup complement if some. */
conn->handler = conn->given = p;
++++++ curl-expire-clear.patch ++++++
>From 13182b33f727cf5a56a5a13419904369f7f3baad Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <dan...@haxx.se>
Date: Sun, 10 Nov 2019 16:23:53 +0100
Subject: [PATCH] remove_handle: clear expire timers after multi_done()
Since 59041f0, a new timer might be set in multi_done() so the clearing
of the timers need to happen afterwards!
Reported-by: Max Kellermann
Fixes #4575
Closes #4583
---
lib/multi.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/lib/multi.c b/lib/multi.c
index 6dfe8842e7..7e8e38dc9f 100755
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -695,11 +695,6 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi
*multi,
easy_owns_conn = TRUE;
}
- /* The timer must be shut down before data->multi is set to NULL,
- else the timenode will remain in the splay tree after
- curl_easy_cleanup is called. */
- Curl_expire_clear(data);
-
if(data->conn) {
/* we must call multi_done() here (if we still own the connection) so that
@@ -715,6 +710,11 @@ CURLMcode curl_multi_remove_handle(struct Curl_multi
*multi,
}
}
+ /* The timer must be shut down before data->multi is set to NULL, else the
+ timenode will remain in the splay tree after curl_easy_cleanup is
+ called. Do it after multi_done() in case that sets another time! */
+ Curl_expire_clear(data);
+
if(data->connect_queue.ptr)
/* the handle was in the pending list waiting for an available connection,
so go ahead and remove it */
++++++ curl-secure-getenv.patch ++++++
Index: lib/getenv.c
===================================================================
--- lib/getenv.c.orig 2013-04-12 13:31:59.056761437 +0200
+++ lib/getenv.c 2013-04-12 13:36:25.654762399 +0200
@@ -27,6 +27,14 @@
#include "memdebug.h"
+#ifndef HAVE_SECURE_GETENV
+# ifdef HAVE___SECURE_GETENV
+# define secure_getenv __secure_getenv
+# else
+# error neither secure_getenv nor __secure_getenv is available
+# endif
+#endif
+
static
char *GetEnv(const char *variable)
{
@@ -41,7 +49,7 @@ char *GetEnv(const char *variable)
ExpandEnvironmentStringsA(temp, env, sizeof(env));
return (env[0] != '\0')?strdup(env):NULL;
#else
- char *env = getenv(variable);
+ char *env = secure_getenv(variable);
return (env && env[0])?strdup(env):NULL;
#endif
#endif
Index: configure.ac
===================================================================
--- configure.ac.orig 2013-04-12 13:31:59.057761467 +0200
+++ configure.ac 2013-04-12 13:32:00.823814454 +0200
@@ -3475,6 +3475,8 @@ if test "x$want_curldebug_assumed" = "xy
ac_configure_args="$ac_configure_args --enable-curldebug"
fi
+AC_CHECK_FUNCS([__secure_getenv secure_getenv])
+
AC_CONFIG_FILES([Makefile \
docs/Makefile \
docs/examples/Makefile \
++++++ curl-use_OPENSSL_config.patch ++++++
This basically reverts
https://github.com/curl/curl/commit/7d2f61f66ab4e047fc9aefc2effc1ac6d340a66a
Index: curl-7.65.2/lib/vtls/openssl.c
===================================================================
--- curl-7.65.2.orig/lib/vtls/openssl.c
+++ curl-7.65.2/lib/vtls/openssl.c
@@ -1026,22 +1026,12 @@ static int Curl_ossl_init(void)
ENGINE_load_builtin_engines();
#endif
-/* CONF_MFLAGS_DEFAULT_SECTION was introduced some time between 0.9.8b and
- 0.9.8e */
-#ifndef CONF_MFLAGS_DEFAULT_SECTION
-#define CONF_MFLAGS_DEFAULT_SECTION 0x0
-#endif
-
-#ifndef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
- CONF_modules_load_file(NULL, NULL,
- CONF_MFLAGS_DEFAULT_SECTION|
- CONF_MFLAGS_IGNORE_MISSING_FILE);
-#endif
-
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
!defined(LIBRESSL_VERSION_NUMBER)
- /* OpenSSL 1.1.0+ takes care of initialization itself */
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
#else
+ OPENSSL_config(NULL);
+
/* Lets get nice error messages */
SSL_load_error_strings();
++++++ dont-mess-with-rpmoptflags.diff ++++++
Index: configure.ac
===================================================================
--- configure.ac.orig 2013-02-07 11:55:15.150276599 +0100
+++ configure.ac 2013-02-07 11:55:15.167277116 +0100
@@ -288,10 +288,6 @@ dnl platform/compiler/architecture speci
dnl **********************************************************************
CURL_CHECK_COMPILER
-CURL_SET_COMPILER_BASIC_OPTS
-CURL_SET_COMPILER_DEBUG_OPTS
-CURL_SET_COMPILER_OPTIMIZE_OPTS
-CURL_SET_COMPILER_WARNING_OPTS
if test "$compiler_id" = "INTEL_UNIX_C"; then
#
++++++ ignore_runtests_failure.patch ++++++
From: Michel Normand <norm...@linux.vnet.ibm.com>
Subject: ignore runtests failure
Date: Thu, 25 Jan 2018 12:29:03 +0100
ignore runtests failures
because tests are failing randomly on ppc64le and
still failing even if tried in loop and adding lines in spec
===
%ifarch ppc ppc64 ppc64le
echo "# disable few tests for PowerPC bypass boo#1075219" >>data/DISABLED
echo "575" >>data/DISABLED
echo "576" >>data/DISABLED
echo "591" >>data/DISABLED
echo "592" >>data/DISABLED
echo "714" >>data/DISABLED
echo "1206" >>data/DISABLED
echo "1207" >>data/DISABLED
echo "1238" >>data/DISABLED
echo "1319" >>data/DISABLED
echo "1388" >>data/DISABLED
echo "1501" >>data/DISABLED
echo "1514" >>data/DISABLED
echo "1525" >>data/DISABLED
%endif
===
Signed-off-by: Michel Normand <norm...@linux.vnet.ibm.com>
---
tests/runtests.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: curl-7.57.0/tests/runtests.pl
===================================================================
--- curl-7.57.0.orig/tests/runtests.pl
+++ curl-7.57.0/tests/runtests.pl
@@ -5881,5 +5881,5 @@ if($skipped && !$short) {
}
if($total && ($ok != $total)) {
- exit 1;
+ printf "WARNING: ignore any test failures as per applied patch\n";
}
++++++ libcurl-ocloexec.patch ++++++
Open library file descriptors with O_CLOEXEC
This patch is non-portable, it needs linux 2.6.23 and glibc 2.7
or later, different combinations (old linux, new glibc and vice-versa)
will result in a crash.
To make it portable you have to test O_CLOEXEC support at *runtime*
compile time is not enough.
Index: curl-7.61.0/lib/file.c
===================================================================
--- curl-7.61.0.orig/lib/file.c 2018-07-09 08:42:12.000000000 +0200
+++ curl-7.61.0/lib/file.c 2018-07-17 15:47:25.259601877 +0200
@@ -190,7 +190,7 @@ static CURLcode file_connect(struct conn
return CURLE_URL_MALFORMAT;
}
- fd = open_readonly(real_path, O_RDONLY);
+ fd = open_readonly(real_path, O_RDONLY|O_CLOEXEC);
file->path = real_path;
#endif
file->freepath = real_path; /* free this when done */
@@ -283,7 +283,7 @@ static CURLcode file_upload(struct conne
else
mode = MODE_DEFAULT|O_TRUNC;
- fd = open(file->path, mode, conn->data->set.new_file_perms);
+ fd = open(file->path, mode | O_CLOEXEC, conn->data->set.new_file_perms);
if(fd < 0) {
failf(data, "Can't open %s for writing", file->path);
return CURLE_WRITE_ERROR;
Index: curl-7.61.0/lib/hostip6.c
===================================================================
--- curl-7.61.0.orig/lib/hostip6.c 2018-07-09 08:42:12.000000000 +0200
+++ curl-7.61.0/lib/hostip6.c 2018-07-17 15:47:25.259601877 +0200
@@ -44,7 +44,7 @@
#ifdef HAVE_PROCESS_H
#include <process.h>
#endif
-
+#include <fcntl.h>
#include "urldata.h"
#include "sendf.h"
#include "hostip.h"
@@ -70,7 +70,7 @@ bool Curl_ipv6works(void)
static int ipv6_works = -1;
if(-1 == ipv6_works) {
/* probe to see if we have a working IPv6 stack */
- curl_socket_t s = socket(PF_INET6, SOCK_DGRAM, 0);
+ curl_socket_t s = socket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if(s == CURL_SOCKET_BAD)
/* an IPv6 address was requested but we can't get/use one */
ipv6_works = 0;
Index: curl-7.61.0/lib/if2ip.c
===================================================================
--- curl-7.61.0.orig/lib/if2ip.c 2018-05-07 10:20:04.000000000 +0200
+++ curl-7.61.0/lib/if2ip.c 2018-07-17 15:47:25.259601877 +0200
@@ -225,7 +225,7 @@ if2ip_result_t Curl_if2ip(int af, unsign
if(len >= sizeof(req.ifr_name))
return IF2IP_NOT_FOUND;
- dummy = socket(AF_INET, SOCK_STREAM, 0);
+ dummy = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);
if(CURL_SOCKET_BAD == dummy)
return IF2IP_NOT_FOUND;
Index: curl-7.61.0/lib/connect.c
===================================================================
--- curl-7.61.0.orig/lib/connect.c 2018-07-09 08:42:12.000000000 +0200
+++ curl-7.61.0/lib/connect.c 2018-07-17 15:47:25.259601877 +0200
@@ -1387,7 +1387,7 @@ CURLcode Curl_socket(struct connectdata
}
else
/* opensocket callback not set, so simply create the socket now */
- *sockfd = socket(addr->family, addr->socktype, addr->protocol);
+ *sockfd = socket(addr->family, addr->socktype | SOCK_CLOEXEC,
addr->protocol);
if(*sockfd == CURL_SOCKET_BAD)
/* no socket, no connection */
Index: curl-7.61.0/configure.ac
===================================================================
--- curl-7.61.0.orig/configure.ac 2018-07-17 15:47:25.263601899 +0200
+++ curl-7.61.0/configure.ac 2018-07-17 15:49:06.252122189 +0200
@@ -191,6 +191,8 @@ AC_DEFINE_UNQUOTED(OS, "${host}", [cpu-m
# Silence warning: ar: 'u' modifier ignored since 'D' is the default
AC_SUBST(AR_FLAGS, [cr])
+AC_USE_SYSTEM_EXTENSIONS
+
dnl This defines _ALL_SOURCE for AIX
CURL_CHECK_AIX_ALL_SOURCE
++++++ pre_checkin.sh ++++++
#!/bin/sh
# This script is based on libcdio_spec-prepare.sh (thanks to sbra...@suse.cz)
# create a -mini spec for systemd for bootstrapping
ORIG_SPEC=curl
EDIT_WARNING="##### WARNING: please do not edit this auto generated spec file.
Use the ${ORIG_SPEC}.spec! #####\n"
sed "s/^%define bootstrap .*$/${EDIT_WARNING}%define bootstrap 1/;
s/^%define mini .*$/${EDIT_WARNING}%define mini -mini/;
s/^Name:.*/&-mini/
" < ${ORIG_SPEC}.spec > ${ORIG_SPEC}-mini.spec
cp ${ORIG_SPEC}.changes ${ORIG_SPEC}-mini.changes
#cp ${ORIG_SPEC}-rpmlintrc ${ORIG_SPEC}-mini-rpmlintrc
osc service localrun format_spec_file
